«NCIC Operating Manual IDENTITY THEFT FILE This portion of the NCIC Operating Manual was added per TOU 04-2, issued April 30, 2004, effective April ...»
NCIC Operating Manual
IDENTITY THEFT FILE
This portion of the NCIC Operating Manual was added per TOU 04-2, issued April 30, 2004,
effective April 2005.
1.2 CRITERIA FOR ENTRY
1.3 MESSAGE KEY (MKE) CODES
1.4 RECORD RETENTION PERIOD
1.6 MESSAGE FIELD CODES AND EDITS
1.7 CRITERIA FOR REJECTING DUPLICATE RECORDS
1.8 IMAGE CAPABILITY
1.9 INVESTIGATIVE INTERESTENTRY
2.1 EXAMPLE OF AN ENTRY
2.2 MESSAGE FIELD CODES FOR ENTRY
2.3 MANDATORY FIELDS FOR ENTRY
2.4 ADDITIONAL GUIDELINES FOR ENTRY
2.5 MESSAGE FIELD CODE EDITS FOR ENTRY
3.1 WHEN TO USE A MODIFICATION MESSAGE
3.2 EXAMPLE OF A MODIFICATION MESSAGE
3.3 MESSAGE FIELD CODES FOR MODIFICATION
3.4 IDENTIFICATION OF A RECORD TO BE MODIFIED
3.5 ADDITIONAL GUIDELINES FOR MODIFICATION
4.1 WHEN TO USE A CANCELLATION MESSAGE
4.2 EXAMPLE OF A CANCELLATION MESSAGE
4.3 MESSAGE FIELD CODES FOR CANCELLATION
4.4 IDENTIFICATION OF A RECORD TO BE CANCELED
4.5 ADDITIONAL GUIDELINE FOR CANCELLATION
5.1 EXAMPLES OF IDENTITY THEFT INQUIRIES
5.2 MESSAGE FIELD CODES FOR INQUIRY
5.3 REQUIREMENTS FOR INQUIRY
5.4 ADDITIONAL GUIDELINES FOR INQUIRY
5.5 PROCEDURES FOR HANDLING A HIT.
8.1 MESSAGE FIELD CODES FOR SUPPLEMENTAL RECORD ENTRY
8.2 WHEN TO ENTER A SUPPLEMENTAL RECORD
8.3 EXAMPLE OF A SUPPLEMENTAL RECORD ENTRY
8.4 IDENTIFICATION OF A RECORD FOR SUPPLEMENTAL ENTRY
8.5 NUMBER OF ADDITIONAL IDENTIFIERS IN A SUPPLEMENTAL RECORD
8.6 MAXIMUM NUMBER OF ADDITIONAL IDENTIFIERS IN A SUPPLEMENTALENTRY
8.7 ADDITIONAL GUIDELINES FOR SUPPLEMENTAL RECORD ENTRY
8.8 MESSAGE FIELD CODE EDITS FOR SUPPLEMENTAL RECORD ENTRY
8.9 MODIFICATION OF ALIAS(ES) AND/OR OTHER IDENTIFIERS IN A
8.10 EXAMPLE OF A SUPPLEMENTAL RECORD ALIAS AND OTHER IDENTIFIERS
8.11 IDENTIFICATION OF A RECORD FOR CANCELLATION OF ADDITIONAL
8.12 MAXIMUM NUMBER OF ADDITIONAL IDENTIFIERS IN A CANCELLATION
8.13 ADDITIONAL GUIDELINES FOR SUPPLEMENTAL DATA CANCELLATIONSECTION 1--INTRODUCTION
1.1 BACKGROUND The Identity Theft File will serve as a means for law enforcement to "flag" stolen identities and identify the imposter when encountered by law enforcement.
When an identity theft victim becomes aware that his/her identity has been stolen and reports the incident to law enforcement, the agency's handling of the identity theft case should parallel the criteria as outlined in this chapter. The police officer should complete an incident report and collect pertinent information from the victim to create a victim profile that is entered into the Identity Theft File. The agency enters the information only after the victim signs a consent waiver. The waiver states that the victim provides permission for the information to be entered in the Identity Theft File. It also acknowledges that the victim may withdraw the consent by providing a written request to the entering agency. At that time, the record will be canceled from the Identity Theft File. The profile should include information such as the victim's name, date of birth, Social Security number, and the type of identity theft. In addition, a password is established either by the victim or the police officer and entered into the Identity Theft File. The password will identify the person as the victim and should be provided to the victim when the police report is filed. (The victim should retain the password to use during any potential future police encounters.) Agencies may also enter a mugshot of the victim into NCIC. The mugshot may be used as an additional form of identification for the victim. When the mugshot is retrieved, it must clearly specify that the mugshot is that of the victim and not that of the offender.
During a subsequent encounter by law enforcement, including routine traffic stops, a persons query into NCIC will automatically search the Identity Theft File and, if positive, generate a response to the inquiring agency. The officer will receive a response listing the victim profile, including the password, thereby providing the officer with the information necessary to verify that the person encountered is the victim or that the person may be using a false identity.
The officer should be cognizant that the individual should not be arrested or detained based solely upon the information provided in the positive response from the Identity Theft File. The response should be considered along with additional information or circumstances surrounding the encounter before the officer takes action.
Information on deceased persons may also be entered into the Identity Theft File. If a police officer becomes aware of a deceased person’s identity being stolen, that information can be entered into the file noting that the person is deceased.
1.2 CRITERIA FOR ENTRY
1. GENERAL CRITERIA An entry in the Identity Theft File must be supported by an official complaint (electronic or hard copy) recorded by and on file at a law enforcement agency. Documentation for the identity theft complaint must meet the following criteria before an entry can be made into the Identity Theft
1. Someone is using a means of identification of the victim (denoted in the Identity Theft and Assumption Deterrence Act of 1998 as any name or number that may be used, alone or in conjunction with any other information, to identify a specific individual).
