[House Hearing, 107 Congress]
[From the U.S. Government Publishing Office]



 
PROTECTING PRIVACY AND PREVENTING THE MISUSE OF SOCIAL SECURITY NUMBERS

=======================================================================

                                HEARING

                               before the

                    SUBCOMMITTEE ON SOCIAL SECURITY

                                 of the

                      COMMITTEE ON WAYS AND MEANS
                        HOUSE OF REPRESENTATIVES

                      ONE HUNDRED SEVENTH CONGRESS

                             FIRST SESSION

                               __________

                              MAY 22, 2001

                               __________

                           Serial No. 107-31

                               __________

         Printed for the use of the Committee on Ways and Means

                    U.S. GOVERNMENT PRINTING OFFICE
74-226                      WASHINGTON : 2001
For Sale by the Superintendent of Documents, U.S. Government Printing Office
Internet: bookstore.gpo.gov  Phone: toll free (866) 512-1800; (202) 512-1800  
Fax: (202) 512-2250 Mail: Stop SSOP, Washington, DC 20402-0001





                      COMMITTEE ON WAYS AND MEANS

                   BILL THOMAS, California, Chairman

PHILIP M. CRANE, Illinois            CHARLES B. RANGEL, New York
E. CLAY SHAW, Jr., Florida           FORTNEY PETE STARK, California
NANCY L. JOHNSON, Connecticut        ROBERT T. MATSUI, California
AMO HOUGHTON, New York               WILLIAM J. COYNE, Pennsylvania
WALLY HERGER, California             SANDER M. LEVIN, Michigan
JIM McCRERY, Louisiana               BENJAMIN L. CARDIN, Maryland
DAVE CAMP, Michigan                  JIM McDERMOTT, Washington
JIM RAMSTAD, Minnesota               GERALD D. KLECZKA, Wisconsin
JIM NUSSLE, Iowa                     JOHN LEWIS, Georgia
SAM JOHNSON, Texas                   RICHARD E. NEAL, Massachusetts
JENNIFER DUNN, Washington            MICHAEL R. McNULTY, New York
MAC COLLINS, Georgia                 WILLIAM J. JEFFERSON, Louisiana
ROB PORTMAN, Ohio                    JOHN S. TANNER, Tennessee
PHIL ENGLISH, Pennsylvania           XAVIER BECERRA, California
WES WATKINS, Oklahoma                KAREN L. THURMAN, Florida
J.D. HAYWORTH, Arizona               LLOYD DOGGETT, Texas
JERRY WELLER, Illinois               EARL POMEROY, North Dakota
KENNY C. HULSHOF, Missouri
SCOTT McINNIS, Colorado
RON LEWIS, Kentucky
MARK FOLEY, Florida
KEVIN BRADY, Texas
PAUL RYAN, Wisconsin

                     Allison Giles, Chief of Staff

                  Janice Mays, Minority Chief Counsel

                                 ______

                    Subcommittee on Social Security

                  E. CLAY SHAW, Jr. Florida, Chairman

SAM JOHNSON, Texas                   ROBERT T. MATSUI, California
MAC COLLINS, Georgia                 LLOYD DOGGETT, Texas
J.D. HAYWORTH, Arizona               BENJAMIN L. CARDIN, Maryland
KENNY C. HULSHOF, Missouri           EARL POMEROY, North Dakota
RON LEWIS, Kentucky                  XAVIER BECERRA, California
KEVIN BRADY, Texas
PAUL RYAN, Wisconsin

Pursuant to clause 2(e)(4) of Rule XI of the Rules of the House, public 
hearing records of the Committee on Ways and Means are also published 
in electronic form. The printed hearing record remains the official 
version. Because electronic submissions are used to prepare both 
printed and electronic versions of the hearing record, the process of 
converting between various electronic formats may introduce 
unintentional errors or omissions. Such occurrences are inherent in the 
current publication process and should diminish as the process is 
further refined.





                            C O N T E N T S

                               __________
                                                                   Page
Advisory of May 15, 2001, announcing the hearing.................     2

                               WITNESSES

Social Security Administration:
    Hon. James G. Huse, Jr., Inspector General, Office of the 
      Inspector General..........................................    16
    Michael Robinson, Special Agent, Office of the Inspector 
      General....................................................    19

                                 ______

Electronic Privacy Information Center, and Georgetown University 
  Law Center, Marc Rotenberg.....................................   102
Financial Services Coordinating Council, and Covington & Burling, 
  John C. Dugan..................................................    92
Individual Reference Services Group, and Piper Marbury Rudnick & 
  Wolfe LLP, Ronald L. Plesser...................................   109
Kravit, Cory B., University of Florida...........................    80
Moneme, Emeka, Washington, DC....................................    13
New York City Police Department, Michael Fabozzi, accompanied by 
  James Doyle....................................................    59
Pension Benefit Information, Paula LeRoy.........................   113
Privacy Times, Evan Hendricks....................................    85
Robinson, Nicole, Oxon Hill, MD..................................     9
Texas, Harris County, Charles Bacarisse..........................    77
U.S. Public Interest Research Group, Edmund Mierzwinski..........   116

                       SUBMISSIONS FOR THE RECORD

Conference of State Court Administrators, Arlington, VA, David K. 
  Byers, statement...............................................   148
National Conference of State Legislatures, Hon. Brian Flaherty, 
  letter.........................................................   151
National Council of Investigation and Security Services, Inc., 
  Bruce Hulme, statement.........................................   153
National Council on Teacher Retirement, Arlington, VA, Cynthia L. 
  Moore, statement...............................................   157
Paul, Hon. Ron, a Representative in Congress from the State of 
  Texas, statement...............................................   158


PROTECTING PRIVACY AND PREVENTING THE MISUSE OF SOCIAL SECURITY NUMBERS

                              ----------                              


                         TUESDAY, MAY 22, 2001

                  House of Representatives,
                       Committee on Ways and Means,
                           Subcommittee on Social Security,
                                                    Washington, DC.
    The Subcommittee met, pursuant to notice, at 10:05 a.m., in 
room 1100 Longworth House Office Building, Hon. E. Clay Shaw, 
Jr. (Chairman of the Subcommittee) presiding.
    [The advisory announcing the hearing follows:]

ADVISORY
FROM THE 
COMMITTEE
 ON WAYS 
AND 
MEANS

                    SUBCOMMITTEE ON SOCIAL SECURITY

                                                Contact: (202) 225-9263
FOR IMMEDIATE RELEASE
May 15, 2001
No. SS-4

 Shaw Announces Hearing on Protecting Privacy and Preventing Misuse of 
                        Social Security Numbers

    Congressman E. Clay Shaw, Jr., (R-FL), Chairman, Subcommittee on 
Social Security of the Committee on Ways and Means, today announced 
that the Subcommittee will hold a hearing on protecting the privacy and 
preventing misuse of Social Security numbers (SSNs). The hearing will 
take place on Tuesday, May 22, 2001, in room B-318 Rayburn House Office 
Building, beginning at 10:00 a.m.
      
    In view of the limited time available to hear witnesses, oral 
testimony at this hearing will be from invited witnesses only. 
Witnesses will include the Social Security Administration's (SSA's) 
Office of the Inspector General, victims of SSN misuse and 
representatives from consumer groups, businesses, and State and local 
government. However, any individual or organization not scheduled for 
an oral appearance may submit a written statement for consideration by 
the Committee and for inclusion in the printed record of the hearing.
      

BACKGROUND:

      
    SSNs were created in 1936 for the sole purpose of tracking workers' 
Social Security earnings, but today the SSN is commonly used as a 
personal identifier. SSNs are required by law for the administration of 
several Federal programs, such as the income tax, the Food Stamp 
program, and Medicaid. SSNs are also commonly used in the private 
sector, as many businesses require individuals to disclose their SSN as 
a condition for doing business. In fact, according to the SSA, the SSN 
is the single-most widely used record identifier in the public and 
private sectors.
      
    The exploding use of SSNs has intensified the public debate over 
the use and misuse of SSNs in today's society. Some believe that the 
expanded use of the SSN benefits the public by improving access to 
financial and credit services in a timely manner, reducing 
administrative costs, and improving record-keeping so consumers can be 
contacted and identified accurately, thus reducing the chance of 
``identity theft.'' Others argue that the pervasive use of SSNs, and 
the seemingly ease by which another person's SSN may be obtained, makes 
SSNs a primary target for fraud and misuse. In 1999, of the 75,000 
fraud allegations received by SSA's Office of Inspector General fraud 
hotline, over 80 percent involved misuse of the SSN. In addition to 
concerns about SSN misuse, privacy concerns have been raised as 
companies increasingly share and sell personal information without the 
customer's knowledge or consent.
      
    Primarily, there are three laws aimed at protecting privacy and 
reducing SSN misuse. The ``Privacy Act of 1974'' (P.L. 93-579) 
prohibits Federal agencies from disclosing personal information 
including the SSN, without the individual's consent. The ``Identity 
Theft and Assumption Deterrence Act of 1998,'' (P.L. 105-318) makes it 
a Federal crime to assume another person's means of identification. The 
``Gramm-Leach-Bliley Act,'' (P.L. 106-102) enacted in 1999, includes 
provisions requiring financial institutions to protect the privacy of 
the personal financial information of their customers. However, no 
Federal law regulates the overall use of SSNs and Federal laws neither 
require nor prohibit other public and private uses of the SSN. In 
recent years, several legislative proposals aimed at protecting 
consumer privacy and curbing fraudulent use of SSNs have been 
introduced.
      
