In an article entitled “The Pathological Politics of Criminal Law,” Prof. William Stuntz observed that “virtually everyone who has written about federal criminal law has bemoaned its expansion.” (W. Stuntz, “The Pathological Politics of Criminal Law,” 100 Mich. L. Rev. 505, 508 (2001-2002); there are now more than 4,000 federal criminal laws.) Part of the reason for the expansion is what Stuntz called “[s]ymbolic criminalization”—enacting new laws in response to national headlines to make a symbolic statement to voters. One example of symbolic criminalization, which has received too little attention, is the Identity Theft Penalty Enhancement Act of 2004. Rarely has Congress passed a more ill-conceived criminal law. (For a thoughtful discussion of federal identity theft law, see J. Martin, “Inappropriate Identity Theft Charges in White Collar Cases,” Law360 7/14/14.)

In 2003, when the Identity Theft Penalty Enhancement Act was introduced, there was already a federal identity theft provision on the books. Enacted in 1998, 18 U.S.C. §1028(a)(7) made it unlawful to “knowingly transfer[], possess[], or use[], without lawful authority, a means of identification of another person with the intent to commit, or to aid or abet, … any unlawful activity that constitutes a violation of federal law, or that constitutes a felony under any applicable State or local law.” The term “means of identification” was defined broadly to encompass “any name or number that may be used, alone or in conjunction with any other information, to identify a specific individual.” (The definition of “means of identification” is found in 18 U.S.C. §1028(d).)

As media reports of identity theft multiplied, Congress determined that more was needed to combat the crime. The more was the 2004 Act. In endorsing the proposed legislation, Congressman Schiff of California said:

The problem [of identity theft] has … grown to epidemic proportions … . Identity theft wreaks havoc on the lives of millions of hard-working Americans now. A victim of identity theft usually spends a year-and-a-half working to restore his or her identity and good name … . For this reason, I [support] the Identity Theft Penalty Enhancement Act, legislation that will make it easier for prosecutors to target those identity thieves who steal an identity for the purpose of committing other serious crimes.

The proposed law would target persons who steal identities and “protect the good credit and reputation of hard-working Americans.” (Hearing on H.R. 1731 and H.R. 3693, (108th Cong. 2004) at 15-16.)

The heart of the proposed law was a new Aggravated Identity Theft offense, 18 U.S.C. §1028A, which made it unlawful “during and in relation to any [enumerated federal] felony violation … , knowingly [to] transfer[], possess[], or use[], without lawful authority, a means of identification of another person.” Moreover, as the title of the Act suggests, penalties for a violation of the new provision were to be “enhanced”: a convicted defendant was to receive a mandatory term of imprisonment of two years (five if the predicate offense was a terrorism crime). And, in a provision unique in federal law, judges were directed (1) that the term of imprisonment for a violation of §1028A should not run concurrent with any other term of imprisonment and (2) that the term of imprisonment for the predicate felony should “not in any way [be] reduced … so as to compensate for … any separate term of imprisonment imposed [for a §1028A violation].” Two years was to mean two years more.

The Department of Justice strongly supported the proposed law. A DOJ representative cited three ways in which §1028A, if enacted, would “arm Federal Prosecutors to fight identity theft more effectively” by “build[ing] upon and strengthen[ing]” existing law. (Id.) First, §1028A would limit the applicable predicate offenses to “a focused and narrower set” of the “most serious federal offenses.” Better focus would mean better law enforcement. Second, §1028A would eliminate the need to show that the defendant had transferred or used a means of identification “with the intent to commit, or aid or abet” the predicate offense. It would be enough to show that the transfer or use occurred “during and in relation to” the predicate offense.

The third difference was §1028A's mandatory cumulative sentence provision. As the DOJ representative saw it, such a penalty structure was necessary because of the “unusual nature of identity theft”:

[The proposed penalty structure] is the most sensible [approach] in light of the unusual nature of identity theft—it is an entirely derivative offense, in that it is virtually always committed in connection with some other crime. The Sentencing Guidelines … will generally ignore the fact that two offenses have been charged (a derivative offense and a predicate offense) … . Consequently, application of the Guidelines would mean that there would be virtually no practical advantage to charging the derivative criminal offense.

