I’ve been thinking of ways to make it clear why I think Javelin Strategy’s conclusions on identity theft are bogus. In a previous post, I explained why companies like those that pay for Javelin’s research (Visa, Wells Fargo) want you to believe that identity fraud is committed by people “connected to the victim.” This is because if they can shift the blame for identity theft to victims, they can avoid regulatory scrutiny for things like repeated security breaches.
There’s also a the statistical problem with generalizing about identity theft from very small sample sizes.
So, here’s another illustration of the problem–in the chart below, you can see how many people were called in each identity theft survey, how many were victims, how many knew who the thief was, and finally, how many were victimized by a friend or family member.
|
Study
|
Sample Size
|
# of Victims
|
# who knew thief
|
# where thief
was a friend, family member |
|
FTC 2003
|
4057
|
433
|
113
|
60
|
|
Javelin 2005
|
4000
|
507
|
133
|
66
|
|
Javelin 2006
|
5000
|
529
|
183
|
87
|
|
Javelin 2007
|
5000
|
505
|
182
|
“Over Half”
of the 182 |
Think about this. Javelin is making the conclusion that the majority of identity cases, millions of them, are committed by your friends and family. And they’re basing their conclusion on the responses of less than one-fifth of the of the 500 victims. And this is from a survey that doesn’t even detect synthetic identity theft.
And check out this claim from the 2007 report:
“Of those cases where the fraud operator is known, over half are closely connected to the victim, as relatives, co-workers, friends, neighbors or in-home employees.”
Co-workers? So, this means that if some stranger in the human resources department at the University of California steals my identity, it is “closely connected” to me?
It’s this type of framing that should make one suspicious. Javelin Research may have raised Lysenko from the dead!