12.1 In this chapter, the ALRC discusses a potential consequence of an interference with the privacy of an individual—identity theft. The definition of identity theft, and existing responses to it in Australia and overseas, are discussed. In particular, recent moves to criminalise identity theft in Australia are considered. An overview of the ways in which privacy laws can assist in preventing identity theft, and minimising the harm caused by it after it has occurred, is then provided. Specific reforms of privacy laws that may help to address the problem of identity theft are discussed in further detail throughout this Report.

12.2 Identity theft has existed for centuries. It has been argued, however, that it is becoming more prevalent in today’s society because of developments in technology.[1] For instance, developments in information and communications technology mean that agencies and organisations now store vast amounts of identifying information electronically. Any breach of the secure storage of this information can increase the risk of identity theft for the people to whom the stored identifying information relates. Further, electronic commerce and electronic government create impersonal transacting environments that are conducive to identity crime, and developments in computer technology have greatly increased the ability of individuals to forge identifying documents.[2]

[1] See, eg, N Dixon, Identity Fraud: Research Brief No 2005/03 (2005) Parliament of Queensland—Parliamentary Library, 1; R Lozusic, Fraud and Identity Theft: Briefing Paper 8/2003 (2003) Parliament of New South Wales—Parliamentary Library.

[2] See, eg, S Cuganesan and D Lacey, Identity Fraud in Australia: An Evaluation of its Nature, Cost and Extent (2003) Securities Industry Research Centre of Asia-Pacific, 1.