Testimony Of Deputy Commissioner Lockhart before the House Ways and Means Subcommittee on Social Security
and the House Judiciary Subcommittee on Immigration, Border Security and Claims,
on Preserving the Integrity of Social Security Numbers and Preventing Their Misuse by Terrorists and Identity Thieves.
September 19, 2002
Mr. Chairmen and Members of the Subcommittees:
Thank you for asking me to be here today to discuss the process of assigning and issuing Social Security Numbers (SSN), and the role that the SSN has in our society today. As the number of legitimate uses for SSNs increases, especially in the private sector so does the potential for misuse-and the resulting consequences of misuse.
Social Security Number misuse can lead directly to identity theft and the resulting personal and economic consequences to the individual whose identity is stolen. But SSN misuse also can create far-reaching consequences to our economy and our society as a whole.
The tragic events of September 11, and reports that some of the terrorists fraudulently used SSNs, have brought home the need to strengthen the safeguards to protect against the misuse of the SSN. Since Commissioner Barnhart and I have been at Social Security we have made protecting the SSN a major stewardship priority. We have made many important enhancements this year and are reviewing other improvements.
Original Purpose of the Social Security Number and Card
To begin, I would like to discuss the original purpose of the SSN and the Social Security card. Following the passage of the Social Security Act in 1935, the SSN was devised administratively as a way to keep track of the earnings of people who worked in jobs covered under the new program. The requirement that workers covered by Social Security apply for an SSN was published in Treasury regulations in 1936.
The SSN card is the document SSA provides to show what SSN is assigned to a particular individual. The SSN card, when shown to an employer, assists the employer in properly reporting earnings. Early public education materials counseled workers to share their SSNs only with their employers. Initially, the only purpose of the SSN was to keep an accurate record of earnings covered under Social Security so that we could pay benefits based on those earnings.
Growth of SSN as an Identifier for Other Federal Purposes
In spite of the narrowly drawn purpose of the SSN, use of the SSN as a convenient means of identifying people in records systems has grown over the years. In 1943, Executive Order 9397 required Federal agencies to use the SSN in any new system for identifying individuals. This use proved to be a precursor to a continuing explosion in SSN usage which came about during the computer revolution of the 1960's and 70's and which continues today. The simplicity of using a unique number that most people already possessed encouraged widespread use of the SSN by Government agencies and private organizations as they adapted their record-keeping and business applications to automated data processing.
In 1961, the Federal Civil Service Commission established a numerical identification system for all Federal employees using the SSN as the identifying number. The next year, the Internal Revenue Service (IRS) decided to use the SSN as its taxpayer identification number (TIN) for individuals. And, in 1967, the Defense Department adopted the SSN as its identification number for military personnel. Use of the SSN for computer and other record keeping systems spread throughout State and local governments, and to banks, credit bureaus, hospitals, educational institutions and other areas of the private sector. At the time, there were no legislative authorizations for, or prohibitions against, such uses.
Statutory Expansion of SSN Use in the Public Sector
The first explicit statutory authority to issue SSNs did not occur until 1972, when Congress required that SSA assign SSNs to all noncitizens authorized to work in this country and take affirmative steps to assign SSNs to children and anyone receiving or applying for a benefit paid for by Federal funds. This change was prompted by Congressional concerns about welfare fraud and about noncitizens working in the U.S. illegally. Subsequent Congresses have enacted legislation which requires an SSN as a condition of eligibility for applicants for SSI, Aid to Families with Dependent Children (now called Temporary Assistance to Needy Families), Medicaid, and food stamps. Additional legislation authorized States to use the SSN in the administration of any tax, general public assistance, drivers license, or motor vehicle registration law within its jurisdiction.
The Privacy Act was enacted in 1974 when Congress became concerned about the widespread use of the SSN. It provides that, except when required by Federal statute or regulation adopted prior to January 1975, no Federal, State or local government agency could withhold benefits from a person simply because the person refused to furnish his or her SSN.