    During the 106th Congress, two hearings were held by the 
Subcommittee examining the use and misuse of SSNs. As a result, H.R. 
4857, the ``Social Security Number Privacy and Identity Theft 
Prevention Act of 2000,'' was introduced on a bipartisan basis by 
Subcommittee Chairman Shaw, Ranking Member Robert T. Matsui (D-CA), 
along with Rep. Gerald D. Kleczka (D-WI) and other Members of the 
Committee on Ways and Means. The bill included provisions to prohibit 
the sale and display of the SSN by Federal, State and local 
governments, increase fines and penalties for SSN misuse, and prohibit 
the sale of SSN's by the private sector. While H.R. 4857 was approved 
by the Committee on Ways and Means at the end of last year, it was not 
considered by the full House of Representatives before the end of the 
session, due to its referral to other Committees of jurisdiction who 
did not take action on the bill.
      
    In announcing the hearing, Chairman Shaw stated: ``Social Security 
numbers were developed to ensure Americans' hard-earned wages were 
properly credited to their Social Security records. Although SSNs were 
never intended to be a personal identifier, their use is pervasive 
throughout today's mobile, automated society. Many would argue the use 
of SSNs makes sense in certain Federal programs, where it is required 
and protected by law--such as Medicare and Food Stamps or to determine 
one's credit worthiness. However, today more and more people are being 
told their SSN is required for reasons that just don't make sense, like 
renting a video, making funeral arrangements for a loved one, or even 
picking up Girl Scout cookies. Our challenge is to find ways to make 
sure SSNs are used only when absolutely necessary and that once shared, 
SSNs remain private and are only used for the purpose for which they 
were requested in the first place.''
      

FOCUS OF THE HEARING:

      
    The hearing will focus on the widespread use and misuse of the SSN 
in the public and private sectors. In addition, the Subcommittee will 
examine legislative proposals aimed at combating SSN misuse and 
protecting privacy, including the impact of such proposals on 
businesses, governments, and consumers.
      

DETAILS FOR SUBMISSION OF WRITTEN COMMENTS:

      
    Any person or organization wishing to submit a written statement 
for the printed record of the hearing should submit six (6) single-
spaced copies of their statement, along with an IBM compatible 3.5-inch 
diskette in WordPerfect or MS Word format, with their name, address, 
and hearing date noted on a label, by the close of business, Tuesday, 
June 5, 2001, to Allison Giles, Chief of Staff, Committee on Ways and 
Means, U.S. House of Representatives, 1102 Longworth House Office 
Building, Washington, D.C. 20515. If those filing written statements 
wish to have their statements distributed to the press and interested 
public at the hearing, they may deliver 200 additional copies for this 
purpose to the Subcommittee on Social Security office, room B-316 
Rayburn House Office Building, by close of business the day before the 
hearing.
      

FORMATTING REQUIREMENTS:

      
    Each statement presented for printing to the Committee by a 
witness, any written statement or exhibit submitted for the printed 
record or any written comments in response to a request for written 
comments must conform to the guidelines listed below. Any statement or 
exhibit not in compliance with these guidelines will not be printed, 
but will be maintained in the Committee files for review and use by the 
Committee.
      
    1. All statements and any accompanying exhibits for printing must 
be submitted on an IBM compatible 3.5-inch diskette in WordPerfect or 
MS Word format, typed in single space and may not exceed a total of 10 
pages including attachments. Witnesses are advised that the Committee 
will rely on electronic submissions for printing the official hearing 
record.
      
    2. Copies of whole documents submitted as exhibit material will not 
be accepted for printing. Instead, exhibit material should be 
referenced and quoted or paraphrased. All exhibit material not meeting 
these specifications will be maintained in the Committee files for 
review and use by the Committee.
      
    3. A witness appearing at a public hearing, or submitting a 
statement for the record of a public hearing, or submitting written 
comments in response to a published request for comments by the 
Committee, must include on his statement or submission a list of all 
clients, persons, or organizations on whose behalf the witness appears.
      
    4. A supplemental sheet must accompany each statement listing the 
name, company, address, telephone and fax numbers where the witness or 
the designated representative may be reached. This supplemental sheet 
will not be included in the printed record.
      
    The above restrictions and limitations apply only to material being 
submitted for printing. Statements and exhibits or supplementary 
material submitted solely for distribution to the Members, the press, 
and the public during the course of a public hearing may be submitted 
in other forms.

    Note: All Committee advisories and news releases are available on 
the World Wide Web at ``http://waysandmeans.house.gov''.
      

    The Committee seeks to make its facilities accessible to persons 
with disabilities. If you are in need of special accommodations, please 
call 202-225-1721 or 202-226-3411 TTD/TTY in advance of the event (four 
business days notice is requested). Questions with regard to special 
accommodation needs in general (including availability of Committee 
materials in alternative formats) may be directed to the Committee as 
noted above.

                                


    Chairman Shaw. Good morning. Today we continue our quest to 
protect the privacy of every American by cracking down on the 
fraud, abuse and theft of Social Security numbers or perhaps I 
should say the availability of the Social Security numbers 
(SSN) to commit fraud, abuse and theft.
    Last year, as learned from Colonel and Mrs. Stevens of 
Maryland, identity theft is truly a devastating crime. Their 
Social Security numbers used on 33 fraudulent accounts and 
$113,000 of bad debt--that is the problem that Colonel and Mrs. 
Stevens had. And Mr. Bob Horowitz, who is a single father in my 
congressional district, saw his number used to open five 
fraudulent credit accounts. Months and years later they were 
still spending time, money and energy to clear their names. No 
wonder in a Wall Street Journal poll just last year respondents 
ranked privacy as their number one concern in the 21st century, 
ahead of wars, terrorism and environmental disasters.
    When Social Security numbers were created 65 years ago 
their only purpose was to track a worker's earnings so that 
Social Security benefits could be calculated. But today use of 
the Social Security number is rampant. We have literally 
developed a culture of dependence on Social Security numbers. 
Businesses and governments use of the number as a primary way 
of identifying individuals. All of us know difficult it is to 
conduct even the most frivolous transaction without having to 
cough up our Social Security number first.
    Although Social Security numbers are used for many 
legitimate purposes, the wide availability and easy access to 
this very personal information has greatly facilitated Social 
Security number-related crimes and has generated a growing 
concern for our own privacy.
    Clearly, there is a need for a comprehensive law that will 
better protect the privacy of Social Security numbers and 
protect the American public from being victimized. Last year I, 
along with Mr. Matsui, Mr. Kleczka and Mr. Foley and other 
Subcommittee members, introduced H.R. 4857, the Social Security 
Number Privacy and Identity Theft Protection Act of 2000. This 
legislation took a comprehensive approach to achieve this goal 
by targeting the treatment of Social Security numbers in both 
the public and the private sectors.
    In the public sector, the bill restricted the sale and 
public display of Social Security numbers, provided for 
enforcement of the provisions and established penalties for the 
violation. In the private sector, the bill restricted the sale, 
purchase and display of Social Security numbers, limited the 
dissemination of the Social Security numbers by credit-
reporting agencies, and made it more difficult for businesses 
to deny services if a customer refused to provide his or her 
Social Security number.
    While H.R. 4857 was approved by the Committee on Ways and 
Means at the end of last year, it was not considered by the 
full House before the end of the session due to its referral to 
other committees of jurisdiction, which did not take action on 
the bill--the Judiciary Committee, which waived jurisdiction, 
and the Commerce Committee, which did not have time to hold 
hearings and to act on the bill.
    In our hearing today, we will hear from two more of the 
countless numbers of victims who have had their identities 
stolen--Miss Nicole Robinson and Emeka Moneme. We will then 
hear from law enforcement officials who will discuss the 
challenges they face as they try to catch these identity 
thieves. Finally, we will hear from representatives from the 
business groups, elected officials and privacy advocates who 
will share with us their impressions on the widespread use and 
misuse of Social Security numbers in the public and private 
sectors, as well as their views on the impact of legislative 
proposals.
    One of these witnesses, I might add, was an intern in my 
office when we were working on this issue and went down and 
worked to eliminate the use of these numbers at the University 
of Florida.
    This week I, along with several of my Ways and Means 
Committee, plan to reintroduce our bipartisan legislation. I 
will then work with my colleagues on the Ways and Means 
Committee and from the other committees of jurisdiction to 
quickly bring to the House floor comprehensive legislation to 
keep Social Security numbers private and protect citizens from 
identity theft. The time for action is long overdue and I am 
hopeful that the other committees will follow suit and have 
hearings on this legislation.
    Mr. Becerra.
    [The opening statement of Chairman Shaw follows:]
 Opening Statement of the Hon. E. Clay Shaw, Jr., a Representative in 
   Congress from the State of Florida, and Chairman, Subcommittee on 
                            Social Security
    Today we continue our quest to protect the privacy of every 
American by cracking down on the fraud, abuse, and theft of Social 
Security numbers (SSNs).
    Last year, as we learned from Colonel and Mrs. Stevens of Maryland, 
identity theft is a truly devastating crime. Their Social Security 
numbers used on 33 fraudulent accounts and $113,000 of bad debt. And 
Mr. Bob Horowitz, a single father and small business owner from my 
district, saw his number used to open five fraudulent credit accounts. 
Months and years later, they were still spending time, money, and 
energy to clear their names.
    No wonder in a Wall St. Journal poll last year, respondents ranked 
privacy as their number one concern in the 21st century, ahead of wars, 
terrorism, and environmental disasters.
    When Social Security numbers were created 65 years ago, their only 
purpose was to track a worker's earnings so that Social Security 
benefits could be calculated. But today, use of the Social Security 
number is rampant.
    We have literally developed a culture of dependence on the Social 
Security number. Businesses and governments use the number as the 
primary way of identifying individuals. All of us know how difficult it 
is to conduct even the most frivolous transactions without having to 
cough up our Social Security numbers first.
    Although Social Security numbers are used for many legitimate 
purposes, the wide availability and easy access to this very personal 
information has greatly facilitated Social Security number-related 
crimes and generated a growing concern of privacy. Clearly, there is a 
need for a comprehensive law that will better protect the privacy of 
Social Security numbers and protect the American public from being 
victimized.
    Last year, I along with Mr. Matsui, Mr. Kleczka, Mr. Foley, and 
other Subcommittee members introduced H.R. 4857--the Social Security 
Number Privacy and Identity Theft Prevention Act of 2000. This 
legislation took a comprehensive approach to achieve this goal by 
targeting the treatment of Social Security numbers in both the public 
and private sectors.
    In the public sector, the bill restricted the sale and public 
display of Social Security numbers, provided for enforcement of the 
provisions, and established penalties for violations.
    In the private sector, the bill restricted the sale, purchase, and 
display of Social Security numbers, limited dissemination of the Social 
Security number by credit reporting agencies, and made it more 
difficult for businesses to deny services if a customer refused to 
provide his or her Social Security number.
    While H.R. 4857 was approved by the Committee on Ways and Means at 
the end of last year, it was not considered by the full House of 
Representatives before the end of the session, due to its referral to 
other Committees of jurisdiction who did not take action on the bill.
    In our hearing today, we will hear from two more of the countless 
number of victims who have had their identity stolen, Nicole Robinson 
and Emeka Moneme (E-mecca Moan-a-may).
    We will then hear from law enforcement officials who will discuss 
the challenges they face as they try to catch these identity thieves.
    Finally we will hear from representatives from business groups, 
elected officials, and privacy advocates who will share with us their 
impressions on the widespread use and misuse of the SSN in the public 
and private sectors as well as their views on the impact of legislative 
proposals.
    This week, I, along with several of my Ways and Means colleagues, 
plan to reintroduce our bipartisan legislation. I will then work with 
my colleagues from Ways and Means, and from the other Committees of 
jurisdiction, to quickly bring to the House floor comprehensive 
legislation to keep Social Security numbers private and protect 
citizens from identity theft. The time for action is long overdue.

