|Received:||8/26/2007 6:16:20 PM|
|Agency:||Federal Trade Commission|
|Rule:||Private Sector Use of SSNs|
Comments:SSNs In The Private Sector - Comment, Project No. P075414 Here are my comments related th the above subject: So many commercial businesses use SSNs for convenience as a unique identifier even when it is not directly related to the services provided (i.e. Dental and Medical offices, legal services, etc.). My employer provides without my permission my SSN to my medical insurer, dental insurer, vision insurer, legal services provider and I am sure many others. The SSN is used by these companies as a personal identifier when in fact they could be using a company issued employee number. A suggestion might be to standardize all state ID numbers (drivers license and ID cards) into a certain format so that is can be used as a unique identifier while in that state. Recent legislation by the states for deadbeat dads has mandated widespread SSN use, even when it is not related to tax identification. Like normal, the Government on one-hand states they want to combat ID theft, but on the other hand passes more legislation requiring the use of SSNs, which therefore, assists with/allows for more identity theft. SSNs should not be used as an identifier because they are not associated with any picture ID and often the identifier does not have access to any database to know if the name associated with the SSN matches the official Government database. While identity theft is rampant in the U.S. there is a larger problem still to come with Terrorist or Organized Crime using SSNs to gain access to the US or access to data in the US. This is becoming easier as companies outsource services outside the US, especially to foreign companies with little security protection. This should be a number one concern of the US Government and steps should be taken immediately to keep the Government and commercial companies from exporting SSNs. Laws that should be passed to assist with reducing the opportunity for SSN misuse or identity theft: 1) No company should be allowed to export to any foreign company or person any employee’s SSNs. Outsourcing of services involving SSNs will lead to even greater identity theft from sources outside the US. This law should be passed immediately. 2) No company as part of its employment should require the employee to use a SSN for anything other than tax reporting and Social security withholding. Exemptions would be for Security purposes (i.e. clearances). 3) No company should be allowed to distribute an employees SSN to any of their service providers (i.e. medical or dental insurance, legal services, etc.), except for very limited cases related to taxes. Instead a company issued unique employee identifier should be used. 4) No company should be able to refuse service to a customer for not using their SSN as a personal identifier. 5) If it can be proved that the identity theft was obtained through a company or the Government’s negligence or fault the person should be reimbursed related costs to fix their identity including re-imbursement for a reasonable amount of time they had to expend to regain their identity. 6) No Judges should be allowed to request SSNs from companies involved in court cases except where it is related to taxes. Thanks for asking for public input.