The “structure of [§1028A's] penalty scheme,” the DOJ representative asserted, would avoid this problem “by providing for an additional prescribed term of imprisonment over and above that imposed on the underlying predicate offense.”

None of these rationales is persuasive. The claim that §1028A applies to a “focused and narrower set of predicate offenses” than §1028(a)(7) is hard to take seriously. It applies to 60 non‑terrorism federal predicate offenses (including mail fraud and wire fraud) and 50 terrorism offenses. (See C. Doyle Cong. Research Serv., R42100, “Mandatory Minimum Sentencing: Federal Aggravated Identity Theft” (Aug. 20, 2015) at 3.) On the second point, the DOJ representative failed to note that the 2004 Act amended §1028(a)(7) to extend its coverage to those who steal another's identity “in connection” with a predicate offense. Proof of an intent to aid or abet the commission of a predicate offense is no longer required. If there is a difference between “during and in relation to” (the language of §1028(A)) and “in connection with” (the amended language of §1028(a)(7)), it is vanishingly thin.

Finally, there is the notion that the Sentencing Guidelines cannot capture the pernicious effects of identity theft because of the crime's “unusual nature” as a derivative offense. Left out of this account are these facts: When Congress enacted §1028(a)(7) in 1998, it directed the Sentencing Commission to incorporate the crime of identity theft into the Guidelines. The Commission responded by promulgating U.S.S.G. §2B1.1(b)(11)(c), which calls for a two-point enhancement if “a defendant uses another individual's … means of identification to “breed” (i.e., produce or obtain) new or additional forms of identification.” “Breeding,” the Commission concluded, was a particularly egregious form of identity theft that warranted heightened punishment.

At the same time, the Commission added an Application Note suggesting an “upward departure” in identity theft cases when “substantial harm [has been done] to the victim's reputation or credit record, or the victim suffered substantial inconvenience related to repairing the victim's reputation or damaged credit record.” (U.S.S.G. §2B1.1 Application Note 19.) Moreover, the 2004 Act itself directed the Sentencing Commission to amend the Guidelines to ensure that “the guideline offense levels and enhancements appropriately punish identity theft offenses involving an abuse of trust.” The Commission responded by adding an Application Note to the abuse of trust enhancement specifying that if the defendant obtained access to the means of identification by “exceed[ing] or abus[ing] the authority of his or her position,” the two-point abuse of trust enhancement should apply. (U.S.S.G. §3B1.3 Application Note 2(B).) All of this suggests that there is nothing “unusual” about identity theft that the Sentencing Guidelines cannot, and do not, capture.

In a word, all three rationales were makeweights. The Department of Justice supported §1028A because it carried a mandatory prison sentence.

How has the 2004 Act been interpreted? Three cases show that if a statute is drafted broadly, as §1028A is, it is likely to be applied in ways that Congress could not have imagined.

The first case is United States v. Abdelshafi, 592 F.3d 602 (4th Cir. 2010). Mohamed Abdelshafi operated a company that provided transportation services for Medicaid patients. The company received information about the patients—their names, dates of birth, Medicaid identification numbers, etc.—used the information to transport the patients to and from medical providers, and then billed Medicaid for the trips. Or, more precisely, it overbilled Medicaid, fraudulently submitting claims for trips that had not occurred. Abdelshafi was convicted of health care fraud and Aggravated Identity Theft, and the Fourth Circuit upheld his convictions. It rejected his argument that the crime required a theft of identifying information. The statute is “broad and unambiguous,” the court concluded, and prohibits “an individual's knowing use of another person's identifying information without a form of authorization recognized by law.”

The second case is United States v. Osuna-Alvarez, 788 F.3d 1183 (9th Cir. 2015). Miguel Osuna-Alvarez attempted to enter the United States from Mexico at a border crossing, where he presented his brother's United States passport. A search of his vehicle uncovered three kilograms of methamphetamines and two kilograms of cocaine. At a bench trial, the court found that the brother had been “complicit in turning over the passport” but nonetheless convicted Osuna-Alvarez of Aggravated Identity Theft (as well as drug crimes), and the Ninth Circuit affirmed. It concluded that “the language [of §1028A] clearly and unambiguously encompasses situations like the present, where an individual grants the defendant permission to use his or her means of identification, but the defendant proceeds to use the identification unlawfully.”

