[House Hearing, 106 Congress]
[From the U.S. Government Publishing Office]





           H.R. 220, THE FREEDOM AND PRIVACY RESTORATION ACT

=======================================================================

                                HEARING

                               before the

                 SUBCOMMITTEE ON GOVERNMENT MANAGEMENT,
                      INFORMATION, AND TECHNOLOGY

                                 of the

                     COMMITTEE ON GOVERNMENT REFORM
                        HOUSE OF REPRESENTATIVES

                       ONE HUNDRED SIXTH CONGRESS

                             SECOND SESSION

                                   ON

                                H.R. 220

 TO AMEND TITLE II OF THE SOCIAL SECURITY ACT AND THE INTERNAL REVENUE 
  CODE OF 1986 TO PROTECT THE INTEGRITY AND CONFIDENTIALITY OF SOCIAL 
   SECURITY ACCOUNT NUMBERS ISSUED UNDER SUCH TITLE, TO PROHIBIT THE 
    ESTABLISHMENT IN THE FEDERAL GOVERNMENT OF ANY UNIFORM NATIONAL 
  IDENTIFYING NUMBER, AND TO PROHIBIT FEDERAL AGENCIES FROM IMPOSING 
   STANDARDS FOR IDENTIFICATION OF INDIVIDUALS ON OTHER AGENCIES OR 
                                PERSONS

                               __________

                              MAY 18, 2000

                               __________

                           Serial No. 106-206

                               __________

       Printed for the use of the Committee on Government Reform


  Available via the World Wide Web: http://www.gpo.gov/congress/house
                      http://www.house.gov/reform


                   U.S. GOVERNMENT PRINTING OFFICE
71-388                     WASHINGTON : 2001


_______________________________________________________________________
 For sale by the Superintendent of Documents, U.S. Government Printing 
                                 Office
Internet: bookstore.gpo.gov  Phone: (202) 512-1800  Fax: (202) 512-2250
               Mail: Stop SSOP, Washington, DC 20402-0001


                     COMMITTEE ON GOVERNMENT REFORM

                     DAN BURTON, Indiana, Chairman
BENJAMIN A. GILMAN, New York         HENRY A. WAXMAN, California
CONSTANCE A. MORELLA, Maryland       TOM LANTOS, California
CHRISTOPHER SHAYS, Connecticut       ROBERT E. WISE, Jr., West Virginia
ILEANA ROS-LEHTINEN, Florida         MAJOR R. OWENS, New York
JOHN M. McHUGH, New York             EDOLPHUS TOWNS, New York
STEPHEN HORN, California             PAUL E. KANJORSKI, Pennsylvania
JOHN L. MICA, Florida                PATSY T. MINK, Hawaii
THOMAS M. DAVIS, Virginia            CAROLYN B. MALONEY, New York
DAVID M. McINTOSH, Indiana           ELEANOR HOLMES NORTON, Washington, 
MARK E. SOUDER, Indiana                  DC
JOE SCARBOROUGH, Florida             CHAKA FATTAH, Pennsylvania
STEVEN C. LaTOURETTE, Ohio           ELIJAH E. CUMMINGS, Maryland
MARSHALL ``MARK'' SANFORD, South     DENNIS J. KUCINICH, Ohio
    Carolina                         ROD R. BLAGOJEVICH, Illinois
BOB BARR, Georgia                    DANNY K. DAVIS, Illinois
DAN MILLER, Florida                  JOHN F. TIERNEY, Massachusetts
ASA HUTCHINSON, Arkansas             JIM TURNER, Texas
LEE TERRY, Nebraska                  THOMAS H. ALLEN, Maine
JUDY BIGGERT, Illinois               HAROLD E. FORD, Jr., Tennessee
GREG WALDEN, Oregon                  JANICE D. SCHAKOWSKY, Illinois
DOUG OSE, California                             ------
PAUL RYAN, Wisconsin                 BERNARD SANDERS, Vermont 
HELEN CHENOWETH-HAGE, Idaho              (Independent)
DAVID VITTER, Louisiana


                      Kevin Binger, Staff Director
                 Daniel R. Moll, Deputy Staff Director
           David A. Kass, Deputy Counsel and Parliamentarian
                    Lisa Smith Arafune, Chief Clerk
                 Phil Schiliro, Minority Staff Director
                                 ------                                

   Subcommittee on Government Management, Information, and Technology

                   STEPHEN HORN, California, Chairman
JUDY BIGGERT, Illinois               JIM TURNER, Texas
THOMAS M. DAVIS, Virginia            PAUL E. KANJORSKI, Pennsylvania
GREG WALDEN, Oregon                  MAJOR R. OWENS, New York
DOUG OSE, California                 PATSY T. MINK, Hawaii
PAUL RYAN, Wisconsin                 CAROLYN B. MALONEY, New York

                               Ex Officio

DAN BURTON, Indiana                  HENRY A. WAXMAN, California
          J. Russell George, Staff Director and Chief Counsel
               Heather Bailey, Professional Staff Member
                           Bryan Sisk, Clerk
           Trey Henderson, Minority Professional Staff Member


                            C O N T E N T S

                              ----------                              
                                                                   Page
Hearing held on May 18, 2000.....................................     1
    Text of H.R. 220.............................................     3
Statement of:
    Bovbjerg, Barbara, Associate Director of Education, 
      Workforce, and Income Security Issues, Health, Education, 
      and Human Services Division, U.S. General Accounting 
      Office; Fritz Streckewald, Associate Commissioner for 
      Program Benefits, the Social Security Administration; 
      Charlotte Twight, professor and privacy expert, Boise State 
      University; and Robert Ellis Smith, editor, the Privacy 
      Journal....................................................    27
    Paul, Hon. Ron, a Representative in Congress from the State 
      of Texas...................................................    12
Letters, statements, etc., submitted for the record by:
    Bovbjerg, Barbara, Associate Director of Education, 
      Workforce, and Income Security Issues, Health, Education, 
      and Human Services Division, U.S. General Accounting 
      Office, prepared statement of..............................    29
    Horn, Hon. Stephen, a Representative in Congress from the 
      State of California, prepared statement of.................    10
    Kleczka, Hon. Jerry, a Representative in Congress from the 
      State of Wisconsin, prepared statement of..................    25
    Paul, Hon. Ron, a Representative in Congress from the State 
      of Texas, prepared statement of............................    15
    Smith, Robert Ellis, editor, the Privacy Journal, prepared 
      statement of...............................................    61
    Streckewald, Fritz, Associate Commissioner for Program 
      Benefits, the Social Security Administration:
        Information concerning impact of elimination of 
          retirement earnings test...............................    78
        Prepared statement of....................................    40
    Twight, Charlotte, professor and privacy expert, Boise State 
      University, prepared statement of..........................    52

 
           H.R. 220, THE FREEDOM AND PRIVACY RESTORATION ACT

                              ----------                              


                              MAY 18, 2000

                  House of Representatives,
Subcommittee on Government Management, Information, 
                                    and Technology,
                            Committee on Government Reform,
                                                    Washington, DC.
    The subcommittee met, pursuant to notice, at 2 p.m., in 
room 2154, Rayburn House Office Building, Hon. Stephen Horn 
(chairman of the subcommittee) presiding.
    Present: Representatives Horn and Turner.
    Staff present: J. Russell George, staff director and chief 
counsel; Heather Bailey, professional staff member; Bonnie 
Heald, director of communications; Bryan Sisk, clerk; Elizabeth 
Seong and Michael Soon, interns; Michelle Ash and Trey 
Henderson, minority counsels; and Jean Gosa, minority assistant 
clerk.
    Mr. Horn. A quorum being present, the hearing of the 
Subcommittee on Government Management, Information, and 
Technology will come to order.
    This is the fourth in a series of subcommittee hearings on 
the issue of privacy. Today, we will examine proposed 
legislation that would prohibit Federal, State, and local 
government agencies from using Social Security numbers as 
identification numbers, except for Social Security and tax 
purposes. H.R. 220, the Freedom and Privacy Restoration Act of 
1999, sponsored by Representative Ron Paul from Texas, in 
addition to limiting the use of Social Security numbers, the 
bill would prohibit government agencies from asking individuals 
for their Social Security number.
    The proliferation of personal information on the Internet, 
in combination with the broad use of the Social Security 
number, has caused a growing concern over protecting citizens 
against a rising tide of identity theft associated frauds. When 
the Social Security number system began in 1936, its purpose 
was to identify individuals who receive benefits from the 
Social Security retirement system. Over the years, however, the 
use of this number has expanded far beyond its original intent. 
Today, the social number is used as a personal identification 
number by State and local agencies, utility companies, 
universities, and a proliferation of private businesses.
    Credit bureaus use the number to maintain individual 
consumer credit histories. State income tax officials use it to 
identify tax filers. Numerous businesses that sell personal 
information, offer financial services, and provide health care 
also rely on the Social Security number. These companies use 
the number to assess personal credit ratings, locate assets, 
maintain health records, and ensure that individuals comply 
with a variety of rules and regulations.
    Clearly, there is a need to protect personal information. 
There is an equally compelling need to ensure the integrity of 
Federal programs. Today, the subcommittee will examine whether 
H.R. 220 is an appropriate balance between those needs.
    I will add that we will have a future hearing with 
individuals that relate to this problem, such as universities 
across the land, State governments, motor vehicle operations, 
county registrars. I welcome our witnesses today and look 
forward to their testimony.
    [The text of H.R. 220 and the prepared statement of Hon. 
Stephen Horn follow:]

[GRAPHIC] [TIFF OMITTED] T1388.001

[GRAPHIC] [TIFF OMITTED] T1388.002

[GRAPHIC] [TIFF OMITTED] T1388.003

[GRAPHIC] [TIFF OMITTED] T1388.004

[GRAPHIC] [TIFF OMITTED] T1388.005

[GRAPHIC] [TIFF OMITTED] T1388.006

[GRAPHIC] [TIFF OMITTED] T1388.007

[GRAPHIC] [TIFF OMITTED] T1388.008

[GRAPHIC] [TIFF OMITTED] T1388.009

    Mr. Horn. The gentleman from Texas hasn't arrived yet, but 
we will begin with the other gentleman from Texas.
    We have with us the author of the bill, Hon. Ron Paul, a 
Member of Congress from Texas.

