Nearly one in six convicted sex offenders is using sophisticated techniques invented by identity thieves to avoid their legally mandated registration requirements, a new study has found. These digital absconders might be able to avoid post-incarceration restrictions by living near schools and playgrounds, and could possibly gain employment working with children.

The study, conducted by Utica College and funded by the U.S. Justice Department, estimates that roughly 92,000 of the 570,000 registered sex offenders across the country are systematically manipulating their names, birthdays, Social Security numbers and other personal identifiers so they can live as they want while appearing to satisfy court-imposed or statutory restrictions.

"These are offenders who are flying under the radar and authorities don't know it," said Don Rebovich, the Utica professor who directed the study. "The authorities really don’t have the resources to keep on checking on these people. Offenders find where the vulnerabilities are in the system and exploit them."

---

These digital absconders create two obvious problems. Communities expend energy and resources dealing with offenders who aren't really there -- local police knock on doors and send notices to warn neighbors; public listings are published on the Internet. And sex offenders live where they please as normal adults, without any protective measures kicking in.

"In the worst-case scenario, by thwarting registration requirements, they could potentially have easier access to children," said Staca Shehan, director of case analysis at the Center for Missing and Exploited Children, who is familiar with the study. "(In) those jurisdictions that have residency restrictions that would not allow (offenders) to live within distance of a school, daycare or park, (they) could avoid that type of requirement."

While the study found that an average of 16.2 percent of sex offenders manipulate their identities nationally, some states fared worse: Louisiana, Washington, D.C., Nevada, Tennessee and Delaware all had digital absconder rates of higher than 25 percent.

Officials in Tennessee, Nevada and Delaware challenged the study's conclusions and complained that they had not been contacted by the researchers for additional information that might have clarified the results; officials in the other states did not immediately respond to requests for comment.

'Strategic' manipulation
Shehan said there are generally two kinds of sex offender absconders: those who simply fail to keep their records current, and hope they fall through the cracks; and those who are more systematic in their evasion, intentionally altering their identities so they can circumvent the restrictions. 

"That takes a lot more thought," she said. "They are much more strategic about what they are doing ... and so that's much more concerning."

In one celebrated case of sex offender identity manipulation, a convict named Frank Kuni changed his name to Jamie Shepard and was able to get a job as a U.S. Census worker in New Jersey. Kuni was recognized by a mom after he knocked on the door of her Pennsauken home, and he was later sentenced to three years in prison. Kuni’s case attracted national headlines because of the fear it created surrounding temporary Census workers.

The Utica study, believed to be the first attempt to quantify these more strategic absconders, was conducted by Utica College's Center for Identity Management, set up to examine a variety of identity issues in the digital age. Rebovich is director of the center.

It's well known that some sex offenders neglect their registration requirements, dropping off the grid and accepting only cash-paying jobs to remain hidden. But the Utica study found something more subtle, and perhaps more disturbing -- sex offenders who appear to be satisfying their registration requirements while living a digital double life.

In a parallel survey of 223 law enforcement agencies from 46 states, Utica found that awareness of ID-theft style registry evasion was low -- only 5 percent of respondents said they knew of an identity manipulation case within their jurisdiction. 

And nearly 40 percent of the agencies responded that they had zero absconders, suggesting some law enforcement agencies are unaware of the problem.

The power of the Utica study lies in the use of sophisticated algorithms developed by private firm ID Analytics, a fraud-fighting company used by many large banks and other financial institutions. ID Analytics receives more than 1 billion credit applications and other credit-related events from clients every year. It uses sophisticated software to track the behavior of identity thieves across the credit system, and can find fraud that individual firms miss. It knows, for example, if a criminal uses a systematic series of birthdays or addresses on a set of credit card applications at various banks in an attempt to evade fraud detection. The ID Analytics tool has enough data that it can generally tell the difference between honest typographical errors and systematic fraud attempts. 

ID Analytics ran sex offender data through its massive database of credit-related events, and found evidence of rampant identity manipulation among the offenders.

Kristin Helm, a spokeswoman for Tennessee's sex registry, challenged the study's findings, saying that fewer than 1 percent of that state's sex offenders are absconders. Criminals have always used false identities to try to evade police, but law enforcement systems are geared to handle that issue, she said. "Fingerprints obtained by law enforcement identify individuals regardless of a name or Social Security number," she said, adding that names sometimes change for legitimate reasons, too, such as marriage. 

