Deputy Commissioner Lockhart's Testimony
Before The Senate Finance Committee, Subcommittee On Social Security And Family Policy
On Protecting The Social Security Number
Mr. Chairman and Members of the Subcommittee:
Thank you for asking me to be here today, to discuss Social Security Number (SSN) misuse. As the number of legitimate uses for Social Security Numbers increase, especially use in the private sector, so does the potential for misuse-and the consequences of misuse.
Social Security Number misuse can lead directly to identity theft and the resulting personal and economic consequences to the individual whose identity is stolen. But Social Security Number misuse also can create far-reaching consequences to our economy and our society as a whole.
The tragic events of September 11, and reports that some of the terrorists fraudulently used SSNs have brought home the need to strengthen the safeguards to protect against the misuse of the SSN. We have worked diligently towards this end ever since, with many important enhancements recently implemented and more to follow through the remainder of this year. We appreciate this Committee's interest in putting Social Security numbers beyond the reach of criminals.
Original Purpose of the Social Security Number and Card
To begin, I would like to discuss the original purpose of the SSN and the Social Security card. Following the passage of the Social Security Act in 1935, the SSN was devised administratively as a way to keep track of the earnings of people who worked in jobs covered under the new program. The requirement that workers covered by Social Security apply for an SSN was published in Treasury regulations in 1936.
Initially, the only purpose of the SSN was to keep an accurate record of earnings covered under Social Security and to pay benefits based on those earnings. The SSN card is the document SSA provides to show what SSN is assigned to a particular individual. The SSN card, when shown to an employer, assists the employer in properly reporting earnings. Early public education materials counseled workers to share their SSNs only with their employers.
Growth of SSN as an Identifier for Other Federal Purposes
In spite of the narrowly drawn purpose of the SSN, use of the SSN as a convenient means of identifying people in records systems has grown over the years in steps. In 1943, Executive Order 9397 required Federal agencies to use the SSN in any new system for identifying individuals. This use proved to be a precursor to a continuing explosion in SSN usage which came about during the computer revolution of the 1960's and 70's. The simplicity of using a unique number that most people already possessed encouraged widespread use of the SSN by Government agencies and private organizations as they adapted their record-keeping and business applications to automated data processing.
In 1961, the Federal Civil Service Commission established a numerical identification system for all Federal employees using the SSN as the identifying number. The next year, the Internal Revenue Service (IRS) decided to use the SSN as its taxpayer identification number (TIN) for individuals. And, in 1967, the Defense Department adopted the SSN as its identification number for military personnel. Use of the SSN for computer and other record-keeping systems spread throughout State and local governments, and to banks, credit bureaus, hospitals, educational institutions and other areas of the private sector. At the time, there were no legislative authorizations for, or prohibitions against, such uses.
Statutory Expansion of SSN Use in the Public Sector
The first explicit statutory authority to issue SSNs did not occur until 1972, when Congress required that SSA assign SSNs to all noncitizens authorized to work in this country and take affirmative steps to assign SSNs to children and anyone receiving or applying for a benefit paid for by Federal funds. This change was prompted by Congressional concerns about welfare fraud and about noncitizens working in the U.S. illegally. Subsequent Congresses have enacted legislation which requires an SSN as a condition of eligibility for applicants for SSI, Aid to Families with Dependent Children (now called Temporary Assistance to Needy Families), Medicaid, and food stamps. Additional legislation authorized States to use the SSN in the administration of any tax, general public assistance, drivers license, or motor vehicle registration law within its jurisdiction.
At the same time, the Privacy Act was enacted in 1974 when Congress became concerned about the widespread use of the SSN. It provides that, except when required by Federal statute or regulation adopted prior to January 1975, no Federal, State or local government agency could withhold benefits from a person simply because the person refused to furnish his or her SSN.