 STATEMENT OF HON. RON PAUL, A REPRESENTATIVE IN CONGRESS FROM 
                       THE STATE OF TEXAS

    Mr. Paul. Thank you, Mr. Chairman.
    I really appreciate this opportunity and I want to thank 
you for holding these hearings. The issue of privacy certainly 
is getting the attention of many people in this country and 
starting to get the attention of many Members of Congress.
    I do have a written statement that I would like to submit.
    Mr. Horn. Without objection, your prepared statement will 
appear in the record.
    I might say that the minute we introduce any witness here 
their full statement goes in automatically.
    Mr. Paul. And I would like to add there is one letter that 
came from a constituent and I would like to submit that letter 
as well.
    Mr. Horn. Without objection, that letter will also appear 
in the record.
    Mr. Paul. The issue of privacy certainly has been catching 
the attention of a lot of people. Last year I introduced this 
legislation to try to deal with it because we do hear from a 
lot of our voters who are saying that the Social Security 
number is being used too often and improperly. In a technical 
sense, they are right. They are right in the sense that in a 
free society they are not supposed to be monitored by the 
Government the way the Social Security number monitors us.
    When we established the Social Security number in 1935 or 
1936, it was never intended to be a national identifier. In 
1970, the Congress passed a bill called the Bank Secrecy Act. 
That sounds like maybe it would preserve secrecy, but it did 
exactly the opposite. It made sure the banks knew more about us 
and the Government got hold of more information.
    Congress responded in 1974 by passing the Privacy Act, and 
it too sounded good and has a very good sentence in there that 
says the taxpayer and voters will be protected and the Social 
Security number cannot be used as a national identifier. But 
unfortunately, in the same piece of legislation, it said that 
Congress can enact anything they want and mandate the use of 
the Social Security number.
    So Congress since that time has ignored the good statement 
and picked up on the other statement that said that they do 
have the authority, according to the Privacy Act of 1974. And 
Congress has not been bashful. There are 40 different programs 
now that use the Social Security number as the identifier.
    And in 1996, there was a giant leap forward to even 
expanding this more so because the Immigration Act was written 
with a mandate for the Transportation Department to develop a 
national identification card through our drivers' licenses. 
Fortunately, with some effort, we have been able to rescind 
that authority.
    But also in 1996, the Health Insurance and Portability Act 
established a need and authority to set up a national data bank 
and to have a national medical identifier. And today, with the 
Government being so involved in medicine, it was argued that 
this would make it more efficient for Government to monitor and 
manage medical care because the Government is dealing with the 
HMOs and this will make it more efficient.
    And there is some plausibility to that particular argument, 
but it also invites the risk, just as happened so often. What 
looks like a good program always has a down side. The down side 
is that the Government is going to have all our medical 
records. And as a physician, I certainly think that is a very 
dangerous thing because our Government doesn't have a real good 
record for protecting our privacy. They should be protecting 
our privacy and there is a lot more time spent invading our 
privacy.
    We do hear stories and they are not limited to one 
administration where the IRS has been abusive and has been used 
to invade our privacy. We have also heard about FBI files being 
abused. So the American people are very, very frightened by all 
this.
    My theory on why we heard so much from our constituents 
this year on the census wasn't that the census was that more 
onerous--I think the questions were probably similar to what 
has been going on for the last 20 or 30 years because they have 
always asked a lot of questions--but I think the American 
people now are much more nervous about giving information to 
the Government. And that is why I think they were complaining 
so much and worried about it.
    And even within the census, they have introduced an idea 
that they were going to expand on the monitoring approach by 
having a test in there they actually ask as a test 21,000 
people for their Social Security numbers to see what they can 
learn and how well the people would respond.
    So if we don't pay more attention to this, soon the census 
will be monitored and our numbers will be used to report our 
numbers and our names to the census. Already today just about 
everything we do needs a Social Security number. If we're 
looking for a job, birth certificate, death certificate, bank 
accounts, medical care--the list goes on and on--drivers' 
licenses. In most States, you can't even get a fishing license 
without a Social Security number.
    This invites trouble. And one of the worst down sides to 
this is that by having a universal identification number, it is 
a good way to bring all our information together of every 
individual. If we don't do it, we are in trouble with the 
Government.
    And once the information is brought together, the job of 
identification theft becomes relatively easy. All you have to 
do is get the Social Security number. And because of Government 
mandates, we have set it up for them.
    My bill deals with this. You can't use your Social Security 
number for anything other than Social Security. And take away 
the mandates. Don't tell the States--well, in order for you to 
get your highway funds, you will put the Social Security number 
on your drivers' licenses--we wouldn't be able to do that, 
either.
    So this is a broad approach, a serious approach, there is a 
lot of support for it, but I also understand very clearly the 
arguments against it because they talk about Government being 
less effective. They believe they can cut down on fraud if they 
use the Social Security number. But the real purpose of 
Government in a free society is not to make the Government 
efficient. The purpose of Government in a free society should 
be to preserve our freedoms.
    To me, privacy is equivalent to if not synonymous with 
freedom. So if we are carelessly willing to sacrifice so much 
of our privacy and so much of our freedom for the argument that 
Government may be more efficient, I think is a dangerous 
direction to be going in.
    So this is the reason I bring this to you. I appreciate 
very much your willingness to listen and look at it because I 
don't think this issue is going to go away. And I think the 
nice part about it from my viewpoint--from a civil libertarian 
viewpoint--is that it isn't a right-wing conservative issue and 
it is not a left-wing liberal issue. It is a civil libertarian 
issue which brings in a lot of people from both sides.
    And although we get a lot of support and understanding on 
the need for this, there is also the great hesitation to 
endorse this because they are frightened about what it might do 
in handicapping the efficiency of Government.
    And I will be glad to yield for questions.
    [The prepared statement of Hon. Ron Paul follows:]

