The American National Standards Institute's Identity Theft Prevention and Identity Management Standards Panel (IDSP) have just released a workshop report "Measuring Identity Theft" (195 pages long , free to download - if you fill in a form giving a bunch of personal details such as mother's maiden name! I say nothing further on that…).
As they put it, the report (my emphasis):
"addresses various facets of how research companies measure identity theft. The report finds that disparities exist in the way that key terms are defined in statute versus in practice—terms such as identity theft, identity fraud, and data breach. This potentially causes confusion in the marketplace and creates impediments to fixing the underlying problems. The publication also reviews research studies and methodologies for studying identity theft and makes best practice recommendations for how research companies should measure and report on the issues."
And highlights include:
- "A comparison of how key identity theft and fraud terms are defined in [American] statute and in research surveys with a discussion of why they are sometimes different.
- A catalogue of 166 research studies on identity theft and data breach trends, identity theft protection services and information security solutions, with notes on contradictory research findings, gaps in existing research, and observations on what makes a study useful.
- A recommendation that identity crime research that is publicized or intended to shape public policy should include a lexicon of significant terms and a methodology statement, with specific elements of the methodology statement defined."
©WH. This work is licensed under a Creative Commons Attribution Non-Commercial Share-Alike England 2.0 Licence. Please attribute to WH, Tech and Law, and link to the original blog post page. Moral rights asserted.