But Stephen Coggeshall, chief technology officer for ID Analytics, said his technology is well-versed in screening out mundane reasons for identity changes and finding patterns that specifically indicate active evasion is taking place.

"This goes way beyond typos," he said. "These are people who have slightly adjusted or substantially adjusted their personally identifiable information for a reason. They are actively doing so, and we are observing them use these aliases relatively recently."

Nevada spokeswoman Julie Butler also questioned the validity of the study, which she had not seen. She said that Nevada uses fingerprints to track sex offenders, so identity manipulation techniques would be ineffective.

"Our registry is fingerprint-based. We don't base it on date of birth, or Social Security number, or name," Butler said. "They can put down their name as whatever and we still have them in the database."

But Coggeshall responded that even in states which use fingerprint identification, an identity manipulator would only be discovered when trying to engage in an activity – such as becoming an elementary school teacher – which triggers a fingerprint evaluation. 

"In general it doesn't help you track where they are or if they're living under an alias at an unregistered location," he said. "It can help to find sex offenders as they enroll in certain groups, but many … groups don't routinely fingerprint new enrollees."

SSNs connected to multiple people
Two years ago, using this tool on a database of Social Security numbers, ID Analytics found that rampant evidence of identity theft: 5 million SSNs were connected to three or more U.S. adults in credit applications, and 140,000 were associated with five or more people, indicating almost certain fraud. The tool can also track individual identity manipulators, as ID Analytics calls them, as they attempt various frauds across an array of credit issuers.

This tool was turned on the sex offender registry problem at the invitation of Utica College in Utica, N.Y., beginning last year. ID Analytics took a large sample -- nearly 100,000 -- of the 570,000 active registered sex offender records and ran them through its credit application database, looking for signs of manipulation.

The findings were disturbing. In Louisiana, the study found, nearly two-thirds of offenders' records showed signs of manipulation. Rebovich theorized that Louisiana's problem might stem from the aftermath of Hurricane Katrina, which gave some people a golden opportunity to drop off the grid.

Officials in Louisiana did not immediately respond to requests for comment.

In many cases, the study found, the steps criminals take are subtle -- changing an address from "440 Monroeville Road" to "434 Monroeville Road," for example. In fact, in the majority of cases, digital absconders were much more likely to move across town than across the country. Absconders who fake their address are six times more likely to remain in the same state than to cross state lines, the study found, and 90 percent of those who remain in state stay within 40 miles of their original registered address. In many cases, the data shows, those addresses belong to a family member. That might allow absconders to show up on a moment's notice at their registered address in case local police do a random check, Rebovich said.

But the address change could also allow them to apply for jobs and housing they would otherwise be unable to qualify for, he said.

While half of the manipulations involve bad addresses, plenty of other types of evasion are going on, the study found. One subject studied had five names, three Social Security numbers and four dates of birth, for example.

About 10,000 offenders had used at least four different Social Security numbers, Rebovich said. The evidence indicates this was usually done to evade the court registration requirements rather than commit financial identity theft, the study found.

One reason sex offenders seem to get away with evasion is that registration requirements are set by states and vary widely. In some states, convicts merely send updates through the U.S. mail to state officials, and are subjected to little, if any, verification. In others, officers try to check on sex offenders, but ofter are assigned hundreds, or even thousands of offenders, to track.

In other states, such as Florida, there are strict requirements and frequent random inspections, Rebovich said. That shows up in the data -- Florida's digital absconder rate is about half the national average, at 9.4 percent.

The study was funded by the Justice Department's Bureau of Justice Assistance, which plans on issuing a comprehensive report later this fall. Requests for comment from the Department of Justice went unanswered.

'System is never going to be perfect'
Shehan, of the Center for Missing and Exploited Children, said she didn't believe that the potentially high rate of digital absconders means the entire sex offender registry program is broken. In fact, she said the situation has improved since passage of the Child Safety and Protection Act of 2006, which instituted some national standards on offender registries.

Still, she said it's important that states move to biometric identifiers, such as fingerprints, to maintain more accurate records of offenders and their whereabouts.

"Criminals are constantly thinking of ways to beat the system," she said. "The system is never going to be perfect."

Rebovich is hoping the study will spur new methods for checking up on sex offenders, including techniques that would seem familiar to those who work in financial fraud. In a model developed by Utica and ID Analytics, offenders could be given a score, similar to a credit score, which would rate the likelihood that identity manipulation was occurring. 

