Identity theft and identity fraud have had their definitions expanded since 1998, when the U.S. Department of Justice appended fraudulent Internet activity to the list of bogus checks, passports and identification issued in another person's name or used to defraud another person. The Department of Justice notes that nearly any identifying information, such as a phone number or a person's mother's maiden name, may be used to commit identity theft or fraud.
The Department of Justice prosecutes identity theft and fraud at the federal level under the jurisdiction of laws such as the Identity Theft and Assumption Act of 1998. This law provides for a maximum of 15 years in federal prison, fines and forfeiture of property either obtained by or used to perpetrate identity theft. Under other laws such as those governing unauthorized or fraudulent credit card usage, penalties may go as high as 30 years in prison plus fines and forfeiture.
The Internet is one of the favored avenues for potential identity thieves. Work-from-home business ventures that appear perfectly legitimate are often fronts for data-mining operations. These schemes offer tempting money for people to process orders for others, but result in criminals obtaining the information they need to carry out identity theft and fraud while leaving honest people exposed to the threat of prosecution and steep penalties.
In cases involving Internet crimes, an attorney may first consider whether their clients had any reason to believe they were involved in identity theft or fraud. If the clients did not, it is entirely likely they are themselves victims. If a plea bargain is possible, the attorney might recommend it to avoid prison time and harsh penalties depending upon the circumstances, or they may recommend that they pursue the case through trial and the appeals process, if necessary.