    [GRAPHIC] [TIFF OMITTED] T1388.010
    
    [GRAPHIC] [TIFF OMITTED] T1388.011
    
    [GRAPHIC] [TIFF OMITTED] T1388.012
    
    [GRAPHIC] [TIFF OMITTED] T1388.013
    
    Mr. Horn. Let me ask you about Medicare.
    When we drafted the Medicare bill--and I was on that team 
in the Senate staff in 1965--we followed essentially how Social 
Security had done it and we modelled the Medicare part on it.
    Now, would you permit the use of the Social Security number 
for medical files in Medicare, since it is needed to make sure 
there are real people getting benefits and not somebody that 
has a number--and there is no question there is a lot of misuse 
of the number in terms of people looking at the dead and all 
the rest. If it hasn't been changed in Baltimore, I guess they 
get away with it. But we will get some testimony on that later.
    But how do you feel about including Medicare with a Social 
Security number.
    Mr. Paul. My first thoughts are psychologically, in my 
mind, without thinking it through in detail legally--I think of 
Medicare and Social Security being pretty close together. I 
think if that were the only problem, I don't think I would be 
here with this piece of legislation. But I think if we were to 
use it for Medicare, it could be very, very strictly limited to 
that with the idea that that is part of the Social Security 
system, because I think of it as the same. I think of it as the 
same.
    But I think when you get into the other medical programs, 
whether it is the managed care system the Government has so 
much to do with or the Medicaid system and on and on, then I 
would not be nearly that generous. I would say that you should 
have another identifier because there will always be the 
efficiency argument, whether it is an educational program or a 
medical program. But strictly limited to Medicare for the 
protection of the individuals I think is very important.
    Mr. Horn. In the testimony we expect to hear on the next 
panel, it will be pointed out that if there isn't a common 
identifier when Government agencies attempt to locate that it 
creates a problem. For example, dead-beat dads, people with 
similar names may be mistakenly identified and there is a real 
problem where the people aren't submitting their alimony 
ordered by the court, they move across county lines in 
California or they move across State lines.
    How would you address that problem if your bill became law?
    Mr. Paul. I think States faced this problem prior to the 
time we had Social Security because I don't think of dead-beat 
dads as a separate issue. I think that is a problem of someone 
not paying their bills and meeting up to their financial 
responsibilities. So I would say that is a State issue. And if 
you are dealing with a cross-State problem, then those two 
States have to get together and work it out.
    But prior to even the 1960's, we didn't have that because 
it was only in the 1960's when we started really using it. And 
even in the 1970's when we dealt with all the financial 
accounts--we didn't even have the Social Security numbers on 
our tax returns until 1961.
    So I would say that that is not the job of the Federal 
Government or the Congress to facilitate this collection. This 
is a very serious problem, but prior to the Social Security 
number, it was handled as adequately as it is today, I am sure.
    Mr. Horn. Well, I remember one study we had a few years ago 
on Pell grants. Those are the ones that generally help the 
State schools and colleges. One person was eligible on Pell 
grants in terms of the information he showed at the student 
financial aid office, but actually he was a millionaire, and 
that was found through interconnection of his Social Security 
number with that in the tax record.
    Does that bother you?
    Mr. Paul. It bothers me that fraud was committed, but I do 
not think that we eliminate the prosecution of fraud by 
preserving freedom for the large majority of people. We 
shouldn't sacrifice the privacy of 99 people because you might 
catch one person that is going to commit fraud. I don't think 
we sacrifice our ability to pursue fraud because there would be 
ways of finding out if this person lied. But at the same time, 
you don't want to penalize and assume somebody is guilty of 
something and put a tremendous burden on them to follow so many 
of these privacy laws and let the Government accumulate this 
information.
    I think the supposed benefit is not worth the sacrifice of 
personal liberty.
    Mr. Horn. My last question, and then I'll turn it over to 
my colleague, Mr. Turner, your colleague from Texas.
    The written testimony of some of the second panel witnesses 
suggests adding a penalty section.
    What is your view of that idea?
    Mr. Paul. A penalty?
    Mr. Horn. If you misuse the Social Security number, should 
there be a penalty?
    Mr. Paul. I certainly think there should be a penalty on 
the U.S. Government when they misuse the Social Security 
number. But we should just prohibit by law the abuse of the 
Social Security number and then there would be--I think they 
use it because they have been granted the authority to use it 
and we encourage it. As we set up a new program, we are always 
anxious. The Social Security number is great. So we literally 
have it from cradle to grave now.
    Are you thinking about a businessman misusing the Social 
Security number?
    Mr. Horn. Your bill, if it was put on the law books, do you 
think there ought to be a penalty section to make sure that the 
people obey that particular bill?
    Mr. Paul. And you are referring to Government people?
    Mr. Horn. I am referring to anybody who uses the Social 
Security number, because I am assuming that is what you are 
banning in your bill.
    Mr. Paul. I hadn't thought about that, and maybe I am 
overly optimistic that if we pass a law and say ``Thou shalt 
not use the Social Security number,'' I would expect that we 
wouldn't use the Social Security number. I would think that if 
it were abused and the Social Security number was being forced 
on a State or Congress kept passing these laws, I guess the 
only penalty would be eventually at the polls. The American 
people would have to invoke the penalty.
    Right now, I think we are getting close to that point where 
the American people are getting nervous about the invasion of 
their privacy and it is an issue that they would like to hear 
more about from us.
    Mr. Horn. So you don't feel that a penalty section is 
needed?
    Mr. Paul. Well, at the moment, I don't. But I would have to 
admit I haven't thought it through completely and I would 
certainly be open to suggestions on that, if I could see the 
need for it.
    Mr. Horn. Well, I thank you and I now yield to the 
gentleman from Texas, the ranking member here, Mr. Turner for 
an opening statement as well as questioning the witness.
    Mr. Turner. Thank you, Mr. Chairman.
    Welcome, Mr. Paul, a fellow Texan. It is always good to 
have Texans before our committee.
    There is another bill that Mr. Kleczka has that would ban 
the use of the Social Security number in both the public and 
private sector. I know you addressed that in your opening 
remarks, but expand on that a little bit. Why, if you fear the 
use of the Social Security number by Government agencies 
contributes to the invasion of our privacy, why wouldn't you 
just tell the private sector they shouldn't use it as well?
    Mr. Paul. Well, I deal with that but a little more 
indirectly because if the private sector uses that number 
mainly because we have made it convenient for them to use it 
and we have mandated it too often when it comes to financial 
records--I mean, we tell the banks what to do--and anytime we 
do anything we put the pressure on them to use that number. 
Then they accumulate the information and they are tempted to 
sell it and do whatever.
    I think the fact that we do get them to accumulate all this 
information makes it much easier for identity theft. But I 
don't think the answer to our problem is dealing with another 
set of regulations on business people. Like last year when we 
passed the banking legislation, we said that what we needed to 
do was make sure that some of this information isn't 
transferred within a certain corporation or closely in-line 
corporation. But what that actually did was mandated more forms 
to be filled out, which means there is more information 
accumulated under the Social Security number.
    I think the abuse in the private sector comes as a 
secondary consequence. If we weren't using it so much, there 
would be no reason for them to do it. But I don't see the 
answer coming by just putting another constraint or another 
form to be filled out by the private sector. I don't see that's 
where the problem is.
    Mr. Turner. So you think the private sector would just 
slowly quit using the Social Security number? There are 
obviously multitudes of records that have all of us identified 
by our Social Security number.
    Mr. Paul. If we didn't tie it all together, I think they 
would lose their enthusiasm for using it. I don't see a 
convenient way of saying--we could say it, but could you 
imagine telling every individual that they are not allowed to 
use it? That means that we would have more snooping to make 
sure that nobody ever asked somebody for their Social Security 
number.
    But I think the abuse in this area should be dealt with on 
a property rights issue, fraud issue, local issue, but not by 
leaving the system in place and coming up with more of a rule. 
And this is our temptation here, instead of looking at the 
basic problem, we are more tempted to come in and set up more 
rules and regulations on the private sector and not dealing 
with the source of the problem, which was our carelessness in 
allowing the universal identifier to be developed.
    Although it is not admitted that it is here and we have had 
a couple of victories like ``Know Your Customer''--that is 
something I don't think too many of us supported and they 
withdrew it. That was more banking regulations. As well, there 
was the National I.D. Card Authority. We got that removed.
    So we have minor victories, but I don't think overall we 
have reversed the trend. The need for, the desire for, and the 
so-called benefits of a universal identifier are very, very 
strong. I think that is where the problem is and not with the 
private sector participating in the use of a Social Security 
number when they probably don't even need to.
    Sometimes you wonder why so many businesses are always 
asking you for these Social Security numbers, even when it's 
not the law. But people have been so conditioned to do it. So 
we have the Government mandating the encouragement, everybody 
accepts the Social Security number, and then we have businesses 
sort of jumping on.
    So I think the solution is back to making sure that we do 
not establish the principle of a national identifier. That is 
what my bill deals with.
    Mr. Turner. Have you been able to address the cost of the 
abandonment of the use of the Social Security number by the 
Federal Government agencies?
    Mr. Paul. No, not directly. But I know the cost of not 
doing it is very, very high in terms of privacy and individual 
liberty, and that is the cost I am looking at because there is 
such an intrusion as a cost-in that we facilitate 
identification theft--so that cost is tremendous. How much the 
cost would be if we continue with our same type of Federal 
education programs and medical programs--if they had different 
numbers, I am not sure there would be a tremendous increase in 
cost on that. They would just have to come up with a different 
number.
    Mr. Turner. I guess there would also be some cost to State 
governments, maybe even local governments that have come to 
rely on the Social Security number.
    Mr. Paul. They would have to quit relying on it.
    In the State of Texas, you know that it is only recent that 
we have had to give our Social Security number. It isn't on our 
driver's license, but that is the direction that we were and 
probably still are moving in, that every State will have a 
universal driver's license with Social Security numbers. But we 
are now required to give it even though it doesn't appear. So 
there is the connection. The intertwining of being able to 
monitor and know everything about everybody is the universal 
identifier, which is the Social Security number.
    I don't want any pressure--in fact, my bill deals with 
this. We as a Congress cannot put pressure on the State to use 
the Social Security number. Maybe your question is saying that 
the State wants to. I think if we take away the incentive, the 
pressure, and the mandates, they are less likely to.
    Mr. Turner. We had a hearing just the other day in this 
committee on a proposal by Representative Hutchinson to have a 
study commission on the issue of privacy. I know we have 
several bills that are moving through the Congress, some 
regulations that have been proposed trying to protect our 
privacy.
    Do you feel that we can point to some specific abuses that 
relate to the use of the Social Security number where our 
privacy has been invaded? Do we have some specific examples on 
a wider scale that might point out the scope of the problem 
that you perceive to exist?
    Mr. Paul. I don't think that would be difficult to find. 
Certainly the notion that we have a medical data bank, and 
assuming that there would never be a violation is almost too 
much to believe. And we do know specifically that our 
Government too often has abused records like FBI records and 
IRS records and they were never to be used in the political 
sense. Yet I think both administrations have been guilty of 
abuse in using these records in a political sense.
    I think people really are fearful of the Government having 
their medical records. And we make no in-roads at all--we have 
made in-roads on the National I.D. Card, but we have made no 
progress at all in slowing up the National Medical Data Bank 
with the Social Security number as the identifier.
    I can't show you an example of how the Government has 
abused that, but gut instinct tells us it is not a very good 
idea and the American people don't want it. That I am sure of.
    Mr. Turner. Of course, the medical records are by and large 
in the private sector. Would there perhaps be some way to 
center in on specific areas that are particularly sensitive, 
like medical records and perhaps do something in that area 
rather than just across the board?
    Mr. Paul. But that really confuses the movement toward the 
universal health care because we are moving in that direction 
because so much is managed health care and HMOs. Once Medicare 
starts paying for HMOs, they have to monitor it and they have 
to make sure that patients don't abuse it, doctors don't abuse 
it, hospitals don't abuse it. There is always the temptation to 
abuse the system, so the argument will be that we have to be 
able to monitor it.
    They use the idea that we need this information because it 
is good to study health. We get statistics and we can learn 
more about medicine. There will be all these wonderful things 
that they are going to do. So the odds of us developing a 
medical care system that is being developed and be able to 
maintain medical records, as I did for 30 years--my medical 
records were in the office in a filing cabinet and that was it. 
But now, when you get into the managed care system and the HMO, 
they can march in and look at your medical records and find out 
whether you have been abusing medical care. They will just go 
through your file.
    For efficiency sake, they want these files changed. If 
somebody moves to New York, they don't want it the old-
fashioned way where you mail the records or the patient carries 
them, they want HHS to have access to this and just transfer 
these medical files. That is what is coming unless we are able 
to stop this.
    Even my bill doesn't deal with that overall problem as much 
as it slows it up in that it wouldn't have the universal 
identifier. I would like to address the medical care system in 
this country, but that is not what this does. It just says that 
if you are going to move in the direction of a single payer, 
universal health care system in this country--which we are 
moving rapidly toward--that they cannot use the Social Security 
number so that they can do the matching up.
    When people want to know about individuals and they have a 
Social Security number, they can look up and find every piece 
of property owned, what your bank account is, and what kind of 
disease you have, it will undermine the practice of medicine 
like you have never seen it. I have talked to other physicians 
and the natural tendency is to not keep good medical records.
    If somebody comes in and has controversial things to talk 
about, the good doctor is not going to write it down because it 
is not going to be private. We are moving in that direction. 
And the other physicians in Congress have admitted that to me 
already, that they have the same concerns.
    Mr. Turner. Thank you, Mr. Chairman.
    Mr. Horn. I just have one comment on this, and that is 
numberitis. There is a very interesting editorial in the 
Newark, NJ Star Ledger. The columnist and editorial board 
notes: ``We are challenged to remember e-mail addresses, office 
extension numbers, fax numbers, paging I.D.'s, PIN numbers, Web 
site addresses. The other day I telephoned a greenhouse 
manufacturer to buy some supplies. The service representative 
wanted to know my customer identification number. I told the 
woman I hadn't a clue. Then she asked for a serial number, but 
I wasn't about to trot out to the greenhouse and copy it down. 
Finally, she settled for my zip code and, bingo, I was able to 
place my order. We must be given the third degree every time we 
want to purchase something. Do we really have to?''
    Then it goes on, ``In simpler times, all I had to know was 
my Social Security number and a couple of phone numbers. Now my 
head is so loaded with codes and personal identification 
numbers that it is understandable why my memory bank crashes 
from time to time. I am not a techie or a geek. Programming 
isn't my strong suit. I have given up, for instance, the 
notions that I will ever learn how to program a video recorder. 
Besides, I have neither the time nor the inclination to sit 
down and program numerical codes into, say, a palm pilot.''
    So there are a lot of aspects of this and we appreciate you 
coming here. Since my colleague, Mr. Turner, mentioned 
Representative Kleczka's statement here, if you would like it 
put in the record here at this point----
    Mr. Turner. Yes, Mr. Chairman, Mr. Kleczka requested that 
we include his statement in the record.
    Mr. Horn. Without objection, his prepared statement will 
appear in the record.
    [The prepared statement of Hon. Jerry Kleczka follows:]
    [GRAPHIC] [TIFF OMITTED] T1388.014
    
    Mr. Horn. It is rather interesting. He has a bill in also 
and his bill is H.R. 1450, which is the Personal Information 
Privacy Act [PIPA]--we are getting just like the executive 
bureaucracy here.
    He said H.R. 1450 would allow credit headers to include 
only names and addresses. The credit headers could include an 
individual's telephone number only if it is already listed in 
the phone book. Currently, information such as Social Security 
numbers and mother's maiden names are available on credit 
headers, which are not protected by the Fair Credit Reporting 
Act. Under the FCRA, a person can purchase a credit report only 
if they are making a firm offer of credit or insurance or if 
they have the consumer's consent. Credit headers, which contain 
the aforementioned sensitive information have no such 
protections and may be purchased by anyone.
    It is a very interesting bill, also. Have you had a chance 
to look at that?
    Mr. Paul. Not in great detail, but we have talked about it 
and we testified in another committee on that. Jerry and I have 
worked closely together because we have written a letter to the 
clerk about why our Social Security numbers are on our voting 
cards. So we can't even vote without Social Security number, 
but most of us have not paid much attention to it.
    They claim that they give us a chance to have it on or not, 
which isn't exactly true. So maybe next go around everybody is 
going to have to fill out a form on whether we want our Social 
Security number on our voting card or not. Maybe if we don't 
have a Social Security number we won't get to vote.
    Mr. Horn. And they will probably ask us to put the Social 
Security number on the form we fill out, right?
    Mr. Paul. That's right.
    Mr. Horn. Thank you so much for coming. You are going to 
stimulate quite a discussion nationwide on this, I think. But I 
think it is a worthwhile endeavor.
    We will now go then to panel two. If Barbara Bovbjerg, Hon. 
Fritz Streckewald, Charlotte Twight, and Robert Smith will come 
forward, we will swear you in. If you have staff behind you 
that will be possibly testifying, please have them stand up and 
the clerk will take their names and we will have them affirm 
the oath.
    [Witnesses sworn.]
    Mr. Horn. We have six people. The clerk will get the names 
of those behind Dr. Twight.
    We will start down the line with Ms. Bovbjerg, Associate 
Director of Education, Workforce, and Income Security Issues 
for the Health, Education, and Human Services Division of the 
U.S. General Accounting Office, which is part of the 
legislative branch and does a wonderful job in terms of both 
programmatic analysis and fiscal analysis. We are glad to see 
you.

