National Identity Fraud Prevention Week kicked off yesterday with calls from MPs to appoint a UK ID fraud tsar to coordinate efforts to combat the problem, and reduce the potential knock-on effects of fraud on business and consumer confidence.
The report by the All Party Identity Fraud Group said that appointing a single person to work across government, police and private sector would create a more unified approach to the problem. The report also recommended that the public and private sector share data more securely, and also that a national strategy for fraud should be established.
"There have been three different Home Office Ministers in the last two years with responsibility for identity fraud, making it difficult for the Government to form a cohesive approach to the problem," said Nigel Evans, chair of the All Party group. "An identity fraud tsar would be able to effectively coordinate efforts to tackle identity fraud."
The calls met with a mixed response from industry. Donal Casey, security consultant at technology consultancy Morse, said that firms still need to concentrate on reviewing their own security processes and educating staff if they are to ensure customer info is not at risk.
"If the introduction of a tsar for ID fraud means the law is tightened up and there is a more joined up attack on fraudsters then that's great," Casey added " However, this shouldn't in any way detract from the measures businesses need to put in place to protect themselves."
Andrew Kellett of analyst Butler Group argued that there is a need for someone to take responsibility for ID fraud, but added that fraud reporting also needs to be clarified if the problem is to be tackled properly.
"The reporting of computer crime has stopped being a crime because it doesn't have to be reported to the police," Kellett argued. "Organisations now report it to their banks and there is no incentive for them to publish these figures."
Tom Ilube, chief executive of privacy firm Garlik, gave the report a cautious welcome, but added that the appointment of an ID fraud tsar would not have much impact unless they were given enough resources.
"Dedicated ID fraud police officers may be more important than an overall ID fraud tsar; this area of criminal activity is evolving rapidly and in unpredictable ways and we need officers who specialise in it," Ilube added. " Over the next few years the average person will have 10 times the current amount of personal information in the public domain and ID fraudsters will take full advantage."
Ilube called for organisations to appoint their own "personal information tsar" to ensure there is someone clearly accountable in an organisation for looking after people’s personal details.
The report also called for awareness-raising campaigns to educate businesses about the dangers of disposing of hardware without fully removing personal information from the hard drive. And banks were urged to do more to protect customers.
Lord Erroll, one of the contributors to the recent Lords report on personal internet security, told IT Week that much of the liability should be placed on financial institutions, but added that the scale of the problem is still unclear.
Lord Erroll also explained that growing ID fraud could lead to reduced levels of public confidence, which may affect both public and private sectors.
"If we want to make the UK the best place to do e-commerce and enable the e-delivery of government, it clearly isn't going to happen if a third of all the people on the internet aren't going to transact," Lord Erroll added.