"We are trying to develop a predictive model," he said. "So we can turn it into an alert system, so states can do this in real time, if they want to."  

Coggeshall said such an alert system would have helped police track down Frank Kuni before he was able to get a job with the Census Bureau.

"In retrospect, we know there are things we would have been able to observe" he said.

http://on.msnbc.com/topnewsemailsignup">Click here to sign up to receive our Top News email each day.

 *Follow Bob Sullivan on Facebook.

*Follow Bob Sullivan on Twitter.  

Victims of child identity theft and their parents are left with an obvious question when they discover the crime: Why would anyone grant credit to a child?

The answer, for those who find it, is perhaps even more infuriating: Creditors often have no way to know an applicant is a child. Lenders, for example, usually have no idea how old the rightful holder of a Social Security number is. The nation's credit bureaus often don't know either. 

A new Child Identity Protection program implemented by the Utah state attorney general's office and the credit bureau Trans Union may be able to change that.

---

Believed to the first system of its kind, Utah parents can now register their children with the state agency, which will then pass the data along to Trans Union.  In turn, the credit bureau will place the child's SSN in a "high risk" database that warns potential lenders not to issue credit to applicants using that number.

 

"For the first time, parents can proactively protect their children from being victims of identity theft," said Richard Hamp, the assistant attorney general for Utah who helped create the program. "We're really excited about it."

The program is currently open only to parents in Utah, but both Utah authorities and Trans Union are already in talks with other states to make it available nationwide.

Prior to Utah's Child Identity Protection program, concerned parents couldn't do much to protect their kids' credit until after they suspected their kids' identities were stolen. Even then, the available options were often frustrating. Parents could ask a credit bureau if there was an open credit file using their kids' personal information and request that it be closed and the erroneous information expunged. If no credit file existed, they would receive an unsatisfying "no file" response, and be left to wonder if a criminal would open one in the future. 

Hard data on the incidence of child identity is hard to come by, because the crime can go undetected for a decade or more – until the child turns 17 and applies for credit or a college loan. But there are plenty of indications the crime is on the rise. A study released by fraud-fighting firm ID Analytics in 2011 found that 140,000 kids each year are hit by the fraud; another 500,000 sets of parents and children are "inappropriately sharing" Social Security numbers, hinting at an even more widespread problem, ID Analytics found.

Hamp was an early advocate of credit freeze laws passed by dozens of states that forced the nation's credit bureaus to offer identity theft victims to "lock" their credit reports from any applications for credit. Seeing the rise in fraud against kids, Hamp began working on legislation that would require the credit bureaus to let parents lock their children's Social Security numbers about two years ago.

"But Trans Union called and said they'd work with us on a voluntary basis. You don't need to legislate," he said. "I took them up on it."

Utah already had a leg up in creation of this kind of system, having launched its Identity Theft Reporting System website several years ago. Victims use the system, known as IRIS, to report the crime, and it includes a robust authentication system using various state databases, such as driver's license records. Hamp agreed to use IRIS to authenticate parents who wish to enroll children in an anti-ID theft program. That made Trans Union's part of the work much easier.

After Utah verifies the identity of the parent and collects a child's personal information, state authorities send the child's SSN and age to the credit bureau. Trans Union then places the information in its "high risk fraud database." If a child ID thief tries to use a kid's SSN while applying for credit, the lender gets a pre-programmed warning message.

"Initially I wanted a message that said, 'This number belongs to a kid,' but this allowed them to tap into a system they already had and get it done quickly," Hamp said.

Trans Union and Utah officials held a launch ceremony for the system in late January.

"We do recommend every parent enroll their children," said Steven Katz, senior director of consumer operations for Trans Union. "There is no downside to it."

Enrollment is free. Kids are automatically removed from the high-risk database on their 17th birthday, he said. Trans Union has agreed that none of the information entered into the system will be used for marketing purposes.

"The intention of this program is to assist parents and guardians in preventing ID theft among children, and that’s all the data will be used for," he said. Trans Union will consider sharing the data with the nation’s other credit bureaus, he said, much as the bureaus share fraud alert information now.

Parents who worry that Trans Union might misuse the data shouldn't allow that to keep them from using the program because "they don't give their kids' data to Trans Union, they give the data to us," Hamp said. "We retain all rights to the data."

The program isn't perfect, however. ID theft expert Linda Foley, who runs IDTheftInfoSource.com, said she's worried that the system only stops credit-based ID theft.  It's powerless to prevent creation of fake driving licenses, for example. Such a system risks "giving parents a false sense of security," she said.

