The definition of identity theft seems to vary depending on who you ask. Some sources think it only has to do with money, while others have a broader definition. So, what is identity theft?
Identity theft is actually a very general term that has become popular in the first decade of 2000. It refers to the practice of using someone else's "personally identifiable information" (PII) to receive goods, obtain services, or conduct business. There are several different types of identity theft, and many different laws that are used to prosecute identity thieves in the United States. Increased awareness of the problem has generated new industries in identity theft protection, information privacy and data security.
While most of us think of credit cards and bank accounts when we hear the words identity theft, there are different types of identity theft. Bank accounts and credit cards are classified under financial identity theft. But other information can be used for different purposes – for example, a social security number can be used to get a job in someone else's name, to file for government benefits, or to steal someone's tax returns. Insurance identity theft uses your information to get medical services, and leave you with the bill, and the problem of increased premiums or even the inability to get insurance for yourself and family.
There are a slew of identity theft laws, and each one either deals with a specific type of identity theft, or attempts to protect consumers from identity theft. For example, the Fair and Accurate Credit Transactions Act (FACTA) deals with when businesses may collect your PII, how they must protect it, and how they must get rid of it when they are done using it. But the Health Information Portability and Accountability Act (HIPAA) is focused on medical information and anyone who handles it.
Identity theft laws sometimes have amendments that are referred to specifically. For example, the Red Flags Rule is targeted at financial institutions, requiring them to look for indications that you have been a victim of identity theft, and also requiring them to tell you if they find those sorts of indications. The Health Information Technology for Economic and Clinical Health Act (HITECH) was passed as part of the $780 billion economic stimulus package passed when President Obama took office, but is actually used in conjunction with the Social Security Act and HIPAA. (Yes, it does get quickly confusing.)
Because identity theft can impact a consumer quickly and very dramatically, there has been an explosion of identity theft protection programs and products. The first few years, these programs seemed to be finding their feet – exploring what they could and couldn't do while making brash (and unrealistic) claims backed by million-dollar guarantees that turned out to be meaningless marketing gimmicks. Today, the Federal Trade Commission has stepped in, and has started stabilizing the identity theft protection industry by forcing companies to stop making claims they can't back up, and presenting more down-to-earth information about what their programs can do.