Testimony of David Banisar, Policy Analyst Computer Professionals for Social Responsibility before the Special Joint Subcommittee Studying State and Commercial Use of Social Security Numbers for Transactional Identification General Assembly, Commonwealth of Virginia November 10, 1992 CPSR Washington Office 666 Pennsylvania Ave, SE, Suite 303 Washington, DC 20003 (202) 544-9240(voice) (202) 202-547-5481(fax) banisar@washofc.cpsr.org (email) Mr. Chairman, members of the Subcommittee, thank you for the opportunity to testify today on the misuse and abuse of the Social Security Number. My name is David Banisar and I am a policy analyst for the Computer Professionals for Social Responsibility (CPSR). CPSR is a national membership organization of computer scientists and other professionals in high technology fields. We have offices in Palo Alto, California, Washington, D.C. and Cambridge, Massachusetts and chapters in nearly two dozen cities across the United States. Our membership includes a Nobel Laureate and four winners of the Touring Award, the highest honor in computer science. CPSR is concerned about the effects of new technologies on civil liberties and privacy. We have a particular interest in the use of the SSN as an identifier. We have testified before both the United States House of Representatives and the US Senate on the use of the Social Security Number and the problems it raises. We have also filed a friend of the court brief in Greidinger v. Davis,1 a case in which a Virginia resident was refused his right to vote in a federal election because he refused to disclose his SSN. CPSR is particularly concerned with the continuing proliferation of uses of the SSN and the risks associated with the use of the SSN as a de facto national identifier. Today, many across both government and industry collect and store records using the SSN as an identifier. In a society based on the transfer of often confidential, private and embarrassing information, the SSN has become the identifier of choice. This has serious consequences, both for personal privacy and increasingly for fraud. History of the SSN and Concern over a National ID Card. Social Security Numbers were first issued by the US government in 1936. At the time, many people expressed concern that the SSN would become a national ID. Its original intent was only to ensure that workers received their just compensation for the money they put into the Social Security system. Later, the federal government began adopting it for other purposes, including in 1961, as a tax-payer identification number. Until 1972, each card issued was emblazoned with the phrase ÒNot to be used for ID purposes.Ó In 1972, the United States Department of Health, Education, and Welfare produced a report: Records, Computers, and the Rights of Citizens. This report recommended that the SSN not be used as an identifier: We recommend against the adoption of any nationwide standard personal, identification format, with or without the SSN, that would enhance the likelihood of arbitrary or uncontrolled linkage of records about people, particularly between government or government-supported automated personal data systems That report became the foundation for the Federal Privacy Act of 1974, which attempted to limit the abuse of the SSN.2 Unfortunately, it has not been effective due to bureaucratic resistance from inside the government, lack of an effective oversight mechanism, and the uncontrolled use of the SSN in the private sector. The SSN Facilitates Computer Matching The use of the Social Security Number allows for easy computer matching. Computer matching is the cross-referencing of computer databases from remote sources to allow for the creation of dossiers on individuals. The SSN facilitates this by providing a consistent and easily managed identifier in each of these remote sources to ensure that common files are easily merged. In modern society, each time we go to a store, or rent a movie, or write a check to our favorite political cause, personal information is collected about our preferences, desires and even our hopes. Due to the proliferation of the SSN, this data can all be easily combined. This can and will be used for the tracking and merging of information about individuals both for commercial purposes and for less benign reasons. Take, for example, the case of Rebecca Schaeffer. She was the lead actress in the TV series My Sister Sam. Using a computer, a deranged fan stalked and murdered her. This fan, who had access to a variety of computer databases via a private detective, traced her every move, saw where she ate and where she bought her clothes. This stalking was facilitated by her records containing her SSN.3 This kind of tracking is in common use and easily available to nearly anyone. A company by the name of IRSC recently sent me a brochure (see attachment). They offer a service for $11.00 to trace any person in the United States by using their Social Security Number. As you can see, they provide many other services at reasonable rates that use the SSN. With the SSN, another company by the name of National Electronic Tracking provided, until recently when it shut down by federal authorities for trafficing in stolen data, employment