     STATEMENTS OF BARBARA BOVBJERG, ASSOCIATE DIRECTOR OF 
   EDUCATION, WORKFORCE, AND INCOME SECURITY ISSUES, HEALTH, 
EDUCATION, AND HUMAN SERVICES DIVISION, U.S. GENERAL ACCOUNTING 
 OFFICE; FRITZ STRECKEWALD, ASSOCIATE COMMISSIONER FOR PROGRAM 
BENEFITS, THE SOCIAL SECURITY ADMINISTRATION; CHARLOTTE TWIGHT, 
   PROFESSOR AND PRIVACY EXPERT, BOISE STATE UNIVERSITY; AND 
        ROBERT ELLIS SMITH, EDITOR, THE PRIVACY JOURNAL

    Ms. Bovbjerg. Thank you. I am happy to be here.
    Mr. Chairman and members of the subcommittee, I am really 
pleased to be here today to discuss uses of the Social Security 
number.
    Mr. Horn. I should say one more thing.
    We all have the written statement. We would like you to 
summarize it in 5 minutes. If you need 10, we will get to that, 
but go ahead.
    Ms. Bovbjerg. I will make it in 5 minutes.
    Almost 277 million Americans have been assigned a SSN, and 
because each is unique to the individual, the SSN is frequently 
used for a variety of purposes. Privacy concerns, coupled with 
mounting instances of identity theft have raised public 
sensitivity to this issue.
    I would like to focus my remarks on three aspects of the 
topic: the Federal role in the use of the SSN, State and 
private sector use, and finally the possible impact of 
restricting the number's use. My testimony is based on a report 
we prepared in 1998.
    First, the Federal role.
    No single Federal law regulates the overall use of the SSN, 
but several require its use to help enforce the law, determine 
benefit eligibility, or both. For example, the Internal Revenue 
Code requires that the SSN serve as the taxpayer identification 
number. This means that taxpayers must report their SSN when 
they pay taxes, and their SSNs must also be known to their 
employers and financial institutions from whom they receive 
income.
    Federal law also requires individuals to provide their SSN 
when they apply for means-tested benefits such as supplemental 
security income, Medicaid, food stamps. The numbers are used 
not only for recordkeeping but also to verify income that 
individuals report.
    For example, the Social Security Administration matches 
records with other entities such as the Department of Veterans' 
Affairs to identify SSI applicants who may also be receiving 
other benefits, and does so by using the SSN as the unique 
identifier. Federal law also requires States to use SSNs in 
their child support enforcement programs, in issuing commercial 
drivers' licenses, and on a variety of documents such as 
marriage licenses and death certificates.
    Federal law generally does not restrict SSN use, except in 
a few instances. The Privacy Act of 1974 restricts Federal 
agencies in collecting and disclosing personal information, 
such as SSNs without the individual's consent. The Driver's 
Protection Policy Act restricts State governments from 
disseminating the SSN with drivers' license databases.
    I would like to turn now to how SSNs are used outside the 
Federal Government.
    In our work, we focused on those users who reach the 
largest number of people: State governments and, for the 
private sector, businesses that offer health services, 
financial services, or personal information.
    State officials say they use SSNs in both administering 
programs and in enforcing the law. For example, State tax 
administrators routinely use the SSN as a primary identifier in 
their tax systems and to cross-check taxpayer income. State 
driver licensing agencies most typically use SSNs to check an 
individual's driving record in other States. Law enforcement 
agencies use SSNs to check criminal records.
    In the private sector, the health care industry generally 
uses SSNs as back-up identifiers. Other numbers serve as 
primary identifiers for patient medical records. But SSNs are 
needed to trace patients' medical care across providers or to 
integrate patient records when providers merge.
    Credit bureaus also use SSNs. Such organizations build 
databases of consumer payments and credit transactions. Credit 
bureaus use the SSN as a principal identifier for retrieving 
credit histories on demand. Most of their customers--insurance 
companies, collection agencies, credit grantors--provide a SSN 
when requesting a credit history and can deny credit to 
individuals who refuse to provide them.
    In contrast to these administrative uses, businesses that 
sell personal information collect SSNs for the sole purpose of 
selling them in a linkage with other information. Generally, 
these databases use SSNs to facilitate records searches when 
they are sold to customers like debt collectors, employers, 
anyone who may want to carry out some form of background check 
on an individual.
    Finally, I would like to summarize the possible effects of 
restricting use of the SSN. Users told us that without the SSN 
as a unique identifier, data exchanges would be at risk. Tax 
enforcement would be hampered by not being able to verify 
income reported. Stewardship of public benefit programs would 
weaken. States could not readily identify drivers concealing 
out-of-State traffic violations. Consumer credit histories 
could not be quickly updated and accurately retrieved.
    In conclusion, wide use of the SSN is permissible, but its 
presence in databases creates privacy concerns and fosters the 
growing problem of identity theft. In considering restrictions 
on the use of the SSN, these privacy and confidentiality 
concerns must be weighed against the Government's need for 
timely and accurate information to prevent fraud and abuse and 
against the public preference for services, like easy credit, 
that are enhanced by the use of the SSN.
    Mr. Chairman, that concludes my statement. I am available 
for questions.
    [The prepared statement of Ms. Bovbjerg follows:]

    [GRAPHIC] [TIFF OMITTED] T1388.015
    
    [GRAPHIC] [TIFF OMITTED] T1388.016
    
    [GRAPHIC] [TIFF OMITTED] T1388.017
    
    [GRAPHIC] [TIFF OMITTED] T1388.018
    
    [GRAPHIC] [TIFF OMITTED] T1388.019
    
    [GRAPHIC] [TIFF OMITTED] T1388.020
    
    [GRAPHIC] [TIFF OMITTED] T1388.021
    
    [GRAPHIC] [TIFF OMITTED] T1388.022
    
    [GRAPHIC] [TIFF OMITTED] T1388.023
    
    Mr. Horn. Thank you very much.
    We now have our second witness, Hon. Fritz Streckewald, 
Associate Commissioner for Program Benefits in the Social 
Security Administration, which most know is an independent 
agency that reports directly to the President.
    Mr. Streckewald. Thank you, Mr. Chairman and members of the 
subcommittee, for inviting the Social Security Administration 
to testify on H.R. 220, the Freedom and Privacy Restoration Act 
of 1999, a bill designed to limit the use of the Social 
Security number [SSN].
    I will submit my full statement for the record and 
summarize my remarks.
    At the outset, let me emphasize that SSA has always taken 
its responsibility to protect the privacy of personal 
information in agency files very seriously. For almost 65 
years, SSA has honored its commitment to the American people to 
maintain the confidentiality of the records in our possession. 
We have longstanding and effective practices to maintain 
individuals' privacy.
    Initially, the only purpose of the SSN was to keep an 
accurate record of the earnings covered under Social Security 
and to pay benefits based on those earnings. The Social 
Security card is a document SSA provides to show what SSN is 
assigned to a particular individual.
    In spite of the narrowly drawn purpose of the SSN, use of 
the SSN as a convenient means of identifying people in records 
systems has grown over the years in steps often taken for good 
reasons, such as, in the public sector to help enforce laws, 
protect the public treasury, and collect funds from delinquent 
non-custodial parents.
    My statement for the record summarizes how legislation 
enacted over the years has expanded this use. While there are 
concerns that expanded use of a SSN as an identifier can 
compromise personal privacy, there are those that believe that 
the public interest and economic benefits are well served by 
these uses of a SSN.
    For instance, all Federal benefit-paying agencies rely on 
data matches to verify not only that the applicant is eligible 
for benefits, but also to ensure that the benefit paid is 
correct. The SSN is the key that facilitates the ability to 
perform the matches. We actively participate in data matches to 
ensure the accuracy of Federal and State benefit payments, to 
verify whether applicants are eligible for benefits, to 
undertake debt collection activities, and to safeguard program 
integrity.
    For example, our data matches with Federal, State, and 
local prisons save the Social Security in the supplement 
security income programs about $212 million annually and our 
national matches of death records save about $240 million 
annually. In addition, we verify SSN for employers to ensure 
correct posting of wages and for other Federal benefit-paying 
programs to help reduce their program costs.
    The data matching process is highly efficient, especially 
for programmatic benefits, which allows SSA to more quickly 
determine continuing eligibility and to ensure correct payment 
amount. SSA's estimated savings total about $700 million 
annually from computer matches for the Social Security and SSI 
programs and savings for other Federal, State, and local 
programs total about $1.5 billion annually.
    Mr. Chairman, SSA is very concerned that H.R. 220 would 
severely limit our ability to perform data matches and would 
restrict data exchanges which benefit the public. SSA and other 
Federal, State, and local governments use these data exchanges 
to ensure accurate payment of benefits and to verify 
eligibility. Limitations or foreclosures of such data exchanges 
would undermine SSA program integrity initiatives, cost about 
$2.2 billion in lost savings to Federal, State, and local 
government programs, and erode public confidence in SSA's 
stewardship of the SSA programs.
    Even though there are attempts to provide an exception for 
Social Security use of the SSN, the language in the bill is not 
clear as to whether SSNs could be used as the Social Security 
claims number for benefits. It is also not clear as to whether 
the exception would apply to the use of the SSN for SSI 
purposes.
    I understand that SSA's Inspector General, in a statement 
he is providing for the record at this hearing, has many of the 
same concerns about H.R. 220 that we have. We share 
Representative Paul's concerns about the expanded use of the 
SSN in every phase of society. However, at the same time, we 
have an obligation to ensure that benefits are paid only to 
eligible individuals and that the correct benefit is paid.
    In conclusion, Mr. Chairman, by using data matching, SSA 
and other benefit-paying agencies validate that the correct 
amount is paid only for an eligible beneficiary. The expense of 
trying to obtain information from other agencies without a 
unique identifier would be prohibitive as well as labor 
intensive. In addition, we must carefully weigh the balance 
between protection of individual privacy rights and the 
integrity of the Social Security programs.
    We look forward to working with you to find the right 
balance and I would be glad to answer any questions you may 
have.
    [The prepared statement of Mr. Streckewald follows:]