                                


    Mr. Becerra. Thank you, Mr. Chairman. Let me just say that 
on behalf of ranking member Matsui and the members of the 
Committee, we are pleased to have this hearing hosted today, as 
well, given that this is a bipartisan piece of legislation that 
has worked its way through the House in the past and we are 
looking forward to working with you, Mr. Chairman, to try to 
see if we cannot get something done.
    I do not think there is anyone here who would not recognize 
that we do have a problem with regard to the Social Security 
number. We know that it was a number that was initially created 
for the purposes only of the Social Security Administration to 
track those who were to receive benefits through the Social 
Security Administration. Now, or course, we use it day to day 
in all of our lives and we find now that the statistics 
associated with identity theft are staggering. There is no 
doubt that if we do not do something, we are going to continue 
to see the numbers just increase.
    I understand that from the Federal Trade Commission (FTC) 
with its theft hotline that they are receiving somewhere on the 
average of 1,000 calls per week, some 60 percent of which 
relate to actually identity theft from people who are calling 
as victims of that identity theft. We know that the numbers in 
terms of dollars are staggering. Anywhere from $250 in losses 
to up to $200,000 in losses have been reported by individuals.
    But, we also know that the number can be used for good 
purposes, as well. The contributions that the use of the Social 
Security number makes to program administration and to business 
efficiency are certainly there and we have to be cognizant of 
that. Certainly, though, we have to be mindful and very careful 
that we do not allow some of our most fundamental rights--the 
right to privacy and the right to control our personal 
information--be abridged in the name of expediency, however.
    So, Mr. Chairman, I believe we are very much looking 
forward to hearing from the witnesses, to trying to move this 
bipartisan piece of legislation forward and, at the end, 
hopefully providing people in this country with a greater sense 
of security that their Social Security number will go for a 
good purpose, in helping them obtain their Social Security 
benefits in the future but, most importantly, to make sure that 
day to day, that Social Security number will be protected.
    Thank you, Mr. Chairman.
    Chairman Shaw. Thank you.
    Mr. Kleczka, did you want to make a couple of comments? I 
know this is unusual at a hearing, to have two members make 
opening comments, particularly from the minority side, but I 
would be delighted to yield to you if you have any comments.
    Mr. Kleczka. Thank you, Mr. Chairman. The only thing I 
would like to say is thank you to all the witnesses who are 
here to tell their stories. There are countless others who are 
not here today who have also been victims of identity theft.
    I think it is high time that Congress recognize that the 
Social Security number is not a national identifier and for 
businesses who, by habit or for other reasons, request our 
numbers--I recall a few years ago when I was checking out at 
Toys R Us. The items were for my nieces and nephews, not for 
me. The clerk demanded my Social Security number on my check. 
Well, that seemed kind of odd but I think the person was told 
to ask for that so I wrote down any 10 numbers that came to 
mind, gave her the check and she processed the payment. But if 
I were her or any clerk I would like to see a person's driver's 
license number versus a Social Security number because that 
does not tell anything.
    So, I just received a copy of the Congress Daily today 
where the retailers are indicating this is a knee-jerk reaction 
on the part of Congress. To the 750,000 Americans who are going 
to be victims of identity fraud this year, I do not think that 
is knee-jerk. And we are going to hear from witnesses where 
they are going to say that it takes years to clear your own 
record because the knee-jerk reaction from the credit bureaus 
is ``Yeah, we hear that all the time; that is not your 
charge.'' So you have to go back and, through various means, 
prove that you did not make those changes and then finally, 
clear your own records so that you can get additional credit or 
whatever.
    So, Mr. Chairman, I am honored not only to be at the 
Committee hearing this morning but also to cosponsor the bill 
and hopefully we have enough time this session that we will see 
enactment of this much-needed legislation. Thank you very much.
    [The opening statement of Mr. Kleczka follows:]
 Opening Statement of the Hon. Gerald D. Kleczka, a Representative in 
                  Congress from the State of Wisconsin
    I would like to thank the Chairman for holding this hearing at 
continuing his efforts on this very important issue. In addition, I 
would like to congratulate Mr. Shaw for working in a bipartisan way 
with Ranking Member Matsui and myself. The success of last year's 
Social Security Number Privacy and Identity Theft Prevention Act, which 
was passed by the full Committee, demonstrates the support for 
legislation to protect our personal information.
    We take for granted that our personal information is private. 
Unfortunately, that's not the case. We must take action to guard access 
to our personal information because it's not a commodity to be bought 
or sold. We as consumers should have the final say over how that 
information can be used, not some marketing firm.
    Social Security numbers have become our default identifiers for 
many businesses, and thereby the key to much of our most personal 
information. That has to stop. As identity theft and fraud increases, 
action must be taken to ensure that this personal information remains 
private.
    My colleagues know that their constituents are quickly becoming 
aware of how little privacy they have. In fact, since I introduced my 
first bill on this subject back in the 104th Congress, the debate has 
shifted from if we should pass legislation to protect personal 
information privacy to what type of legislation should be passed.
    Fortunately, privacy advocates in Congress are beginning to have 
some success. For example, our colleague in the Senate, Mr. Shelby of 
Alabama, included language in the FY 2000 Transportation Appropriations 
bill defining in law, for the first time, SSNs as ``highly personal 
information.'' This is a great start, but there's a lot more to be 
done. We must curb the rampant use of SSNs as personal identifiers. 
This hearing is an important step toward developing more complete 
personal privacy protection.
    To that end, I have introduced legislation, the Personal 
Information Privacy Act (PIPA)--H.R. 1478, that safeguards consumers' 
personal privacy by giving them the ability to protect their personal 
information from being bought and sold by third parties.
    This bill would restore consumer control over personal information 
by requiring that a third party obtain consent from an individual 
before making commercial use of that person's Social Security number 
(SSN). In fact, any non-criminal use not explicitly allowed by law 
would face this restriction, including the growing commercial use of 
SSNs as personal identifiers by various businesses.
    Under my legislation, refusing to sell services or goods to 
consumers who choose not to furnish their SSN would be illegal under 
the Federal Trade Commission Act, and businesses would be liable for up 
to $10,000 in fines per violation for committing unfair or deceptive 
business practices. Credit bureaus would also be prevented from giving 
out SSNs without a person's consent. My bill would amend the Fair 
Credit Reporting Act and the Social Security Act to authorize civil 
penalties for privacy violations ranging from $25,000 to $500,000.
    Information on products or services bought by an individual and 
from where they were purchased--also known as transaction histories--
could not be sold or transferred for marketing purposes unless a 
consumer gives written consent.
    Hopefully Congress will enact H.R. 1478. In the meantime, I look 
forward to working with Chairman Shaw on passing legislation that will 
protect the privacy of our personal information.

                                


    Chairman Shaw. Thank you.
    Our first panel of witnesses is made up of--we will start 
out with two victims. Nicole Robinson from Oxon Hill, Maryland. 
Emeka Moneme, who is from Washington, DC, an employee of the 
Washington, DC government. The Honorable James G. Huse, who is 
the Inspector General, the Office of the Inspector General, 
Social Security Administration. Mike Robinson, who is a special 
agent, the Office of the Inspector General, the Social Security 
Administration. Michael Fabozzi, who is a detective, Computer 
Investigations and Technology Unit of the New York City Police 
Department and he is accompanied by James Doyle, who is a 
sergeant, Computer Investigations and Technology Unit of the 
New York City Police Department.
    All the witnesses, we welcome you. Your complete statements 
will be put into the record and we invite you to summarize as 
you may be comfortable, and we will start with you, Miss 
Robinson.