history, workmanÕs compensation claims by using the SSN (see attachment). Just a few weeks ago, a county employee in Maryland was arrested for dealing in confidential data obtained via computer. This data included motor vehicle records, employment data, tax records and other sensitive data. By having a single identifying number for all these records, it was possible for him easily compile information on people to sell. The SSN is an Inefficient Identifier for Most Businesses Records. In fact, it appears that many organizations collect Social Security Numbers for reasons no more important than bureaucratic inertia. The SSN does not make a better identifier for any business not involved in credit granting or for tax purposes. Many companies, who carry on the most important functions of everyday life do not use the SSN. For example, telephone company records are based on the phone number of the resident. Most other major service companies also use another identifying number. From a purely technical standpoint, a SSN provides little or no security since the number does not allow for a checksum to ensure its accuracy. Its wide dissemination also undermines the security of the record keeping systems. The Use of the SSN Facilitates Credit Fraud There have been numerous examples in the media about how the SSN is increasingly used by criminals to conduct credit fraud. With the knowledge of a personÕs address and SSN, nearly all information about a person can be easily obtained. Just yesterday in The Washington Post, another story came out about how a personÕs identity (in this case a reporter for the paper), was assumed by a con man who promptly ran up a large number of debts.4 The New York Times reported in September 1992 that it was becoming increasingly common for thieves to use a SSN to clean out a victimÕs bank account. Once they got the number of the victim, there were able to easily impersonate them. (see attachment) When I called Citibank a few weeks ago to report a missing credit card and ask for a new one, all they requested was my Social Security Number to prove my identity. Clearly, the use of the SSN to authenticate a personÕs identity makes it easier for thieves to engage in fraudulent activity. What Can Be Done About the Problem? Clearly, the first step toward resolving this problem is to prevent the widespread public dissemination of the SSN. The state could easily do this by removing the SSN off of driverÕs licenses, preventing the disclosure of the SSN that is required to register to vote and any other public disclosures of the SSN. This would be of minimum cost to the state. Just recently, the state of Maryland, which does not use the SSN on its licenses, announced they would not require the collection of the SSN at all.5 Secondly, the state should consider its whole policy of using records based on the SSN and discontinue its use whenever it is not mandated by either federal law or the state constitution. Unique identifiers often provide a better level of security and efficiency than the SSN. These should be encouraged. Third, steps to curb private companies use of the SSN should be instituted. Only a few industries have an actual need for the SSN and then only in limited instances. Collection of the number should be minimized and disclosure should be prohibited under penalty of law and fines. Finally, the state should consider a study to look into alternatives for enforcement of personal privacy. Once alternative is setting up a data protection board to oversee both the government and private sectorsÕ use of personal information. Many states including Wisconsin, New York and California have departments that look at uses of personal data. Nearly every industrialized country in the world from Germany to Sweden to Canada and England, has a data protection board. In Germany, which has a federal system similar to ours, each state and the federal government has its own board.6 This is no more a radical idea than a consumer protection board or consumer advocate which many states already have. I would like to commend the Assembly on its progress in resolving this difficult problem. In recent public survey polls by Lou Harris, the public by an overwhelming majority was concerned about invasions of privacy from disclosure of sensitive data. President-elect Bill Clinton in his Consumer Bill of Rights has proposed a specific right to information privacy, that information collected for one purpose will not be used for another purpose without the consent of the person. The removal of the SSN from a national identifier will assist greatly that goal. We appreciate the opportunity to participate in this hearing and hope that we can help assist in any future hearings or investigations. 1 Greidinger v. Davis, No. 92-1571 (4th Cir. 1992). 2 5 USC 552a (1992). 3 Rothfeder, Privacy for Sale: How Computerization Has Made EveryoneÕs Private Life an Open Secret. Simon & Schuster, 1992. 4 ÒThe Credit Thiefs: They Take Your Identity, then Your Good Name,Ó The Washington Post, November 9, 1992 at D5 5 ÒAround the Region: Md. Forgets the Number,Ó The Washington Post, February 27, 1992 at C6. 6 See Flaherty, Protecting Privacy in Surveillance Societies, University of North Carolina Press, 1989.