    [GRAPHIC] [TIFF OMITTED] T1388.024
    
    [GRAPHIC] [TIFF OMITTED] T1388.025
    
    [GRAPHIC] [TIFF OMITTED] T1388.026
    
    [GRAPHIC] [TIFF OMITTED] T1388.027
    
    [GRAPHIC] [TIFF OMITTED] T1388.028
    
    [GRAPHIC] [TIFF OMITTED] T1388.029
    
    [GRAPHIC] [TIFF OMITTED] T1388.030
    
    [GRAPHIC] [TIFF OMITTED] T1388.031
    
    [GRAPHIC] [TIFF OMITTED] T1388.032
    
    Mr. Horn. Thank you for that statement.
    Now we lean to a scholar in the field on this subject, and 
that is Dr. Charlotte Twight, the professor and privacy expert, 
Boise State University.
    Welcome.
    Ms. Twight. Thank you.
    Good afternoon, Chairman Horn and members of the 
subcommittee. Thank you very much for inviting me to testify 
today.
    In addition to my written statement, I also request that a 
copy of my article entitled, ``Watching You: Systematic Federal 
Surveillance of Ordinary Americans,'' distributed last November 
to each Member of the House by Congressman Ron Paul, be 
included in the hearing record.
    Mr. Horn. Without objection, the referenced article will 
appear in the record.
    Ms. Twight. Thank you.
    I strongly support the spirit and the purpose of H.R. 220. 
My research suggests that without new measures such as H.R. 220 
that significantly roll back the Federal quest for centralized 
information about American citizens, programs currently 
underway will inexorably tighten Federal monitoring and 
therefore control of American citizens.
    Today the Social Security number [SSN], has become the key 
to detailed Government portraiture of our private lives. 
federally mandated SSN-linked databases now incorporate 
detailed information on every individual's employment, medical 
history, educational experiences, and finances, right down to 
each check that every person writes. Even the Secretary of 
Health and Human Services now describes American SSNs as a de 
facto individual or personal identifier.
    SSNs were not supposed to be used in this fashion. They 
were supposed to be mere account numbers denoting an 
individual's old-age insurance account within the Social 
Security program. But expansion of SSN use came quickly. 
President Franklin D. Roosevelt began in 1943 by requiring all 
Federal departments and agencies that wanted to create records 
identifying individuals to utilize exclusively the Social 
Security account numbers.
    But the full impact of Roosevelt's order was not felt until 
the 1960's when gradual computerization made SSN-based record 
systems increasingly appealing. The IRS began using SSNs as 
taxpayer identification numbers in 1962. The SSN became the 
Medicare identifier in the 1960's. And thereafter SSN use 
spread unabated.
    As William Minor, writing the Columbia Journal of Law and 
Social Programs, described it: ``By the 1970's, the SSN 
floodgates had opened fully. Congress in 1972 amended the 
Social Security Act to require the use of SSNs for identifying 
legally admitted aliens and anyone applying for Federal 
benefits. In the following years, additional legislation 
required the SSN for the identification of those eligible to 
receive Medicaid, AFDC benefits, food stamps, school lunch 
programs, and Federal loans.''
    Moreover, the 1970's Bank Secrecy Act required all 
financial institutions to identify customers by SSNs and 
preserve detailed records of their customers' personal checks 
and other financial transactions.
    The Privacy Act of 1974 did not stop the flood. 
Incrementalist policies continued to advance SSN use, as 
illustrated by the gradual introduction of requirements for 
Social Security numbers for young children. For approximately 
50 years of the Social Security program, one did not acquire a 
Social Security number until beginning one's first job, usually 
around age 16. Today, as you know, every child must acquire a 
SSN at birth or shortly thereafter. That process culminated in 
1996 when Congress passed a requirement that a SSN must be 
presented for anyone of any age claimed on Federal tax forms as 
a dependent.
    In addition, as part of the 1996 Welfare Reform Act, the 
Federal Government mandated creation of a SSN-based Directory 
of New Hires at both the national and State level, covering 
every working individual in America who enters the work force 
or changes jobs. Privacy concerns raised by these developments 
are further magnified by recent Federal commitment to establish 
a national electronic database tracking each person's personal 
medical history and new Federal powers to track every child's 
educational experiences through a variety of Federal entities.
    My research indicates that unless H.R. 220 or similar 
legislation is passed, the coordinated Government effort now 
underway to require even greater use of SSNs will further 
centralize Federal monitoring of all American citizens. This 
effort includes Federal mandates governing State drivers' 
licenses and birth certificates, Federal work authorization 
databases, Federal development of a unique health identifier 
for each American, Federal implementation of expanded education 
databases, and finally Federal development and issuance of new 
tamper-resistant Social Security cards, perhaps with biometric 
identifiers, viewed by many as a precursor of the long-feared 
national identity card.
    Moreover, with the SSN now at the heart of a vast array of 
Government databases, linkage of those separate databases 
occurs routinely despite periodic statutory lip-service to 
individual privacy.
    Against this backdrop, H.R. 220, in my view, is an 
important step in the right direction. It would repeal many of 
the privacy-eroding uses of SSNs that I have described this 
afternoon. I have made several specific suggestions in my 
written statement aimed at closing some loopholes that may 
exist in the bill's present language.
    In my view, we are at a crossroads. Today, many people are 
so accustomed to massive Government monitoring of their lives 
that all too often they ask, why should people worry about 
Government monitoring if they haven't done anything wrong? That 
current and prospective levels of Federal monitoring of 
American citizens are incompatible with the ideas of freedom 
upon which this country was founded never crosses their minds.
    Pervasive Government extraction of personal data, stored 
and linked via compulsory use of SSNs, is today's reality. The 
threat to privacy is clear. And in the absence of privacy, 
political and economic freedom cannot long endure. The 
restrictions contained in H.R. 220 represent our first real 
chance to counteract the erosion of privacy that has taken 
place through the burgeoning use of SSNs.
    In supporting H.R. 220, however, let us not forget that the 
ultimate solution to the existing Government threat to personal 
privacy is restricting the power of Government to interfere in 
people's lives. The quest for information about private 
citizens, after all, is a byproduct of the vast substantive 
powers now wielded by the Federal Government. Dr. Richard Sobel 
of Harvard Law School has stated that centralized information 
is centralized power. I would add that the converse is also 
true: with today's technology, centralized power is centralized 
information. With its fine existing provisions and the 
modifications I have suggested in my written statement, H.R. 
220 perhaps can be a first step in reducing both centralized 
information and centralized power.
    Thank you very much.
    [The prepared statement of Ms. Twight follows:]

    [GRAPHIC] [TIFF OMITTED] T1388.033
    
    [GRAPHIC] [TIFF OMITTED] T1388.034
    
    [GRAPHIC] [TIFF OMITTED] T1388.035
    
    [GRAPHIC] [TIFF OMITTED] T1388.036
    
    [GRAPHIC] [TIFF OMITTED] T1388.037
    
    [GRAPHIC] [TIFF OMITTED] T1388.038
    
    Mr. Horn. Thank you very much. That is very helpful and we 
will have further dialog on some of that you have mentioned.
    Mr. Smith--Robert Ellis Smith--is editor of the Privacy 
Journal. We are glad to have you here.
    Mr. Smith. Thank you, sir.
    We have really worked ourselves into an illogical 
situation, I think, in our country where we are relying on the 
Social Security number as an authenticator of a person's true 
identity, yet it is no longer a private number. Either we have 
to rely less on that number as an authenticator, or we have to 
find a way to make it a confidential bit of information. Doing 
the latter is going to be highly unlikely and very difficult.
    Congress contributed a lot to this dilemma; so I think it 
has a burden to come up with a solution. This bill, H.R. 220, 
is really commendable for its brevity and its simplicity.
    I would like to do two things in my testimony: show that 
the bill will not be disruptive to governmental agencies and 
outline some of the objections that people have to being 
enumerated. Mostly people have said that they object to Social 
Security use because of ``privacy,'' but I think the concerns 
are deeper than that.
    First, universal identification, whether it is de facto as 
we are close to having now or whether it is required by law, 
simply gives too much discretion to those who are in authority 
to demand that one's papers be in order. That is the kind of 
domestic passport that we have disparaged in South Africa and 
eastern Europe.
    Second, being known as a number, not a name, is 
dehumanizing and we pay a big price for that. When people feel 
that they are dehumanized, it makes brutality, violence, and 
criminality a lot easier to do. The best place to look is in a 
prison, which is a dehumanizing environment because a person is 
not known by the name of his or her choice.
    We should also look to prisons for another lesson, too. 
That is an environment where everybody is positively identified 
by number and name, yet they are certainly environments of 
criminality, fraud, and other behaviors for other reasons that 
we are all aware of.
    Look also to the military, where everybody is positively 
identified by name and by number. I am sure the incident of 
criminality, fraud, and the like is roughly equivalent to what 
it is in the non-military world.
    Next, many Americans have a fundamental religious objection 
to being enumerated that goes back deep in our history. I have 
just completed a book about the history of privacy in the 
United States and found that this goes back to colonial times 
and contributed to many of the early objections to census-
taking.
    Next we should realize that assigning surnames and 
assigning numbers to people has really been a means of social 
control throughout the history of not only this Nation but 
other countries as well. In fact, the introduction of surnames 
was a governmental invention, not a family invention.
    I believe that the need to carry a Government I.D., which 
is what we are moving toward, would really remove the 
spontaneity of American life, the intellectual risk-taking, the 
informality that other cultures have come to envy in the United 
States. Since the 1990's, there have been very compelling, 
pragmatic reasons to why we have to protect Social Security 
numbers, and that is the epidemic of identity theft. And I use 
that term intentionally. It has become an epidemic. The spigot 
for Social Security number availability on the Internet and 
through so-called information brokers has been the ``header 
information'' phenomenon that you described.
    Representative Paul's bill and Representative Kleczka's 
bill, taken together, would really chop the phenomenon of 
identity theft roughly in half. And that is the reduction in 
fraud that we should realize. We think of abandoning Social 
Security numbers as an invitation to increase fraudulent 
activity. In fact, it will have the opposite effect, I believe, 
and cut down on identity fraud.
    Mr. Turner asked for victims. There are probably thousands 
of victims now of identity theft, including the former chairman 
of the Joint Chiefs of Staff and the present president of the 
Associated Press, both of whom were subject to identity fraud 
solely because a stranger got a hold of their Social Security 
numbers, something that would not have happened without this 
header information phenomenon that you outlined.
    I would like to talk about some of the alternatives to 
Social Security numbers. There are lots of organizations that 
do quite well without using either Social Security numbers or 
any numbers whatsoever.
    Back in the 1970's, IBM discontinued using a Social 
Security number as an employee identification number. They do 
use it for payroll purposes. Now, by law, higher education 
institutions in both Wisconsin and Arizona are prohibited from 
using the Social Security number as a student identification 
number. Stanford University, for instance, has used a unique 
number for many years without the Social Security number.
    And the largest collector of information in the whole 
world, the Church of Jesus Christ of Latter Day Saints, does 
not use the Social Security number at all. It was once 
suggested to me that we should look to genealogists to try to 
figure out ways to keep track of people accurately without 
Social Security numbers because for most of that database there 
are no Social Security numbers.
    Congress can help a lot by pushing the Government to look 
toward biometric identifying devices. This is essentially the 
matching of a physical aspect of a person to prove his or her 
identity positively. It would do away with the need for 
numerical identification, do away with a lot of personal 
information, intrusive forms--no more mother's maiden name, 
none of that--and I think it would be a much more less 
intrusive way of establishing identity, if it is done 
correctly.
    And we shouldn't worry that Americans can't tolerate more 
than one identity number. Canadians for many years have had 
both the health identifying number and a social insurance 
number.
    A couple of suggestions for the bill--and I am about to 
conclude--one is that State tax authorities ought to be 
authorized to use the Social Security number. That is a 
compatible purpose with the purpose for which it was originally 
submitted as a Federal taxpayer identification.
    Second, I would hope that this bill would make clear that 
nothing can compel a family to require that a child 16 years or 
younger must be enumerated. There are lots of coercive 
requirements in the Government to make this necessary. Now we 
have in the United States something that all of us thought 
would never happen: an enumeration requirement from birth. The 
Internal Revenue Service requires that in order to get a credit 
or deduction for a dependent, one must produce a Social 
Security number, even if that is an infant. And if the family 
happens to be on public assistance, there is a requirement that 
they have a Social Security number from birth so that many 
nurses in maternity wards now say they don't care about the 
name of the child, they simply want a Social Security number so 
that they can complete their paperwork.
    Many people, like myself, simply have to do without the 
deduction because I am not about to decide for my children that 
they should be enumerated before they can do that on their own. 
And I don't think that ought to be necessary. I think we ought 
to have a prohibition against requiring children under the age 
of 16 from being enumerated.
    Thank you.
    [The prepared statement of Mr. Smith follows:]

