Simon Bunce's credit card details were stolen while online shopping

By Marc Sigsworth

With ID fraud on the rise, the assumption is you'll lose money which can be claimed back. But Simon Bunce lost his job, and his father cut off contact, when he was arrested after an ID fraudster used his credit card details on a child porn website. Simon Bunce used to be a keen internet shopper, delighted to escape the hordes and have goods delivered to his door. Wary of fly-by-night operators, he bought only from big name retailers with secure websites. But then, four years ago, he was astonished to find himself embroiled in Operation Ore, the UK's largest ever police hunt against internet paedophiles. He was arrested on suspicion of possession of indecent images of children, downloading indecent images of children and incitement to distribute indecent images of children. Hampshire Police took away his computer and data storage devices including flash drives, CDs and floppy disks, as well as examining the computer and storage devices that he used at work. The effect was devastating. When his employers became aware of the reason he had been arrested, he was abruptly dismissed from his £120,000 a year job, and close members of his family disowned him. FIND OUT MORE... Identity Fraud: Outnumbered is on BBC One on Thursday, 3 April, at 2100 BST Catch up at BBC iPlayer "I made the mistake of telling my father, and he cut me off," Mr Bunce says. "He then told all my siblings and they also cut us off." Suddenly deprived of his income, Mr Bunce had to consider selling the family home. But his wife, Kim, stuck by him, and supported his mission to clear his name. Mr Bunce knew he was innocent - he had never downloaded indecent images, and so he knew that the police would not find any evidence on the computers or storage devices they had taken away. But the police's computer technicians take several months to examine these, and Mr Bunce could not afford to wait to repair the damage done to his reputation. "I knew there'd been a fundamental mistake made and so I had to investigate it." Identity fraud occurs when personal information is used by someone else to obtain credit, goods or other services fraudulently. Recent surveys suggest that as many as one in four Britons have been affected by it. In 2007 more than 185,000 cases of identity theft were identified by Cifas, the UK's fraud prevention service, an increase of almost 8% on 2006. Tarnished name Operation Ore targeted suspected paedophiles believed to have been downloading indecent images of children, those whose credit card details had been used to buy pornography via an American portal called Landslide - the gateway site and central credit card handler for hundreds of websites. OPERATION ORE 7,272 UK residents targeted Including Robert del Naja of Massive Attack and The Who's Pete Townshend, who was given a caution In many cases, suspects had had their card details stolen Hundreds of successful prosecutions ensued, with extensive media coverage given to high profile suspects, including actor Chris Langham of The Thick of It. As Landslide was based in the United States and under investigation there, Mr Bunce was able to use the US Freedom of Information Act to obtain a complete copy of all of the relevant material, including databases, access logs and credit card information, together with detailed information of the webmasters, which allowed him to find out how his credit card details had been used. Each computer has a unique internet protocol number, or IP address, which identifies the specific computer and its geographic whereabouts whenever it is used to access the internet. Mr Bunce discovered that the computer used to enter his credit card details was in Jakarta, Indonesia, and the date and time that his credit card details were entered onto the Landslide website was at a time when he could prove that he was using the same card in a restaurant in south London. "I can't be in two places at once, so somehow my data had got to the man in Indonesia." He was also able to discover that his credit card details had been obtained from a popular online shopping site, but he doesn't know how these came to be in the hands of a criminal. The man responsible for using his credit card details hid behind the online name "Miranda" - a webmaster who hosted and produced pornographic websites and received a commission from Landslide for subscriptions to his website which were paid by credit card. "Miranda" had used Mr Bunce's credit card details - without his knowledge - to take out a subscription to one of his websites. Cash convert In September 2004, the police told Mr Bunce they would not proceed with any action against him. They had not found indecent material, and accepted that it wasn't him who had entered his credit card details on the Landslide website. Simon Bunce no longer shops online It took another six months before he got another job, earning a quarter of the salary he'd earned before his arrest. Mr Bunce has also reconciled with his family, having explained to them how he came to be implicated and then cleared. Are bygones bygones? "I've forgiven them [my family] - there's no point in bearing a grudge." Four years on, he is bringing a High Court action against the shopping website for allowing his personal details to be compromised. So no more internet shopping? "No, no, no. Once bitten, twice shy," says Mr Bunce, who now sells encryption services. "I wouldn't say that I live in the cash economy now, but I'd rather go to the bank to withdraw money to buy petrol, as you hear of card details being harvested at garages. I'm paranoid about data security. I shred everything, I never use credit cards anymore. "Being arrested and accused of what is probably one of the worst crimes known to man, losing my job, having my reputation run through the mud, it's a living nightmare." Marc Sigsworth is the producer of BBC One's Identity Fraud: Outnumbered. Below is a selection of your comments: Despite forwarding my mail after moving, a statement from the credit card company got delivered to a previous address. The new tenant managed to get a card issued & started withdrawing large amounts of cash. The company spotted it in a couple of days & I eventually lost nothing more than a little time whilst it was sorted. But what concerned me the most was the complete absence of interest on the part of the police, despite clear evidence of who the culprit was, where he lived & even CCTV evidence of the halfwit using a cashpoint less than a mile from my old flat. As long as they know there is almost zero chance of getting arrested then the criminals will keep on doing it.

