Most research that seeks to quantify identity crime concentrates on defining and/or categorising the nature of the associated offences. It often fails to adequately explore the other dimensions of the activity, particularly as they relate to factors that increase or mitigate identity crime risks (i.e. the likelihood and consequences of identity crime occurring).
To help address this issue, an Identity Crime Conceptual Model has been developed to identify and categorise the five key groups of activities involved not only in the commission of identity crimes, but also in prevention and remediating the consequences (see Figure 3).
This Conceptual Model aims to provide a common understanding of identity crime and related activities for the purpose of the Measurement Framework project, as indicated in the following diagram.
Figure 3: Identity Crime Conceptual Model
Incidences of identity crime can number in the tens of thousands each year. While this is a significant figure, it is important to maintain a sense of the relative size of this activity in comparison with the vast majority of legitimate identity-related transactions that occur each year within Australia. This is illustrated in Figure 4.
Figure 4: Identity crime and Australia’s identity infrastructure
Measurement Framework indicators
The Measurement Framework aims to provide both a comprehensive picture of identity crime and related activities, and a robust basis for monitoring and measuring changes in these activities over time. To achieve this, a set of individual measurement indicators have been mapped against each category of activities identified in the Conceptual Model, as indicated below.
1. Acquisition of fraudulent identities
This component covers the activities associated with acquiring identities that are used in identity crime. This includes: identity theft, via online and other means; ‘takeover’ of a legitimate identity (with or without consent); and fabrication of a false identity.
There are two indicators that were developed to measure this component of identity crime:
Indicator 1.2—the number of reported data breaches.
While it would be desirable to measure the incidence of criminal activity specifically related to the manufacture or theft of identities (as opposed to use of these identities), it is not feasible to extract this information from within currently available data sources. Most cases of identity crime that come to the attention of authorities involve both the fraudulent acquisition and use of identities but do not distinguish between these for reporting purposes.
2. Use of fraudulent identities
This component covers the activities associated with various uses of fraudulent identities, or the fraudulent use of legitimate (real) identities such as financial, taxation, immigration and criminal identity fraud (e.g. identity fraud to evade detection for other criminal activities).
There are five indicators that seek to measure this component of identity crime:
Indicator 2.2—the number of prosecutions for identity crime and other related offences
Indicator 2.3—the number of people who self-report being victims of identity crime or misuse
Indicator 2.4—the number of people who perceive identity crime and misuse as a problem
Indicator 2.5—the types of personal information that may be more susceptible to identity theft or misuse.
3. Consequences of identity crime
This component covers some of the consequences of identity crime, including costs of the fraudulent use of identity credentials to individual victims, government agencies, business and the broader community.
There are four indicators that are aligned to this component:
Indicator 3.1—direct costs of identity crime and misuse to government agencies
Indicator 3.2—direct costs of identity crime and misuse to business
This component relates to the activities associated with preventing identity crime, including identity verification processes such as the Document Verification Service (DVS), and online security practices.
There are five indicators that are designed to measure identity crime prevention activities in this component:
Use of the DVS
Indicator 5.1—the number of identity credentials able to be verified using the DVS
Indicator 5.2—the number of government agencies using the DVS