2. The identity of the victim is being used without the victim's permission.
3. The victim's identity is being used or intended to be used to commit an unlawful activity.
4. The victim must sign a consent waiver prior to the information being entered into the Identity Theft File. The following waiver may be used independently or incorporated into a state form.
5. Information on deceased persons may be entered into the file if it is deemed by the police officer that the victim’s information has been stolen. No consent form is required with the entry of deceased person information.
By signing this document, I hereby provide the __________________________ (Insert local, state, or federal law enforcement agency name) permission to enter my personal data into the Federal Bureau of Investigation’s (FBI’s) Identity Theft File. This information may include, but is not limited to, physical descriptors and identifying information including my name, date of birth, place of birth, Social Security number, the type of identity theft, and a password provided to me for future identification verification purposes. I am also providing permission to enter my photograph and fingerprints into this file when that capability becomes available.
I understand that this information is being submitted as part of a criminal investigation of a crime of which I was a victim and will be available to entities having access to the FBI’s National Crime Information Center (NCIC) files for any authorized purpose. I am providing this data voluntarily as a means to document my claim of identify theft and to obtain a unique password to be used for future identity verification purposes.
I understand that the FBI intends to remove this information from the NCIC active file no later than five years from the date of entry. I also understand that I may at any time submit a written request to the entering agency to have this information removed from the active file at an earlier date. I further understand that information removed from the active file will not thereafter be accessible via NCIC terminals, but it will be retained by the FBI as a record of the NCIC entry until such time as its deletion may be authorized by the National Archives and Records Administration.
I understand that this is a legally binding document reflecting my intent to have personal data entered into the FBI's Identity Theft File. I declare under penalty of perjury that the foregoing is true and correct. (See Title 28, United States Code [U.S.C.], Section 1746.) ____________________________________ __________________
PRINTED NAMEThe Privacy Act of 1974 (5 U.S.C. § 552a) requires that local, state, or federal agencies inform individuals whose Social Security number is being requested whether such disclosure is mandatory or voluntary, the basis of authority for such solicitation, and the uses which will be made of it. Accordingly, disclosure of your Social Security number is voluntary; it is being requested pursuant to 28 U.S.C. § 534 and _______________ (add any applicable state authorization, if desired) for the purposes described above. The Social Security number will be used as an identification tool; consequently, failure to provide the number may result in a reduced ability to make such identifications or provide future identity verifications.
If the identity of the thief is known and an arrest warrant has been issued, the agency should enter the victim information in the S/F Fields in the Wanted Person File.
Only the agency that takes the identity theft complaint may make an NCIC identity theft entry.
The only exception is that any criminal justice agency or regional dispatch center may act as a holder of the record for another agency that has no telecommunications equipment. When such an entry is made, the agency holding the record may place its own Originating Agency Identifier (ORI) in the ORI Field only when there is a written agreement between the two agencies that delineates the legal responsibility of each for the record. Additional information concerning these responsibilities can be found in the ORI File Chapter.
1.3 MESSAGE KEY (MKE) CODES
1. A caution indicator should be added to the MKE EID when it is appropriate to the particular circumstances of the individual.
2. The reason for the caution must be entered in the Caution and Medical Conditions (CMC) Field. For example, a record with MKE/EIDC might include one of the following in the MIS
Field or a corresponding code in CMC:
3. The MKE EIDC translates IDENTITY THEFT - CAUTION.
1.4 RECORD RETENTION PERIOD
1. An identity theft record will remain active until the entering agency cancels it or until the Date of Purge (DOP) is equal to the current date. When the DOP is reached, a $.P. administrative message will be sent to the originating agency. The maximum retention period for an identity theft record is 5 years.
2. Other exceptions to the record retention periods will occur in the event a serious error is detected in the record. Additional information on serious errors can be found in the Introduction chapter of this manual.
1.5 VALIDATION For validation policy and procedures, refer to the Validation Section in the Introduction of this manual.
The Name of Validator (VLN) Field will be returned when the requester of the record is the entering agency, the CJIS Systems Agency of the entering agency, the FBI, and in the $.C.
Request for Validation Notification and fixed format validation files. For all other responses, the VLN Field will be suppressed.
1.6 MESSAGE FIELD CODES AND EDITS (Please note: These identifiers describe the victim of the Identity Theft.)
1.7 CRITERIA FOR REJECTING DUPLICATE RECORDSIf the following fields of an NCIC Identity Theft File message are the same as those field codes of an Identity Theft File record already on file, the second entry will be rejected with the message REJECT ON FILE: FBI and ORI; NAM, MNU, and ORI; NAM, SOC, and ORI;
OCA, NAM, and ORI; OLN, OLS, and ORI; OCA, NAM, ORI; DOB, NAM, and ORI.
Whenever the message REJECT ON FILE is sent by NCIC, the record on file will also be transmitted. A duplicate record will be accepted if the ORI in the second message is different or the person type is other than Identity Theft, for example, Protection Order File, Gang File, etc.
1.8 IMAGE CAPABILITY The Image File chapter of this manual contains information regarding entry, modification, cancellation, and inquiry of images in NCIC.
1.9 INVESTIGATIVE INTEREST The Other Transactions chapter of this manual contains information regarding investigative interest supplemental records in NCIC.
2.1 EXAMPLE OF AN ENTRY 1N01HEADER.EID.MD1017830.SMITH, JOHN J.M.W.TX.
19311012.510.175.BRO.BRO..DRK.SC R HND..121011CO141159TTCI13.