David, Maldon, UK Since having my bank account defrauded last year, through no fault of my own, I have gone back to almost always using cash. I also only draw money out from a machine within a bank's premises. So far I've not found this any inconvenience.

Martin K, London, England I am a fervent supporter of our police force, particularly with regard to their efforts to combat crimes against children, but I am deeply troubled by the apparent ham-fisted way in which Mr Bunce was treated. There can be no excuse for incompetence leading to the destruction of an innocent person's standing by the state or employer. I trust that, quite apart from the action detailed in the report, he receives appropriate apologies and compensation from both the police and his previous employers.

Steven, Shaftsbury, Dorset I too have been a victim of card theft. TWICE. In both cases, I did nothing out of the ordinary and had not shopped online in a while. However, in the most recent case, I did use my credit card when shopping at an outlet mall in North Georgia. Shortly after that, all kinds of electronics were charged against my card in Japan... a place I have never visited. The policy of the card companies needs to change. They will reimburse anything up to $5000. The criminals know this, so they charge up to this amount. There isn't even an investigation unless the charge is excessive. By law, the card companies need to be made to investigate all of these. If any company such as an online retailer is found to be the source, then they need to pay the cost of the investigation as well as reimburse the bank for the loss. Perhaps then they will take security more seriously. I too now shop on a cash basis only. Perhaps this is the way to make the credit card companies take notice.

Gillian, Atlanta, US A little technical warning: just because you are using a secure site, does not mean you are safe. The vast majority of credit card details being stolen online, are not from the site, but via malware on your PC. A quick guide to staying safe:

1. Install and KEEP UP TO DATE anti-virus software, there are free ones out there

2. Install and KEEP UP TO DATE anti-spyware software, the two are NOT the same

3. Never, ever follow links in e-mails. Always type the website yourself

4. Don't run e-mail attachments you are not sure of, even if they appear to be from friends, it is easy to fake a sender

5 Don't visit websites you are unsure of. Never install or run programmes from site you are not 100% confident are legit

These simple steps will help keep your card safe.

Stu, Birmingham Many employers are in a Catch 22 situation though. Suppose you consider schools or police or doctors. If they don't act, and the case is found to be true, then they have put children at risk. If they do act, and the case is found to be unfounded, they have devastated an innocent's life in many ways. Also many employers either don't have, or worryingly very often don't want to use the resources to put someone on suspension. There should be a compensation scheme for this type of injustice that never reaches a court, a statement of "innocence" from the police to aid his recovery of self-respect, and "innocence until proven guilty" upheld in the community more.

Rob, Swansea My medical card has my photo on it. My driving licence - which I updated recently took exactly one week to be sent to me - over the Easter Weekend and has my picture and my address on it. You have to carry two unrelated items in the UK and there is no proof that the picture is of the holder of the licence. There is nothing similar in the UK to prove who you are. I use credit cards on the net all the time. Our credit cards are limited and we HAVE to pay them off at the end of each month. Debt is not an option. Perhaps that is why we have less of this type of fraud and also why the euro is so strong.

Di Chapman, Aynac, France Have also been told this week by my credit card provider that my card has been cloned. Yet only using it on "big name" sites. Just goes to show no matter what the company and the level of internet security, no one can say for sure that 100% of their staff are honest and one of them may not be out there selling your details to criminals.

Paul Ewen, Bedford UK Aside from the ID fraud, which is bad enough, I think this story highlights some of the key problems with our justice system. Mr Bunce was all but found guilty immediately by family and employer. The police need to properly investigate people before making arrests - either that or it should be illegal to sack someone until they have been found guilty and not just arrested on suspicion. Society also has to think about the modern day witch hunt where the topic of paedophilia is concerned.

