The President’s Task Force on Identity Theft recommends a four-pronged strategy for combating identity theft: (1) Prevention: reduce opportunities for thieves to access data; (2) Prevention: make it more difficult for thieves to misuse consumer data; (3) Victim Recovery: help consumers repair their credit and lives; and (4) Law Enforcement: investigate, prosecute, and punish identity thieves. Recommendations toward implementing this strategy are presented, such as limiting the unnecessary use of social security numbers in the public sector and developing concrete guidance and best practices for safeguarding data. Identity theft is defined as the misuse of another person’s personal information to commit fraud. Identity theft has three stages, each of which are addressed in the strategic approach against identity theft: (1) the identity thief attempts to gain a victim’s personal information; (2) the thief attempts to misuse the information once it is acquired; and (3) the identity thief completes the crime as the victim begins to realize the harm. The misuse of personal information by identity thieves generally falls into two broad categories: (1) existing account fraud, in which the thief gains access to existing credit lines and accounts to steal from the victim; and (2) new account fraud, in which thieves use personal information to open new accounts in the victim’s name. The report also identifies the prevalence and costs of identity theft, what is known about identity thieves, and how identity theft happens. Different types of identity theft are identified, such as common theft and dumpster diving; employee/insider theft; electronic intrusions or hackings; social engineering (using trickery to obtain personal information); stolen media; and skimming. The appendixes offer examples of protocols and proposed language. The supplemental information offered in Volume II presents a variety of information on remediation tools for victims and laws relating to identification documents. Appendixes, endnotes