Straining Credulity on Identity Theft Costs

A solid article in ComputerWorld tells us that data theft is getting worse. In the ongoing struggle between the security mavens and the data thieves, the bad guys are gaining ground. They are getting more shrewd at targeting victims, even buying marketing lists to hone in on the affluent. They are also careful to avoid being caught. They will wait often a year before utilizing purloined information, and often use only parts of a stolen identity so as to keep the victim from canceling all his accounts. Furthermore, the popularity of social networking plays straight into the fraudsters’ hands, making it easy for them to gather information and distribute malware innocuously.

The figures cited are sobering: identity theft up 50% since 2003, 2.5 million credit card numbers stolen online, phising up 20% in the last year, more than 158 million records of US residents exposed, and according to Gartner, the costs of identity theft doubled last year.

Except for one. Despite evidence of growth on both axes – activity and per incident cost – a consulting firm, Javelin Strategy and Research, claims that:

….prevention and awareness by both consumers and businesses helped reduce the number of adult victims of identity fraud in the U.S. from 8.9 million in 2005 to 8.4 million in 2006, and the dollar amount of fraud dropped 12% from $55.7 billion to $49.3 billion.

Now how could anyone defend such a patently ridiculous finding? Simple. If you look at Javelin’s website, it serves the payments and financial services industry. Who has the most to lose from tougher legislation to prevent identity fraud and make insufficiently careful organizations liable for the losses? The payments and financial services industry.

Although this is a baldfaced example of garbage-in, garbage out, industry-serving PR dressed up as research, it’s far from the most extreme. My favorite was the study by the University of Maine that concluded that lobsters really didn’t mind being boiled alive.

Print Friendly, PDF & Email


  1. Anonymous

    August 21, 2007 | written by Bruce Cundiff

    Naked capitalism — the emperor has no clothes…no seriously

    Saw this blog today (I was a first time visitor), questioning the research methodology for our ID Fraud survey. In the end, I had to laugh…oh the irony.

    The kicker in this is that the blogger is inherently questioning our research findings point blank (I especially liked the part where he referred to them as “patently ridiculous”) without any knowledge or understanding of our research methodology.

    I’ve got no problem whatsoever discussing, defending, and debating our research. It’s what we do, and it’s what we do well. If someone has a problem with our findings (and people bones about that), they should at least give us the courtesy of actually reviewing the methodology before spouting “patently ridiculous” platitudes and the like. Oh wait…that might take some effort.

    I’m likely overreacting, but I take my work seriously. It’s blatantly obvious that the blogger has a preconceived notion about ID Fraud trends, and no amount of rigorously gathered data and analysis behind that data is going to sway that notion.

    I guess I can take solace in the fact that said blogger is not in charge of risk an fraud mitigation at my bank (or any bank that I might have invested in…). Otherwise I would have to question the way the bank is handling its ID fraud issues.

  2. Yves Smith

    Apparently Bruce is unaware of the fact that I had extensive e-mail discussions with one Luke Abernall of his company, have reviewed the study methodology, provided two rounds of extensive comments to Luke, and have gotten no reply to my latest message, in which listed a very detailed list of problems in their approach.

    I also said I would be happy to look at the details of how they did certain adjustments to their data to see if I was comfortable with their methodology, but all I got was dead silence.

    Just one specific that won’t be too gory for readers. Javelin changed its methodology to ask respondents to put their estimates of losses into ranges. Before they had open-ended questions. Anyone who knows anything about cognitive bias knows that introducing numbers when asking people to make estimates HOPELESSLY skews the results. It’s a problem well known and well documented experimentally in behavioral finance called anchoring. And interestingly, the trend line of results changed the very year they made this change. Now correlation is not causation, but it it troubling nevertheless.

    I also note that Bruce engages in an ad hominem attack. He chooses to imply that I don’t understand survey and statistical research without specifically refuting my points, and without inquiring into my experience or training. This is a logical fallacy. Not a good sign from someone who chooses to wrap himself in a mantle of rigor.

Comments are closed.