Internet Law News this morning reports that Australia will propose national legislation to criminalize identity theft.
I am not sure I understand the story. Presumably Australia has laws against fraud. The story mentions using another person’s credit card and stealing personal information to open bank accounts and take out loans in the name of the victim. Would not such actions already be illegal? They certainly would be here.
It is arguable that it should be illegal simply to acquire the personal information, without actually using it – but then would protective or limiting measures be needed to prevent abuse, or to ensure that there was some criminal intent? Criminal intent should include intention to resell the information, i.e. the person taking it doesn’t have to intend to use it personally in order for the taking to be a crime.
Legislators have to be pretty careful about just what activities they want to target. There is little point in having a multiplicity of laws that make offences of the same activities. (I heard once that California has over 20 laws against different kinds of fraud.) The problem with that is the difficulty of laying the right charge, or the risk of overcharging to ensure that one of the charges will actually apply to the activity.
What is identity theft, anyway, as a matter of law?
P.S. the story says “draft laws … have been introduced to parliament”. Australia may have a different legislative system than we do here. Here the government introduces bills, which are not just “draft laws” but fully conceived (in principle) legislation that can be passed as introduced, though of course it may be amended before passage too. Sometimes governments release draft legislation – more often just descriptions of proposed legislation – but not in Parliament. Maybe they’re talking about a bill in Australia too, but the ‘correspondents in Canberra’ who wrote the story figure that their readers don’t know what a bill is.