Submission - Credit Reporting Regulatory Framework: Submission to ALRC Privacy Inquiry (December 2007)

2.6. Identity fraud

This section discusses concerns regarding identity fraud and identity theft and their relationship to credit reporting information.

There is broad support for credit reporting to play a role in the prevention of identity fraud and identity theft. The ALRC DP72 proposes that credit reports could include ‘flags’ where the individual has been the subject of identity fraud:

Proposal 52-1: The proposed Privacy (Credit Reporting Information) Regulations should provide for the recording, on the initiative of the relevant individual, of information that the individual has been the subject of identity theft.

However, such a proposal needs to work in practice, and the industry has some concerns that modern credit reporting is based on a dynamic information network rather than static files, and that the ‘flags’ may be difficult to manage and ineffective in practice.

The ALRC proposal may require some further changes to ensure that it works in practice. For example, the industry is developing proposals on ‘freezing’ credit reporting information where identity fraud is a concern. It is in everyone’s interest to develop a workable system for managing identity fraud.

Identity fraud may be a good example of a fast-moving, highly technical, operational issue that would be better located in an industry Code, rather than in the proposed Privacy (Credit Reporting Information) Regulations