Criminal Identity Theft: When Someone Uses Your Identity in Legal Proceedings

Criminal identity theft occurs when an individual presents another person's identity — name, date of birth, Social Security number, or government-issued identification — to law enforcement or the courts during an arrest, booking, or legal proceeding. Unlike financial identity theft or tax identity theft, the harm here is not monetary but juridical: the victim accumulates a criminal record they never earned, faces warrants for their arrest, and may be detained before the error is discovered. The consequences can persist for years inside law enforcement databases maintained by agencies including the FBI's National Crime Information Center (NCIC).

Definition and scope

Criminal identity theft is classified by the Federal Trade Commission (FTC) as a distinct category within the broader taxonomy of identity theft types and categories. The FTC's framework, published at IdentityTheft.gov, distinguishes it from financial and medical variants by its point of harm: the criminal justice system rather than a credit bureau or insurance network.

Under federal law, 18 U.S.C. § 1028 defines identity theft broadly to include the knowing transfer, possession, or use of another person's means of identification in connection with any unlawful activity (U.S. Code § 1028, Cornell LII). When that unlawful activity involves a law enforcement encounter, the offense takes on the characteristics of criminal identity theft. State statutes mirror this structure in varying degrees; the state identity theft laws reference documents how individual jurisdictions define and prosecute the conduct.

The scope of the problem is measurable at the institutional level. The Identity Theft Resource Center (ITRC), a nonprofit public-interest organization, documents criminal identity theft as one of 5 primary identity theft categories in its annual breach and fraud reporting taxonomy. Victims frequently report the theft only after receiving a notice of failure to appear, a warrant, or a denial of employment stemming from a background check — points in the process where the false record has already been acted upon.

How it works

Criminal identity theft typically follows a structured sequence:

1. Acquisition of identifying documents — The offender obtains a victim's driver's license, Social Security card, or a fabricated document bearing the victim's biographical data. Acquisition methods include physical theft, dark web purchases of stolen identity data, or phishing and social engineering.

2. Presentation during a law enforcement encounter — The offender is stopped, cited, or arrested and presents the victim's credentials as their own. Officers record the name, date of birth, and identifying numbers from the presented document into the booking system.

3. Entry into criminal databases — The false identity is indexed in local, state, and federal systems. The FBI's NCIC, maintained under the authority of 28 U.S.C. § 534, aggregates these records nationally, meaning a single false entry can propagate across jurisdictions.

4. Failure to appear or conviction — If the offender skips a court date, a warrant is issued in the victim's name. If convicted, the conviction attaches to the victim's identity in state and federal court records.

5. Discovery by the victim — The victim learns of the record through a background check rejection, a traffic stop resulting in unexpected arrest, or a denial of a professional license.

The mechanism is distinct from synthetic identity theft, which constructs a fictitious person from fragments of real data. Criminal identity theft uses a real, living victim's complete identity — the victim is entirely displaced into the offender's legal history.

Common scenarios

Three scenarios account for the majority of documented criminal identity theft cases:

Traffic and misdemeanor stops — The most frequently reported scenario involves a minor traffic violation or misdemeanor arrest. The offender presents a counterfeit or stolen driver's license. A citation or arrest record is created under the victim's name. The victim later discovers the record when renewing a driver's license or undergoing an employer background check.

Booking during felony arrest — A more severe variant occurs during felony processing. The victim's identity is logged at booking, and if a conviction results, the victim's name appears in court records, sex offender registries, or parole supervision systems. Clearing these records requires a formal judicial process that varies by state.

Warrant accumulation across jurisdictions — Because the NCIC propagates records nationally, a victim may accumulate warrants in jurisdictions they have never visited. Law enforcement in any participating state can detain the victim during a routine traffic stop based on active warrants tied to their identity.

Decision boundaries

Criminal vs. financial identity theft — Financial identity theft damages credit profiles and triggers FCRA-governed dispute processes at the three major credit bureaus (consumer rights under FCRA). Criminal identity theft damages judicial records and requires law enforcement certificates of identity, court orders, and, in some states, a formal declaration of factual innocence to remediate.

Criminal identity theft vs. impersonation fraud — Impersonation fraud may involve assuming someone's identity for social or commercial gain without a law enforcement encounter. Criminal identity theft is specifically bounded to use within the criminal justice process — an arrest, citation, booking, or court proceeding.

Victim remediation pathways — The FTC recommends that victims file a police report (see identity theft police report guide) and complete an identity theft affidavit as baseline documentation. Victims must then work directly with the arresting agency, the court of record, and state criminal repository administrators — typically the state attorney general's office or department of justice — to challenge and expunge false entries. This process is not governed by the FCRA and is not resolved through credit bureau disputes. The identity theft victim recovery roadmap outlines the broader sequencing of remediation steps.

At the federal level, oversight of identity-related criminal statutes sits with the Department of Justice (DOJ) and the FTC, both named in the federal agencies identity theft oversight reference. Prosecution of offenders is governed primarily by 18 U.S.C. § 1028 and 18 U.S.C. § 1028A (aggravated identity theft), the latter carrying a mandatory 2-year consecutive sentence (U.S. Code § 1028A, Cornell LII).

References

• Federal Trade Commission — IdentityTheft.gov
• 18 U.S.C. § 1028 — Fraud and Related Activity in Connection with Identification Documents (Cornell LII)
• 18 U.S.C. § 1028A — Aggravated Identity Theft (Cornell LII)
• FBI — National Crime Information Center (NCIC)
• 28 U.S.C. § 534 — Acquisition, Preservation, and Exchange of Identification Records (Cornell LII)
• Identity Theft Resource Center (ITRC)
• U.S. Department of Justice — Identity Theft