       STATEMENT OF NICOLE ROBINSON, OXON HILL, MARYLAND

    Ms. Robinson. Good morning, Mr. Chairman, distinguished 
members of the Committee. My name is Nicole Robinson and I am a 
victim of ID theft.
    One Friday evening in early April 2000 I was contacted by a 
fraud investigator of a national jewelry chain. He informed me 
that an individual had opened an instant credit account for 
$3,200 and bought two watches and a ring in a mall in San 
Antonio a day before. He asked me if I was Nicole Robinson, he 
confirmed my date of birth, my Maryland address, and told me 
what Social Security number was provided on the credit 
application. My stomach turned when he recited mine.
    The criminal had returned that day and attempted to 
purchase more merchandise, which the salesperson thought was 
suspicious. The salespeople told her that their computers were 
down and then alerted their fraud department and the San 
Antonio police.
    A thousand thoughts raced through my mind that weekend. How 
could this have happened to me? Was it a friend of mine, an 
acquaintance, an enemy? How many accounts had been opened?
    On Monday I contacted the three credit-reporting agencies 
to see if there were any accounts that were opened recently and 
there were no new accounts, yet. There were a lot of inquiries. 
One of the inquiries was from my mortgage lender. I contacted 
them and alerted them to the fact that there was a woman in 
Texas using my identity to obtain credit. They confirmed that a 
woman had provided my information in connection with an 
application for a personal loan in the amount of $1,800. At my 
suggestion, a few days later they contacted her to tell her she 
was approved for the loan. She was arrested by the San Antonio 
police when she left the office with the check.
    After she was arrested they asked her where she obtained my 
Social Security number and date of birth. She told them that 
she worked for a business that maintained Health Maintenance 
Organization (HMO) databases. She searched that information to 
get my Social Security number and date of birth.
    She was charged with making a false statement to obtain 
goods. She was released a few days later after she, her pastor 
and parents, assured a Bexar County judge that she would not do 
this again. Two days later she applied for a mortgage in my 
name.
    When I finally received my credit reports in the mail there 
were several changes. I saw that she had made up middle names 
for my middle name, since she did not know what my middle name 
was. She had provided a fictitious maiden name, several 
different addresses in Texas and several different dates of 
birth, but she always provided my Social Security number. On 
one application she provided my Social Security number with the 
last two numbers transposed and a bogus Texas address and she 
was still approved for the items she sought. When the bills for 
the item were returned from the fake address, the creditor 
reviewed my credit report again and sent several of her 
delinquent bills to my home in Maryland. When I contacted them 
by phone they were rude and did not want to believe that the 
account was fraudulent and then refused to send me an affidavit 
of fraud. Shortly after I contacted them they located the woman 
in San Antonio and repossessed the item from a warehouse. Now, 
a year later, they still have not acknowledged the account as 
fraudulent but I no longer receive her bills.
    In the ensuing months I would discover that she also 
applied and was approved for two computers, large appliances, 
clothing, household goods, a cellular phone and a $1,600 vacuum 
cleaner. Some items were obtained even after fraud alerts were 
placed on my credit reports.
    In June of 2000, two months after her arrest, she shopped 
for a car with my identity. She eventually purchased a 2000 
Mitsubishi automobile from a San Antonio dealership. Although 
it took me until January 2001 to verify that the car was not 
purchased using my identity, GEICO insured the car for her in 
June of 2000 using my identity. When I contacted GEICO last 
June to obtain the VIN number of the vehicle, they refused to 
give it to me, citing their policy on protecting the privacy of 
their policyholders. I thought that was ironic since 
technically the policy that they issued was to me. She was able 
to obtain $36,000 worth of goods in a three-month period.
    This has impacted my life greatly. I received delinquent 
bills for purchases she had made. I spent countless hours on 
calls to creditors in Texas who were reluctant to believe that 
the accounts that had been opened were fraudulent. I spent days 
talking to police in Texas in an effort to convince them that I 
was allowed by Texas law to file a report and to have her 
charged with theft of my identity. She was never charged with 
identity theft and I had to pay for the collect call just to 
file the police report in Texas.
    I tried to contact the district attorney's office in Bexar 
County to see what I could do to have her charged and no one 
ever responded to my messages. I had to send more than 50 
letters to creditors trying to have them remove the more than 
60 inquires that were made by this woman between March and June 
of 2000.
    Just when I was starting to believe that this was over, I 
received a collection notice in her name at my home in Maryland 
on April 4 of this year. When I contacted the collection agency 
to tell them that they had the wrong person, I was told that 
the Social Security number that was provided for the loan was 
not mine. The gentleman at the collection agency told me that 
they had a bad address in San Antonio so information was given 
to their research department and they came up with my address 
in Maryland. I asked him what service was connecting my address 
with this woman, who was committing felonies in Texas and he 
would not provide that information. I have since contacted him 
three times and he still has not returned my calls. I still do 
not know how they connected me with this woman and it concerns 
me since she has assumed several identities of persons named 
Nicole Robinson in order to commit fraud.
    This crime has impacted my ability to refinance my home, 
obtain a line of credit at my bank, get cellular phone service. 
It has even affected accounts that I had prior to the crime. I 
subsequently had two lines of credit, both with zero balances 
and in good standing, closed because the businesses suspected 
that they, too, were fraudulent. I was told that I would have 
to reapply if I wanted the accounts reopened. Most importantly, 
this crime continues to give me constant anxiety.
    I had always been a person who kept my Social Security card 
under lock and key. I never gave personal information over the 
phone and I always shredded and systematically discarded pre-
approved credit applications. And I check my credit reports 
every year. I was not a likely victim. But since HMOs require 
my Social Security number and use it as an identification 
number, I was forced to be a victim.
    Our government-issued Social Security numbers are being 
used daily. We provide our Social Security numbers to 
businesses on a regular basis for no reason other than their 
own internal use. I had no control over how mine was used or 
who had access to it. And until this happened to me I honestly 
did not give it much thought.
    Since I have become a victim, I think about it every day. 
This will impact my life forever. Detective Victor Flores of 
the San Antonio Police Department told me, ``There is nothing 
you can do and when she gets out of jail on the theft charges 
she will do it again. The recidivism rate is very high.'' When 
I tried to contact the detective to find out what happened to 
this woman he did not return my calls.
    Chairman Shaw. Thank you, Miss Robinson. If you will supply 
me with the name and address of the people who would not return 
your calls I will see that they get a copy of your testimony 
and a letter from me telling them of this particular hearing.
    Ms. Robinson. Thank you.
    [The prepared statement of Ms. Robinson follows:]
           Statement of Nicole Robinson, Oxon Hill, Maryland
    I am a victim of ID theft. One Friday evening in early April 2000, 
I was contacted by a fraud investigator of a national jewelry chain. He 
informed me that an individual had opened an instant credit account for 
$3,200.00 and bought two watches and a ring in a mall in San Antonio a 
day before. He asked me if I was Nicole Robinson, he confirmed my date 
of birth, my Maryland address, and told me what social security number 
was provided on the credit application--my stomach turned when he 
recited mine. The criminal had returned that day and attempted to 
purchase more merchandise--which the sales person thought was 
suspicious. The sales people told her that their computers were down 
and then alerted their fraud department and the San Antonio police. A 
thousand thoughts raced through my mind that weekend. How this could 
have happened? Was it a friend of mine, an acquaintance, an enemy? How 
many accounts had been opened?
    On Monday I contacted the three credit reporting agencies to see if 
there were any accounts that were opened recently and there were no new 
accounts on my reports--yet. There were a lot of inquiries. One of the 
inquiries was from my mortgage lender. I contacted them and alerted 
them to the fact that there was a woman in Texas using my identity to 
obtain credit. They confirmed that a woman had provided my information 
in connection with an application for a personal loan in the amount of 
$1800.00. At my suggestion, a few days later they contacted her to tell 
her she was approved for the loan. She was arrested by the San Antonio 
police when she left the office with the check. After she was arrested, 
they asked her where she obtained my social security number and date of 
birth. She told them that she worked for a business that maintained HMO 
databases. She searched that information to get my social security 
number and date of birth. She was charged with ``making a false 
statement to obtain goods''. She was released a few days later after 
she, her pastor, and parents assured a judge that she would not do this 
again. Two days after her release, she applied for a mortgage.
    When I finally received my credit reports in the mail, there were 
several changes. I saw that she had made up middle names for my middle 
initial since she did not know my middle name. She had provided a 
fictitious maiden name, several different addresses in Texas and 
several different dates of birth but she always provided my social 
security number. On one application she provided my social security 
number with the last two numbers transposed, and a bogus Texas address 
and she was still approved for the item she sought. When the bills for 
the item were returned from the fake address the creditor reviewed my 
credit report again and sent several of her delinquent bills to my home 
in Maryland. When I contacted them by phone, they were rude and did not 
want to believe the account was fraudulent then refused to send me an 
affidavit of fraud. Shortly after I contacted them, they located the 
woman in San Antonio and repossessed the item from a warehouse. Now, a 
year later they have still not acknowledged the account as fraudulent 
but I no longer receive bills.
    In the ensuing months I would discover that she also applied and 
was approved for two computers, large appliances, clothing, household 
goods, a cellular phone and a $1600.00 vacuum cleaner. Some items were 
obtained even after fraud alerts had been placed on my credit reports. 
In June of 2000, two months after her arrest, she shopped for a car 
with my identity. She eventually purchased a 2000 Mitsubishi automobile 
from a San Antonio dealership. Although it took me until January 2001 
to verify that the car was not purchased using my identity, Geico 
insured the car in June 2000 using my identity. When I contacted Geico 
in June to obtain the VIN number of the vehicle they refused to give it 
to me citing their policy on protecting the privacy of their policy 
holders. I thought that was ironic, since technically the policy they 
issued was to me. She was able to obtain $36,000.00 worth of goods in a 
three month period.
    This has impacted my life greatly. I received delinquent bills for 
purchases she had made. I spent countless hours on calls with creditors 
in Texas who were reluctant to believe that the accounts that had been 
opened were fraudulent. I spent days talking to police in Texas in an 
effort to convince them that I was allowed by Texas law to file a 
report and to have her charged with theft of my identity. She was never 
charged with identity theft and I had to pay for the collect call to 
file the police report. I tried to contact the district attorney's 
office to see what I could do to have her charged and no one ever 
responded to my messages. I had to send more than fifty letters to 
creditors trying to have them remove the more than 60 inquires that 
were made by this woman between March and June of 2000.
    When I was starting to believe that this was over, I received a 
collection notice in her name at my home in Maryland on April 4 of this 
year. When I contacted the collection agency to tell them that they had 
the wrong person, I was told that the social security number that I 
provided for the loan was not mine. The gentleman at the collection 
agency told me that they had a bad address in San Antonio so 
information was given to their research department and they came up 
with my address in Maryland. I asked him what service was connecting my 
address with this woman who was committing felonies in Texas and he 
would not provide that information. I have since contacted him three 
times and he still has not returned my calls. I still don't know how 
they connected me with this woman and it concerns me since she has 
assumed several identities of persons named Nicole Robinson in order to 
commit fraud.
    This crime has impacted my ability to refinance my home, obtain a 
line of credit at my bank, get cellular phone service. It has even 
affected accounts that I had prior to the crime. I subsequently had two 
lines of credit, both with zero balances and in good standing, closed 
because the businesses suspected that they too were fraudulent. I was 
told that I would have to reapply if I wanted the accounts re-opened. 
Most importantly this crime continues to give me constant anxiety.
    I had always been a person who kept my social security card under 
lock and key, I never gave personal information over the phone, I 
always shredded and systematically discarded pre-approved credit 
applications and I checked my credit reports every year. I was not a 
likely victim--but since HMOs ``required'' my social and used it as an 
identification number--I was forced to be a victim. Our government 
issued social security numbers are being used daily. We provide our 
social security numbers to businesses on a regular basis for no reason 
other than their own internal use. I had no control over how mine was 
used or who had access to it--and until this happened to me, I honestly 
did not give it much thought. Since I have become a victim, I think 
about it every day. This will impact my life forever. Detective Victor 
Flores in San Antonio told me, ``There is nothing you can do, and when 
she gets out of jail on the theft charge, she'll do it again. The 
recidivism rate is very high.'' When I tried to contact the detective 
to find out what happened to this woman, he didn't return my calls.
ID Victim
        Someone stole my identity
        I now feel I am no longer me
        I reside in the pocket of a felon who can see
        That she is allowed to steal me without penalty
        She carries me casually, and each time she pulls me out
        A small piece of me falls away--which leaves me no doubt
        That someday soon I will enter a place
        And the person I once knew as me will be wearing a felon's face
        --Nicole Robinson