Notably, nine Circuits have now held that §1028A applies whenever a defendant uses another person's identity in furtherance of an enumerated crime, regardless of whether the other person has consented to the use. (United States v. Ozuna-Cabrera, 663 F.3d 496 (1st Cir. 2011); United States v. Carrion-Brito, 362 F. App'x 267 (3d Cir. 2010); United States v. Otuya, 720 F.3d 183 (4th Cir. 2013); United States v. Mahmood, 820 F.3d 177 (5th Cir. 2016); United States v. Lumbard, 706 F.3d 716 (6th Cir. 2013); United States v. Retana, 641 F.3d 272 (8th Cir. 2011); United States v. Osuna-Alvarez, 788 F.3d 1183 (9th Cir. 2015); United States v. Hurtado, 508 F.3d 603 (11th Cir. 2007); United States v. Reynolds, 710 F.3d 434 (D.C. Cir. 2013). In United States v. Naranjo, 645 Fed. Appx 50 (2016), the Second Circuit held that the trial court had not committed plain error by charging the jury that the government was not required to prove that the individual had not consented to the unlawful use of his identity.)

The third case is United States v. Porter, 745 F.3d 1035 (10th Cir. 2014). Gloria Porter, the secretary/treasurer of a federal employees union, used the union's debit card to make personal expenditures at a beauty salon, day spa, and home-improvement store. To hide her crime, she submitted false reports to the Department of Labor, forging the signature of the union's president on the reports. She was convicted of mail fraud and Aggravated Identity Theft, and the Tenth Circuit upheld her convictions. Because Porter had used a means of identification—the union president's signature—in relation to her mail fraud crimes, she had violated §1028A.

Plainly, none of these cases was in the sights of the legislators who championed §1028A. In none was identification information “stolen” in any conventional sense of the term. (As one court has written, “a defendant need not have 'stolen' anyone's identity to be convicted of aggravated identity theft.” United States v. Roberts-Rahim, 2015 WL 6438674 (E.D.N.Y. Oct. 22, 2015 at *7)) Nor did anyone have her credit history or financial reputation damaged. If there was an identity theft epidemic sweeping the country in 2004, the likes of Mohamed Abdelshafi, Miguel Osuna-Alvarez, and Gloria Porter were not among the thieves.

What is especially noteworthy about Abdelshafi, Osuna-Alvarez and Porter (and numerous cases like them) is that the reviewing courts made almost no mention of the purpose or legislative history of the Aggravated Identity Theft provision. Plain meaning was all that mattered. (As one court interpreting §1084A has written, “arguments about purpose, history, and statutory titles cannot contradict a law's plain text.” United States v. Otuya, 720 F.3d 183, 190 (4th Cir. 2013)) Nor did the courts give any consideration to the fact that §1028A carries a mandatory prison sentence. Rather, here as elsewhere in federal criminal law, “courts [have] los[t] sight of the disproportionality of the penalties of which their expansive interpretations often expose federal defendants.” (The quotation is from S. Smith, “Proportionality and Federalization,” 91 Va. L. Rev. 879, 884 (2005))

Only one case has taken a different approach. In United States v. Spears, the Seventh Circuit, sitting en banc, unanimously held that §1028A did not apply where the defendant made a counterfeit handgun permit for another person, Payne, and Payne used the fake credential—which contained her own name and birthday—in attempting to buy a gun. 729 F.3d 753 (7th Cir. 2013) (en banc). On these facts, the Seventh Circuit held that the phrase “means of identification of another” refers to “anyone other than a person consenting to the use of the information.” It looked to the legislative history, the statutory caption and the rule of lenity to limit the statute's reach. (Two Circuits have held that §1028A does not apply unless the defendant “attempt[s] to pass him or herself off as another person or take[s] some other action on the person's behalf.” United States v. Berroa, 856 F.3d 141, 156 (1st Cir. 2017); see also United States v. Miller, 734 F.3d 530, 541 (6th Cir. 2013). In Berroa, the defendants gained their medical certifications by fraud and then issued prescriptions to patients. The Court rejected the government's argument that writing the patients' names and addresses on the prescriptions violated §1028A.)