In the 1980's, separate legislation provided for additional uses of the SSN including employment eligibility verification, military draft registration, commercial motor vehicle operators licenses, and for operators of stores that redeem food stamps. Legislation was also enacted that required taxpayers to provide a taxpayer identification number (SSN) for each dependent age 5 or older. The age requirement was lowered subsequently, and an SSN is now required for dependents, regardless of age. .
In the 1990's, SSN use continued to expand with legislation that authorized its use for jury selection and for administration of Federal workers' compensation laws. A major expansion of SSN use was provided in 1996 under welfare reform. Under welfare reform, to enhance child support enforcement, the SSN is to be recorded in the applications for professional licenses, driver's licenses, and marriage licenses; it must be placed in the records relating to a divorce decree, support order, or paternity determination or acknowledgment; and it must be recorded in the records relating to death and on the death certificate. When an individual is hired, an employer is required to send the individual's SSN and identifying information to the State, which will verify the information with SSA. This "New Hire Registry" is part of the expanded Federal Parent Locator Service which enables States to find non-custodial parents by using the SSN.
Private Sector Use of the SSN
Currently, Federal law places no restrictions on the use of the SSN by the private sector. People may be asked for an SSN for such things as renting a video, getting medical services, and applying for public utilities. They may refuse to give it. However, the provider may, in turn, decline to furnish the product or service.
There are two basic ways the providers use the SSN. Within an organization, the SSN is typically used to identify specific persons and to maintain or retrieve data files. The second use is for external exchange of information, typically to transfer or to match data. For example, individual companies can track buying habits and customer preferences through the use of such data.
Continuing advances in computer technology and the ready availability of computerized data have spurred the growth of information brokers who amass and sell vast amount of personal information including SSNs. When possible, information brokers retrieve data by SSN because it is more likely than any other identifier to produce records for a specific individual.
The SSN as an Identifier
As you can see, Mr. Chairman, the current use of the SSN as a personal identifier in both the public and private sectors is not the result of any single step; but rather, from the gradual accretion over time of extending the SSN to a variety of purposes. The implications for personal privacy of the widespread use of a single identifier have generated concern both within the government and in society in general.
The advent of broader access to electronic data through the Internet and the World Wide Web has generated a growing concern about increased opportunities for access to personal information. Some people fear that the competition among information service providers for customers will result in broader data linkages with questionable integrity and potential for harm, and make it easier for identity thieves to ply their trade.
On the other hand, there are some who believe that the public interests and economic benefits are well served by these uses of the SSN. They argue that it would enhance the ability to more easily recognize, control and protect against fraud and abuses in both public and private activities. All Federal benefit-paying agencies rely on data matches to verify not only that the applicant is eligible for benefits, but also to ensure that the benefit paid is correct. Other federal agencies may be able to provide information about other socially beneficial uses of the SSN, including its use in research and statistical activities. The SSN often is the key that facilitates the ability to perform the matches.
When most people think of identity theft they are referring to the use of the personal identifying information of another person to "become" that person. Identity theft also includes enumeration fraud, which uses fraudulent documents to obtain an original SSN for establishing identity. Finally identity theft also includes identity creation, which uses false identity, false documents and a false SSN.
Skilled identity thieves may use a variety of methods - low and hi-tech- to gain access to personal data. We, at the Social Security Administration want to do what we can to help prevent identity theft, to assist those who become victims of identity theft, and to assist in the apprehension and conviction of those who perpetrate the crime.
Preventing identity theft can play a role in the prevention of any future terrorism. Identification documents are critically important to terrorists, and a key to such documents is the Social Security number. The integrity of the SSN must be ensured to the maximum extent possible because of the fundamental role it can play in helping unscrupulous individuals steal identities and obtain false identification documents.
Identity thieves may get personal information by stealing wallets and purses, mail, personal information on an unsecured Internet site, from business or personnel records at work, buying personal information from "inside" sources, or posing as someone who legitimately needs the information such as an employer or landlord. We ask that people be careful with their Social Security number and card to prevent identity theft. The card should be shown to an employer when an individual starts working, so that the employment records are correct and then it should be put in a safe place.
