Clark, a Social Security spokesperson. President Franklin D. Roosevelt signs the Social Security Act on 14th August At first, Social Security was only meant for certain workers. The program mainly targeted large, private companies, requiring them to offer Social Security to their employees. Over the next few years, the government created millions of them. While the Social Security Board was still setting up offices around the country, the Post Office played a huge administrative role by distributing and collecting applications and generating Social Security numbers.
The biggest, difficult thing was implementing that program. Clerks working in the U. Postal Service to distribute and assign the first batch of Social Security numbers through its 45, local post offices around the country.
Of these 45, post offices, 1, were also designated as "typing centers" where the cards themselves were prepared. The procedure for issuing the first SSNs were that the SS-4 application forms were to be distributed by the post offices to employers beginning Monday, November 16, These forms asked the employers to indicate how many employees they had at their place of business.
Using the data from the SS-4 forms, the post offices then supplied an SS-5 form for each employee and these forms on which the assignment of an SSN was based were to be distributed by the post offices beginning Tuesday, November 24, This step could happen on one of several ways.
The person could return the card in person and wait while the "typing center" prepared their card, or they could hand the form to their local letter carrier, or they could put it in the mail. Once the SSN was assigned and the card typed, the local letter carrier then returned the card to the place of business as a piece of regular mail. So the first card was issued, sometime in mid-November, , somewhere in one of 1, post offices to someone whose identity and SSN are unknown.
In theory, the first card should have been issued on November 24th, but there have been reports of cards showing earlier dates. It is not clear whether the cards with earlier dates were actually issued on that day or whether some post offices predated some of their cards.
If the 45, local post offices followed their procedures, no cards could have been issued before November 16th, and none should have been issued before November 24th.
But here again, there is always the possibility that some local post offices failed to follow their instructions. The best we can say with certainty is that the first SSN was issued sometime in mid-November The SSN is the record locator for many private-sector profilers, credit bureaus, and credit card companies.
It is also used extensively outside the financial services sector. This means that the SSN is widely used both as an identifier and as an authenticator. Serious security problems are raised in any system where a single number is used both as identifier and authenticator. It is not unlike using a password identical to a user name for signing into e-mail. The issuance of a single, unique number to Americans raises the risk that the SSN will become a de jure or de facto national identifier.
This risk is not new; it was voiced at the creation of the SSN and has since been raised repeatedly. The SSN was created in for the sole purpose of accurately recording individual worker's contributions to the social security fund. The public and legislators were immediately suspicious and distrustful of this tracking system fearing that the SSN would quickly become a system containing vast amounts of personal information, such as race, religion and family history, that could be used by the government to track down and control the action of citizens.
Public concern over the potential for abuse inherent in the SSN tracking system was so high, that in an effort to dispel public concern the first regulation issued by the Social Security Board declared that the SSN was for the exclusive use of the Social Security system.
In passing the Privacy Act of , Congress was specifically reacting to and rejecting calls for the creation of a single entity for the reference and storage of personal information. A report issued as a result of the Privacy Act highlighted the dangers and transfer of powers from individuals to the government that occur with centralization of personal information:.
In a larger context, Americans must also be concerned about the long-term effect record-keeping practices can have not only on relationships between individuals and organizations, but also on the balance of power between government and the rest of society. Accumulations of information about individuals tend to enhance authority by making it easier for authority to reach individuals directly. Thus, growth in society's record-keeping capability poses the risk that existing power balances will be upset.
Many medical providers are using the SSN as a patient identifier, thus hardening the number as a de facto national identifier. Clearly the Social Security Number is the current de facto identifier But individuals and companies are resisting such use of the SSN. Acting on employees' suggestions, I. According to IBM, fifteen insurers, which cover about 30, of the company's , employees worldwide have either not responded or indicated that they will not comply with the request.
The widespread use of the SSN as an identifier and authenticator has lead to an increase in identity theft. According to the Privacy Rights Clearinghouse, identity theft now affects between , and , people annually.
Victims often do not discover the crime until many months after its occurrence. Victims spend hundreds of hours and substantial amounts of money attempting to fix ruined credit or expunge a criminal record that another committed in their name.
Identity theft litigation also shows that the SSN is central to committing fraud. In fact, the SSN plays such a central role in identification that there are numerous cases where impostors were able to obtain credit with their own name but a victim's SSN, and as a result, only the victim's credit was affected. In June , the Salt Lake Tribune reported: "Making purchases on credit using your own name and someone else's Social Security number may sound difficult -- even impossible -- given the level of sophistication of the nation's financial services industry…But investigators say it is happening with alarming frequency because businesses granting credit do little to ensure names and Social Security numbers match and credit bureaus allow perpetrators to establish credit files using other people's Social Security numbers.
Because creditors will open new accounts based only on a SSN match, California has passed legislation requiring certain credit grantors to comply with heightened authentication procedures.
Credit cannot be granted unless three identifiers from the application match those on file at the credit bureau. These records contain important personal identifiable information, including the name, social security number, date of birth, date of death, state or country of residence, ZIP code of last residence, and ZIP code of lump sum payment to the decedent's beneficiary.
These records are also accessible for free on the web at places like Ancestry. Unscrupulous users of this database for instance might be able to exploit the recently bereaved or take advantage of their changed financial circumstances. Separate from what residual privacy concerns might be there for the recently departed, it is important to appreciate the effect such disclosure has on the survivor's privacy where their spouse's or parent's name, SSN and location is made freely available.