Also, because so much of child identity theft is committed by parents, there's a fundamental flaw in the way the program is set up, she said.

"Since parents enroll kids, those stealing from their kids will not be interested in this opportunity. It needs to cover all children," she said.

Still, Hamp believes the Child Identity Protection system is a big step in the right direction, and he's urging all parents to consider it. Already, about 1,000 children have been registered, Hamp said. He plans on bumping up participation by partnering with school districts students can be registered en masse.

"I'm really excited about this," he said. "Instead of having to fight Trans Union, we came up with a mutually acceptable resolution. Is it perfect? No. Are there still going to be problems? Yes. But it's the best thing available for parents to protect their kids."

*Follow Bob Sullivan on Facebook     
*Follow Bob Sullivan on Twitter.  

LifeLock Inc. has been ordered to change its identity theft product by a federal judge who ruled that the firm has engaged in an "unfair business practice."  

The Arizona-based company -- made famous by ads revealing CEO Todd Davis' Social Security number -- was sued by credit bureau Experian last year.  In its lawsuit, Experian said the company was violating the Fair Credit Reporting Act while placing fraud alerts on behalf of LifeLock customers.  U.S. District Judge Andrew Guilford of the Central District of California agreed, and granted a motion for summary judgment last week ordering LifeLock to stop.

LifeLock CEO Todd David said his company would use "all available avenues" to fight the ruling, but argued that its impact on customers would be minimal.

---

Consumers who fear becoming a victim of identity theft can file a fraud alert with each of the nation's three credit bureaus: Experian, Trans Union, and Equifax.  The fraud alerts act as a flag to banks and other credit granters that they should use extra precaution when offering credit to anyone using that individual's Social Security number.  Generally, credit granters -- such as auto dealerships or retail stores offering credit cards -- are urged to call consumers to verify their identities when a fraud alert is in place.

But the basic alerts last only 90 days unless consumers go to the trouble of reapplying. LifeLock's chief product involved automating the process of renewing the alerts.  LifeLock representatives call the credit bureaus on behalf of consumers and reapply for alerts every 90 days.

Experian objected to this practice, claiming that the Fair Credit Reporting Act requires individuals to apply directly for fraud alerts themselves, making only a very narrow exception for other persons acting on behalf of an individual.  The credit bureau, which complained that LifeLock was abusing its telephone systems, said Congress never intended for companies to file fraud alerts on behalf of individuals. 

Judge Guilford agreed.

"Congress expressly excused Experian and other credit reporting agencies from placing fraud alerts requested by companies like LifeLock," he wrote in his ruling last Tuesday. "The court finds that this is a proper interpretation of the plain meaning of the statute."

The judge also agreed that LifeLock's automated fraud alert filing caused harm to Experian.

"Experian clearly incurs costs each time it must process a fraud alert made by LifeLock. These costs include the costs of allocating Experian's electronic resources and employee time, plus the maintenance costs of Experian's toll-free telephone number and Web page used to accept fraud alert requests," he said. "Experian also incurs postage and printing costs in mailing disclosure letters to each consumer on whose behalf a fraud alert is requested."

Davis said he was surprised by the judge's order, which he said favored credit bureau Experian over consumers.

"I can hire someone to do my taxes," he said.  "There's a similar concept here. ...The idea that they are somehow protecting consumers with this ruling by making them do the work doesn't make sense."

Davis said LifeLock would no longer file fraud alerts with Experian, but would continue to file alerts with Trans Union and Equifax.  Because credit bureaus are required to share alert information, he speculated that LifeLock-filed alerts would end up on Experian's files anyway.

In a statement, Experian said it was "pleased" with the court's ruling.

"This ruling is not just positive for Experian, but for consumers. Experian will continue to work with consumers to provide education and services to assist them with understanding the credit reporting system," it said.

LifeLock's bold advertisements are nearly ubiquitous.  Last January, the company announced it had raised $25.5 million in funding orchestrated by Goldman Sachs Group. Much of the money has gone to advertising, which apparently has paid off. The firm says it has 1.5 million customers now, each paying about $10 per month for the service.