SSA Response to SSN Misuse
In response to the events of September 11, SSA formed a high-level response team which has met regularly ever since to recommend and track progress towards policy and procedural enhancements to help ensure that we are strengthening our capability to prevent those with criminal intent from using Social Security numbers and cards to advance their operations. Just as there have been delays at airports as a result of heightened security, we recognize that some of these initiatives may result in a delay in the receipt of SSNs for some citizens and non-citizens. However, these measures are necessary to ensure the integrity of the SSN and to ensure that only those who should receive an SSN do so.
Soon after 9/11, we began a new training emphasis on the rules for enumeration, and especially for enumerating non-citizens. We started with refresher training for all involved staff, but are following this up with periodic special training and additional management oversight. On March 1 we stopped assigning SSNs to non-citizens for the sole purpose of applying for a driver's license, so that non-citizens can now only get an SSN if they are authorized to work or where needed for a Federal funded or state public assistance benefit to which the person has established entitlement. On June 1, we began verifying with the custodians of the records, any birth records submitted by U.S. born citizens over the age of one applying for an SSN. Further, we are piloting an online system for employers to verify the names and SSNs of newly hired employees. I should note however, that for more than twenty years SSA has a system for employers to verify employees SSNs for wage reporting purposes.
Throughout this year we are also implementing a range of new data sharing initiatives with the Immigration and Naturalization Service (INS) and the Department of State (DoS) that will improve integrity goals with respect to non-citizens. As we have in the past, SSA will proceed with the data matching initiative in a manner consistent with the requirements set forth in the Privacy Act. We expect to have in place by the end of the year the first phase of what we are calling Enumeration at Entry (EAE). EAE is an integrity measure we have been working on collaboratively with the INS and DoS for some time and it will work similarly to our highly successful Enumeration at Birth program under which most U.S.-born infants are assigned SSNs based on requests by their parents in the hospital right at birth, eliminating the need for document verification. EAE will eliminate immigration documents from the process also. Under EAE, SSA will assign SSNs to new arrivals based on data collected by the DoS, as it approves the immigrant visa right in the foreign service post, and refined by the INS, right as entry into the country is authorized. SSA would receive the data electronically from the INS with no need for further document review and verification.
For non-immigrants who initially will not be part of Enumeration at Entry, additional verifications are planned. First, we have already worked out and implemented additional data sharing with DoS for refugees. Then beginning this month, we will start verifying any documents issued by the INS for other arrivals with that Agency before assigning an SSN. We hope to be able to verify many of these electronically. But where this is not possible, we will request written confirmation from INS that the documents submitted are bonafide and that the individual is authorized to work. We expect this new verification process to be fully implemented by September.
We have developed this multi-pronged approach to make SSNs less accessible to those with criminal intent as well as prevent individuals from using false or stolen birth records or immigration documents to obtain an SSN.
We also implemented changes to speed up the distribution of our Death Master File. SSA receives reports of deaths from a number of sources, and from computer matches with death data from Federal and State agencies. This information is critical to the administration of our program and is made available to facilitate the prevention of identify theft of the SSN's of deceased persons. Many of the private sector companies purchasing this information are credit card companies and financial institutions. Furthermore, we are also limiting the display of Social Security Numbers on our correspondence. As of October 1, 2001 we no longer include the first five digits of the SSN on Social Security Statements and as of December 2001 on Social Security Cost of Living Notices. We do use the full SSN on other correspondence because there may be legal requirements for display of the SSN on the notice especially on termination and award notices. However, to ensure the confidentiality of the SSN on mail we do not show the addressee's SSN on the envelope, if mailing an envelope to an individual. If requesting information from third parties, we do not show the SSN for the purpose of associating the reply with the file when it is returned. We use other means such as a unit number. Additionally, to protect the privacy of recipients who are paid by check and help prevent identity theft, Treasury is taking steps to remove all personal identification numbers, including the SSN, on all check payments. The goal for completing the project is early 2004.