But Spears has been confined to its facts. In United States v. Roberts-Rahim, for example, the court observed that Spears fell outside §1028A's broad scope because Spears “transferred Payne's own information to her.” Roberts-Rahim, 2015 WL 6438674, at *8 (emphasis added). In Roberts-Rahim, the defendant applied for a United States passport using the name, date of birth and social security number of his half-brother. Prior to trial, the court ruled that the half-brother's consent did not confer lawful authority upon Roberts-Rahim to use the passport for an unlawful purpose. Indeed, the court went one step further: it precluded the defense from offering proof of the half‑brother's consent, finding that such proof was irrelevant and likely to cause confusion. After all, the jury might mistakenly find Roberts-Rahim not guilty of Aggravated Identify Theft if it learned that no one's identity had been stolen.

Although gathering statistics to prove the point is difficult, it seems undeniable that §1028A, like most mandatory minimums, has become a tool for prosecutors to induce guilty pleas. A mandatory minimum, of course, is mandatory only if a prosecutor charges it and insists on a defendant pleading to it. It is a bargaining chip in a criminal justice system in which bargaining has become the way we resolve criminal cases (97 percent of federal cases in 2016), and in which the prosecutor holds most of the chips. As Professor Stuntz put it, “if prosecutors are able to threaten defendants who take their cases to trial with … charges that produce a [more] severe sentence, the ability to induce a plea is magnified.”

To quote Professor Stuntz a third time: “Legislators gain when they write criminal statutes in ways that benefit prosecutors. Prosecutors gain from statutes that enable them more easily to induce guilty pleas. Appellate courts lack the doctrinal tools to combat those tendencies.” Those words capture the disheartening story of the Identity Theft Penalty Enhancement Act of 2004. If Congress ever summons the will to reform the federal criminal law, §1028A should be among the first provisions it deletes.

Paul Shechtman is a partner at Bracewell in New York and teaches evidence and criminal procedure at Columbia Law School.

In an article entitled “The Pathological Politics of Criminal Law,” Prof. William Stuntz observed that “virtually everyone who has written about federal criminal law has bemoaned its expansion.” (W. Stuntz, “The Pathological Politics of Criminal Law,” 100 Mich. L. Rev. 505, 508 (2001-2002); there are now more than 4,000 federal criminal laws.) Part of the reason for the expansion is what Stuntz called “[s]ymbolic criminalization”—enacting new laws in response to national headlines to make a symbolic statement to voters. One example of symbolic criminalization, which has received too little attention, is the Identity Theft Penalty Enhancement Act of 2004. Rarely has Congress passed a more ill-conceived criminal law. (For a thoughtful discussion of federal identity theft law, see J. Martin, “Inappropriate Identity Theft Charges in White Collar Cases,” Law360 7/14/14.)

In 2003, when the Identity Theft Penalty Enhancement Act was introduced, there was already a federal identity theft provision on the books. Enacted in 1998, 18 U.S.C. §1028(a)(7) made it unlawful to “knowingly transfer[], possess[], or use[], without lawful authority, a means of identification of another person with the intent to commit, or to aid or abet, … any unlawful activity that constitutes a violation of federal law, or that constitutes a felony under any applicable State or local law.” The term “means of identification” was defined broadly to encompass “any name or number that may be used, alone or in conjunction with any other information, to identify a specific individual.” (The definition of “means of identification” is found in 18 U.S.C. §1028(d).)

As media reports of identity theft multiplied, Congress determined that more was needed to combat the crime. The more was the 2004 Act. In endorsing the proposed legislation, Congressman Schiff of California said:

The problem [of identity theft] has … grown to epidemic proportions … . Identity theft wreaks havoc on the lives of millions of hard-working Americans now. A victim of identity theft usually spends a year-and-a-half working to restore his or her identity and good name … . For this reason, I [support] the Identity Theft Penalty Enhancement Act, legislation that will make it easier for prosecutors to target those identity thieves who steal an identity for the purpose of committing other serious crimes.