    Nicole Robinson is a Maryland resident and an Information 
Technician for a government contractor.

                                


    Chairman Shaw. Mr. Moneme.

           STATEMENT OF EMEKA MONEME, WASHINGTON, DC

    Mr. Moneme. Mr. Chairman and distinguished members of the 
Subcommittee, good morning. My name is Emeka Moneme and I would 
first like to thank the Subcommittee for the invitation to 
share my personal experience dealing with identity fraud and 
specifically the misuse of my Social Security number. I hope to 
convey to you, as Miss Robinson just did, the frustration, 
anger and violation that comes as a part of this crime. But as 
I am sure other victims can attest, it is very difficult to 
actually express or even to comprehend it unless you have been 
a victim.
    When I try to pull together the circumstances that surround 
the misuse of my information, it appears that the only piece of 
information that the perpetrator of this crime had to use was 
my Social Security number. My personal property was stolen at 
the university gym in Cincinnati in late May of 2000. My Ohio 
driver's license and Visa credit card were removed from my 
wallet and one day later several purchases had been made with 
the card. I then immediately cancelled the card and then 
applied for a new driver's license and at this point I assumed 
that the situation had been resolved and I basically moved on.
    I first became aware the next month in June that I had been 
victimized. I received a letter from Chase Manhattan Bank 
saying that they had received a suspicious request for credit 
using my information. I immediately contacted them and got some 
general information and then contacted the reporting bureaus. I 
was instructed to place a fraud alert on my file and then I 
received a credit report.
    When I received the report there were approximately eight 
fraudulent accounts listed on the report. I was very upset and 
I wanted to immediately correct the situation but I really did 
not have any idea how to go about correcting this information. 
My first instinct was to begin contacting the creditors and 
speaking to them directly and as I contacted the individual 
banks, it was not until the fifth bank that I was informed 
there was actually a process in place to deal with this, so I 
had to then go back and repeat my conversations with the other 
banks and prepare the proper documentation for an investigation 
to be initiated.
    It was at this time in the process that I learned that the 
three reporting agencies operated separately and that I had to 
go through this process not only once but with all three of 
them in conjunction. And I found that the information was not 
always uniform across all three bureaus; there was different 
information with each one. At the end of my contacting all the 
reporting agencies I found 13 accounts with a total of $30,000 
in credit that had been used, including the purchase of a 
motorcycle and other sports utility-type goods, as well as 
purchases at clothing stores, et cetera.
    The only thing that linked the perpetrator to my credit was 
my Social Security number, which was taken from my driver's 
license. I also later learned that the majority of these 
applications were done over the phone so the only 
identification required was the Social Security number. I also 
received copies of many of the applications with my alleged 
signature, which did not match up with the signature on my 
driver's license, and therefore it seems that there was no 
other verification necessary except for the Social Security 
number.
    I am now extremely careful about sharing this information 
and I have cautioned my family and friends, as well. However, 
the damage has already been done. This negative information is 
very difficult to be removed, as Nicole has testified to. It 
has been almost a year now and I am still going through the 
process of contacting people and finding new information on 
credit reports when I receive them. The process of having this 
information removed is very heavily weighted against the 
consumer.
    The Fair Credit Reporting Act states that credit-reporting 
agencies are required to investigate claims of credit fraud and 
if the claims are supported, remove the false information 
within 30 days. In October of 2000 I submitted copies of 13 
letters and statements from credit-granters stating that the 
accounts were opened fraudulently and to this day I have not 
heard back from any of them and my most recent credit report 
that I pulled, the information was still there and current.
    I am left with damaged credit and feel very embarrassed 
having to explain to my mortgage lender, as I did last week, 
that I cannot get credit on my house because this information 
is there that I did not put there. I have paid a very, very 
high price for the crimes of this one person.
    Another problem that has only recently begun to surface is 
the reappearance of accounts that I had believed to be deleted. 
I went through the process of having one account removed and 
then found in my last credit report that the account was still 
being listed by a collections agency that the account was 
transferred to. This will initiate another round of doing the 
investigate reporting that I have had to do in collecting 
information.
    In summary, this experience has been extremely frustrating, 
tedious and for the most part overwhelming. I have spent 
countless hours on the phone at home, at work, thinking about 
it, trying to explain to my wife how we are going to get a 
house. It has just been a very trying period.
    I really hope that this story and our testimony today 
provides a little bit of insight into some of the realities of 
identity fraud. Thank you.
    Chairman Shaw. Thank you, Mr. Moneme. I also will send a 
transcript of your testimony to the people you are trying to 
get a mortgage from. Perhaps that might help.
    Mr. Moneme. Thank you.
    [The prepared statement of Mr. Moneme follows:]
               Statement of Emeka Moneme, Washington, DC
    Distinguished Members of the House of Representatives,
    Good morning. My name is Emeka Moneme, and I would first like to 
thank the Subcommittee for the invitation to share my personal 
experience dealing with identity fraud and specifically, the misuse of 
my social security number. I hope to convey to you the frustration, 
anger and violation that comes as a part of this crime, but as I am 
sure that other victims can attest to, it is something that is 
difficult to comprehend until it happens to you.
    When I try to pull together the circumstances surrounding my 
information, it appears that the only piece of identification that the 
perpetrator of this crime had to use was my social security number. My 
personal property was stolen at the university gym in late May of 2000. 
My Ohio Driver's License and Visa credit card were removed from my 
wallet, and one day later, several purchases had been made with the 
card. I then cancelled the card and applied for a new driver's license. 
At this point, I assumed that the situation had been resolved and moved 
on.
    I first became aware that I had been victimized in June of 2000. I 
received a letter from Chase Manhattan Bank, in which they stated that 
they had received a suspicious request for credit using my information. 
I immediately called the bank, got some general information and 
contacted one of the credit reporting agencies. I was instructed to 
place a fraud alert on my file and a credit report was sent to me.
    When I received the report, there were approximately 8 fraudulent 
accounts. I was upset and wanted to correct the information, but I did 
not know what to do about them. My first instinct was to begin 
contacting the credit grantors (banks) to close the accounts. I began 
this process, but was not until about the fifth bank that I was told 
that there was a formal procedure for dealing with fraudulently opened 
accounts. I then had to re-contact all of the banks and prepare the 
proper documentation to initiate an investigation.
    As I began this process, I learned that the three credit reporting 
agencies operated separately and that I needed to go through the long 
and tedious process of requesting an investigation with all of the 
credit agencies. I also learned that the information was not uniform 
and that they all looked different, so I needed to contact each one. 
After contacting them all, I identified 13 accounts, with a total of 
$30,000 in credit.
    The only thing that linked the perpetrator to my credit was my 
social security number, which was taken from my driver's license. I 
also later learned that the majority of the applications for credit 
were made over the phone with the social security number as the only 
identifier. I also received copies of many of the applications, with my 
alleged signature--none of which matched with the signature on my 
license. Therefore, it seems that no other verification was done except 
seeing the social security number.
    I am now extremely careful about sharing my personal information, 
and have cautioned the rest of my family as well. However, the damage 
has been done. This negative information is very difficult to have 
removed, even if you have definite proof of wrongdoing. The process for 
remedying credit is heavily weighted against the private consumer.
    The Fair Credit Reporting Act states that credit-reporting agencies 
are required to investigate claims of credit fraud and if the claims 
are supported, remove the false information within 30 days. Over the 
past year, I have submitted several requests for investigations with 
letters supporting my claim that the account was opened fraudulently. 
After nearly a year, and countless hours of phone calls, letters, 
notaries and credit reports, only 6 accounts have been expunged. I am 
left with damaged credit, embarrassed as I try to explain away 
delinquent accounts; and frustrated in my search for financing for a 
house. I have paid a very high price for the crimes of one person.
    Another problem that has only recently begun to surface is the 
reappearance of accounts that I had believed to be deleted. When credit 
grantors, write off accounts as a loss, they send them to a collection 
agency. The collection agency then issues a new number to the account 
for their records and reports the information to the credit-reporting 
agency. This then initiates a new round of investigations and paperwork 
to remove the information.
    In summary, this experience has been frustrating, tedious and many 
times overwhelming. I fully support any action by this subcommittee to 
protect consumers and their private information. I hope that this story 
has provided some insight on the realities of identify fraud, and thank 
you for your time.