---

Stop prescreened offers here.
Learn about stopping junk mail here
Get your free credit report here
Add a fraud alert at Experian, Equifax, or Trans Union

---

The full LifeLock-Experian case is slated to be heard in court during November.  Should LifeLock be ordered permanently out of the fraud alert business, Davis said the firm will continue to provide a slate of other valuable services. LifeLock removes customers from junk mail lists and preapproved credit card offer lists and provides them with copies of their credit reports, he noted. But those services also are available free to consumers who seek them out.

LifeLock also says it will assist victims with identity restoration if they ever become victims of fraud, promising to spend up to $1 million to do so. And it offers a service designed to make life easier for customers who lose their wallets.

 

When Aaron Marks tried to electronically file his tax return last spring, it was rejected by IRS computers. The reason, according to the agency, was that someone had already filed a return using his Social Security number. Not to worry, an IRS operator told him on the phone, just mail in your tax return and it'll get fixed. "(The agent) acted like there was nothing to panic about," Marks said.

But a year later, the Boston resident still doesn't have his $2,000 tax refund.

About the same time Marks tried to file, IRS officials testified before the Senate Finance Committee about the problem of tax return ID theft. The committee heard horror stories about the ease of filing false tax returns, the criminals who essentially steal citizens' refunds, and about the thousands of Americans who sometimes spend years dealing with the fallout.

---

For years, tax return scams have been relatively easy to commit. Armed with a Social Security number and the right company tax ID, criminals could file a return and likely get a refund check, as long as they filed before the legitimate SSN user. In fact, many criminals exaggerated deductions or withholding amounts in the returns to get an even bigger refund check, causing further problems for the real taxpayer down the road.

IRS Commissioner Douglas H. Shulman, who had just taken office weeks before the April 11, 2008, hearing, pledged major changes to stem the growing problem. He promised a new identity theft investigation unit within the IRS and a new 1-800 number for victims. He also said the entire agency would be trained to better handle the problem.

"If you say the words 'identity theft,' you'll be sent to a person trained to deal with identity-theft victims," he pledged.

The changes have achieved mixed results.

The IRS launched its new unit, the IRS Identity Protection Specialized Unit. There's a Web site and a toll-free number for victims at 1-800-908-4490 that's staffed 12 hours per day.

Aaron Marks, however, still hasn't received his $2,000 from the 2007 tax year, or, his 2008 stimulus check. And this year, when he tried to electronically file, his return was again rejected. He called the IRS. An agent told him to paper file. He insisted that more action be taken. He demanded a manager. She told him his refund check was sent out last year, but wouldn't tell him where, or even confirm that it wasn't sent to his home address.

"Then she told me to tell the Federal Trade Commission," he said. When he filled out an FTC Identity Theft affidavit, he was then told to get a police report.

"The Boston PD aren't going to know what to do about this," he said. Including his expected refund from this year, Marks figures he's out $4,000 right now. Meanwhile, he figures, a criminal is running around with his tax refund.

"The only reason I found out about this was because I expected money back," he said. "Who knows how big this problem really is?"

The IRS says it knows, and it's miniscule. Spokeswoman Michelle Lamishaw said tax return ID theft hit a tiny fraction of 1 percent of all returns all returns last year.

"It is not what we consider widespread," she said. "But the impact on individuals we take very seriously." Lamishaw said she was unable to discuss Marks' situation because IRS agents are not allowed to publicly discuss any taxpayers' account.

'A huge potential to really address the problem'
Nina Olson runs the National Taxpayer Advocate Service, an agency that helps citizens engaged in entrenched battles with the IRS. A frequent critic of the agency, she gave it relatively high marks for its new identity theft initiatives.

For the first time, she said, the agency has initiated a "flag" to track citizens struggling with identity theft. Even consumers who merely suspect they might suffer tax return fraud -- for example, a victim who lost a wallet -- can now ask the IRS to add such a flag and not send a refund check to a potential imposter. And it has developed "business rules" to help it determine the rightful SSN user when multiple returns are filed, similar to rules used by credit card firms to identify fraudulent credit card transactions, she said.

The agency also has added the ability to proactively inform a citizen if a Social Security number is being used by someone else, she said. The agency has plans to send warning letters to SSN holders, but has not begun. Only recently did it get legal clearance to send such letters, she said.

"The new unit has a huge potential to really address the problem," she said. "The progress in the last year has been enormous."

On the other hand, the National Taxpayer Advocate Service has seen an 88 percent increase in ID theft cases this year over the same period last year. It's unclear if the spike means an increase in crime or merely an increase in awareness, but either way, the problem is still severe, she said.

