"I think we have ourselves a real political problem."
Thus lamented Rep. Mac Collins (R-Ga.) after a mixed bag of hapless identity-theft victims, privacy experts, Social Security bigwigs, and lobbyists from the powerful financial industry testified for almost three hours before the House Subcommittee on Social Security this Wednesday. The hearing was the latest round in the decades-long fight over the proper use of that nine-digit nightmare, the Social Security number.
Over the years, Americans have become accustomed to mindlessly belching out their numbers for everything from health coverage to car insurance to telephone service to video rental cards. This, despite the fact that the 1935 act which created the numbers explicitly forbid their use as personal identifiers. They were designed to track everyone's Social Security earnings. Period.
That cat is out of the bag, according to the inspector general of the Social Security Administration, James G. Huse, Jr. In his testimony, Huse acknowledged that unauthorized use of the number continues to grow exponentially, but argued that "we have to accept that the Social Security number is the de facto national identifier and its use by government agencies at all levels and the private sector is too embedded to change."
That cold fact offered little comfort to Nicole Robinson and Emeka Moneme, the hearing's first two witnesses. Their stories underscore one of the main problems with relying on a single number for every conceivable transaction: The Social Security number is a super-password that gives someone access to just about every resource you own, from your bank account to your credit line. A database worker in Texas stole Robinson's Social Security number from her health care records, while someone stole Moneme's driver's license (which had his Social Security number on it) from his gym. Armed with the info, the crooks easily obtained credit in the victims' names and charged away. Robinson and Moneme have endured a mind-numbing array of bad credit reports, accusations, and inaction from government officials ever since, even after they proved themselves victims of identity theft.
Everyone involved in the hearing agreed that there were thousands more cases like this across the country, and that the incident rate keeps growing as more and more records get warehoused in interconnected digital databanks. Huse testified that the social Security Administration received 46,480 allegations of number abuse in fiscal year 2000. A representative from the Public Interest Research Group said calls to a Federal Trade Commission identity theft hotline had increased from 445 calls per week in November 1999 to 2,000 calls per week in March 2001.
If you think shredding receipts or keeping your Social Security card under lock and key will protect you, you're wrong. Mike Robinson, a special agent with the Social Security Administration, showed committee members a scary array of legally operating Web sites that track Social Security numbers in as little as 15 minutes–for only $40 a pop. Two New York City detectives detailed how Abraham Abdallah, an uneducated Brooklyn busboy, used a computer, public records, and information gleaned from credit card slips to steal the identity of celebrity billionaires such as Bill Gates and Ted Turner. Some estimates peg the take at $22 million. Detective Michael Fabozzi, arresting officer in the case, said in written testimony to the subcommittee that "Abdallah was well on his way to stealing $100 million." (Abdallah's lawyer has said that his client never profited financially from his activities; the case is still before a federal court in Manhattan, so Fabozzi could not comment further.)
The nut of the problem is this: The very attributes that make the numbers attractive to criminals have also made them invaluable for above-board folks such as investment bankers, Internet tycoons, and anyone who has ever shopped online. As John C. Dugan, a lobbyist speaking on behalf of the Financial Services Coordinating Council, put it, the fact that the Social Security number is a de facto national identifier allows the financial industry to accurately measure, move, and track your money. He said that Social Security numbers, in conjunction with electronic databases, grease the tracks of the digital economy. To wit, the numbers allow computers at Amazon.com, Visa, and your local bank be sure of the difference between the John Smith at 500 Oak Street in Pittsburgh, Pennsylvania and the John Smith at 500 Oak Street in Plattsburgh, New York. The numbers help to make sure the right Smith gets charged and the right one gets the book.
So, what is to be done? No one coughed up a convincing answer. It may be a good idea to scale back use of Social Security numbers to something like the law's original intent. But it's unclear whether the feds could actually reverse the rampant use of Social Security numbers, even if they wanted to.
Consider for instance, the testimony of Charles Bacarisse, a District Court clerk from Texas' Harris County. He said state laws designed to track deadbeat dads require copious documentation of Social Security numbers in divorce and other family-law cases. Harris County, which includes Houston, is legally required to emblazon the numbers on hundreds of thousands of documents every year. All of them are public record. Bacarisse told the committee that redacting the numbers from every piece of paper and microfilm on record would be a monumental burden.
The complications in reining the use of the numbers only escalate. Say it's illegal to buy and sell records based on Social Security numbers in the U.S. Stateside database services would quickly move overseas. It would also screw people like Paula LeRoy. She runs a legitimate business tracking people due pension benefits and she works primarily with Social Security numbers. Ronald Plessner, a lobbyist for the trade group that represents businesses like LeRoy's, makes the provocative point that without Social Security numbers, people might have to resort to even less secure measures of identity such as name and address. Ironically, that might lead to even more identity theft.
All of the legislative solutions being discussed will go though the special-interest wringer, subjecting them to countless exceptions that could render them useless. After all, there are already three laws on the books guarding the use of Social Security numbers, and none of them has stopped the proliferation of identity theft.
Subcommittee Chairman E. Clay Shaw, Jr. (R-Fla.), ranking member Robert T. Matsui (D-Calif.), Gerald D. Klecza (D-Wis.) and some other representatives want to add yet another to the mix. They introduced the Social Security Number and Identity Theft Prevention Act last year. The Ways and Means Committee approved the bill, but the full House never considered it. The bill would have prohibited the sale and display of Social Security numbers and increased penalties for abuse. Shaw promised to promote similar legislation this year. The Social Security Administration's Huse admitted that such measures would make it more costly to use the numbers for "legitimate" purposes such as tracking money. Still, he supports it. Dugan, the financial industry lobbyist, expressed "concerns."
Rep. Ron Paul (R-Texas) has proposed legislation that would require the Social Security Administration to issue new numbers to all Americans. True to Paul's libertarian roots, the numbers would become each individual's private property, to do with as he or she sees fit. Any unauthorized use would be outlawed (which, of course, it is already supposed to be). In a written statement issued to the committee, Paul conveyed how his plan also "forbids the federal government from creating national ID cards or establishing any identifiers for the purpose of investigating, monitoring, overseeing, or regulating private transactions."
If such legislative solutions are ultimately impotent, or unlikely, or both, other options being thrown into the mix are even more disturbing. Huse has raised the specter of creating a new national identifier–one based on "technological advances." "Ultimately," he testified, "the solution to all of this will be some other national identifier… [such as] a biometric thumb print. That will happen inevitably."
Huse didn't go into whether such a system would become a de facto national ID card or whether such a thing could ever be tamper-proof (the short answer is no; see Bringing the Border War Home for a discussion of why). In any case, it's unclear how a better national identifier would answer the question of whether there should be one at all (much less whether it should be one issued by the federal government). As important, since most of the action with any identifier number is happening in cyberspace, how would the biometric data be used in that context? Any encryption of it would likely be hacked as easily as paper cards are copied.
In the meantime, as the sponsors of the new bills try to whip up support for their laws, U.S. billionaires might want to consider a future in which busboys are forced to steal their thumbs instead of their Social Security numbers in order to make off with a cool $100 million.