    [GRAPHIC] [TIFF OMITTED] T1388.039
    
    [GRAPHIC] [TIFF OMITTED] T1388.040
    
    [GRAPHIC] [TIFF OMITTED] T1388.041
    
    [GRAPHIC] [TIFF OMITTED] T1388.042
    
    [GRAPHIC] [TIFF OMITTED] T1388.043
    
    Mr. Horn. Thank you.
    We will now proceed to some of the questions we have. Mr. 
Turner and I will divide it 10 minutes on a side each.
    Let me start with the representative from the General 
Accounting Office.
    You mentioned that most of the States give people the 
option of having another identifier on the drivers' licenses. 
How effective has that been in giving citizens added protection 
against fraud?
    Ms. Bovbjerg. If I said most, I want to correct that 
because I am not sure that that is true. Some States do give 
people the option of having another number. And this is sort of 
an emerging position on the part of the States. We haven't 
assessed how extensive it is.
    I think it is everyone's hope that not having it on your 
driver's license does help protect you from cashing a check and 
having someone take that number.
    Mr. Horn. Has the separate identifier made it tougher for 
the Division of Motor Vehicles to keep track of the drivers?
    Ms. Bovbjerg. That is among the many things we don't know 
about this.
    Most States keep the Social Security number in some way, 
either on the license or they have linked it to this separate 
identity number for data matching with other States.
    Mr. Horn. What is your judgment as to different 
alternatives of numbers that aren't the Social Security number? 
Is it just each person in an agency, or an agency and its 
personnel to start their own numbering system? What does GAO 
see as the relevant alternatives?
    Ms. Bovbjerg. When I think about a system where each 
Federal program has a different system of numbering, one of the 
things I am concerned about is how you carry out your program 
stewardship responsibilities as the Federal Government. As the 
Social Security Administration stated earlier, there are a 
number of programs where data exchanges with other agencies 
help verify program eligibility or the level of benefit 
eligibility that people have. Without that, you are relying on 
self-reported information. Surely the overpayment cost would 
rise in such a situation.
    Mr. Horn. But say--and this is a true situation--in my 
district there is a house in which 20 different people live and 
they all have the same name. How do you separate that out? And 
should you? And does it matter?
    Ms. Bovbjerg. I think that it matters for certain types of 
uses. It matters to me, for example. My name didn't used to be 
so complicated. My name used to be Davis. And it mattered to me 
that I had a lot of difficulty cashing a check because I was 
constantly confused with all these Barbara Davises bouncing 
checks. So it might matter to an individual.
    But that might differ among individuals as to how 
inconvenient that is. It matters a great deal to certain 
Federal programs that you have a unique identifier for an 
individual so that you can assign--in Social Security's case--
their earnings to their account. In the IRS case, so you know 
they are paying their taxes and you are not looking at tax 
avoidance on the part of the wrong person.
    There are a number of other Federal programs--I think we 
mentioned Pell grants earlier and student loans are another 
example.
    Mr. Horn. This is an actual case. In the Eisenhower 
administration they were putting together a delegation to go to 
the International Labor Agency in Geneva. We found that people 
had exactly the same name, born in the same city in the State 
of New York, and had gone to school at the same time, and the 
interesting thing was that one was a communist and one wasn't. 
And yet that person who wasn't was going to be bounced because 
of this communist file, etc. And it wasn't somebody duplicating 
files or anything, it is just sheer chance.
    So how do we solve that if we don't have something like a 
Social Security number that might help us differentiate between 
these people?
    Ms. Bovbjerg. One of the things we have thought about--and 
we were thinking particularly of the private sector and less of 
the Federal Government-- is that it would make their jobs 
harder if they couldn't use a unique identifier. But it does 
not make their jobs impossible. Now I am getting into a 
technological area that I can't go very far into, but then 
could we relational databases where you can look at a number of 
fields and, by combining them, create a unique identifier. But 
I am not sure that that is a comfort if the concern is 
protecting privacy and keeping personal information from being 
disseminated widely.
    I think that in the private sector an inability to use the 
Social Security number will make things harder. It won't be as 
convenient for businesses. But they won't go out of business. 
There will be a way to figure out how to identify one Barbara 
Davis from another.
    Mr. Horn. Would any of you like to comment on these 
questions and the answers? Does Social Security have a view on 
this?
    Mr. Streckewald. We are in agreement that without a unique 
identifier--as far as we know the Social Security number is the 
only unique identifier that is widely used--it is very easy to 
confuse John L. Smith of Lincoln Avenue with John L. Smith of 
Lincoln Boulevard. And for a lot of purposes--not only that you 
don't want Mr. Smith's credit on your credit account if you're 
not him--but also to make sure that we pay the right people. We 
agree that it would be very difficult.
    The relational databases she is mentioning are feasible, 
but I think in the end they tend to do the same thing. You have 
to connect them so that you know who you're dealing with.
    Mr. Horn. Any thoughts on this, Dr. Twight?
    Ms. Twight. One thought that I have is that when we are 
trying to weigh these things out, we are always going to have 
difficulty because the increased administrative costs 
associated with doing something other than having the Social 
Security number used as the all-purpose identification--those 
administrative costs are tangible and measurable.
    The costs on the other side, in terms of loss of personal 
privacy, freedoms--those sorts of things, loss of personal 
autonomy--are by definition intangible and hard to measure. So 
I think that is an important thing to keep in mind when we are 
trying to balance these things out.
    Mr. Horn. Mr. Smith.
    Mr. Smith. Historically, the Social Security Administration 
has had to deal with people who are using duplicate Social 
Security numbers and there are many people using more than one 
Social Security numbers. There are tie breakers, in the case of 
this home in California. There are--as the witness from GAO 
said--now techniques that we have that incorporate other 
aspects of a person's identity that we can use.
    Nothing in Representative Paul's bill, first of all, 
prohibits the Social Security Administration from continuing to 
use that number. Nothing prohibits any Federal agency from 
using a unique identifier. What is prohibited is that they 
can't use the same one. I think that is doable.
    Mr. Horn. How about having a modern type of reader for 
one's hands or fingerprints or whatever, but something so that 
when you go into a light there that apparently differentiates 
people. Presumably, then, the only people who might have it is 
your bank or something else. But it wouldn't be something that 
other people are likely to have without--it's hard to change 
your fingerprint.
    Mr. Smith. Exactly. And that is biometrics. And one of the 
values of it is that it tells only who you are. It tells 
nothing more about you. It doesn't tell how many kids you have 
or what you like to do at home. If implemented properly, it 
could be a less intrusive technique for establishing identity.
    What we don't know at this point is the reliability rate. 
Most of them are no more than 60 to 70 percent as reliable as a 
fingerprint. Second, the real danger is that we will be tempted 
to use a DNA sample as the identifier, and that is an aspect 
that tells more about you than your identity. It will take in 
diseases and predilections for certain problems in the work 
place which could be extremely discriminating to people.
    If it is implemented properly, I think biometrics is the 
less intrusive way to establish identity.
    Mr. Horn. Any other reaction to that? Is biometrics----
    Mr. Streckewald. Mr. Chairman, for Social Security 
purposes, the Social Security number works very well. As long 
as we continually look to tighten our enumeration process, we 
feel that for Social Security purposes, for posting wages, for 
doing data matches with other Federal, State, and local 
governments that the Social Security number works fine. We are 
in the process of implementing recommendatins contained in a 
recent Inspector General report. And at this point, there is no 
need for biometrics.
    The Social Security number was not meant to be an 
identifier. It only says that there is a number that relates to 
this person. It doesn't prove identity. Say that this person in 
front of you is necessarily that person. We use it for 
recordkeeping.
    Mr. Horn. And you don't see any biometric that you could 
use?
    Mr. Streckewald. We haven't fully explored that yet.
    Mr. Horn. Does GAO know about other Government agencies 
exploring that?
    Ms. Bovbjerg. I don't. That would be something I could get 
back to you on.
    Mr. Horn. If you would, I would appreciate it because I 
know I have looked at some of that equipment in various places 
and it could be used by Customs, Immigration, and so forth.
    Ms. Bovbjerg. I know that HHS has looked at the possibility 
of Biometric Identifiers for purposes of the unique health 
identifier. That is one of the things listed in the report they 
came out with a while back. And I think that there are some 
questions and difficulties in terms of how much of a threat to 
personal privacy that will actually represent. I am not as 
sanguine about it as some of my colleagues here at the table.
    Mr. Horn. Thank you for that comment.
    I now yield 11 minutes to my colleague from Texas, the 
ranking member, Mr. Turner.
    Mr. Turner. Thank you, Mr. Chairman.
    I need some help on how you can calculate the cost of a 
piece of legislation like this. Obviously, if you're going to 
force the Federal agencies to abandon the use of the Social 
Security number, they are going to replace it with some other 
number. And I suppose that if you are against using an 
identifier, you might be against using any number. But I guess 
the problem I see is trying to figure out how you would 
accomplish this and at what cost would it incur.
    Do any of you have any suggestions? Has GAO looked at this 
to see if there is any way you can estimate the cost of a bill 
like this?
    Ms. Bovbjerg. Well, often we will ask CBO to do it.
    But in this case I presumed that the bill prevents the 
Federal Government from coming up with any kind of replacement 
for a unique identifier. In considering the cost of the bill, I 
was actually thinking less about administrative costs than 
about the overpayment cost or the inability to collect on debt 
owed the Federal Government. And I think Dr. Streckewald has 
some figures on what Social Security and other agencies get 
from the current data matches they do. The cost could be 
something in that order of magnitude.
    Mr. Turner. What information do you have, Dr. Streckewald?
    Mr. Streckewald. Mr. Streckewald--thanks, though. 
[Laughter.]
    Yes, that is how we have looked at this. We have no idea 
what it would cost to manually match notices. But we do know 
what we save from data matches.
    Social Security is both the recipient and the source of 
numerous data matches. We save about $350 million a year from 
Title II data matches that we sent out daily to other agencies 
to verify income sources that Title II beneficiaries have. And 
we save about $350 million there.
    We save another $325 million from the SSI Program doing the 
same thing, sending out data and getting it verified. We have 
been heard and there have been estimates within the agency that 
about $1.5 billion a year are saved by the State, local, and 
Federal Governments that send us information to verify and we 
verify the Social Security amount.
    So there is a lot of money involved, $2.2 billion total 
just in the matches.
    We are also concerned about our ability to collect debt. 
There are three tools that we use that we think this bill may 
jeopardize: the tax refund offset, which we use to offset 
refunds if people get to pay back their overpayments; the 
treasury offset program, which is broader than just going to 
tax refunds; and then referring or reporting to credit bureaus 
delinquent debt.
    In 1999, we collected $84.4 million using these techniques 
and we aren't sure if they would be available to us in the 
passage of this bill.
    Mr. Turner. Mr. Smith, wouldn't there be some way to 
continue to use the Social Security number because so many 
businesses are using it, and so many Government agencies are 
using it--but in areas where we want to be sure we protect 
access to the data that is identified by the Social Security 
number, we add some additional number as a part of the Social 
Security number--would that be helpful rather than simply 
abandoning the use of the Social Security number?
    Mr. Smith. I don't think this bill does abandon the use of 
it. It seems to me it coerces Federal agencies to use different 
identifying numbers.
    A couple of ways, if you find the costs are too much--
simply giving an option, the way the Privacy Act does, that an 
individual may not be declined benefits because of a refusal to 
give a Social Security number. Perhaps for 10 percent of your 
database you are going to have people with other nine-digit 
numbers assigned at random. I don't think that is unduly 
costly.
    Another way, possibly, is to fix the language in the 
current bill that says you can't use a derivative of a Social 
Security number. Just using the last four digits with other 
randomly assigned numbers, Federal agencies can use it as a 
tie-breaker and can establish identity without sacrificing 
privacy. Agencies ought to look into that, too. That is another 
very real possibility.
    Among the savings in cost will be a reduction in identity 
theft by 50 percent. That is mostly a private sector cost, but 
it's growing more and more. And you will save money from a lot 
of false matches. The Veterans' Administration finds a lot of 
false matches when they run a match based on a Social Security 
number. People quite often misstate one digit and that gives 
you a false match. And that is a very costly process to unravel 
that. So you will save that money as well.
    Mr. Turner. The first suggestion you made was basically to 
give an individual the option of whether they use the Social 
Security number.
    Mr. Smith. Yes.
    Mr. Turner. I can understand from an individual's 
perspective that that gives that person the option of trying, 
in that way, to preserve their privacy. But it seems like we 
ought to be dealing with this issue on a little broader basis. 
If it is important to protect the privacy of one person, it 
seems that it ought to be important to protect the privacy of 
all. So just to say that you are going to give people the 
option--which I would think would create a lot of confusion 
within the various agencies for people who say they don't want 
their Social Security number used--that you would be better off 
approaching this problem and being sure you are trying to 
institute and create ways to protect the privacy of everyone.
    Mr. Smith. You would protect the privacy of everyone if the 
option is available and it says in the law that you need not 
present the Social Security number if you wish not to. That 
would establish for a lot of people the right to say no, which 
is essentially what they want. So it is not tailor-made just 
for a tiny few individuals. It is really how the Privacy Act 
provision on Social Security numbers was intended to work.
    I recommend this only as an alternative. If it turns out 
that this is going to be an extremely costly endeavor--I don't 
think it is going to be a costly endeavor.
    For instance, the State of Maryland manages all their motor 
vehicle records with no Social Security number at all. They use 
some of these modern techniques that I speak of.
    Now, to convert to some of these other techniques--one of 
these is Soundex--there is going to be a cost, but I think the 
Federal Government is going to face that eventually. They are 
going to have to convert to those other identifiers because we 
can no longer rely on a system that relies on a Social Security 
number to authenticate your true identity and yet makes that 
number a public number. That just doesn't make sense.
    Mr. Turner. Thank you.
    Thank you, Mr. Chairman.
    Mr. Horn. I just have a few questions to pursue, and here 
is one of them.
    How does the Government account for people who refuse the 
Social Security number with regard to retirement benefits and 
Government services? What do we do on that?
    Mr. Streckewald. Social Security requires that you give us 
your Social Security number in order to receive benefits.
    Mr. Horn. Do you know if private pension systems use that?
    Mr. Streckewald. I don't.
    Mr. Horn. Did GAO look at that?
    Ms. Bovbjerg. I believe that private pension systems would 
have to use it because of the tax affiliation. Private pensions 
are one of our largest tax expenditures.
    Mr. Horn. Are you aware to what degree, say, IRS has 
problems with the members that don't have any Social Security 
number? Is that a problem with IRS?
    Ms. Bovbjerg. It would be a problem not to have one, but I 
don't know what the extent of that problem is.
    Mr. Horn. And then those that serve in the military, of 
