ID Theft Research Group to Come Out of the Shadows

The Center for Identity Management and Information Protection (CIMIP) has kept a low profile since its inception over a year ago, but that's about to change: The public-private partnership that includes IBM, the U.S. Secret Service, and the FBI, has just broken ground on a new multi-million dollar secured facility, and next month will release some surprising findings about the bad guys behind identity theft. (See Group to Research ID Theft.)

Gary Gordon, executive director for CIMIP, says the organization will be presenting some interesting findings from two research projects to the Secret Service and the Bureau of Justice Assistance next week, and then will go public with those results at its Identity Management and Information Protection: Research to Action conference next month in McLean, Va.

"For the first time, we will provide empirical findings that refute the conventional wisdom about the area of identity theft," says Gordon, who is also the executive director of Utica College's Economic Crime Institute as well as a professor of economic crime management there. "We looked at real cases... and the characteristics of the offenders. To my knowledge, this is one of the few studies [like this]; most have been looking at the victims."

Gordon couldn't divulge details of the findings just yet, but he says the study focused on the modus operandi of the identity thieves, including how much of this activity comes from groups rather than individuals. "We were also looking at issues around the use of technology to facilitate the crime," including botnets.

The research was funded by a grant from the Department of Justice's Bureau of Justice Administration. CIMIP analyzed 700 real federal law enforcement cases from the years 2000-06 to identify patterns in identity fraud and theft. The goal is to deliver law enforcement with information that will let them be more proactive in identity theft crimes, and to help companies better protect themselves.

Gordon says CIMIP will also release its findings that came out of a recent identity management workshop, where experts came up with a three-year identity management and information protection roadmap for law enforcement and policymakers.

"All [the work] we are planning to do has to have immediate use for law enforcement in prevention and detection, in training, and in improving investigations and making policy makers think through what the issues really are," Gordon says. "We are looking at assessing policies that are already in effect and ones that are being discussed. Rarely does that happen. Usually, [we just] implement a policy and move forward."

Gordon and his colleagues at Utica's Economic Crime Institute for years have been studying identity fraud's growth, causes, and effects, and helped form CIMIP to provide a more unified way to collect the relevant data in one place -- including data owned by government and corporations.

CIMIP's will share space in its new home on Utica's campus with the school's economic crime and justice studies programs. The new, $4.5 million, 22,000 square-foot facility with classrooms, auditorium, lab facilities, and offices, will include a special compartmentalized section for CIMIP to securely handle confidential and sensitive computer forensics and other law enforcement information. The so-called Sensitive Compartmented Information Facility (SCIF) will also allow CIMIP to offer training to law enforcement and is expected to be completed in the fall of 2008.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.