Identity theft was once confined to a few people in certain areas of the world. Anyone who lost control over their driver’s license, passport, or bank account details was immediately concerned about having their identity stolen. Now, in the age of digital record keeping and an always-on internet, identity theft is more prevalent than ever.
The Identity Theft and Assumption Deterrence Act (ITADA) was introduced in the late ’90s by Senator Jon Kyl. Its goal was to provide a precise definition of identity theft so that federal agencies could more readily pursue cases. This happened in an age when digital identities were just becoming a thing, making the ITADA a well-timed piece of legislation.
What is identity theft, though, and how does the deterrence act interact with it? Are there ways to protect yourself against cases of stolen identity? We’ll cover everything you need to know in the guide below.
- 1 How does identity theft happen?
- 2 Basics of the Identity Theft and Assumption Deterrence Act
- 3 Identity Theft Enhancement Act (ITPEA)
- 4 Prevent identity theft through encryption and VPNs
- 5 Best VPNs for protecting your identity
- 6 How to use a VPN to encrypt your identity
- 7 Conclusion
How does identity theft happen?
Before you can understand the legal measures taken against identity theft, it’s important to know how identities are often stolen.
Lost and stolen documents
People these days are generally more aware of confidential data printed out in hard copies. No one leaves paper bank statements or credit cards laying around, for example, and businesses shred potentially sensitive documents to prevent data from falling into the wrong hands. This is the result of years of warnings about the insecurity of physical identity documents.
There are two main ways that hard copies of sensitive information fall into the wrong hands: through the mail and through the trash. Thieves often sift through street-side mailboxes looking for pay checks or credit card bills that include private information, everything from Social Security numbers to bank account information. The same holds true for theft via trash.
Personal digital data theft
Digital devices are far more lucrative for identity thieves these days. Our smartphones and laptops carry more sensitive information than a thousand sheets of paper, which is why many cyber criminals target internet connections for slurping up personal information.
Keeping digital documents secure is arguably just as easy as locking down physical ones. The problem is that few people are aware of the dangers of sharing private information online. We’ll discuss solutions to this problem in more detail below.
Massive data breaches
You’ve probably heard about the massive company-wide data breaches that keep happening. In 2013, for example, retailer Target suffered a hacking attack that resulted in the loss of millions of consumer credit card numbers, turning this private information over to cyber criminals overnight. Then there was the Equifax breach where hackers took sensitive personal information of over 143 million Americans from the credit bureau.
There isn’t much average consumers can do about corporate breaches like this. They do represent a huge weakness in modern digital security, however, one that makes identity theft easier and more widespread than ever before.
Basics of the Identity Theft and Assumption Deterrence Act
The ITADA brought a new legal definition to identity theft, making it easier for law enforcement agencies to pursue suspected cases and to protect citizens from harm.
Digital and physical identities
Before the ITADA was put into effect, the definition of “identity theft” was largely restricted to cases of stolen documents. In other words, agencies only considered someone’s identity as stolen if their ID card or other sensitive information was physically taken from their possession. Since the mid to late 90s was a time of rapidly growing digital information, Senator Kyl realized a new definition of identity theft was in order.
After the ITADA was introduced, the concept of a stolen identity was expanded. The wording makes it possible for an identity to be taken if someone “knowingly transfers or uses, without lawful authority, a means of identification of another person with the intent to commit, or to aid or abet, any unlawful activity that constitutes a violation of Federal law, or that constitutes a felony under any applicable State or local law.”
In plain English, that means if anyone tries to use an identity that isn’t theirs, it constitutes identity theft, whether or not they have physical credit cards or ID papers on hand. Since so much information was (and still is) transferred over the internet, this makes identity theft more of a digital problem than a physical one.
Making identity theft a federal crime
The ITADA did more than just define the scope of identity theft, it also tied the act to existing laws an established fines and punishments for committing the act. The biggest change was making all forms of identity theft a federal crime, allowing penalties to include time in prison. Fines and sentencing can be altered based on the number of victims in the case, what information was taken, how it was obtained (hacking), and how much damage was done to the victims.
Before the introduction of the ITADA, identity theft charges did not include considerations for the victims. Restitution wasn’t part of the legal process, meaning someone who had their identity stolen and suffered tens of thousands of dollars of unearned debt wouldn’t be able to recover so easily.
