Toward a definition of identity theft.

The other day I heard a warning that having someone steal your checkbook is the “worst form of identity theft.”

Honestly, I’m not entirely sure that is identity theft.

I suppose I’m something of a purist in this case. To me, “identity theft” occurs when someone obtains your personal identifying information without your permission, and uses it to open new financial accounts, obtain credit, medical services or employment, or evade arrest.

To me, someone just swiping your checkbook and passing checks all over town falls under the umbrella of simple “theft.” I suppose on some level the thief is implying that he or she is you, but credit is not being obtained in your name in this case. It’s sort of like someone just stealing your cash. The thief doesn’t have your Social Security number or date of birth, all he has is your checkbook. Once those stop working, he’ll abandon them.

Not that having your checkbook stolen isn’t a massive headache. I’m not saying it’s something to take lightly at all. It’s just that I don’t think it constitutes identity theft per se.

I also don’t believe that simple credit card theft usually equals identity theft. Once again, the thief may be implying that he or she is an authorized user of your credit card, but that’s as far as the crook is taking things. They’re not changing your address so you don’t get the bills, they’re just burning through your card for a couple days until they max it out.

Once again, it’s a pain for the victim, but it’s not quite identity theft.

My parents were among the victims of the Heartland Payment Systems data breach back in 2008. Their credit card (which they had used once at a restaurant) suddenly showed two charges of $850 at an electronics store in California. One call to the credit card company was all it took—I don’t even think my dad had to finish his sentence before the customer service person said, “Yes, there was a data breach…aaaaaand you’re all fixed.” There was no need to place alerts on credit reports or anything. A crook had used their credit card numbers, they called the company, problem solved. In a case of true identity theft, it would have taken a lot more than one phone call to remedy the situation.

Again, I’m not saying this type of theft can’t be a hassle, because it can be. I guess I’ve just been seeing the term “identity theft” get thrown around a lot, and it seems useful to place a few limits on the term, if only for clarity.

One final point: you’ll never hear me use the phrase “ID theft” as shorthand for identity theft. Your ID is a card with your picture and information on it. Your identity is all the non-public personal information about you—date of birth, Social Security number, credit reports, etc.

To me, “ID theft” sounds like somebody just stole your driver’s license. Of course, identity theft could involve someone stealing your ID (and then manufacturing a new one with their picture and your information), but “ID theft” is a term that obscures rather than illuminates.