                                


    Chairman Shaw. And any other place that either you or Miss 
Robinson might want me to direct your testimony with a cover 
letter from me.
    Mr. Huse, glad to have you with us again.

 STATEMENT OF THE HON. JAMES G. HUSE, JR., INSPECTOR GENERAL, 
OFFICE OF THE INSPECTOR GENERAL, SOCIAL SECURITY ADMINISTRATION

    Mr. Huse. Good morning, Mr. Chairman and members of the 
Subcommittee.
    As you know, my office is charged with protecting Social 
Security programs from fraud, waste and abuse. No aspect of our 
mission though is more important than our oversight of the use 
and unfortunately misuse of the Social Security number or SSN.
    In 1935 the SSN was created as part of a new system to 
track the earnings of employed Americans. Just as no one dreamt 
that the innocuous nine-digit number would become our de facto 
national identifier, no one could foresee the breadth and 
complexity of commerce in the electronic age. Unfortunately, 
while the SSN and computer technology have matured together, 
the laws we use to police and protect them have struggled to 
keep pace.
    Misuse of the SSN, catalyzed by the Internet, has quickly 
become a national crisis. The SSN's universality has become its 
own worst enemy. The power it wields--the power to engage in 
financial transactions, power to obtain personal information, 
the power to create or commandeer identities--makes it a 
valuable asset and one that is subject to limitless abuse.
    It falls on government, which created the SSN and permitted 
it to assume such power, to take action to control its own 
creation. Organizations such as the Social Security 
Administration (SSA) Office of the Inspector General, the 
Federal Trade Commission and the Department of Justice, have 
the responsibility to enforce laws designed to protect against 
SSN misuse and its consequences.
    To do so, there must be adequate laws in place. In recent 
years we have seen the enactment of the Identity Theft and 
Assumption Deterrence Act of 1998 and the Internet False 
Identification Prevention Act of 2000. Both are helpful but 
both treat the disease in its later stages rather than at its 
onset. Identity theft begins in most cases with the misuse of 
an SSN and while the ability to punish identity theft is 
important, the ability to prevent it is even more critical.
    How do we do this? First and foremost, the time has come to 
put the SSN back in its box. We must make the difficult 
determinations as to those uses that are appropriate and 
necessary and those that are merely convenient. The SSN is a 
unique identifier and its quotidian use as an ID number by 
schools, hospitals, and other institutions is understandable 
but dangerous. Its use by Federal, State and local governments 
not only for taxes and for other legitimate purposes but for 
everything from drivers licenses to water and sewer bills is a 
convenience that we can no longer afford.
    Its use in private industry, not just for financial 
transactions but for joining a health club or buying a 
refrigerator, has become reckless and its ready availability 
over the Internet must come to a stop.
    We need legislation that limits the use of the SSN to those 
purposes that benefit the holder of the SSN, not the company 
that sells that person an appliance or the State that issues 
that person a driver's license. We need legislation that 
regulates the use of the SSN and provides enforcement tools to 
punish its misuse. And, we need legislation that stops the 
ready availability of SSNs over the Internet and through other 
means.
    The prevalence of SSN misuse cannot be denied. In fiscal 
year 2000 our office received over 92,000 allegations. Over 
half of them, almost 47,000, were allegations of SSN misuse and 
another 43,000 were allegations of program fraud which, 
experience has shown us, often includes the potential for SSN 
misuse.
    My office and others, such as the Federal Trade Commission, 
are doing all we can within the limitations imposed by existing 
law and resources. We are diligent in referring allegations of 
identity fraud to the FTC and we conduct investigations of SSN 
misuse, both program-related and nonprogram-related, on a daily 
basis. We have conducted undercover operations in which we have 
purchased counterfeit Social Security cards and reverse sting 
operations in which we have offered such cards for sale. 
Several of these cases are now pending in the U.S. Attorney's 
Offices. We are involved now in a joint investigation with 
another Federal law enforcement agency in which lists of names 
and SSNs were being sold to the highest bidder on an Internet 
auction site. Although the investigation is on-going and I 
cannot provide details, I can tell you that we have discovered 
that the source of the list was a university. This highlights 
the need to stop the indiscriminate use of SSNs as ID numbers. 
Unfortunately, while the subject in this case may eventually 
face criminal charges of some kind, nothing in the Social 
Security Act prohibits the sale of SSN information.
    Our efforts have made a difference but with better laws we 
can do far more. I welcome this Subcommittee's dedication to 
this endeavor and attention to this critical issue and I would 
be happy to answer any questions.
    [The prepared statement of Mr. Huse follows:]
 Statement of the Hon. John G. Huse, Jr., Inspector General, Office of 
         the Inspector General, Social Security Administration
    Good morning, Mr. Chairman, Congressman Matsui, and members of the 
Subcommittee. As you know, my office is charged with protecting Social 
Security programs from fraud, waste, and abuse. No aspect of our 
mission is more important than our oversight of the use--and misuse--of 
the Social Security account number, or SSN.
    In 1935 the SSN was created as part of a new system to track the 
earnings of employed Americans. Just as no one dreamt that the 
innocuous nine-digit number would become our de facto national 
identifier, no one could foresee the breadth and complexity of commerce 
in an electronic age. But by 1967, when the Department of Defense 
abandoned the military identification number in favor of the SSN for 
armed forces personnel, the theories that would eventually give rise to 
today's Internet were already being debated. In the quarter century 
since, the myriad uses of the SSN have continued to expand, while the 
notion of a worldwide network of computers evolved from theory to 
reality. Unfortunately, while the SSN and computer technology have 
matured together, the laws we use to police and protect them have 
struggled to keep pace.
    Misuse of the SSN, catalyzed by the Internet, has quickly become a 
national crisis. The SSN's universality has become its own worst enemy. 
The power it wields--power to engage in financial transactions, power 
to obtain personal information, power to create or commandeer 
identities--makes it a valuable asset and one that is subject to 
limitless abuse. It falls on Government, which created the SSN and 
permitted it to assume such power, to take action to control its own 
creation. Organizations such as the Social Security Administration, its 
Office of the Inspector General, the Federal Trade Commission, and the 
Department of Justice have the responsibility to enforce laws designed 
to protect against SSN misuse and its consequences. To do so, there 
must be adequate laws in place.
    In recent years, we have seen the enactment of The Identity Theft 
and Assumption Deterrence Act of 1998 and the Internet False 
Identification Prevention Act of 2000. The former is the first 
legislative response to the growing wave of identity thefts and imposes 
criminal sanctions for those who create a false identity or 
misappropriate someone else's. The latter closed a loophole left by the 
first, enabling my office and other law enforcement organizations to 
pursue those who previously could sell counterfeit Social Security 
cards legally, by maintaining the fiction that such cards are 
``novelties,'' rather than counterfeit documents. Both pieces of 
legislation are helpful, but both treat the Identity Theft disease in 
its latest stages, rather than at onset. Identity Theft begins, in most 
cases, with the misuse of an SSN, and while the ability to punish 
Identity Theft is important, the ability to prevent it is even more 
critical.
    How do we do this? First and foremost, the time has come to put the 
SSN back into its box. We as a Government created the SSN, and we as a 
Government must control it. We must make the difficult determinations 
as to those uses that are appropriate and necessary, and those that are 
merely convenient. The SSN is a unique identifier, and its quotidian 
use as an I.D. number by schools, hospitals, and other institutions is 
understandable--but dangerous. Its use by Federal, State, and local 
governments not only for taxes and other legitimate purposes, but for 
everything from drivers' licenses to water and sewer bills, is a 
convenience that we can no longer afford. Its use in private industry, 
not just for financial transactions, but for joining a health club or 
buying a refrigerator, has become reckless. And its ready availability 
over the Internet must come to a stop.
    We need legislation that limits the use of the SSN to those 
purposes that benefit the holder of the SSN, not the company that sells 
that person an appliances or the state that issues that person a 
drivers' license--legislation that regulates the use of the SSN and 
provides enforcement tools to punish its misuse. I am sensitive to the 
costs that would be incurred in both the public and the private sectors 
in implementing the changes that such legislation would require, and I 
do not suggest that any of us are facing an easy task. Rather, it is a 
necessary task. The appropriate agencies, in cooperation with 
governmental authorities and business leaders, must reach an 
understanding as to the need to limit the use of the SSN and 
regulations would have to be promulgated reflecting such uses and 
providing for enforcement mechanisms. In addition, the legislation 
would need to outlaw the sale of SSNs over the Internet and through 
other means. With certain legislated exceptions, no private citizen, no 
business interest, and no ministerial government agency should be able 
to sell, display, purchase, or obtain any individual's SSN, nor should 
they be able to use any individual's SSN to obtain other personal 
information about the individual.
    The prevalence of SSN misuse cannot be denied. In Fiscal Year 2000, 
our office received 92,847 allegations. Over half of them, 46,840, were 
allegations of SSN misuse, and another 43,456 were allegations of 
program fraud, which experience has shown us often include implications 
of SSN misuse. My office and others, such as the FTC, are doing all we 
can within the limitations imposed by existing law and resources. We 
are diligent in referring allegations of Identity Theft to the FTC, and 
we conduct investigations of SSN misuse, both program-related and non-
program-related, on a daily basis. We have conducted undercover 
operations in which we have purchased counterfeit Social Security 
cards, and reverse-sting operations in which we have offered such cards 
for sale. Several of these cases are now pending in U.S. Attorney's 
Offices. We are involved now in a joint investigation with another 
Federal law enforcement agency in which lists of names and SSNs were 
being sold to the highest bidder on an Internet auction site. Although 
the investigation is ongoing, and I cannot provide details, I can tell 
you that we've discovered that the source of the lists was a 
university. This highlights the need to stop the indiscriminate use of 
SSNs as I.D. numbers. Unfortunately, while the subject in this case may 
eventually face criminal charges of some kind, nothing in the Social 
Security Act currently prohibits the sale of SSN information.
    In addition to legislation that limits the use of SSNs and provides 
sanctions for violations, and legislation which criminalizes the sale 
and purchase of SSN information, it is important to provide an 
administrative safety net, as well. Our Civil Monetary Penalty program 
has proven an invaluable asset in the context of SSA program violations 
when criminal prosecution is not a viable option. Similar authority in 
the arena of SSN misuse would provide my office with the same ability 
to take administrative action. I would urge you to consider legislation 
vesting in us such authority.
    With legislation such as that I have discussed, and the continuing 
dedication of the Government agencies involved, and of this 
Subcommittee, I am confident that we can reverse the trend of SSN 
misuse and Identity Theft.
    I welcome this Subcommittee's dedication and attention to this 
critical issue, and I would be happy to answer any questions.