After the ITADA went into effect, cases of identity theft were seen in a new light. Victims could finally restore their tarnished identities, and perpetrators would be hit with massive fines as well as jail time for the crimes they committed.
Identity Theft Enhancement Act (ITPEA)
Less than a decade after the ITADA was introduced, a new piece of legislation, the Identity Theft Enhancement Act (ITPEA), made an appearance. This was largely in response to the 9/11 attacks in New York, and they further refined identity theft to include terrorism.
The ITPEA introduces higher penalties for cases of identity theft that involve more significant criminal intent. The ITADA adds in factors like the number of victims, what information was stolen, and how much the victims suffered from the stolen identity, whereas ITPEA focuses on the severity of the crime in question.
ITPEA adds a minimum two years of imprisonment for “knowingly transferring, possessing, or using, without lawful authority, a means of identification of another person during and in relation to specified felony convictions”. Put more simply, this means that identity theft crimes that involve stealing public money/property, immigration fraud, or using a stolen identity to acquire weapons, all carry a higher penalty.
Other acts against identity fraud
Yet another extension to the stolen identity laws was enacted in 2008. This one, dubbed the Identity Theft Enforcement and Restitution Act (ITERA), offers better legal recourse for the victims of identity theft, adding in compensation and damages to those affected by the federal crime.
Since ITADA, ITERA, and ITPEA were introduced, several new laws have been introduced that make identity theft a more punishable crime or help compensate victims for their loss. These include state-based acts such as the Consumer Identity Protection Act of Alabama and the Identity Theft Protection Act of Michigan. The Social Security Number Fraud Prevention Act and Bank Fraud Statute also change the nature of identity crimes across the United States.
Prevent identity theft through encryption and VPNs
The digital world is a mystery to a lot of people. It makes a lot of sense to shred credit card statements and keep your driver’s license hidden at all times. But when it comes to keeping all-digital data secure, most people don’t have the first clue where to begin.
Running a secure virtual private network is a great way to start protecting your sensitive information. VPNs use incredibly strong encryption to lock down all data leaving your device. This means no one can see who you are or what information you’re sending, even if they had an invincible supercomputer and billions of years to process the code.
Finding a good, secure VPN
It’s incredibly easy to use a VPN to protect your identity. You can’t just choose a service at random and hope they live up to their grandiose promises, however. Before signing up with a VPN, you need to do some research. We’ve provided a few selection criteria below to help you decide which features are the most important for using a VPN. We used the same criteria to choose our recommended services in the next section.
- Extra security features – Sometimes ISPs block or restrict VPN usage. You can get around this by using a service that lets you tweak security settings such as port number or encryption protocol.
- Fast speeds – The best VPNs are able to refine their encryption and routing methods to add as little overhead to your connection as possible, thereby preserving your natural Internet speeds as much as possible.
- Strong encryption – 256-bit AES encryption is the same strength used by the military to protect its data. Settle for nothing less in protecting your data.
- Large server network – The more servers a VPN operates, the better your chances of finding a fast connection near to your location.
- Zero-logging policy – If a VPN doesn’t have a zero-logging policy, it’s potentially harmful to your privacy, as any extant records can be hacked, or else requisitioned by authorities.
Best VPNs for protecting your identity
We researched and ranked the top VPNs on the market to find out which ones can keep your identity safe in as many situations as possible. Here, we present the top four VPNs for protecting your identity:
1 – ExpressVPN
ExpressVPN is one of the fastest VPNs you can find, and it delivers incredibly strong privacy features to boot. The service is extremely easy to use, as well, as anyone can sign up and log in with just a few clicks, no matter which device they use (PC, Mac, iPhone, Android, etc.) or their level of experience with VPNs. All it takes to keep your identity safe is a few seconds to join ExpressVPN, everything else happens quietly in the background.
ExpressVPN has a wide range of privacy features that keeps you safe. Data is always secured with 256-bit AES encryption and backed by a strict zero-logging policy on all traffic, DNS requests, and IP addresses. Information stays secure thanks to an automatic kill switch and DNS leak prevention features, as well. These work alongside ExpressVPN’s huge network of over 2,000 servers in 94 different countries to give you a fast and secure connection anywhere in the world.
For more info about this VPN and its smart security features, check out our ExpressVPN review.