In the 1980's, separate legislation provided for additional uses of the SSN including employment eligibility verification, military draft registration, driver's licenses, and for operators of stores that redeem food stamps. Legislation was also enacted that required taxpayers to provide a taxpayer identification number (SSN) for each dependent age 5 or older. The age requirement was lowered subsequently, and an SSN is now required for dependents, regardless of age.
In the 1990's, SSN use continued to expand with legislation that authorized its use for jury selection and for administration of Federal workers' compensation laws. A major expansion of SSN use was provided in 1996 under welfare reform. Under welfare reform, to enhance child support enforcement, the SSN is to be recorded in the applications for professional licenses, driver's licenses, and marriage licenses; it must be placed in the records relating to a divorce decree, support order, or paternity determination or acknowledgment; and it must be recorded in the records relating to death and on the death certificate. When an individual is hired, an employer is required to report this event to the State's New Hire Registry. This "New Hire Registry" is part of the expanded Federal Parent Locator Service which enables States to find non-custodial parents by using the SSN.
Private Sector Use of the SSN
Currently, Federal law places no restrictions on the use of the SSN by the private sector. People may be asked for an SSN for such things as renting a video, getting medical services, and applying for public utilities. They may refuse to give it. However, the provider may, in turn, decline to furnish the product or service.
There are two basic ways the providers use the SSN. Within an organization, the SSN is typically used to identify specific persons and to maintain or retrieve data files. The second use is for external exchange of information, typically to transfer or to match data. For example, individual companies can track buying habits and customer preferences through the use of such data.
Continuing advances in computer technology and the ready availability of computerized data have spurred the growth of information brokers who amass and sell vast amount of personal information including SSNs. When possible, information brokers retrieve data by SSN because it is more likely than any other identifier to produce records for a specific individual.
The SSN as an Identifier
As you can see, Mr. Chairman, the current use of the SSN as a personal identifier in both the public and private sectors is not the result of any single step; but rather, from the gradual accretion over time of extending the SSN to a variety of purposes. The implications for personal privacy of the widespread use of a single identifier have generated concern both within the government and in society in general.
The advent of broader access to electronic data through the Internet and the World Wide Web has generated a growing concern about increased opportunities for access to personal information. Some people fear that the competition among information service providers for customers will result in broader data linkages with questionable integrity and potential for harm, and make it easier for identity thieves to ply their trade.
On the other hand, there are some who believe that the public interests and economic benefits are well served by these uses of the SSN. They argue that use of the SSN would enhance the ability to more easily recognize, control and protect against fraud and abuses in both public and private activities. All Federal benefit-paying agencies rely on data matches to verify not only that the applicant is eligible for benefits, but also to ensure that the benefit paid is correct. Other federal agencies may be able to provide information about other socially beneficial uses of the SSN, including its use in research and statistical activities. The SSN often is the key that facilitates the ability to perform the matches.
I also want to mention that SSA is actively involved in an interagency initiative (e-VITAL) which is pursuing electronic data exchanges between other federal agencies and the States. This "e-VITAL" program consists of 2 projects that are being undertaken to maximize efficiency and improve customer service to citizens and businesses. One project is working with State agencies and funeral homes to expand and improve electronic notification of deaths. The second project is an electronic query system that allows State and Federal agencies to access birth and death information. This information would be used to improve the accuracy of our records and ensure that proper benefits are paid to individuals.
When most people think of identity theft they are referring to the use of the personal identifying information of another person to "become" that person. Identity theft and fraud also include enumeration fraud, which uses fraudulent documents to obtain an original SSN for establishing identity. Finally, identity theft and fraud also includes identity creation, which uses false identity, false documents and a false SSN.
Skilled identity thieves may use a variety of low and hi-tech methods to gain access to personal data. We at the Social Security Administration want to do what we can to help prevent identity theft, to assist those who become victims of identity theft, and to assist in the apprehension and conviction of those who perpetrate the crime.