The proposed law would target persons who steal identities and “protect the good credit and reputation of hard-working Americans.” (Hearing on H.R. 1731 and H.R. 3693, (108th Cong. 2004) at 15-16.)

The heart of the proposed law was a new Aggravated Identity Theft offense, 18 U.S.C. §1028A, which made it unlawful “during and in relation to any [enumerated federal] felony violation … , knowingly [to] transfer[], possess[], or use[], without lawful authority, a means of identification of another person.” Moreover, as the title of the Act suggests, penalties for a violation of the new provision were to be “enhanced”: a convicted defendant was to receive a mandatory term of imprisonment of two years (five if the predicate offense was a terrorism crime). And, in a provision unique in federal law, judges were directed (1) that the term of imprisonment for a violation of §1028A should not run concurrent with any other term of imprisonment and (2) that the term of imprisonment for the predicate felony should “not in any way [be] reduced … so as to compensate for … any separate term of imprisonment imposed [for a §1028A violation].” Two years was to mean two years more.

The Department of Justice strongly supported the proposed law. A DOJ representative cited three ways in which §1028A, if enacted, would “arm Federal Prosecutors to fight identity theft more effectively” by “build[ing] upon and strengthen[ing]” existing law. (Id.) First, §1028A would limit the applicable predicate offenses to “a focused and narrower set” of the “most serious federal offenses.” Better focus would mean better law enforcement. Second, §1028A would eliminate the need to show that the defendant had transferred or used a means of identification “with the intent to commit, or aid or abet” the predicate offense. It would be enough to show that the transfer or use occurred “during and in relation to” the predicate offense.

The third difference was §1028A's mandatory cumulative sentence provision. As the DOJ representative saw it, such a penalty structure was necessary because of the “unusual nature of identity theft”:

[The proposed penalty structure] is the most sensible [approach] in light of the unusual nature of identity theft—it is an entirely derivative offense, in that it is virtually always committed in connection with some other crime. The Sentencing Guidelines … will generally ignore the fact that two offenses have been charged (a derivative offense and a predicate offense) … . Consequently, application of the Guidelines would mean that there would be virtually no practical advantage to charging the derivative criminal offense.

The “structure of [§1028A's] penalty scheme,” the DOJ representative asserted, would avoid this problem “by providing for an additional prescribed term of imprisonment over and above that imposed on the underlying predicate offense.”

None of these rationales is persuasive. The claim that §1028A applies to a “focused and narrower set of predicate offenses” than §1028(a)(7) is hard to take seriously. It applies to 60 non‑terrorism federal predicate offenses (including mail fraud and wire fraud) and 50 terrorism offenses. (See C. Doyle Cong. Research Serv., R42100, “Mandatory Minimum Sentencing: Federal Aggravated Identity Theft” (Aug. 20, 2015) at 3.) On the second point, the DOJ representative failed to note that the 2004 Act amended §1028(a)(7) to extend its coverage to those who steal another's identity “in connection” with a predicate offense. Proof of an intent to aid or abet the commission of a predicate offense is no longer required. If there is a difference between “during and in relation to” (the language of §1028(A)) and “in connection with” (the amended language of §1028(a)(7)), it is vanishingly thin.

Finally, there is the notion that the Sentencing Guidelines cannot capture the pernicious effects of identity theft because of the crime's “unusual nature” as a derivative offense. Left out of this account are these facts: When Congress enacted §1028(a)(7) in 1998, it directed the Sentencing Commission to incorporate the crime of identity theft into the Guidelines. The Commission responded by promulgating U.S.S.G. §2B1.1(b)(11)(c), which calls for a two-point enhancement if “a defendant uses another individual's … means of identification to “breed” (i.e., produce or obtain) new or additional forms of identification.” “Breeding,” the Commission concluded, was a particularly egregious form of identity theft that warranted heightened punishment.