Last year, there were 24,000 known cases of tax ID theft, and that number severely undercounts the actual number of victims, many whom have yet to discover the problem, she said.

"Those 24,000 taxpayers are spending their lives on the phone. Maybe their wages are being garnished. Maybe they found out because there was a lien," she said. "For those victims the problem is very real. It's often a full-time occupation to fix it."

No faith
It's not clear why Marks' case continues to slip through the cracks. Lamishaw said IRS operators be aware of the agency's ID theft hot line, but speculated that there might be a communications lag because the office is new.

Recently, Marks found his way to the Identity Theft Resource Center Web site, which recommended people in his situation contact the Taxpayer Advocate office. He did so, and said that he spoke to a helpful caseworker who took an interest in his problem and offered to help. He's optimistic, but he's still waiting for his refund.

"My faith in the federal government has been kicked down yet another notch," he said.

Lamishaw, meanwhile, urged victims like Marks to contact the IRS' toll-free ID theft number, even if they've already tried unsuccessfully to resolve the problem earlier.

"We do recommend people give this office a try, even if they were frustrated in the past," she said.

RED TAPE WRESTLING TIPS
There are many ways an identity thief can get a hold of the necessary information and file a tax return in someone else's name. Linda Foley, director of the Identity Theft Resource Center, says some imposters are illegal immigrants using someone's Social Security number in order to get work permission. But there are many other variations on the crime.

"People who don't want criminal histories known, have bad credit reports or may be hiding under another SSN to avoid child support payments," she said. "We get a number of cases like this."

Early detection of tax return ID theft is important to quickly resolving the problem. Watch for any suspicious signs -- the rejection of a return, a surprise bill from the IRS for unpaid taxes, a lengthy delay in refund payment, or even unexpected entries in your annual Social Security earnings statement.

The IRS ID theft fact page is very useful.

At the first sign of a problem, call the IRS Identity Protection Specialized Unit at 1-800-908-4490.
You don't have to wait for a tax problem to warn the IRS that you've been a victim of ID theft, however. If a criminal is using your SSN to open credit accounts or compromise your identity in other ways, consider calling the IRS hotline and asking the agency to flag your account. Lamishaw, the IRS spokeswoman, said that won't prevent a citizen from e-filing or delay refunds, it will just instruct the agency to take a bit more care before mailing out refund checks.

And every taxpayer should know about the National Taxpayers Advocate Service. Dealing with the IRS can be challenging. The advocate's service is designed to help taxpayers who feel they've hit a brick wall in dealing with the agency. Last year, the advocate's office had 275,000 open cases. There are offices in every state in the nation. Click here to find the one for your state.

You're the federal agency charged with protecting consumers. You have a $250 million annual budget, subpoena power and the ability to refer cases to the Justice Department for prosecution. So what do you do when one of America's biggest companies continually flouts the law?

You challenge the company to a joke-off.

At least, that's what the Federal Trade Commission has done. On Tuesday it released two videos that spoof the popular FreeCreditReport.com commercials and their trademark catchy tunes.

---

The government's ads never mention FreeCreditReport.com by name, but the target is clear.

"Beware of others, there's always a catch," the singer croons in one ad that's a dead-ringer for the FreeCreditReport spot set in a restaurant. "They claim to be free but strings are attached."

FreeCreditReport.com is owned by credit bureau Experian, which has been engaged in a decades-long battle with the Federal Trade Commission over alleged misbehavior. Most recently, in 2005, the FTC settled charges with the firm that it intentionally misled customers with its FreeCreditReport.com Web site. The FTC said in its lawsuit that the company was confusing consumers who were looking for their congressionally mandated free annual peek at their credit reports. Experian agreed to refund customers, but admitted no wrongdoing.

Even after the settlement, it kept right on marketing FreeCreditReport.com, where consumers must sign up for a $15-a-month service in order to get their credit reports. The lead singer in the ads has even become a cult figure on the Web, as my colleague Helen Popkin explained recently.

But the ads are a frequent target for consumer advocates. The Internet -- and my inbox -- is awash with complaints from consumers who were charged unexpectedly by the service, and have difficult canceling to avoid automatic renewal charges.

Consumers who wish to see their credit report for free should visit AnnualCreditReport.com

Experian did not respond to a question about the FTC spoof ads, but issued a statement arguing that consumers who sign up at FreeCreditReport.com receive valuable services.