Preventing identity theft can play a role in the prevention of any future terrorism. Identification documents are critically important to terrorists, and a key to such documents is the SSN. The integrity of the SSN must be ensured to the maximum extent possible because of the fundamental role it can play in helping unscrupulous individuals steal identities and obtain false identification documents.
Identity thieves may get personal information by stealing wallets and purses, mail, personal information on an unsecured Internet site, from business or personnel records at work, buying personal information from "inside" sources, or posing as someone who legitimately needs the information such as an employer or landlord. We ask that people be careful with their SSN and card to prevent identity theft. The card should be shown to an employer when an individual starts working, so that the employment records are correct and then it should be put in a safe place.
SSA Response to SSN Misuse
In response to the events of September 11, SSA formed a high-level response team which has met regularly ever since to recommend and track progress towards policy and procedural enhancements to help ensure that we are strengthening our capability to prevent those with criminal intent from using SSNs and cards to advance their operations. Just as there have been delays at airports as a result of heightened security, we recognize that some of these initiatives may result in a delay in the receipt of SSNs for some citizens and non-citizens. However, these measures are necessary to ensure the integrity of the SSN and to ensure that only those who should receive an SSN do so. Soon after September 11th, we began a new training emphasis on the rules for enumeration, and especially for enumerating non-citizens. We started with refresher training for all involved staff, but are following this up with periodic special training and additional management oversight. On March 1 we stopped assigning SSNs to non-citizens for the sole purpose of applying for a driver's license, so that non-citizens can now only get an SSN if they are authorized to work or where needed for a Federal funded or state public assistance benefit to which the person has established entitlement. On June 1, we began verifying with the custodians of the records, any birth records submitted by U.S. born citizens over the age of one applying for an SSN. Further, we are currently piloting an online system for employers to verify the names and SSNs of newly hired employees. I must note that SSA has had systems for employers to verify employees SSNs for wage reporting purposes for more than twenty years.
Throughout this year we are also implementing a range of new initiatives with the Immigration and Naturalization Service (INS) and the Department of State (DoS) that will improve integrity goals with respect to enumeration of non-citizens. We expect to have in place by the end of the year the first phase of what we are calling Enumeration at Entry (EAE). EAE is an integrity measure we have been working on collaboratively with the INS and DoS for some time. EAE will work similarly to our highly successful Enumeration at Birth program under which most U.S.-born infants are assigned SSNs based on requests by their parents in the hospital right at birth, eliminating the potential for the use of fraudulent documents. EAE will also eliminate the use of fraudulent immigration documents from the process. Under EAE, SSA will assign SSNs to newly arrived immigrants based on data collected by the DoS, as it approves the immigrant visa in the foreign service post, and by the INS, as entry into the country is authorized. SSA would receive electronically the information needed to enumerate the individual from the INS with no need for further document review and verification.
In July, we began verifying any documents issued by the INS with them before assigning an SSN. We are verifying many of these electronically. But if the immigration document is not recorded in the INS system within ten days, we request written confirmation from INS that the documents submitted are bona fide and that the individual is authorized to work. This new verification process was fully implemented earlier this month.
We are also planning to pilot a Social Security Card Center that would be an interagency specialist group designed to provided quick and efficient service while ensuring the integrity of the enumeration process.
We have developed this multi-pronged approach to make SSNs less accessible to those with criminal intent as well as prevent individuals from using false or stolen birth records or immigration documents to obtain an SSN.
We also implemented changes to speed up the distribution of our Death Master File. SSA receives reports of deaths from a number of sources, and from computer matches with death data from Federal and State agencies. This information is critical to the administration of our program and is made available to facilitate the prevention of identify theft of the SSN's of deceased persons. Many of the private sector companies purchasing this information are credit card companies and financial institutions.
