Senate debates
Tuesday, 10 May 2011
Committees
Foreign Affairs, Defence and Trade Joint Committee, Cyber-Safety Committee
8:41 pm
Dana Wortley (SA, Australian Labor Party) Share this | Hansard source
Chairing the parliament's Joint Select Committee on Cyber Safety, I have heard from many about their concerns regarding privacy and related issues. One that causes great concern is that of identity theft. It is an achievement of this government that this issue is being addressed in part through the passage of the Law and Justice Legislation Amendment (Identity Crimes and Other Measures) Act 2010. The bill for the act passed quietly, but the reforms that resulted are significant and they touch each and every person.
Identity theft is real, it is epidemic, and its manifestations range from the simple theft of a wallet or purse to elaborate online frauds, all with the aim of using the victim's personal details, without his or her knowledge, to fraudulently obtain goods, services, cash or credit. Many of us know someone whose stolen credit card has subsequently been used without his or her knowledge or authorisation. We know people who have received those emails known as 'phishing', where criminals, posing as legitimate organisations such as banks, use apparently corporate websites to solicit passwords, tax file numbers and the like. Indeed, many of us in this chamber have received those emails, too. Clearly, sufficient numbers of people respond to these emails to make the scams worth continuing.
It would appear that, even if we do not shop or bank or pay bills online, our personal details can still be available to increasingly sophisticated hackers. The majority of information now has some connection to the world wide web, and if we have ever, for example, registered a car, claimed a Centrelink benefit—which, of course, is deposited to a bank account—obtained household insurance or made any other similar transactions, our personal details could eventually be uncovered by way of increasingly sophisticated computer technology. Meanwhile, the plumber, our accountant and many other service providers will happily hand over their BSB and account details for direct deposit of payments.
There are numerous examples of crimes and potential crimes, and most of those I have highlighted are personal crimes. But small businesses and even large corporations are subject to such fraudulent practices. The consequences of these crimes for persons, small businesses and large corporations can be significant. A victim of identity theft can be completely oblivious until he or she finds that their bank account has been emptied, that credit has been obtained in their name, or even that a crime has been committed, allegedly by the victim. Such consequences can take months, sometimes years, to repair. The victim's creditworthiness can be damaged. He or she may unknowingly have a criminal record that comes to light well after the alleged offence, but in time to jeopardise a job offer or a visa application. You can only imagine the shock of finding out any or all of these things, and the effort, time and expense involved in repairing the damage and restoring one's reputation. You can imagine the emotional strain that could ensue, possibly over a very extended period of time.
My research shows that estimates of the financial cost of identity theft in Australia can reach up to $4 billion per year, and that crimes of this nature are growing faster than any other area of criminal endeavour. Of course, identity theft is a transnational crime. It is clear that the instances I have outlined are likely to represent only a tiny part of a more organised and highly sophisticated underlying criminal structure, both here in Australia and overseas. That is why we need to be increasingly vigilant in relation to our personal information and the ways in which we disclose it.
The act to which I refer comprises a number of amendments to do with law enforcement, privacy and related matters. Chief among these is the creation in the Criminal Code of three offences to do with identity theft. They are: dealing in identification information where the perpetrator intends to pass him or herself off as another person—living or dead, real or fictitious—to commit or assist in the commission of an indictable offence under Commonwealth law; the possession of identification information where the perpetrator intends to use the information to commit or assist in the dealing offence; and the possession of equipment to create identification documentation where the perpetrator or another person intends to use the equipment to create documentation so as to engage in conduct constituting the dealing offence. The act also provides for an extended geographical jurisdiction. As identity theft is a transnational crime, so too the three offences will also be applicable to an Australian citizen or citizens, or an Australian body corporate outside this country.
These provisions represent significant progress in the fight against identity crime, but increased vigilance, as I mentioned earlier, is the key to protecting ourselves against crimes of this nature. It may sound simple, but just on a personal level we can facilitate this by actually checking the transactions on our credit card statements and then disposing of these by shredding them and not just tossing them into the recycling bin. We can cut up expired drivers licences, credit cards and the like instead of disposing of them intact. We can take care when opening emails from an unfamiliar source, and particular care when our personal or financial details are requested by an unknown—or even a known—person or organisation, whether in person, on the telephone or online.
As the 2008 OECD Policy Guidance On Online Identity Theft points out with particular reference to the latter:
Online ID theft is a fraudulent activity which has become increasingly complex, relying on ever changing high-tech methods. Tackling it requires concerted, collaborative efforts by all stakeholders (i.e. government, business, and consumers). Education and awareness are therefore necessary to ensure that both consumers and businesses are aware of the importance of the problem, and knowledgeable about its evolving forms.
Enhancing community and business awareness is key to combating this expanding and constantly evolving global problem, as well as criminal sanctions, such as those encapsulated in the act for those who engage in it.
With those remarks, I take this opportunity to commend our government for its foresight in legislating to combat these 21st century crimes through the Law and Justice Legislation Amendment (Identity Crimes and Other Measures) Act 2010.
No comments