No matter how one may define "identity," I don't think it's something that can be stolen.
When this term is used, it is generally used to describe a situation in which a criminal has managed to obtain money or other valuables by means of a subterfuge that features the use of another person's name and other unique information. In a common version of this crime the criminal uses this unique information to convince a commercial concern (e.g. a bank, or a telephone company) that he is someone other than who he really is, and then proceeds to enter into a contract that results in his receiving something of value in exchange for a promise to pay for it in the future.
Receiving something of value in exchange for a promise to pay for it in the future is known as borrowing. While marketing departments realize that in many cases business will be much brisker if a more palatable term can be substituted, the fact remains that borrowing is the term that best describes this practice.
When someone enters into a contract and knowingly gives false information, compounding the misdeed by signing (whether ink or proxy) someone else's name to a promise that all the information given is correct, we call that despicable practice by the very pretty name fraud.
Fraud, by dictionary definition, is:
"...intentional perversion of truth in order to induce another to part with something of value or to surrender a legal right b : an act of deceiving or misrepresenting ..."
(From the Merriam Webster Online Dictionary)
According to that same source, it may also be used as a noun to describe a person who tricks or deceives, as in "He is a fraud."
So what is happening here? Why have we coined this new term for a practice so old that the word comes from Middle English? (ibid.) I believe that the answer to this lies in the idea that the commercial concerns involved in these instances of fraud do not like being the victim. When a bank, for instance, is defrauded to the loss of money, such a loss comes out of the profits of the bank, penalizing its stockholders and raising a desire to prevent such a thing from happening ever again. This motivates the management of the bank to take steps to make it very difficult (if not impossible) for a criminal to defraud them in the future.
Let us say that a commercial concern has been defrauded of some money by a criminal who presented himself by means of a telephone call and asked for something of value to be given to him in exchange for a promise to pay for it in the future. The criminal takes care to give someone else's name, and some other unique identifying information, in order to satisfy the objective of convincing the bank that he is indeed who he says he is, assuaging their fear that the contract will not be honored, and at the same time ensuring that he will never be discovered to be the person who implemented the transaction, received the money or valuables, and got off scot-free.
Having been the victim of this crime one would think that a logical step to take would be for the company to resolve not to send money or valuables to people on the strength of a telephone conversation. Perhaps it would be wiser to require the individual to appear in person, to prove who he is by means of a picture ID, for example, and to sign his name ink to a paper contract. In the event of default, it would be very difficult for the debtor to deny that he had an agreement with the creditor.
We live, however, in an age where instant gratification is not only encouraged, it is considered essential. The great god Marketing demands that consumers be required to make nearly no effort at all to go into debt. One may purchase all manner of goods here on the Internet with a little bit of unique information. Indeed, one may incur a serious obligation with no more action than fingers on a keyboard and mouse. Consumers are coddled and commerce is served.
When this convenient borrowing results in the commercial concern becoming the victim of fraud, the incredibly clever turnaround takes place. The evil criminal (EC) has stolen from the XYZ company by masquerading as Mr. Jones. The XYZ company chose to release valuables or money on the strength of EC's representation that he was Mr. Jones, and in that guise promised to pay the debt on terms agreed. Who is the victim? I think that it is obvious that the XYZ company is the victim. But Marketing is invoked and from on High declares that no, Mr. Jones, Mr. Jones is the victim! His identity has been stolen! And he must now take steps to get it back, or he will have no identity, and might even be responsible to repay what EC borrowed.
Make no mistake: I abhor the actions of EC in defrauding XYZ and think that he should be charged and tried by law for his crime. XYZ must experience a feeling of foolishness at being so easily fooled, but after all it is blessed to be trusting -- they were only trying to help. But they are, nonetheless, the victim, and if they are not made to suffer this victimization there will be no learning -- they will continue to extend credit without sufficient security. Harsh it is, but less harsh and far more just than to visit upon Mr. Jones the gross injustice of involving him in a crime in which he played no part.
Yet that, innocent reader, is exactly what happens much of the time. We Joneses are told "How awful, your identity was stolen. Now you must work to get it back. You must generate reports and affidavits, you must change account numbers, monitor your credit reports (one of these days I must get around to that subject), exercise vigilance in every area of your life. Shred all papers in your home that have any identifying information. Shake with fear at the idea that someone will discover that magical 9-digit number that identifies you to your employer and your Government. Tell no one your Mother's maiden name, or that of your favorite childhood pet. Work to make the world safe for Marketing. Work hard."
Yet we have done nothing. We did not take part in a fraudulent transaction. We did not decide that it was all right for the XYZ company to accept EC's flimsy identification of himself as us based on the possession of some not-so-secret information about us.
When the lenders, the commercial concerns that extend credit based on a few numbers and names given over the telephone or the Internet (no matter HOW cleverly contrived), are made completely responsible for protecting themselves against fraud the so-called phenomenon of "identity theft" will disappear. When you want to borrow some money or begin cellular telephone service you will not be able to do it without actually presenting some positive identification, most likely in person. "Identities" will no longer be a useful thing to "steal."
And, I fear, pigs will fly.