|Received:||8/25/2007 8:41:52 AM|
|Agency:||Federal Trade Commission|
|Rule:||Private Sector Use of SSNs|
Comments:The interplay of decisions by govenment and private industry in making SSNs readily available to thieves needs to be appreciated to a greater degree than has been the case in the past. For example, the IRS requires SSNs to be written on the front of every check used to pay personal income taxes, including quarterly estimated taxes, as do some states. Until recently, banks returned these checks to the account holders, but now routinely image the checks and store them in databases accessible from the Internet and by industry insiders, without giving the customer an option as to whether or not they will be so imaged and stored. Every few months this places a fresh set of tens of millions of SSNs in a very vulnerable position, along with contextual information that makes them even more valuable. Those checks typically display name, address, SSN, routing and account number, an analog signature useful for forgery, and a strong hint of the originator's income level --- more than enough for an identity thief to work from. That makes those databases, the systems that access them, their backup tapes, etc. extremely attractive targets. What we need to do to understand the problem is look at such things together, and to also realize that we can't make something an effective secret once is been freely available for decades. The massive online posting of consumer records at the county level, with SSNs and other such data unredacted, in Florida, Texas and other states is another example of why it is too late to treat SSNs as secret. The damage is done. My suggestion is that you should consider outlawing any and all use of mere knowledge of an SSN as an authenticator for any financial systems, and also regulate SSN use as an identifier to minimize cross-system data mining opportunities and to cut down on additional disclosures until the problem is resolved through evolution to something better. What might that be? Issuing tamper-resistant social security cards with biometric data on board would make a lot of sense. Physical production of such a card would provide an effective means of authentication for purposes such as opening bank accounts or taking out mortgages. You could use a modern analog of the old notary public service to allow a person produce his or her card locally in a way that would be acceptable to a distant third party.