The database might arguably be of some help for those engaged in historical research, but the terms and conditions of such use can be regulated to protect the privacy of survivors. In the s, significant public concern was raised about information brokers that routinely buy and sell detailed personal information, including Social Security Numbers.
Social Security numbers are collected from a variety of public and non-public sources. Public documents such as bankruptcy filings and other types of court records often contain Social Security numbers of the parties to a proceeding.
In response to this, a number of states shield SSNs from disclosure in public records. For instance, marriage licenses have been a source for SSNs and a number of states, including Arizona, California, Indiana, Iowa, Kentucky, Louisiana, Maine, Montana, Ohio, and Michigan, have enacted legislative protections to prevent their disclosure. Birth and death records are rich in personal information, and states have acted to shield SSNs collected in these life events against disclosures.
Similarly, several states restrict disclosure of the SSN in records associated with death. Non-public documents such as credit headers, the identifying information at the top of credit reports including names, addresses, ages and SSNs , are also culled for information.
IRSG companies use both public and non-public sources of personal information to compile data on individuals. These self-regulatory principles allow the sale of Social Security numbers without the knowledge and permission of the data subject. The IRSG Principles treat the same data, Social Security numbers, differently if it comes from a non-public source such as credit headers. However, the guidelines for the sale of Social Security numbers from non-public sources are completely subjective and largely ignore the privacy interests of the data subject.
The IRSG Principles create a three-tier system for the sale of information gathered from non-public sources. The first tier for the sale of Social Security numbers applies to "qualified subscribers.
There is no definition of what makes someone whom wishes to purchase a social security number a "qualified subscriber. The data subject, the person whose Social Security number is being collected and sold, has no input into whether such use is in fact "appropriate.
In addition, IRSG companies do not have a strong incentive to establish whether information being sold to a responsible entity that will use data in a strictly appropriate manner. Students are especially vulnerable to identity theft for many reasons.
Some of these reasons pertain to the type of lifestyle that many students maintain-they are, in effect, transients for four years. Students may not actually receive their mail regularly. Often, parents are the ones who maintain their permanent mailboxes, and in many cases, parents actually receive the credit bills. Students are not likely to request their credit reports, or even know that checking their credit records is a good idea. Also, credit card companies target students heavily for new lines of credit, and in some cases, issue credit without the consent of the student.
Students are at particular risk because use of the SSN is rampant at some institutions. In some cases, the SSN is used as a student identifier, and is actually printed on the face of the student identity card. Many schools use the SSN as the login for computer systems.
The Chronicle of Higher Education reported in August that: "Nearly half of colleges nationwide still use Social Security numbers as the primary means to track students in academic databases, according to a March survey by the American Association of Collegiate Registrars and Admissions Officers.
The survey also shows that 79 percent of colleges display students' Social Security number on official transcripts. Some professors continue to post grades with the SSN as an identifier. Aside from the identity theft risk of this practice, posting grades with the SSN endangers confidentiality. For instance, at a state school, one only need to look for SSNs with a different "area numbers" first three digits to identify possible out-of-state students.
Additionally, group numbers middle two digits may indicate age, so even within a state, it may be possible to separate older students from younger ones.
In Arizona, major universities can no longer use the SSN as the student identifier. In Colorado, as of July , public and private post secondary institutions were required to establish protections for the SSN and discontinue its use as the primary student identifier.
Kentucky law allows students to opt-out of use of the SSN as student identifier. Many states have enacted legislative protections for the Social Security Number.
They vary from comprehensive frameworks of protection for the SSN to highly-specific laws that shield the SSN from disclosure in specific contexts. A law taking effect in January in Arizona prohibits the disclosure of the SSN to the general public, the printing of the identifier on government and private-sector identification cards, and establishes technical protection requirements for online transmission of SSNs.
The new law also prohibits printing the SSN on materials mailed to residents of Arizona. In California, Senate Bill was signed into law in October The bill gives individuals the ability to request that a "security alert" be placed on their credit record via a toll-free phone number.?
The bill also enables Californians to request a "security freeze" that prevents credit agencies from releasing personal information from an individual's credit report.? The bill places important restrictions on use of the SSN-public posting of a SSN and printing the SSN on an identity card or document used to obtain a product or service is prohibited.?
Businesses that use the SSN to identify customers, such as utility companies, will no longer be permitted to print the SSN on invoices or bills sent through the mail. California's Senate Bill went into effect on July 1, That legislation requires companies that maintain SSNs and other personal information to notify individuals when they experience a security breach.
The bill came in response to an April incident in which the records of over , state employees were accessed by a computer cracker. The California legislation exceeds federal protections, as there is no national requirement for notice to individuals when personal information is accessed without authorization.
The new law will limit the collection of the SSN and its incorporation in licenses, permits, passes, or certificates issued by the state. The law requires the establishment of policies for safe destruction of documents containing the SSN. Insurance companies operating in the state must remove the SSN from consumers' identification cards. Finally, the legislation creates new penalties for individuals who use others' personal information to injure or defraud another person.
In Georgia, businesses are now required to safely dispose of records that contain personal identifiers. Georgia Senate Bill requires that business records-including data stored on computer hard drives-must be shredded or in the case of electronic records, completely wiped clean where they contain SSNs, driver's license numbers, dates of birth, medical information, account balances, or credit limit information.
0コメント