                                


    Chairman Shaw. Thank you, Mr. Huse. Mr. Robinson.

  STATEMENT OF MICHAEL ROBINSON, SPECIAL AGENT, OFFICE OF THE 
       INSPECTOR GENERAL, SOCIAL SECURITY ADMINISTRATION

    Mr. Robinson. Thank you, Mr. Chairman and members of the 
Subcommittee. I will proceed with doing a presentation that 
will show you the various websites that are available that will 
assist in facilitating identity theft.
    Chairman Shaw. Each of the members has this book, which I 
believe you have supplied.
    Mr. Robinson. Yes, sir, Mr. Chairman. Those books will 
actually be a representation of this presentation here.
    As you can see, Mr. Chairman, the first page is a home page 
on the Internet and this is a first page that is easily 
accessible and usually the first page that someone will view 
when they are entering the World Wide Web.
    From there they will go to a search engine and there are 
various search engines out there on the Internet and they could 
simply type in the type of information they would wish to 
search for. And as you can see here, we indicated ``instant 
Social Security number searches.''
    This is one of the sites that actually offers the service 
to assist an individual in finding Social Security numbers and 
they also offer a response time anywhere from 15 to 30 minutes. 
These could actually be purchased over the Internet, this type 
of service, by anyone with a major credit card and they could 
instantly receive a response right there over the Internet.
    Here, as you can see, a price is listed to actually search 
for someone's Social Security number, which is $39.95 at this 
particular site.
    Pretty simple information that needs to be put in by 
anyone. Just input that information there and it just walks an 
individual through the various steps that they would need to 
take within this site to complete their search.
    Information here that confirms the individual's request, 
gives them the amount that they will be charged for this 
particular service. They could have an extensive search and it 
also lists that the person could actually purchase a one-hour 
rush to get the Social Security number of an individual.
    Here it actually confirms that the purchase has been made, 
gives you several other selections that the individual can 
place at this time for other searches, additional information 
that could be purchased and with this information, the person 
could assume anyone's identity.
    Here is an additional website that is easily accessible, 
readily available to anyone who has access to the Internet. 
This site actually offers the same type of service as the 
previous website that we mentioned.
    From here, not only on the Internet could you obtain 
someone's Social Security card but you could also purchase 
several identity documents--anything from driver's license to 
graduation certificates, birth certificates, really the major 
items that you would need to assume an individual's identity.
    As you can see, there are even websites that are available 
on the Web that actually ranks the top 10 fake ID websites so 
that if an individual is surfing the Internet looking for 
places to go and actually obtain a fraudulent identification 
document or a fraudulent ID, this will give them an idea of 
what sites are out there and whether or not the sites are worth 
visiting.
    Here we have a fake ID review site. With the fake ID review 
site, what this does is give an individual an idea of what type 
of product they would purchase if they would go to the 
particular sites that are recommended here. It tells you 
whether or not the products are good, whether or not the 
products are neutral, where the products are actually made and 
the time frame in which a person can expect, prior to receiving 
their fraudulent document in the mail, to include Social 
Security card, driver's license, birth certificates, things of 
that nature.
    From this website here, as you can see, all 50 States are 
represented here and with this website you can actually 
purchase a driver's license from each of the 50 States and with 
these driver's licenses they could be used as what we call 
breeder documents. With these driver's licenses here if someone 
had your name and your address and they knew your Social 
Security number, depending upon how well the product looks, 
they could use that to obtain an actual Social Security card 
with your name and number on it.
    Here, as you can see, this site not only offers you a 
driver's license but once you purchase that driver's license 
you can also obtain a Social Security card.
    This is just the order form for that site, pretty self-
explanatory to an individual who is on the Internet, so it is 
easy to complete. And once the person completes this 
application, they can put in their request and obtain the 
Social Security card and/or driver's license in any name or 
number they may choose.
    On this website here it actually lists the names and Social 
Security numbers, which have proven to be valid but are not 
shown in the presentation here, of individuals, a range of 
individuals from Bill Gates to General Colin Powell to Ted 
Turner and the heirs to the Wal-Mart chain, as well. Their 
names and Social Security numbers here are readily available 
and they are on the Internet as we speak. We have checked that 
site very recently.
    On these various websites that offer you the opportunity to 
obtain someone's name, Social Security number, they also offer 
a person, once they obtain that information, the opportunity to 
apply for, within 15 to 30 seconds, a credit card over the 
Internet. And once they obtain that credit card it also links 
you to various sites in which you could instantly start 
shopping with that information while you are there on the 
Internet.
    Mr. Chairman and members of the Subcommittee, this would 
conclude the presentation. Other than the driver's license and 
the Social Security number that, Mr. Chairman, I think you have 
before you, those are driver's licenses and Social Security 
numbers that can actually be purchased over the Internet. And, 
as you can see, there is an adhesive sticker on both of those 
identification documents that could easily be removed and once 
it is removed there is no indication that the sticker was ever 
there.
    [The prepared statement of Mr. Robinson follows:]
 Statement of Michael Robinson, Special Agent, Office of the Inspector 
                General, Social Security Administration
    The following was a PowerPoint presentation:
Slide 1
[GRAPHIC] [TIFF OMITTED] T4226A.001

