2. What exactly is Identity Fraud? Identity fraud is referred to a big crime in which someone wrongfully obtains and uses another person's personal data in some way that involves fraud. Identity is unique to you and cannot be given to someone else for their use, your personal data ­ especially your Social Security number, your bank account or credit card number, your telephone calling card number, and other valuable identifying data ­ can be used, if they fall into the wrong hands, to personally profit at your expense. In many cases, a victim's losses may include not only out-of-pocket financial losses, but substantial additional.

3. All of your personal information such as your credit card number, where you live, your phone number, Medicare number, license number date of birth etc….are stored in a database. A fraud can steal from your purse or wallet but the most common way is through a computer or database where they can get a hold of your personal information by either using Trojans, phishing , hacking in or using the zero day attack. These thieves are able to log onto a public computer you were on and hack their way into finding what you were doing. They are even able to research from government registers, search engines Google) or public records. They are able to obtains information from organizations which store quite a large amount of personal information. - By browsing on social networks such as MySpace, face book, bebo etc…they are able to get hold of any of your personal information and therefore be misused. How are databases involved in Identity Theft

4. How are databases involved in Identity Theft

5. The type of data stored about individuals in relation to Identity Theft

6. Types of ways this data can be misused in relation to identity theft All your personal information (as mentioned before) if obtained is able to misused in many ways. This includes -By obtaining your credit card details this being your pin number , card number, deposit slip etc….)and using these “identity” token the thieves are able to access your savings, funds from an ATM or retail casher. They are also able to make debits such as withdrawals, purchases or checks. - An account takeover is possible as well, where the stealer takes control over the account by rerouting the credit card statements to a new address. -They are able create new accounts using another persons identity - If they get hold of a persons insurance information , they are able to use the person’s identity information’s to obtain medical services, such as going to a doctor or goods like medicines). So therefore the thief is putting medical entries into the victims existing medical records.

7. Types of ways this data can be misused in relation to identity theft apply for a loan.

8. Ethical responsibilities of those maintaining this database? The ethical implications are what should be stored on the databases in the first place. Also there should be a consideration of the intrinsic ethical duty placed on database security professionals to secure a database system. Who is to blame? Consider a situation where a database protected private data, but there was no attempt to ensure its security except the statement that no one is to misuse it. A person who compromises the database in a misuse fashion has committed an ethical infraction.

9. Your personal information is stored in this database and this database is part of an organization whether being a bank, a social network, phone company, gas company, insurance company, the government, ATO(Australian Taxation Office) etc…. Legally banks as per the privacy act requirements have to maintain physical security, such as locks and security systems, over paper and electronic data stores and premises. They also maintain computer and network security: and other security measures such as identification codes and passwords to control access to computer systems. As for social networks information cannot be accessed until the owner has accessed it. Phone, gas and insurance or any other company in Australia are not allowed to share the information of a user with other companies without consent. Companies in Australia have to comply with the Privacy Act 1988. Legal responsibilities of those maintaining this database

10. “ We will destroy personal information if it is no longer needed: > for the purposes for which we collected it; or >for the purposes of meeting legal requirements. We will properly dispose off all paper files, letters, correspondence and any other hardcopy documents contain personal information that is no longer needed. All information stored in electronic form that is no longer required will be deleted from our systems.” Legal responsibilities of those maintaining this database

11. 77%Australians believe That they give out more Personal information On the internet than they do in reality. 63% Australians reveal their name online. A third admit to revealing their home address. 29% people have given bank details or credit card numbers to non banking websites. 41 percent of 16-24 year old have written personal details online, exposing themselves to identity fraud, but are not worried of identity theft from information they have posted online. 46%of Australians believe they are at some risk of identity fraud online Survey Conducted

14. Extra Information For more information on identity fraud visit http://www.stopidtheft.com.au/ to learn more about it. You can also visit the Australian Government, Australian Institute of Criminology website http://www.aic.gov.au/research/fraud/idfraud.html , which has a list of useful links, reports, conference papers and presentations!

15. Video!