If you're a convicted identity thief, you've got about a 50% chance of avoiding jail time.

That's one of the findings of a new study of closed U.S. Secret Service case files, released Monday by Utica College's Center for Identity Management and Information Protection. This is the first time researchers have been allowed to sift through the Secret Service's data. The study's authors based their findings on an analysis of 500 closed Secret Service cases.

"Prosecutors had a slightly better chance of sending a convicted identity thief to prison than not (51%) and could expect to see the imprisoned offender sentenced to three years or less of incarceration," the report said.

The college has been working with a number of partners, including the Secret Service, IBM and the FBI, since the Center's creation in mid-2006 to study the methods used by ID thieves and to help corporations and law enforcement prevent this type of crime.

Technology like printers, mobile phones, and computers were used in about half of the cases, but the Internet was the exclusive tool of ID thieves only about 10% of the time.

Identity theft is concentrated in the northeastern and southern United States, the study found. And the majority of the offenders in the Secret Service cases were African-American; more than two-thirds of all offenders were male.

The study also found that ID thieves tended to hit people that they did not know, rather than preying on friends and relatives. A family member or friend was the victim in 16% of cases. In about a third of the cases, the theft was an inside job, with the data being stolen from an employer.

Identity theft is a well-studied phenomenon, but it's unusual for a survey to be based on this kind of closed-case data. "This study is significant because it did not depend on self-reported or survey data," the authors wrote.

The median loss from identity theft was just over $31,000, but in one case, investigated by the Secret Service's Dallas field office, the defendant spent millions on luxury vehicles and then managed to set up shell companies and defraud investors. Total losses: $13 million. "In general," however, "the more offenders involved in the case, the higher the victim loss," the study stated.

According to Javelin Strategy & Research, identity theft cost U.S. businesses and consumers an estimated $49.3 billion in 2006.

The IDG News Service is a Network World affiliate.