Many times it isn’t what we don’t know that gets us in trouble so much as what we think we know. On more than one occasion I have had someone come to me and tell me that what I was telling people was wrong, because their friend had told them (-insert misinformation here-.) I suppose that comes with every profession, except, of course, for law enforcement. It isn’t that people aren’t trying to get information about identity theft. But it is very easy to get false information about identity theft, called “misinformation”, which gets passed along by people who sound like they know, when maybe they don’t. Being misinformed about what identity theft is, and what your risks are, can put you at greater risk of becoming a victim. So let’s go over the top pieces of misinformation I have heard over the past few years.
I have bad credit, I don’t have to worry about identity theft. Only about one in four cases of identity theft have anything to do with money – whether you’re talking about credit or bank accounts. This is called financial identity theft. Other forms of identity theft can be far more difficult to clear up, and have a much deeper impact on your life. If you want to protect yourself from identity theft you need to know the different types of identity theft. The biggest risk of identity theft is not your ATM card or credit card, but your Social Security number.
My bank takes care of that. No, your bank does not. In fact, your bank may not even be in compliance with federal guidelines to protect your money from potential identity theft. And what some victims find is that when they go to their bank to address the identity theft issue, what they face instead is a legal department with crossed arms hiding behind some obscure clause in micro-print on the back of page 71 of a contract you signed stating that you fully understood. In all fairness, most banks are proactive with their clients, but I am constantly surprised how many financial institutions prefer to argue with their clients (especially business accounts) rather than help fix the problem.
If you have to work with your bank to resolve an identity theft, you will want to know about the Electronic Funds Transfer Act. (You will also want to read about EFTA if you believe you are only responsible for $50 if you are the victim of an identity theft.)
The government has laws to cover that. Well, yes and no. There are laws such as HIPAA, FACTA etc. that deal with data security, and there are laws like the Identity Theft and Assumption Deterrence Act that address identity theft directly. But enforcing these laws has been difficult at best. The largest groups who are breaking them are illegal immigrants and organized crime rings who operate mostly outside of US laws. But the biggest problem is that these laws are pretty much “lip service” to the public. Behind the scenes, courts are ruling against these laws, and organizations like the IRS and Social Security Administration are making internal policies that are stacked against the consumer. In other words, although there are laws to cover the various aspects of data breach and identity theft, don’t expect they will be a lot of help.
I have a program that guarantees I won’t be a victim, or they’ll pay me a million dollars. No, your program does not guarantee that. Some identity theft protection companies say they offer a million dollar guarantee, but what they are guaranteeing is that they will do what their contract says they will do – and often it is not what you think they should, or even what you have been told. It’s a good idea to know how to evaluate an identity theft protection program before you give someone your money. Even the FTC says that most identity protection programs (PDF) have little or no value.
I have a program that will pay me back for any money I lose in an identity theft. No, you don’t. The insurance industry calls this “actual damage indemnification.” It means they will pay you back money you lose. You may have this for lost or stolen travelers checks, but other than that, hoping for reimbursement for actual damages will always lead to disappointment. I’ve reviewed countless identity theft protection programs for clients and insurance professionals for the past several years. Almost every policy I’ve reviewed has an exclusionary phrase in it that reads “…indemnification for actual damages.” Look for it in your policy.
I have identity theft protection through my credit card. Programs offered through credit cards usually only cover the accounts you have with that company. And since the company is looking for credit card fraud anyway, they’re really just having you pay more for what they should already be doing.
(Although your Identity Theft Guide is an expert on the subject and has studied various identity theft and data breach laws at length, he is not a lawyer. This article and the conclusions drawn herein are an informed opinion of an identity theft expert, and not to be considered as legal advice. If you have legal questions concerning a specific situation, consult an attorney.)