"While AnnualcreditReport.com provides a free credit report once every 12 months, FreeCreditReport.com provides paying members with continuous access to their credit report and credit score with a paid membership," it said. "It also monitors a consumer's credit report at the three national credit-reporting companies and alerts members via e-mail if key changes are detected, like if a new account is opened in their name, which could help members identify potential identity theft early and take immediate action."

So why is the FTC making jokes instead of enforcing the law?

Nat Wood, a spokesman for the FTC, says the agency must work within "a legal framework." The FTC is actively monitoring Experian's compliance with the 2005 agreement, he said, adding that the agency "does not have the power to take arbitrary actions."

He also said the FTC has another mission: to educate consumers. The videos fit that bill, he said.

"We think education is an important resource and strategy for preventing bad things from happening to consumers," he said.

The ads, which were produced by California-based Aperture Films, are not designed for television. Instead, the FTC hopes they "go viral" and spread over the Internet, Wood said. Similar audio-only versions of the ad are being distributed to radio stations around the country in hope that they will run as free public service announcements.

The FTC is not buying any advertising time for the spoof. "We don't have that kind of budget," Wood said.
Experian spent $70 million dollars on advertising for FreeCreditReport.com in 2007, and even more in 2008, according to TNS Media Intelligence.

Last year, an Experian spokesman told the New York Times that FreeCreditReport ads had run 90,000 times in the previous year.

The FTC ads are hysterical. In a second spot, called "Apartment," the FTC band is playing in a basement apartment with someone's girlfriend cleaning the kitchen in the background, a clear parody of the similar FreeCreditReport spot. In this case, the singer urges consumers to visit AnnualCreditReport.com, then protests:

"All the others charge a fee. Read the fine print and you'll see. … I should know 'cause it happened to me."

The FTC ads will undoubtedly help cut through the "confusion marketing" that helps a company like Experian trick consumers into paying for something that's free, and that makes them an innovative tool for the FTC, and an effort that should be applauded. The agency says it has future video projects in the works.

But it says something eerie about the state of consumer protection in America that the federal agency charged with protecting us has resorted to satire. Given the size of advertising budgets at companies like Experian, I can't imagine the FTC can win a marketing war.

---

Leave your comment below or visit Newsvine and join the Red Tape Raiders.

Every year, millions of Social Security numbers are "shared" by more than one taxpayer. Government agencies that collect taxes, like the Social Security Administration, spot this immediately. Sometimes it's an innocent mistake; sometimes, it's identity theft. But no one ever tells the victims.

That is, not until now.

A pilot project in Utah aims to warn consumers that someone else is paying state taxes using their Social Security number. Two years in the making, it is believed to be the first such project in the nation. The first "Dear Victim" letters, about 100, started arriving this week.

---

"We felt as their government that we had a duty to inform the victims so they can take proactive action," said Rich Hamp, assistant attorney general in Utah, who spearheaded the program.

Telling consumers that their Social Security number is being used by someone else might seem a simple proposition. But it's not.

The Utah project began in 2005, when Hamp's office was researching child identity theft. Working with the Utah Department of Workforce Services, which collects state employment taxes, Hamp learned the agency could cross-reference its public assistance data with its employment tax data and find Social Security numbers that were being used to double-dip. The search also unearthed thousands of numbers belonging to children receiving state benefits that were being used by adults earning money and paying taxes. The adults and the kids were essentially sharing Social Security numbers.

Why? There's no way to know without interviewing every victim. But Hamp believes many of those children are victims of identity theft. Many of the imposters, Hamp believes, are illegal immigrants who provide someone else's Social Security number in order to get a job.

It's possible for a victim to "share" a Social Security number with an immigrant and face no ill effects. Many illegal immigrants don't steal credit or do anything else that harms the victim's credit report. But often, they share these numbers with other family members – many victims report they have 5 or 10 imposters. Any one of them may ultimately run into financial or legal trouble that could ultimately be intermingled with the victim's identity. In one extreme example, a Bank of America customer named Margaret Harrison received a debit card with her name, but her immigrant imposter's face.

The problem is widespread. Each year, near 10 million people around the country pay their Social Security taxes using the wrong number, according to the Social Security Administration. In many of these cases, identity sharing – sometimes called SSN-only identity theft – is the cause. While Social Security has never examined the issue in detail, several indicators suggest many of the workers on the list are illegal immigrants, an issue we examined in-depth in "The Secret List of Identity Theft Victims."