The good news is that over 80% of our beneficiaries receive their payments by direct deposit, which means for this large group there are no SSNs to be stolen or paper checks that can be lost or stolen. For those that do not use direct deposit the Department of the Treasury prepares and mails all government checks including those for Social Security and Supplemental Security Income recipients. Effective with the September 1, 2000 benefit payments, the SSN printed on Social Security and Supplemental Security Income checks is no longer visible through the envelope window. Instead of the Social Security Number, Treasury includes the check number, which is assigned during payment processing, in the window area. Treasury uses this number to locate and hold payment prior to delivery when SSA has determined the payment is not due. Likewise, arrangements have been made with the U.S. Postal Service to use the beneficiary name and address to locate and return payments identified by SSA under the check intercept process.
Detecting SSN Misuse
One way that a person can find out whether someone is misusing their number to work is to check their earning records. About three months before their birthday, anyone 25 or older and not already receiving Social Security benefits, automatically receives a Social Security statement each year. The statement lists earnings posted, to their Social Security record as well as providing an estimate of benefits and other Social Security facts about the program. If there is a mistake in the earnings posted they are asked to contact us right away, so their record can be corrected. We investigate, correct the earnings record and if appropriate, we refer any suspected misuse of a Social Security number to the appropriate authorities.
SSA may learn about misused SSNs in a variety of other ways including alerts from our computer systems while matching Federal and State data, processing wages, claims or post entitlement actions, reports from individuals contacting our field offices or teleservice centers and inquiries from the Internal Revenue Service concerning two or more individuals with the same SSN on their income tax returns.
We have another tool that has been used successfully to detect instances of fraud and abuse. This tool, called the Comprehensive Integrity Review Process (CIRP), is a review and anomaly detection system. Known fraudulent patterns are first identified and then transactions that fit these fraudulent patterns are provided to SSA managers for their review. If upon investigation, the SSA manager believes that fraud or misuse has occurred, they prepare a referral to the Inspector General (IG).
To help victims, SSA provides hotline numbers to SSA's Fraud Hotline and the Federal Trade Commission ID Theft Hotline. We provide up-to-date information about steps that the person can take to work with credit bureaus and law enforcement agencies to reclaim their identity. We issue a replacement card if their Social Security Card is stolen. We help to correct their earnings record and issue a new Social Security number in certain circumstances. If the victim alleges that a specific individual is using the Social Security Number, SSA develops the case as a possible fraud violation. If appropriate, we refer the case to the IG for an investigation and work closely with the IG to facilitate their investigation.
The provisions of S.848 clearly reflect the Congress's growing concern with identity theft and its effects. The bill addresses the need to limit private and public sector use, display and sale of the SSN and to increase penalties for misuse of the number.
We note that the bill provides for civil monetary penalties for misuse of the SSN. While current law provides criminal penalties for SSN misuse, the addition of civil monetary penalties for SSN misuse would provide another level of deterrence for those who would misuse the SSN. We support this provision, which will strengthen our ability to deal with instances of misuse that are declined for prosecution by the Department of Justice.
We also support the provision in S.848 that would prohibit access to the SSNs by prisoners employed by Federal, State or local governments.
I would like to conclude by emphasizing that we, at the Social Security Administration want to do what we can to help prevent identity theft, to assist those who become victims and to assist in the apprehension and conviction of those who perpetrate the crime.
In a larger view, though, the Social Security Administration is only one of many institutions that have to be on guard for identity theft. As the Chairman knows, this is a very difficult area. In our experience, most instances of identity theft have resulted not from any action or failure to act by SSA, but from the proliferation of personal information in our society. SSA cannot police the disclosure of Social Security numbers made by private citizens and organizations. Mr. Chairman and members of the Committee we thank you for asking us to testify.