Furthermore, we are also limiting the display of SSNs on our correspondence. As of October 1, 2001 we no longer include the first five digits of the SSN on Social Security Statements and as of December 2001 on Social Security Cost-of-Living Notices. We do use the full SSN on other correspondence because there may be legal requirements for display of the SSN on the notice especially on termination and award notices. However, to ensure the confidentiality of the SSN on mail we do not show the addressee's SSN on the envelope, if mailing an envelope to an individual. If requesting information from third parties, we do not show the SSN for the purpose of associating the reply with the file when it is returned.
The good news is that over 80% of our beneficiaries receive their payments by direct deposit, which means for this large group there are no SSNs to be stolen or paper checks that can be lost or stolen. For those that do not use direct deposit, the Department of the Treasury prepares and mails all government checks including those for Social Security and Supplemental Security Income recipients. Effective with the September 1, 2000 benefit payments, the SSN printed on Social Security and Supplemental Security Income checks is no longer visible through the envelope window. Additionally, to protect the privacy of recipients who are paid by check and help prevent identity theft, Treasury is taking steps to remove all personal identification numbers, including the SSN, on all check payments. The goal for completing the project is early 2004.
Detecting SSN Misuse
One way that a person can find out whether someone is misusing their number to work is to check their earning records. About three months before their birthday, anyone 25 or older and not already receiving Social Security benefits, automatically receives a Social Security statement each year. The statement lists earnings posted, to their Social Security record as well as providing an estimate of benefits and other Social Security facts about the program. If there is a mistake in the earnings posted they are asked to contact us right away, so their record can be corrected. We investigate, correct the earnings record and if appropriate, we refer any suspected misuse of an SSN to the appropriate authorities.
SSA may learn about misused SSNs in a variety of other ways including alerts from our computer systems while matching Federal and State data, processing wages, claims or post entitlement actions, reports from individuals contacting our field offices or teleservice centers and inquiries from the IRS concerning two or more individuals with the same SSN on their income tax returns.
We have another tool that has been used successfully to detect instances of fraud and abuse. This tool, called the Comprehensive Integrity Review Process (CIRP), is a review and anomaly detection system. This system first identifies known fraudulent patterns and then transactions that fit these fraudulent patterns are provided to SSA managers for their review. If upon investigation, the SSA manager believes that fraud or misuse has occurred, they prepare a referral to the Office of the Inspector General (OIG).
Of course SSA's OIG has played an ongoing role in the investigation of fraud and misuse of the SSN, as shown in the following examples. As you know, SSA OIG agents have participated along with the US Department of Justice in "Operation Tarmac". In this joint effort, individuals have been identified who misused SSN's to fraudulently obtain security badges, and to date, a significant number have been sentenced. Further, SSA's OIG, INS, and local law enforcement authorities investigated an organization in Utah that manufactured and sold counterfeit documents. To date, nine individuals have been sentenced to jail time and/or deportation, and the investigation continues. In another combined effort, OIG, Postal Service, Federal Bureau of Investigations and the Secret Service investigated and arrested individuals in Seattle who established more than 50 false identities to open bank accounts.
Another important pillar in the effort to safeguard program integrity is the joint SSA-OIG General Cooperative Disability Investigations Program (CDI). Its mission is to detect fraud in the early stages-at the time of application for Social Security benefits or during the appeals process. The results of CDI investigations were used to support over 2,700 denials or terminations, allowing SSA to avoid improper payments to individuals.
To help victims, SSA provides hotline numbers to SSA's Fraud Hotline and the Federal Trade Commission ID Theft Hotline. We provide up-to-date information about steps that the person can take to work with credit bureaus and law enforcement agencies to reclaim their identity. We issue a replacement card if their Social Security Card is stolen. We help to correct their earnings record and issue a new SSN in certain circumstances. If the victim alleges that a specific individual is using the SSN, SSA develops the case as a possible fraud violation. If appropriate, we refer the case to the OIG for an investigation and work closely with the OIG to facilitate their investigation.
As I mentioned earlier, the primary purpose of the SSN has always been to allow us to accurately record and keep track of a worker's earnings. This is SSA's core business process, and it ensures that a worker and his family receive benefits that reflect his work history. The earnings suspense file is an electronic holding file for reported earnings items that cannot be recorded to the earnings records of individual workers because the name and SSN on the items do not match SSA's records.