$500 billion of earnings in limbo
When someone pays federal taxes using the wrong number, these "no-match" situations are flagged immediately by Social Security. When taxes are paid by a worker who is not the rightful holder of a Social Security number, the government sets the wage credits aside into what's called an "Earnings Suspense File." That file now holds more than $500 billion in uncredited earnings.

But the consumers involved are not notified that their Social Security number is being used by someone else.

Utah officials plan to change that, at least among state residents. Hamp's database merge produced a similar no-match list using available state records. In all, that data coughed up 20,000 numbers that were being used by multiple people, including 4,000 residents under 12 years old.

When the list of "shared" Social Security numbers was developed, the attorney general's office planned to notify children and their parents immediately. But a state law – the Employment Security Act -- stymied their efforts. It actually prevents the Department of Workforce Services from releasing any taxpayer information it collects to the public – even to the rightful owners of the information.

But Hamp and attorney general Mark Shurtleff didn't want to stop there.

"The attorney general's office was uncomfortable that we knew 20,000 individuals whose names and numbers were compromised, and we needed to tell them," Hamp said. So Shurtleff went to state legislators looking for a solution, and earlier this year the Employment Security Act was amended. Now, the agency can disclose Social Security mismatch information to consumers and to law enforcement agencies.

The new law took affect on April 30.

But there were still obstacles to sending out thousands of identity theft warning notices. Chief among them: Who would handle the inevitable flood of phone calls from victims who receive letters indicating they are likely victims of identity theft?

"The question is how do we notify people without clogging everyone's phone lines, without starting panic?" Hamp said.

Random sample, to start
The attorney general's office has set up a special Web site nicknamed IRIS (Identity Theft Reporting System) for victims who receive the letters. It provides necessary forms for them to file police reports and request fraud alerts and credit freezes from the credit reporting agencies.

Still, there were concerns that the "Dear Victim" letters could produce a much more emotional response.

So the Department of Workforce Services has decided to limit its initial letter-writing effort to 100 randomly selected victims, said agency spokesman Mike Richardson.
Agency employees searched for children aged 14 and under with quarterly earnings of $1,000 or more, then manually reviewed their files to pick out the most likely identity theft victims.

"We're doing it in a methodical way, so letters only go out to cases we're most concerned about," he said. The letters will direct victims to register at the IRIS Web site and begin the necessary paperwork.

While some might already know they are victims of identity theft, others likely have no indications they are sharing their identity. Accounts opened by imposters using SSN-only identity theft generally don't show up on credit reports or Social Security wage earning reports.

There is no guarantee that the letter recipients are really victims of identity theft by undocumented workers. Some children might be legitimately working, Richardson said. Some might be in the data by accident. Others might be victims of family identity theft -- parents sometimes use their children's Social Security numbers to shed bad credit reports, for example. Because the letters are going to parents, it's not likely authorities will hear back from those victims. And genuine victims might not react with as much alarm as some are predicting. Still, the agency didn't want to send out 20,000 notices and risk receiving 20,000 phone calls all at once.

"We will see what we get," Richardson said. "If all 100 (respond) and the attorney general's office is overwhelmed, that gives us an idea. If only 2 or 3 come back, then this might be workable."

At any rate, officials in Washington D.C. should watch Utah's effort closely. This experiment in government honesty -- we know you might be a victim, so we'll tell you -- could very well be a model for the Social Security Administration. MSNBC.com will track the Utah program and report back to you on its success or failure.

RED TAPE WRESTLING STRATEGIES:
Consumers who learn they are sharing their Social Security number with another worker have little recourse. They should place fraud alerts or security freezes on their credit reports, even if no illegal activity is apparent. An imposter who uses someone else's number solely for work purposes may one day run into financial trouble and be tempted to commit financial identity theft.

Checking annual Social Security earnings reports for mistakes is a good idea – particularly if you are not getting credit for your earnings. But SSN-only identity theft will not appear on this report, because only wages reported using the correct name and number are credited to your account.

Most consumers discover SSN-only identity theft by accident: A surprise denial when applying for unemployment benefits, for example, or a funny look or question from a bank teller when opening a new account ("Hmm, do you live in San Antonio, Texas?"). That might be a sign someone else has opened an account in your name at your bank or has given an employer your number somewhere else in the country. While these institutions are not legally required to share the bad news they see on their computer screens with you, many tellers and government employees will tell you informally. Don't leave and call a company official later; that official is less likely to be forthcoming.