...credit card fraud, and "new account fraud", where new accounts are established in the victim's name.
"I don't believe the incidents of true identity theft are as high as the general public might think," said Cheryl Charles, a senior director at BITS, a business strategy and technology group in the Financial Services Roundtable, which represents 100 of the largest US financial institutions.
"The online environment is really pretty safe. Most identity fraud tends to occur in the paper environment," she said.
Having data fall off the back of a lorry does not typically result in a crime that costs someone money. "Even though the loss of data is a concern, it doesn't mean it will lead to actual identity theft," Charles said. "Just having access to the information does not mean somebody could succeed in committing identity fraud."
Perception, however, is reality for many people. So despite evidence of relative safety, nearly 80 percent of US residents fear identity fraud, and that angst is keeping nearly half of registered US voters from conducting business online, according to two separate surveys published over the summer.
And when ID fraud does occur, the consequences can be costly. In 2004, Javelin's research found that the average loss due to identity fraud was $5,686 per victim, rising in the more serious category of new account fraud to $12,646.
Several years ago, identity fraud was labelled by the FTC as the fastest-growing crime in the United States. In a 2003 survey, the agency said 10.1 million US residents had suffered from it in the previous 12 months, with $51.4bn lost. In a follow-up study a year later, Javelin identified 9.3 million victims with $52.6bn in losses.
Anecdotal evidence for 2005 shows that the numbers will stay flat, Van Dyke said. "The good news is that identity fraud is no longer the nation's fastest-growing crime," he said. "The bad news is that it is not going away. Instead, it is holding steady."
The wide reports of ID theft have made people more vigilant, which all sides agree is a good thing. For one thing, "we need to do a better job of not keeping our paper available," said Charles, who recommends cancelling paper statements from a bank, credit card issuer or a utility company.
Keeping watch
Hayes monitors her credit card and bank account daily via the Internet and requests a credit report twice a year. Though she has not fallen victim to fraud from the UC Berkeley incident, she has had other experiences with identity theft.
Five years ago, someone bought a mobile phone in her name, unbeknownst to her, until a collection agency came looking for money. It took some effort, but the mess was cleaned up, and her credit score restored.
"I think we need a whole better system," said Hayes. "Identifying people by their Social Security number simply isn't working."
Like many other careful consumers, Hayes now shreds all documents that contain sensitive information before she discards them. About 10 million shredders are sold every year worldwide, according to shredder manufacturer Fellowes of Itasca, Illinois.
"We have seen significant sales growth," said John Fellowes, director for shredders at the company that bears his name. "The industry is up about 10 to 15 percent over the previous year."
But experts point out that, while shredding is smart, only 2.5 percent of ID theft cases last year were linked to dumpster diving. By contrast, 8 percent were traced back to the mailbox, a much cleaner way to find identifying information. Almost one-third of all fraud occurred because of a lost or stolen wallet.
As a result, though some fear of ID theft is justified, experts in the field stress that it should not dominate anyone's life.
"There are certain things that are just silly to do in today's world, like throwing out your tax documents and credit card statements in a plastic bag on your curb without first shredding them," said Monique Einhorn, an attorney at the FTC. Nevertheless, she added: "People have to balance their own paranoia and security issues against convenience."
Talkback
Here in the U.S., purchase a scanner and monitor public safety transmissions.... THE POLICE will provide you with victims, names, addresses, birthdates, license numbers, social security numbers, place of birth, etc., as they are harrassing folks. All you need is pretty low-tech, a scanner, pencil, and paper. This is why I laugh when I see the law enforcement posters warning against ID theft!