Currently, we receive and process about 250 million annual wage reports (Forms W-2) for employees from about 6.5 million employers. In recent years, after electronic and manual processing, about 97 percent of these items are ultimately posted to the Master Earnings File (MEF), which contains a record of the lifetime earnings of each individual worker. The remaining items, about 3 percent, are ultimately placed in the earnings suspense file. For 2000, after electronic processing, 10 million reports of wages were sent to the suspense file representing over $54 billion in wages. The suspense file contains all mismatches since 1937 about 237 million reports of wages representing $376 billion in earnings.
So, why is this issue significant? As I stated earlier, the wages reported to SSA on the Forms W-2 are used to maintain a record of every working individual's earnings. This earnings record is the basis for computing retirement, survivors, and disability benefits. If a worker's earnings are not recorded, he or she may not qualify for benefits or the benefit amount may be lower. When a person files for benefits, the earnings record is reviewed and an effort is made to establish any earnings that are not shown. However, it may be difficult to accurately recall past earnings and to obtain evidence of them. Thus, it is better to establish and maintain accurate records at the time the wages are paid.
We have a number of initiatives to assure that wage items are credited to the correct individual's earnings record and do not go into suspense. These include:
- Encouraging the filing of wage reports electronically or on magnetic media which has increased to 78.0% percent in 2001.
- Using over 23 software routines to match names to SSNs which initially do not match SSA records-for TY1999, software matched 16 million (about 60 percent) of the initial mismatches.
- Notifying employees of name/SSN errors and requesting corrections. In the last five years we have sent an average of 8 million letters a year to individuals or to their employers if we do not have a record of the employee's address.
- Notifying employers of name/SSN errors. In 2002, we increased these "no match" letters from about 110,000 to 870,000. This is because we sent these letters to all employers who submitted W-2 forms with information that did not match our records instead of only to employers with relatively large number of mismatches. We will be reviewing the effectiveness of this change.
- Providing outreach to the employer community to reinforce the need for accurate name/SSN reporting.
We are building a new Earnings Suspense File process that looks promising. It would electronically find millions of additional matches and post them to the correct earnings record. Under this new process, we are estimating that at least 30 million items will be removed from the suspense file and credited to the records of individual workers. If so, benefits for several hundred thousand beneficiaries would be increased. If the test we have planned for the fall of this year is successful, we expect to begin the new process early in 2003 and have it completed by the end of 2004.
Mr. Shaw's bill (H.R. 2036) is aimed at the need to limit private and public sector use, display and sale of the SSN and to increase penalties for misuse of the number. We appreciate Mr. Shaw's commitment to these objectives.
We support efforts to strengthen the penalties and enforcement for SSN misuse, which would be of great help to the agency in our consistent efforts to locate and eliminate abuses to the program. While current law provides criminal penalties for SSN misuse, the addition of civil monetary penalties for SSN misuse would provide another level of deterrence for those who would misuse the SSN. Such measures would help to strengthen our ability to deal with instances of misuse that are not criminally prosecuted by the Department of Justice.
I would like to conclude by emphasizing that we at the Social Security Administration are committed to protecting the integrity of the SSN. We want to do what we can to help prevent identity theft, to assist those who become victims and to assist in the apprehension and conviction of those who perpetrate the crime. We are committed to improving the accuracy of the records of workers earnings and thereby helping to ensure accurate retiree, disability, survivors and SSI payments.
In a larger view, the Social Security Administration is on guard for identity theft. This is a challenging task. In our experience, most instances of identity theft have resulted not from any action or failure to act by SSA, but from the proliferation of personal information in our society. The disclosure of SSNs by private citizens and organizations are prime among them. While SSA cannot control the disclosure of SSNs, we can and are doing a better job in areas that we can control, such as enumeration and misuse detection.
Thank you for asking us to testify on this issue.