Gyroscopic Investing

Does anyone on this board use an identity theft protection service?

Any thoughts on identity theft in general?  It's hard to tell what the legit issues are, and what is hype designed to sell you a service.

I do not use any service.

I think that "identity corruption" is just as big a problem as identity theft.  Identity corruption is when you are bombarded with so many confusing and contradictory messages that you begin to lose your sense of having a distinct identity in the first place.  When your defenses have been compromised through years or decades of this onslaught of stimuli, the identity thieves have a much easier time, since a compromised identity is much easier to steal.

I also think that the robust surveillance program that 9/11 gave us is also a form of government-sponsored identity theft. 

One line of reasoning that is almost comically absurd is when people say "if you're not doing anything wrong why do you care if the government is tracking you?"  My response to this would be "okay, does that mean that I can go into any government agency and ask them to open up all their files for me to review?"  If the answer to this is "no", I would say "well, if the government doesn't have anything to hide, why would it mind if I took a look around its files?"  The answer when it comes right down to it is that the government likes its privacy just like everyone else does.

To me, privacy should simply be the default, and the burden of proof shouldn't be on me to show why I should have privacy, it should be on the party that wants to compromise my personal privacy. 

It would also be helpful if there were stiffer criminal penalties for identity theft.  Right now, many local police departments will barely even investigate a case of identity theft, much less prosecute it.  My wife had her identity stolen a few years ago and she obtained the address that the thief had used to receive shipments of products that had been ordered under my wife's name.  When she provided this information to the police they told her there was nothing they could do, and that as far as they could tell if anyone had committed a crime it had been her since her name was on the shipments that went to that address.

There is a curious willingness among people to think nothing of the government doing something that would be considered outrageous if a private citizen did it.  If I decided to put up cameras all over the place because I just wanted to keep an eye on people to make sure they weren't doing anything wrong, people would say I was crazy, but when the government does the same thing people will believe that they are safer because some government official is keeping an eye on them.  The unasked question is always "who will keep an eye on the government official?"

I was reading a piece about the wire taps used in the recent hedge fund insider trading investigation (which appear to have been very effective in breaking up what was essentially an organized crime ring).  These wire taps were court approved and had a very narrow scope and the agents listening in on them were required to stop listening if the conversation clearly had nothing to do with the investigation.  Notwithstanding this specifically defined scope, apparently there was a man who was not a target of the investigation but who worked at a firm that had all of its lines tapped, and he would occasionally have intimate conversations with his wife that were so juicy the agents just couldn't help listening to them.

Identity theft can take many forms.  Ironically, I think that the long term effects of television and other media gradually turning people from distinct and unique identities into commoditized clusters of consumer preferences is probably worse than someone stealing your identity and buying a computer in your name.  In the latter case, it's like dropping a frog in a pot of boiling water--he will just jump out.  In the former case, however, it's more like the frog gradually being boiled alive as the water temperature is gradually increased and he slowly loses whatever distinct sense of personal identity he may have ever had without ever noticing what is happening to him.

MediumTex wrote: To me, privacy should simply be the default, and the burden of proof shouldn't be on me to show why I should have privacy, it should be on the party that wants to compromise my personal privacy.

Great essay.

While I foresee the future as mostly bright, one of the potential dark clouds to me is technology's impact on privacy.  Optical character recognition technology is in such a state that it would be perfectly feasible for a police state to create a timelined "inventory" of all cars in its jurisdiction.

If you hook every police vehicle with a camera that's constantly recognizing license plates and communicating these pairs of "license plate \ GPS location" data back to a central computer, it's reasonably straightforward to build a permanent database of where all of the vehicles in the city have been over time.

Beyond all of this, many of today's tech giants (particularly Facebook and Google) don't appear to treat privacy with much seriousness.  Happily, technology has also given us things like universally available strong cryptography and distributed file sharing so there's a lot of good with the bad.

MediumTex wrote:When she provided this information to the police they told her there was nothing they could do, and that as far as they could tell if anyone had committed a crime it had been her since her name was on the shipments that went to that address.

Did the context in which this was said make it seem any less moronic than it seems to me right now?

I am glad that this approach is not popular for murder investigations.  If Joe Smith gets sliced up with a katana that has "This katana belongs to Joe Smith" written on the handle with magic marker, is the incident ruled a suicide?

