摘要:The growth of the Internet and e-commerce has taken identity theft to new levels. Indeed, consumers, financial institutions and the whole economic suffer from online identity theft.This article analyses the legal environment which is concerned with online identity theft. The analysis is based on the comparison of two countries—USA’s and Lithuania’s— legislation, regulating such fields as personal data protection, electronic information security, identification, criminal liability and special legal acts, regulating online identity theft, because if all these fields are sufficiently regulated, the fight with online identity theft is more successful. The choice of the countries is based on the fact that USA has experience in fighting online identity theft while Lithuania is taken into a deeper consideration as it is a member of the European Union, the legal system of which has great differences in comparison to the USA.The analysis of legislation, regulating personal data protection, is based on comparison of the main requirements and principles of personal data protection, institutions which are responsible for personal data protection and liability for breaches of personal data protection rules. The authors of the present article also present similarities and differences of legal regulation of electronic information security in USA and Lithuania by comparing the institutional control of information security, main requirements for information security and liability for breaches of information security rules. Also, the variety of personal identity documents in the USA and Lithuania is analyzed, main personal identity documents are presented as well as regulation of online identity theft, elements and types of identification online are discussed. Moreover, criminal and special legislation of USA and Lithuania is taken into consideration in order to discuss and compare criminalization aspects of online identity theft.In this article it is emphasized that although in USA online identity theft is criminalized, there also is special legislation concerned with online identity theft and this should be considered as an effective measure against online identity theft. Since in Lithuania the estimation of online identity theft from the point of criminal law is quite complicated, it is suggested that online identity theft should be criminalized as well as it is criminalized in USA. In addition, the authors notice that electronic information security should be regulated in both—privateand public sectors not only in the public sector as it is at the present time. The research has also shown that in Lithuania legal regulation of personal data is sufficient, except the sanctions for breaches of the requirements of personal data protection. However, the lack of legal regulation concerned with online identity theft is noticed in Lithuania and such a legal environment leads to advantageous conditions to commit online identity theft.