course, does their dog tag include the Social Security number? 
Or do they just have their own?
    I see nodding heads that they use their Social Security 
number.
    Explain to me a little bit, Mr. Smith, the Soundex personal 
identification searcher. How does that work?
    Mr. Smith. Well, the way I understand it, it incorporates 
other factors in a person's name, address, birth date, even 
occupation, and makes it into essentially a digital formula. It 
can also be altered over time because one's address may change 
with time. It is, what I would call, a covert number. I never 
see it. It is simply a formula that identifies me. Whenever I 
present myself at an agency, they use the same algorithm to 
identify me.
    The beauty of it is that when you have an applicant in 
front of you with name and perhaps birth date and address, you 
can retrieve the 10 or 12 closest matches and then either the 
computer or the individual can choose precisely the match you 
are looking for. You can't do that with a Social Security 
number. If a person is one digit off, you aren't going to get a 
match.
    So I think these modern techniques are more reliable in 
getting matches.
    Mr. Horn. When we are talking about maybe rolling back the 
use of the Social Security number, is there any rational way 
you can think of to peel it back? And if so, where would you 
start, besides the Government?
    Mr. Smith. I would say it may be used only for Social 
Security purposes, its original intent, and tax purposes. One 
of the logics is chronological. Those were the first two. They 
were both established by law, not by Executive order or 
bureaucratic happenstance. They are closely allied purposes. 
They also now have become extremely ingrained and to stop those 
would be extremely disruptive. It would not be as disruptive to 
discontinue some of the other uses that have taken hold since 
the 1960's.
    Mr. Horn. Any other thoughts on that and how we peel it 
back and which ones don't really need the number or could 
figure out another way to have a number of their own origin?
    Have you taken a look at that, Dr. Twight?
    Ms. Twight. I agree with what Mr. Smith said.
    Mr. Smith. I think you identified the difficult question 
and that is Medicare. I am not prepared to answer that one. 
That is a tough one.
    Mr. Horn. Especially when we think there is $30 billion of 
fraud there.
    Mr. Smith. Well, it is so closely allied with the Social 
Security system as well.
    Mr. Horn. Exactly. There are interchanges there with 
Medicare and Social Security still?
    Mr. Streckewald. Yes, as far as I know.
    Mr. Horn. Because they are under HHS and you're 
independent, you're still talking to each other?
    Mr. Streckewald. We sure are. We actually have some data 
matches with them, too.
    Mr. Horn. What does GAO think about the peel back movement? 
Where would you start?
    Ms. Bovbjerg. Well, when you were asking this, I was 
thinking--and I can tell you the exact name of the law in a 
minute--the Drivers' Privacy Protection Act seemed to have the 
potential to make some difference. That was just upheld by the 
Supreme Court a couple of months ago. It prohibits States from 
disclosing Social Security numbers for purposes like surveys, 
marketing, solicitation. They can no longer sell them as part 
of their motor vehicle drivers' license database without the 
express consent of the individual.
    And it is too early to know whether that makes a 
difference, but it is data sets like that or birth certificates 
and things like that where the private sector sellers of 
personal information get the information that they sell.
    Mr. Horn. Well, that's helpful and we will be asking other 
panels as to where they think they can peel this thing back a 
little bit and just not have everybody find out everybody 
else's Social Security number because it is getting to be 
pretty open.
    In your survey, did a number of Federal agencies say they 
were using any individual identifiers or were thinking about it 
or what?
    Ms. Bovbjerg. When we did our survey, we actually talked to 
States and private sector users. We didn't talk to Federal 
users in the same way. We talked more about what the laws 
require and what the restrictions were. So we didn't ask that 
question. Now that you're having this hearing, we wish that we 
had.
    Mr. Horn. What about the States? We can look at them as a 
prototype of us. We are just a little bigger up here.
    Ms. Bovbjerg. The States said that they would have trouble 
not using the Social Security number. A particular place is 
State taxes because they link their information to Federal tax 
information, Federal income information to try to do 
verification. They mentioned law enforcement as being an issue 
for them. I think in motor vehicles they would like to continue 
to use the number. They are still required to use the number 
for the commercial driver's license. But I think that was less 
of a concern to them than the law enforcement and tax 
enforcement areas.
    Mr. Horn. Has any scholar ever done a book on what the 
Government was like before 1936 in terms of identifying people?
    Ms. Twight. Not that I am aware of.
    Mr. Horn. It seems to me that would be a pretty interesting 
Ph.D. dissertation.
    Mr. Smith. Prior to 1935, very few people had a contact 
with the Federal Government so there weren't that many 
databases.
    Mr. Horn. And that is one good reason why they didn't have 
it. It was a simpler world.
    People cite technology as one of the vital factors in 
identifying theft and fraud. I am the author of the Debt 
Collection Act of 1996 and I have a letter here now from the 
general counsel of the Department of Treasury as to what the 
effect of Mr. Paul's bill would have on a lot of things such as 
debt collection. And that would bother me because there are a 
lot of people who are just chiselling the taxpayers. That is 
what got me started in that little endeavor.
    A guy got a loan from the Farmer's Home Loan crowd and has 
this great ranch up in Sonoma County and then he defaults and 
they give him another loan to live in Santa Barbara, which is a 
rather pricey place, and there we are. We don't think the 
taxpayers' money should go that way.
    Mr. Smith. I would like to point out that characters like 
that also know to use different Social Security numbers; so we 
shouldn't rely on that number to catch crooks.
    Mr. Horn. Before the technological revolution, personal 
information like Social Security would take an investigator 
weeks to obtain because none of the information was 
centralized. This is no longer the case. Information is in one 
central location or just a few keystrokes away.
    Do you feel that is a realistic summation of the problem? 
That is just too easy now to find out so easily about people?
    Mr. Smith. Yes, definitely. The data systems are built and 
then privacy is an afterthought. Security is an afterthought, 
too.
    Mr. Horn. Do you think it would be more effective to boost 
internal security on the distribution of the national 
identifier by Federal, State, and local agencies? Or what would 
you do to sort of limit that?
    Mr. Smith. When you have six to a dozen States that display 
it on the face of the license, I think the damage is done. You 
cannot put the Social Security number back into a confidential 
box, I am afraid. That is why a new identifier might have that 
potential. It could be truly a confidential bit of information 
that only the bearer would know.
    Mr. Horn. Does anybody else have a comment on that 
approach?
    Dr. Twight.
    Ms. Twight. I have a general comment. I wanted to share 
just two sentences from legal scholar, Paul Schwartz, who was 
writing in the Hastings Law Journal, ``Personal information can 
be shared to develop a basis for trust, but the mandatory 
disclosure of personal information can have a destructive 
effect on human independence.''
    And he went on, ``Totalitarian regimes have already 
demonstrated the fragility of the human capacity for autonomy. 
The effectiveness of these regimes in rendering adults as 
helpless as children is in large part a product of the 
uncertainty they instill regarding their use of personal 
information.''
    And then in the very next paragraph, he talks about how 
that has occurred in America to some degree, how people in 
America no longer know how their information is going to be 
used. And with these universal identifiers that we see 
represented now in the form of the Social Security number--it 
creates a lot of pressure for conformity that perhaps would not 
otherwise exist.
    Mr. Horn. Any other comments?
    Mr. Streckewald. Mr. Chairman, I would like to respond to 
Mr. Smith's comment about systems being built without security 
in mind.
    As you consider this bill, you need to also consider that 
Congress has seen fit to pass several laws that address this 
issue. The Computer Matching and Privacy Protection Act has a 
number of safeguards built into data matches, the type of 
things that are in question here. We have to specify the 
purpose of the match in a memorandum of understanding. We have 
to verify the information we derive from the match prior to 
acting on it. So we cannot lower someone's check just because 
the data match tells us that without verifying it.
    We have to give the person an opportunity to contest the 
information. We have to have security procedures in place to 
protect the data, and we have to strictly limit redisclosure.
    Social Security takes that even further. We personally go 
onsite and visit every agency that we share data with or from 
whom we get data to make sure that they have the security 
procedures in place and are capable of following this law.
    Mr. Smith. I would like to comment that that proves my 
point. Computer matching began in 1976 and 1977 and the bill 
came much later than that, in 1988. I was there at the 
creation. So first came matching and after came the security 
precautions.
    Ms. Bovbjerg. I just have a couple of thoughts. One is that 
we have kind of been assuming that people's Social Security 
numbers are used entirely without their involvement. And it has 
been our observation that people freely give out their Social 
Security number. I don't think people think about it very much 
anymore. It is difficult to keep such a thing confidential when 
people at various retail outlets ask for it and people give it 
to them.
    The other thing I wanted to respond to is the idea of a new 
number that would be kept confidential. First, we would have to 
do a better job than we have done with people and how they 
safeguard their Social Security number. But my mind reeled as I 
thought of the prospect of how the Federal Government would 
actually accomplish this in any reasonable period of time--277 
million people being re-enumerated. So there would be an 
administrative cost I would be concerned about.
    Mr. Horn. But nobody has given us any. Does GAO want to 
make some guesses as to what the cost would be one way or the 
other?
    Ms. Bovbjerg. We never guess at GAO. [Laughter.]
    But I can tell you that anytime you do anything at the 
Social Security Administration that affects all cardholders, it 
costs a huge amount. We talked a year or so ago about the 
counterfeit-proof card and what it would cost to create such a 
thing. And the range was something like $4 billion to $10 
billion. And that is because anytime you do anything for 277 
million people, it ends up costing a lot.
    So my guess is that it would cost a lot.
    Mr. Horn. Now that we have locked in Presidents from 
putting their little hands in the Social Security trust funds, 
maybe they will have more money for administrative analysis. 
But right now, we have to appropriate that for administration? 
And you can't use what is in the trust fund? Am I right on 
that?
    Mr. Streckewald. Yes. If the new card were to go beyond the 
purposes of what the Social Security card is currently used 
for, we could not use the trust funds to pay for the cost.
    Mr. Horn. Are there any other points you would like to make 
before we adjourn this hearing?
    Dr. Twight.
    Ms. Twight. I wanted to comment on the point that was just 
made about private people's willingness to divulge their Social 
Security numbers for seemingly the most trivial of business 
transactions.
    I recently had an experience at the Bon Marche in Boise, ID 
where I forgot my charge card and they just asked me for my 
Social Security number and I refused to give it.
    But in any event, it seems that today so many people are 
willing to just divulge that Social Security number. My theory 
is that this gradual process by which the Social Security 
number has been used for everything--you have little kids 
growing up who have had the Social Security number since birth 
and so on--that people have become sort of desensitized to what 
that represents.
    So I think that makes it even a larger problem than we 
might otherwise think.
    Mr. Horn. Mr. Smith.
    Mr. Smith. I would like to defend people, if I may, with 
two examples.
    I gave my Social Security number as a young person entering 
law school. Six years later, it shows up on the label of my 
alumni mailing to me so that it was open to the whole world. I 
didn't know the consequences of that when I provided my Social 
Security number. I provided it to an authority figure and 
figured that it was required.
    I opened a bank account and was asked for a Social Security 
number because the Department of Treasury requires it. My bank 
was sold to another company that now wants to use it as the 
access code to get my account information over the telephone 
and use it as the last four digits of the PIN number.
    I didn't provide it for that purpose. So I think people 
ought to be defended. They give out the Social Security number 
to authority figures without knowing the consequences of how it 
might be used later for secondary purposes.
    Mr. Horn. I think you are absolutely right. I have had so 
many people tell me that. And I know in a couple of cases when 
I have said, ``It's none of your damn business,'' they looked 
at me like I was a crook. So be it, and they didn't get the 
sale.
    Mr. Streckewald. Mr. Chairman, this bill could impact 
Social Security, even though we are actually exempted from some 
of the restrictions on it. We think it would interfere very 
much with our pledge to the American people to deliver 
services.
    For years, our informal motto at SSA has been to pay the 
right check to the right person at the right time. This bill 
could interfere with all three of those.
    Paying the right check, of course, is dependent upon 
knowing other sources of income. Without the data matches we 
have, either we would have to rely upon manual error prone 
processes or we would not be able to do them at all. So the 
right check would be in question.
    Paying the right person is the same idea. The Social 
Security number is a unique identifier. We know which John 
Smith we are dealing with, so the use of Social Security 
numbers allows us to know that we get the right check to the 
right person.
    And then the final piece, the right time, is referring to 
timely service so that people don't have to wait for their 
check. They don't have to wait for changes in the amount of 
their checks. Manual processes take a lot longer than automated 
computer matches, although we have no way of knowing right now 
exactly how much longer. It may create an additional burden on 
the American people to come and give us, on a regular basis, 
the information that we currently receive from these matches.
    These are just some of our concerns about this bill.
    Mr. Horn. Now, I am sure you are following the legislation 
we have already worked on in the last couple of months, and 
that is to relieve you of having to worry about this person 
having extra income to work and just wiping that out.
    Will that help you in the sense that it doesn't matter who 
they are--and I think we have wasted a lot of administrative 
time, probably, in Social Security to try to get some poor soul 
that has $500 a month in a check and she is working in a local 
hardware store at minimum wage.
    Won't that help you when we knock that out?
    Mr. Streckewald. I am not sure if I understand your 
question.
    Are you referring to----
    Mr. Horn. We are talking about the employment thing I am 
talking about. I was curious how many thousands of people you 
have worrying about that, because we are going to relieve you 
of that.
    Mr. Streckewald. I see. You are talking about the 
elimination of the retirement earnings test.
    Mr. Horn. That's right.
    Mr. Streckewald. That will definitely relieve people of 
reporting their earnings to us who are past the retirement age. 
You are right, there.
    Mr. Horn. So we are looking at about 900,000 beneficiaries 
that might be affected by that. How many employees could you 
let go because they are no longer figuring that, or harassing 
people, or whatever?
    Mr. Streckewald. We haven't done that analysis yet, but I 
would be glad to submit something to you if we have anything.
    Mr. Horn. I really would like to have that analysis and put 
that in the record, without objection, at this point because we 
are wondering at that. There are a lot of things you have to do 
and that is not going to be one of them anymore. I think 
everybody is going to be happier and they will have more money 
and it wasn't helping that much anyhow. But we have to argue 
and they go through our district offices because they have seen 
a deduction from their check and wonder what that is all about 
and they have to worry about writing out a check themselves 
when they don't have the money.
    So I would hope that is relieving you of a lot of work.
    Mr. Streckewald. We will look into it.
    Mr. Horn. Thank you very much. I would like the response 
put at this point in the record.
    [The information referred to follows:]