MT,

Your story about the police is nausiating... they'll endlessly patrol streets with their glorified make-work jobs ready to pull people over for minor infractions, but when property is actually stolen or damaged, they prove next-to worthless.

I simultaneously really respect the role the police play in theory, and have a large amount of antipathy towards "The Police" as a government organism.

Great, unique insight as always, MT.

The reason I brought it up to begin with is that I left my MacBook on the Long Island Railroad last night.

I don't think there's much there to exploit, but it's a little unsettling. 

I saw a commercial on Fox News for Identity Lock (or something), and got to wondering how big a problem it really is, versus what those selling these services would have us think.

It seems very exaggerated. How badly did they get your wife?  How did they get her info to begin with?

Adam1226 wrote: I saw a commercial on Fox News for Identity Lock (or something), and got to wondering how big a problem it really is, versus what those selling these services would have us think.

It seems very exaggerated. How badly did they get your wife?  How did they get her info to begin with?

If you're talking about LifeLock they lost a class action suit for false advertising not too long ago so I would check them out before purchasing anything they are selling.

I think it is an over-hyped problem (by companies like LifeLock) but I did have a cousin who was victimized by his doctor and spent many years struggling with it. So it DOES happen.

jackh wrote:
I think it is an over-hyped problem (by companies like LifeLock) but I did have a cousin who was victimized by his doctor and spent many years struggling with it. So it DOES happen.

His doctor!?!?

Jail?

I don't trust investment/insurance products sold over the same airwaves where Glen Beck is given air time.

Almost automatically, there's an emotional audience they're pandering to, and by pandering, I mean in talking-points, not actual legitimate service.

That said, one has to think there would be some decent form of insurance one could possibly buy for identity theft.

Adam1226 wrote:

jackh wrote:
I think it is an over-hyped problem (by companies like LifeLock) but I did have a cousin who was victimized by his doctor and spent many years struggling with it. So it DOES happen.

His doctor!?!?

Jail?

Yes, his doctor. I know he got caught but I don't remember if he went to jail or not. I do know he continued doing it even after he got caught.

IMO identity theft and computer security are important issues, especially as more of our lives are managed digitally.  However I think anyone can maintain their own personal security by becoming minimally informed and exercising a bit of common sense and discipline.  These services fit into the broader category of those that overcharge people that can't or won't solve their own problems that way.  So they're in the same category as most financial advisors, credit counseling, personal trainers,  etc.  You don't need to pay for them.

People do a pretty good job of maintaining their physical security by following common sense:

• be aware of your surroundings
• don't trust strangers
• if it sounds too good to be true, it probably is
• use security equipment properly (locks, keys, combinations)
• abandoned property is asking for trouble

Yet somehow this goes out the window in the digital world, and then people are somehow surprised that criminals can take advantage of them.  But if  you follow the first three rules you'll avoid phishing attempts.  If you actually read and follow the directions about setting and changing passwords, installing security updates, running antivirus software, closing browser windows, not saving cookies on public computers, etc., you'll prevent your accounts from being compromised (rule 4). And if you close down accounts when you stop using them you'll limit your exposure (rule 5).

So I think if someone educates themselves about how phishing (http://en.wikipedia.org/wiki/Phishing) and social engineering (http://en.wikipedia.org/wiki/Social_eng ... (security)) works, reads a few articles on maintaining security, and follows those directions, they should be fine.

Putting a credit freeze at the credit reporting bureaus is free for most people to do now. Combine that with a credit monitoring service and you are well covered.

The freeze will not allow anyone to run a credit check to open a new account without you first authorizing it by unlocking the file with an issued PIN or going to the website. The freeze will go back into effect after a certain time has elapsed. Identity theft is much harder to do when they can't use your information to open up bogus accounts.

You can tell the security freeze is effective because the credit reporting agencies try very hard to keep you from doing it. Although I'm not a fan of most legislation, most states have now forced credit reporting agencies to offer this service to anyone (use to just be something done for a celebrity or politician if I recall):

http://www.experian.com/consumer/security_freeze.html

I've never found having the freeze to be a problem. Most people are not opening accounts all the time so it is not an inconvenience. It is sleazy that the credit reporting agencies all sell identity theft protection services, but have made one of the most important identity theft prevention tools (an inaccessible credit report) very difficult to do in the past.

Medium Tex,
Thanks for that great post.  It warmed my libertarian heart.