At the same time, the Commission added an Application Note suggesting an “upward departure” in identity theft cases when “substantial harm [has been done] to the victim's reputation or credit record, or the victim suffered substantial inconvenience related to repairing the victim's reputation or damaged credit record.” (U.S.S.G. §2B1.1 Application Note 19.) Moreover, the 2004 Act itself directed the Sentencing Commission to amend the Guidelines to ensure that “the guideline offense levels and enhancements appropriately punish identity theft offenses involving an abuse of trust.” The Commission responded by adding an Application Note to the abuse of trust enhancement specifying that if the defendant obtained access to the means of identification by “exceed[ing] or abus[ing] the authority of his or her position,” the two-point abuse of trust enhancement should apply. (U.S.S.G. §3B1.3 Application Note 2(B).) All of this suggests that there is nothing “unusual” about identity theft that the Sentencing Guidelines cannot, and do not, capture.

In a word, all three rationales were makeweights. The Department of Justice supported §1028A because it carried a mandatory prison sentence.

How has the 2004 Act been interpreted? Three cases show that if a statute is drafted broadly, as §1028A is, it is likely to be applied in ways that Congress could not have imagined.

The first case is United States v. Abdelshafi , 592 F.3d 602 (4th Cir. 2010). Mohamed Abdelshafi operated a company that provided transportation services for Medicaid patients. The company received information about the patients—their names, dates of birth, Medicaid identification numbers, etc.—used the information to transport the patients to and from medical providers, and then billed Medicaid for the trips. Or, more precisely, it overbilled Medicaid, fraudulently submitting claims for trips that had not occurred. Abdelshafi was convicted of health care fraud and Aggravated Identity Theft, and the Fourth Circuit upheld his convictions. It rejected his argument that the crime required a theft of identifying information. The statute is “broad and unambiguous,” the court concluded, and prohibits “an individual's knowing use of another person's identifying information without a form of authorization recognized by law.”

The second case is United States v. Osuna-Alvarez , 788 F.3d 1183 (9th Cir. 2015). Miguel Osuna-Alvarez attempted to enter the United States from Mexico at a border crossing, where he presented his brother's United States passport. A search of his vehicle uncovered three kilograms of methamphetamines and two kilograms of cocaine. At a bench trial, the court found that the brother had been “complicit in turning over the passport” but nonetheless convicted Osuna-Alvarez of Aggravated Identity Theft (as well as drug crimes), and the Ninth Circuit affirmed. It concluded that “the language [of §1028A] clearly and unambiguously encompasses situations like the present, where an individual grants the defendant permission to use his or her means of identification, but the defendant proceeds to use the identification unlawfully.”

Notably, nine Circuits have now held that §1028A applies whenever a defendant uses another person's identity in furtherance of an enumerated crime, regardless of whether the other person has consented to the use. ( United States v. Ozuna-Cabrera , 663 F.3d 496 (1st Cir. 2011); United States v. Carrion-Brito , 362 F. App'x 267 (3d Cir. 2010); United States v. Otuya , 720 F.3d 183 (4th Cir. 2013); United States v. Mahmood , 820 F.3d 177 (5th Cir. 2016); United States v. Lumbard , 706 F.3d 716 (6th Cir. 2013); United States v. Retana , 641 F.3d 272 (8th Cir. 2011); United States v. Osuna-Alvarez , 788 F.3d 1183 (9th Cir. 2015); United States v. Hurtado , 508 F.3d 603 (11th Cir. 2007); United States v. Reynolds , 710 F.3d 434 (D.C. Cir. 2013). In United States v. Naranjo , 645 Fed. Appx 50 (2016), the Second Circuit held that the trial court had not committed plain error by charging the jury that the government was not required to prove that the individual had not consented to the unlawful use of his identity.)

The third case is United States v. Porter , 745 F.3d 1035 (10th Cir. 2014). Gloria Porter, the secretary/treasurer of a federal employees union, used the union's debit card to make personal expenditures at a beauty salon, day spa, and home-improvement store. To hide her crime, she submitted false reports to the Department of Labor, forging the signature of the union's president on the reports. She was convicted of mail fraud and Aggravated Identity Theft, and the Tenth Circuit upheld her convictions. Because Porter had used a means of identification—the union president's signature—in relation to her mail fraud crimes, she had violated §1028A.