Jacqueline, Barnet, UK This is a clear case of wrongful dismissal - your employer should never sack you for something which you have not been convicted. It seems fair to suspend someone pending prosecution, but firing them is illegal. In this case, Simon should have clear grounds for compensation.

Martin, UK It is exactly for this reason that those accused of sex crimes should remain anonymous until proven guilty. The so called "innocent until proven guilty" guarantee is a travesty. This case also proves the huge gulf between American FOI and the abysmal UK version.

Mark, Derby, UK The real purpose of this story is to try and sell the idea of ID cards to the British public. "If you do not take an ID card, you could be branded a paedo", is what this article is saying. The BBC has constantly been used to sell the idea of ID cards as a means to protect identity, and articles like this are a classic example. The fact of the matter is that if everyone is put into the ID database, then cases of mistaken identity will skyrocket. This man had his information stolen because he used a credit card. If he did not have a credit card, no one would have been able to impersonate him. That is the real message behind this story; if you have a card that identifies you, someone can impersonate you from anywhere in the world. If you do not have a card then you are far safer.

Alexander De Large, London I myself have twice been victim of credit card hacking where someone used my card abroad while I was in UK. Fortunately my card company called me and the transactions were nullified and my cards replaced, however I don't think that the criminals were ever caught or even any attempt was made to catch them. Sometimes I wonder if the industry is doing enough to protect identity. I wish success to Mr Bunce in his lawsuit against the concerned shopping site. More cases like this and we would return to old cash economy.

Devendra Damle, Kenilworth, Warcs This is a product of our on-going tabloid-fuelled paedophilia hysteria and everyone's knee-jerk reaction to the subject, and I hate how this happens time and time again, not just to famous celebrities that we hear about (Mathew Kelly comes to mind) but also to everyday honest folks. People should learn to get over their hysteria, stop being manipulated by the pack mentality and look at the facts. Anyone can be accused of anything, anyone can be investigated for anything, anyone can point a finger at anyone and it could happen to any of us at any time. But the point is to get to the truth, and people should learn to accept the outcome as the truth, not the gossip, and stop ruining innocent peoples' lives over nothing. I hope this article goes some way to clearing this poor man's reputation.

WiL, Leeds, UK What an appalling story. If Mr Bunce was able to find out that someone in Indonesia had misused his details on a certain date, what a pity the police couldn't have armed themselves with this information prior to his arrest. Surely a simple "where were you on ...?" could have cleared all this up and saved Mr Bunce his job, family and a lot of stress. I sometimes wonder how technologically adept our Boys in Blue really are.

Mark, Warwick An extremely unfortunate story, but all credit to Bunce who has recovered well when many would have collapsed. The time is upon us where massive overhaul to the system is necessary, biometrics even DNA can and should be used, with the credit card companies footing at least some of the bill for research and initiation. They do not do enough to protect their customers (us) as it is simply cheaper to let it go on and compensate in some (but not all) cases. Chip and pin too has not been the success we all hoped, merely papering over the cracks.

Neil, UK I hope he is, or has, successfully sued his previous employers - they should be named and shamed. Whatever happened to presumed innocent until proven guilty?

Jon, Manchester I feel great sympathy for Mr Bunce. It only goes to show how we can sometimes jump to conclusions before finding out what the truth really is. If I were an employer and my employee has been accused, I will wait for the jury's verdict before I take action and this will be the same if I were to be a family member of an accused.

Andrian Harsono, Sunbury, UK Isn't the answer to this to check your credit card statements every month, and to complain if there is an error? The article does not say if Mr Bunce checked his statement every month, but surely if he had this would not have happened?

David, Glasgow, Scotland It is unfortunate that the true criminals find ways to throw the scent off of them and onto innocent people. Actions that involve child pornography are indeed the worst crimes known to man, if you ask me, but what is upsetting is that "innocent until proven guilty" doesn't seem to apply with them; his family and his employers disowned him, assuming he was guilty of the reasons of his arrest. Proving his innocence took six months, but clearing the tarnish from his name will take a lifetime.

J Gareth Moreton, Brighton, England



Bookmark with: Delicious

Digg

reddit

Facebook

StumbleUpon What are these? E-mail this to a friend Printable version