Lone Wolf wrote:

MediumTex wrote:When she provided this information to the police they told her there was nothing they could do, and that as far as they could tell if anyone had committed a crime it had been her since her name was on the shipments that went to that address.

Did the context in which this was said make it seem any less moronic than it seems to me right now?

No, it was a piece of basically "timeless dumbness".  It will be equally dumb in 20,000 years.

Echoing what craigr said...

The key to fighting Identity Theft lies in the free services provided by the three major credit bureaus (Experian, TransUnion and Equifax)

Step 1 — Set Up a Free 90-Day Fraud Alert

The alert is good for 90 days and lets credit issuers know that you may have been the victim of fraud and that they should request additional information or documentation before issuing credit. It doesn’t stop the issuance of credit in a failsafe/bulletproof way, but if it's followed correctly by the issuer, it will make it much harder for someone to obtain credit in your name and cut down on incidents of identity theft. You can renew the alert every 90 days.

Equifax: 1-800-525-6285; www.equifax.com
Experian: 1-888-397-3742; www.experian.com
TransUnion: 1-800-680-7289; www.transunion.com

https://www.experian.com/fraud/center.html

Alternatively, you may set up a "Security Freeze" or "Credit Freeze" to prevent your credit report from being accessed by anyone. This typically is done for a small fee — unless you have been a victim of identity theft, then it's free. The extra security is usually worth it, but you would need to unfreeze your credit (for another small fee) to open up an additional line of credit. Unfortunately, the freeze will interfere with the timely approval of any subsequent request or application you make that involves access to your credit report. This may include, but is not limited to, new loans, credit, mortgages, insurance, rental housing, employment, investments, licenses, cellular phone service, utility service, digital signature service, Internet credit card transactions and extension of credit at point of sale.

Step 2 — Remove your name from pre-approved credit card offers

Contact Opt-Out PrescreenDirect Marketer’s Association to be removed from many junk mailing lists. Most identity theft happens through intercepted junk mailings. This is the official site to stop those offers from being mailed:

https://www.optoutprescreen.com/

Step 3 — Order your free credit reports

Go to http://www.annualcreditreport.com to access your free Credit Reports. This website is the official portal for the three major credit bureaus (Experian, TransUnion and Equifax). It gives you the option to order your reports over the phone or online.

I don't recommend using a service, such as LifeLock, as many of them simply accept fees to initiate the free Steps 1-3 outlined above.

I was once the victim of someone who used my identity (name, SSN, and a fake ID) to rent an apartment for several months and skip out on the rent.  I have no idea how they got that information, but suspect it was from my college that stupidly used your SSN as your student ID.  The collection agencies all backed off when I produced a police report, but one credit agency refused even to recognize that.  My credit score is fine now, but that was a total pain in the ass.

As Craigr mentioned, the credit freeze is what saved me once that happened.  I applied it all all three credit agencies and never had a problem after that.  It's a little inconvenient when you move (as you have to update them on your address to be able to unfreeze your accounts) but if you ever have an issue with identity theft that's the very first step I'd recommend.  

There are several other services for completeness:

https://www.catalogchoice.org/
http://www.dmachoice.com/
https://donotcall.gov/

Also, of historical interest: http://www.xconomy.com/san-diego/2009/1 ... %E2%80%9D/

MG

Gumby wrote: Step 2 — Remove your name from pre-approved credit card offers

Contact Opt-Out PrescreenDirect Marketer’s Association to be removed from many junk mailing lists. Most identity theft happens through intercepted junk mailings. This is the official site to stop those offers from being mailed:

https://www.optoutprescreen.com/

I do not believe Identity Theft is the proper term for this crime. I call it fraud. Fraud perpetrated on the businesses that provided credit or service.

The industry wants us to do the leg work for them.

I refuse to be a victim of Identity Theft. I will sue any business that does not clean up their own up to there own mistake and clear my good name and credit. They take the risk that the person is not who they say they are. Not Me!

jimw wrote: I do not believe Identity Theft is the proper term for this crime. I call it fraud. Fraud perpetrated on the businesses that provided credit or service.

The industry wants us to do the leg work for them.

I refuse to be a victim of Identity Theft. I will sue any business that does not clean up their own up to there own mistake and clear my good name and credit. They take the risk that the person is not who they say they are. Not Me!

That's an interesting point.  I wonder if anyone has ever used it to successfully defend themselves.