    [GRAPHIC] [TIFF OMITTED] T1388.044
    
    Mr. Horn. Thank you. You have all been very good witnesses 
and we have learned a lot.
    This is simply the first hearing to take a look at this 
situation. And I understand that the Ways and Means Committee 
that does have authorization on Social Security is also doing 
that. So maybe something good will come out of it.
    We thank you for coming here and sharing.
    And I will say to anyone else here that might want to file 
a statement, if you could file it in the next 2 weeks, we would 
be glad to put it in the record because I know a lot of groups 
at the State level, motor vehicles, the universities, and all 
the rest would like to get their views in on it, and we welcome 
them.
    With that, we thank you and we thank the staff here: 
Russell George, the staff director and chief counsel; Heather 
Bailey to my left and your right, the professional staff member 
who put this one together; Bonnie Heald, director of 
communications is here; Bryan Sisk, clerk; Elizabeth Seong, 
intern; Michael Soon, intern; Trey Henderson, the counsel for 
the minority; along with Jean Gosa, the minority clerk. And we 
thank Mr. Mel Jones today for being the court reporter.
    With that, we are adjourned. Thank you.
    [Whereupon, at 3:41 p.m., the subcommittee was adjourned.]
    [Additional information submitted for the hearing record 
follows:]

[GRAPHIC] [TIFF OMITTED] T1388.045

[GRAPHIC] [TIFF OMITTED] T1388.046

[GRAPHIC] [TIFF OMITTED] T1388.047

[GRAPHIC] [TIFF OMITTED] T1388.048

[GRAPHIC] [TIFF OMITTED] T1388.049

[GRAPHIC] [TIFF OMITTED] T1388.050

[GRAPHIC] [TIFF OMITTED] T1388.051

[GRAPHIC] [TIFF OMITTED] T1388.052

[GRAPHIC] [TIFF OMITTED] T1388.053

[GRAPHIC] [TIFF OMITTED] T1388.054

[GRAPHIC] [TIFF OMITTED] T1388.055

[GRAPHIC] [TIFF OMITTED] T1388.056

[GRAPHIC] [TIFF OMITTED] T1388.057

[GRAPHIC] [TIFF OMITTED] T1388.058

[GRAPHIC] [TIFF OMITTED] T1388.059

[GRAPHIC] [TIFF OMITTED] T1388.060

[GRAPHIC] [TIFF OMITTED] T1388.061

[GRAPHIC] [TIFF OMITTED] T1388.062

[GRAPHIC] [TIFF OMITTED] T1388.063

[GRAPHIC] [TIFF OMITTED] T1388.064

[GRAPHIC] [TIFF OMITTED] T1388.065

[GRAPHIC] [TIFF OMITTED] T1388.066

[GRAPHIC] [TIFF OMITTED] T1388.067

[GRAPHIC] [TIFF OMITTED] T1388.068

[GRAPHIC] [TIFF OMITTED] T1388.069

[GRAPHIC] [TIFF OMITTED] T1388.070

[GRAPHIC] [TIFF OMITTED] T1388.071

[GRAPHIC] [TIFF OMITTED] T1388.072

[GRAPHIC] [TIFF OMITTED] T1388.073

[GRAPHIC] [TIFF OMITTED] T1388.074

[GRAPHIC] [TIFF OMITTED] T1388.075

[GRAPHIC] [TIFF OMITTED] T1388.076

[GRAPHIC] [TIFF OMITTED] T1388.077

[GRAPHIC] [TIFF OMITTED] T1388.078

[GRAPHIC] [TIFF OMITTED] T1388.079

[GRAPHIC] [TIFF OMITTED] T1388.080

[GRAPHIC] [TIFF OMITTED] T1388.081

[GRAPHIC] [TIFF OMITTED] T1388.082