2 – NordVPN
NordVPN is a reliable and well-liked VPN that runs an impressively large network of servers. Joining gets you instant and unlimited access to over 5,220 nodes in 62 countries, all available without a single limitation. This variety delivers great speeds no matter where you connect from, ensuring you always have a fast connection. It also allows NordVPN to offer unique features like double encryption, protection from DDoS attacks, and onion routing over VPN for added privacy and identity protection.
NordVPN’s free apps come with everything you need to stay safe online. This includes strong 256-bit AES encryption, DNS leak protection, an automatic kill switch, and a zero-logging policy that covers time stamps, DNS requests, IP addresses, and traffic. It’s extremely easy to set up and use on all of your devices, too, as the VPN supports PC, Mac, Linux, iOS, Android, and other platforms by default.
Learn more about the NordVPN experience in our full NordVPN review.
3 – CyberGhost
CyberGhost delivers one of the fastest VPN experiences in the world, and it’s incredibly easy to use and offers smart privacy features, too. CyberGhost runs on nearly every device imaginable, from iPhones and iPads to Android devices, PCs, Fire TV, and Macs. As soon as you sign up you’ll be able to access CyberGhost’s large network of over 3,300 servers in 60 countries, all with unlimited data and no restrictions on download speeds or traffic types.
CyberGhost’s privacy features keep you safe with military-grade 256-bit AES encryption on all data, a zero-logging policy on traffic, time stamps, and IP addresses, and both DNS leak protection and an automatic kill switch. These features hide your identity whenever you go online, allowing you to connect with fully encrypted data and an anonymous IP address on any network.
Learn more about CyberGhost’s great privacy features in our full CyberGhost review.
4 – PrivateVPN
PrivateVPN is a strong and safe VPN that can help you access a secure internet connection anywhere in the world. With PrivateVPN running in the background, you can surf and stream with complete privacy, even on public hotspots or cafe Wi-Fi. Use it on PC, iOS, Android, Mac, and plenty of other platforms thanks to the company’s lightweight and easy to use software. With PrivateVPN, you never have to worry about your online safety again!
PrivateVPN operates a small but reliable network of 100 servers in 59 different countries. All data is secured with strong 256-bit AES encryption to keep your connection safe, and an automatic kill switch and DNS leak protection along with a zero logging policy on all traffic ensure your privacy is never at risk.
Read more about PrivateVPN’s stellar features in our thorough PrivateVPN review.
How to use a VPN to encrypt your identity
Once you’ve chosen a reliable VPN, the hard part is over. Now all you need to do is set everything up to keep your data safe and secure on all of your devices, everywhere you go.
Step 1 – Download and connect to the VPN
VPN apps are designed to be as easy to use as possible, offering easy one-click installers for most major platforms, including smartphones and PCs. If you use a non-standard device you may need to consult the VPN’s support pages for help, but otherwise you can use the method outlined below to get started.
- In a PC web browser, sign into your VPN account.
- Look for a downloads section and click it.
- Select the app for your device and download it. You may be redirected to a mobile marketplace to install apps for iOS or Android.
- Install the app on and launch it.
- Log into your VPN software using your account credentials.
- After signing in, your VPN app will connect to the fastest server.
- Minimize the VPN app or let it run in the background. It will now keep you safe and secure when you connect.
Step 2 – Repeat for all devices
It doesn’t matter which device you use to connect to the internet, or where you connect from, all internet-enabled hardware is vulnerable to cyber attacks. If you truly want to secure your identity, you’ll need to repeat the steps above to install your VPN on every device you own.
In case you get stuck, here are a few handy guides to installing VPNs on more hardware.
- Use a VPN on Fire Stick and Fire TV
- Installing a VPN on Android smartphones and tablets
- VPNs on iPhone and iPad
- How to install a VPN on Mac
- Best VPN for Windows 10, 8, 7
Step 3 – Keep your VPN active at all times
VPNs encrypt all traffic going through your device. The catch is you have to run the VPN app at all times, otherwise data won’t be protected. You can ensure constant security by launching the VPN each time you boot up your device and setting it to connect to a server automatically. As long as you don’t manually shut down the software, you’ll stay safe, and your identity secure.
It’s not that hard to protect your identity, even in the face of all the cyber threats online these days. Acts such as ITADA make it less profitable for criminals to engage in identity theft, as well, so with a little luck and the right precautions you can stay safe every time you use the web.
Got any tips to share on protecting your identity? Let everyone hear your story in the comments below.