Plainly, none of these cases was in the sights of the legislators who championed §1028A. In none was identification information “stolen” in any conventional sense of the term. (As one court has written, “a defendant need not have 'stolen' anyone's identity to be convicted of aggravated identity theft.” United States v. Roberts-Rahim, 2015 WL 6438674 (E.D.N.Y. Oct. 22, 2015 at *7)) Nor did anyone have her credit history or financial reputation damaged. If there was an identity theft epidemic sweeping the country in 2004, the likes of Mohamed Abdelshafi, Miguel Osuna-Alvarez, and Gloria Porter were not among the thieves.

What is especially noteworthy about Abdelshafi, Osuna-Alvarez and Porter (and numerous cases like them) is that the reviewing courts made almost no mention of the purpose or legislative history of the Aggravated Identity Theft provision. Plain meaning was all that mattered. (As one court interpreting §1084A has written, “arguments about purpose, history, and statutory titles cannot contradict a law's plain text.” United States v. Otuya , 720 F.3d 183, 190 (4th Cir. 2013)) Nor did the courts give any consideration to the fact that §1028A carries a mandatory prison sentence. Rather, here as elsewhere in federal criminal law, “courts [have] los[t] sight of the disproportionality of the penalties of which their expansive interpretations often expose federal defendants.” (The quotation is from S. Smith, “Proportionality and Federalization,” 91 Va. L. Rev. 879, 884 (2005))

Only one case has taken a different approach. In United States v. Spears, the Seventh Circuit, sitting en banc, unanimously held that §1028A did not apply where the defendant made a counterfeit handgun permit for another person, Payne, and Payne used the fake credential—which contained her own name and birthday—in attempting to buy a gun. 729 F.3d 753 (7th Cir. 2013) (en banc). On these facts, the Seventh Circuit held that the phrase “means of identification of another” refers to “anyone other than a person consenting to the use of the information.” It looked to the legislative history, the statutory caption and the rule of lenity to limit the statute's reach. (Two Circuits have held that §1028A does not apply unless the defendant “attempt[s] to pass him or herself off as another person or take[s] some other action on the person's behalf.” United States v. Berroa , 856 F.3d 141, 156 (1st Cir. 2017); see also United States v. Miller , 734 F.3d 530, 541 (6th Cir. 2013). In Berroa, the defendants gained their medical certifications by fraud and then issued prescriptions to patients. The Court rejected the government's argument that writing the patients' names and addresses on the prescriptions violated §1028A.)

But Spears has been confined to its facts. In United States v. Roberts-Rahim, for example, the court observed that Spears fell outside §1028A's broad scope because Spears “transferred Payne's own information to her.” Roberts-Rahim, 2015 WL 6438674, at *8 (emphasis added). In Roberts-Rahim, the defendant applied for a United States passport using the name, date of birth and social security number of his half-brother. Prior to trial, the court ruled that the half-brother's consent did not confer lawful authority upon Roberts-Rahim to use the passport for an unlawful purpose. Indeed, the court went one step further: it precluded the defense from offering proof of the half‑brother's consent, finding that such proof was irrelevant and likely to cause confusion. After all, the jury might mistakenly find Roberts-Rahim not guilty of Aggravated Identify Theft if it learned that no one's identity had been stolen.

Although gathering statistics to prove the point is difficult, it seems undeniable that §1028A, like most mandatory minimums, has become a tool for prosecutors to induce guilty pleas. A mandatory minimum, of course, is mandatory only if a prosecutor charges it and insists on a defendant pleading to it. It is a bargaining chip in a criminal justice system in which bargaining has become the way we resolve criminal cases (97 percent of federal cases in 2016), and in which the prosecutor holds most of the chips. As Professor Stuntz put it, “if prosecutors are able to threaten defendants who take their cases to trial with … charges that produce a [more] severe sentence, the ability to induce a plea is magnified.”

To quote Professor Stuntz a third time: “Legislators gain when they write criminal statutes in ways that benefit prosecutors. Prosecutors gain from statutes that enable them more easily to induce guilty pleas. Appellate courts lack the doctrinal tools to combat those tendencies.” Those words capture the disheartening story of the Identity Theft Penalty Enhancement Act of 2004. If Congress ever summons the will to reform the federal criminal law, §1028A should be among the first provisions it deletes.

Paul Shechtman is a partner at Bracewell in New York and teaches evidence and criminal procedure at Columbia Law School.