Slide 2
[GRAPHIC] [TIFF OMITTED] T4226A.002

Slide 3
[GRAPHIC] [TIFF OMITTED] T4226A.003

Slide 4
[GRAPHIC] [TIFF OMITTED] T4226A.004

Slide 5
[GRAPHIC] [TIFF OMITTED] T4226A.005

Slide 6
[GRAPHIC] [TIFF OMITTED] T4226A.006

Slide 7
[GRAPHIC] [TIFF OMITTED] T4226A.007

Slide 8
[GRAPHIC] [TIFF OMITTED] T4226A.008

Slide 9
[GRAPHIC] [TIFF OMITTED] T4226A.009

Slide 10
[GRAPHIC] [TIFF OMITTED] T4226A.010

Slide 11
[GRAPHIC] [TIFF OMITTED] T4226A.011

Slide 12
[GRAPHIC] [TIFF OMITTED] T4226A.012

Slide 13
[GRAPHIC] [TIFF OMITTED] T4226A.013

Slide 14
[GRAPHIC] [TIFF OMITTED] T4226A.014

Slide 15
[GRAPHIC] [TIFF OMITTED] T4226A.015

Slide 16
[GRAPHIC] [TIFF OMITTED] T4226A.016

Slide 17
[GRAPHIC] [TIFF OMITTED] T4226A.017

Slide 18
[GRAPHIC] [TIFF OMITTED] T4226A.018

Slide 19
[GRAPHIC] [TIFF OMITTED] T4226A.019

Slide 20
[GRAPHIC] [TIFF OMITTED] T4226A.020

Slide 21
[GRAPHIC] [TIFF OMITTED] T4226A.021

Slide 22
[GRAPHIC] [TIFF OMITTED] T4226A.022

Slide 23
[GRAPHIC] [TIFF OMITTED] T4226A.023

Slide 24
[GRAPHIC] [TIFF OMITTED] T4226A.024

Slide 25
[GRAPHIC] [TIFF OMITTED] T4226A.025

Slide 26
[GRAPHIC] [TIFF OMITTED] T4226A.026

Slide 27
[GRAPHIC] [TIFF OMITTED] T4226A.027

Slide 28
[GRAPHIC] [TIFF OMITTED] T4226A.028

Slide 29
[GRAPHIC] [TIFF OMITTED] T4226A.029

Slide 30
[GRAPHIC] [TIFF OMITTED] T4226A.030

Slide 31
[GRAPHIC] [TIFF OMITTED] T4226A.031

Slide 32
[GRAPHIC] [TIFF OMITTED] T4226A.032

Slide 33
[GRAPHIC] [TIFF OMITTED] T4226A.033

Slide 34
[GRAPHIC] [TIFF OMITTED] T4226A.034

Slide 35
[GRAPHIC] [TIFF OMITTED] T4226A.035

Slide 36
[GRAPHIC] [TIFF OMITTED] T4226A.036

Slide 37
[GRAPHIC] [TIFF OMITTED] T4226A.037

Slide 38
[GRAPHIC] [TIFF OMITTED] T4226A.038

Slide 39
[GRAPHIC] [TIFF OMITTED] T4226A.039

Slide 40
[GRAPHIC] [TIFF OMITTED] T4226A.040

Slide 41
[GRAPHIC] [TIFF OMITTED] T4226A.041

Slide 42
[GRAPHIC] [TIFF OMITTED] T4226A.042

Slide 43
[GRAPHIC] [TIFF OMITTED] T4226A.043

Slide 44
[GRAPHIC] [TIFF OMITTED] T4226A.044

Slide 45
[GRAPHIC] [TIFF OMITTED] T4226A.045

Slide 46
[GRAPHIC] [TIFF OMITTED] T4226A.046

Slide 47
[GRAPHIC] [TIFF OMITTED] T4226A.047

Slide 48
[GRAPHIC] [TIFF OMITTED] T4226A.048

Slide 49
[GRAPHIC] [TIFF OMITTED] T4226A.049

Slide 50
[GRAPHIC] [TIFF OMITTED] T4226A.050

Slide 51
[GRAPHIC] [TIFF OMITTED] T4226A.051

Slide 52
[GRAPHIC] [TIFF OMITTED] T4226A.052

Slide 53
[GRAPHIC] [TIFF OMITTED] T4226A.053

Slide 54
[GRAPHIC] [TIFF OMITTED] T4226A.054

Slide 55
[GRAPHIC] [TIFF OMITTED] T4226A.055

Slide 56
[GRAPHIC] [TIFF OMITTED] T4226A.056

Slide 57
[GRAPHIC] [TIFF OMITTED] T4226A.057

Slide 58
[GRAPHIC] [TIFF OMITTED] T4226A.058

Slide 59
[GRAPHIC] [TIFF OMITTED] T4226A.059

Slide 60
[GRAPHIC] [TIFF OMITTED] T4226A.060

Slide 61
[GRAPHIC] [TIFF OMITTED] T4226A.061

Slide 62
[GRAPHIC] [TIFF OMITTED] T4226A.062

Slide 63
[GRAPHIC] [TIFF OMITTED] T4226A.063

Slide 64
[GRAPHIC] [TIFF OMITTED] T4226A.064

Slide 65
[GRAPHIC] [TIFF OMITTED] T4226A.065

Slide 66
[GRAPHIC] [TIFF OMITTED] T4226A.066

Slide 67
[GRAPHIC] [TIFF OMITTED] T4226A.067

Slide 68
[GRAPHIC] [TIFF OMITTED] T4226A.068

Slide 69
[GRAPHIC] [TIFF OMITTED] T4226A.069

Slide 70
[GRAPHIC] [TIFF OMITTED] T4226A.070

Slide 71
[GRAPHIC] [TIFF OMITTED] T4226A.071

Slide 72
[GRAPHIC] [TIFF OMITTED] T4226A.072

Slide 73
[GRAPHIC] [TIFF OMITTED] T4226A.073

                                

    Chairman Shaw. Thank you, Mr. Robinson. Mr. Fabozzi.

       STATEMENT OF MICHAEL FABOZZI, DETECTIVE, COMPUTER 
  INVESTIGATIONS AND TECHNOLOGY UNIT, SPECIAL INVESTIGATIONS 
DIVISION, NEW YORK CITY POLICE DEPARTMENT, ACCOMPANIED BY JAMES 
                        DOYLE, SERGEANT

    Mr. Fabozzi. Good morning, Mr. Chairman and members of the 
Subcommittee. On behalf of Mayor Rudolph Giuliani and Police 
Commissioner Bernard Kerik, we would like to thank you for the 
opportunity to appear before you today to discuss this very 
important subject.
    My name is Detective Michael Fabozzi. Seated next to me is 
Sergeant James Doyle. We share a combined 36 years experience 
in the New York City Police Department (NYPD). During that time 
we have patrolled the New York City subways, housing 
developments and ultimately went on to serve in the NYPD's 
Detective Bureau. Presently, we are assigned to the Computer 
Investigation and Technology Unit, which is part of the Special 
Investigations Division. Investigators in the Special 
Investigations Division are responsible for the investigation 
of white collar crimes, specifically bank and brokerage fraud, 
credit card fraud and identity theft.
    For the past several years we have been assigned to the 
Computer Investigations and Technology Unit, a squad that has 
been at the forefront in the area of investigating financial 
crimes perpetrated through the Internet.
    Over the past five years there has been a significant 
increase in crimes where criminals compromise personal 
identifying data of victims in order to commit identity theft. 
The information that falls into criminal hands includes such 
information as name, date of birth, Social Security number, 
banking account number and other personal and financial 
information.
    Victims of identity theft, like other crime victims, may 
feel personally violated. This is especially true in light of 
the vicious cycle of events that typically follows the 
occurrence of this crime. Imagine for a moment a recently 
married couple just starting out their life together. They work 
hard and save enough money to make a down payment on their 
first new home only to be denied a mortgage because of a 
negative payment history, information they knew nothing about. 
The trouble of rebuilding personal credit may be a more 
horrifying experience than the illegal charges on a credit card 
statement. The trauma that this type of fraud causes innocent 
victims is unimaginable. Moreover, once the crime is discovered 
and reported, victims are left to fend for themselves in 
attempting to clear their credit history and good name.
    Our unit has successfully conducted numerous investigations 
where criminals have used the personal information not only to 
obtain credit cards and personal loans but also to purchase 
cars and homes. We have seen defendants who stole the identity 
of others create phony identification on common computer 
peripherals, such as scanners and printers, and walk into banks 
and walk out with the accountholder's money. One was even 
arrested using the name, date of birth and Social Security 
number of her victim. Although we in law enforcement garner 
some sense of satisfaction when we make arrests for these 
crimes, it is not enough when compared to the amount of time 
and energy a victim spends trying to undo the work of these 
criminals.
    Recently, I was the arresting officer and lead investigator 
of a team of NYPD detectives, postal inspectors and Secret 
Service agents in the Abraham Abdallah case, a case that 
received national and international exposure. Since it is still 
an on-going investigation, my comments are limited only to the 
information that has been reported publicly.
    Abraham Abdallah, a busboy in a local restaurant in 
Brooklyn, New York, was able to successfully obtain the 
personal information, such as date of birth, name, Social 
Security number, phone and address and sometimes the bank and 
brokerage information by using the Internet and other sources. 
Working as a busboy, Abdallah allegedly stole credit card 
numbers of various customers and then used those credit card 
numbers to order and purchase merchandise over the Internet.
    In addition to ordering merchandise with stolen credit 
cards, he used the personal information of his victims to open 
up new credit card accounts. He requested that new cards be 
mailed to a new address, usually a mail drop. A mail drop is a 
P.O. box or mail receiving agency that receives mail for an 
individual, such as Mailboxes, Etc. New credit card accounts 
were then opened at these mailbox drops in the name of 
celebrities and many prominent, well known business leaders. 
Using these new credit card accounts, Abdallah allegedly went 
into the local library where he was able to purchase credit 
history reports on line.
    Through the use of on-line information providers and other 
Internet-based databases, Abdallah was able to penetrate the 
banking and brokerage accounts of his victims using a common 
trick called social engineering. Social engineering is the 
process whereby an individual misleads another, such as a 
customer service rep, into providing personal information about 
an individual or an account. Once Abdallah obtained the 
personal account information and perhaps a password, he was 
then able to steal a vast amount of money from the accounts of 
our nation's wealthiest individuals.
    This tale of the busboy cyber-thief is a frightening 
testament to the vulnerability of the entire e-commerce system, 
a system that has successfully lulled America into believing 
that encryption and on-line privacy policies have made internet 
transactions secure. The holes in our system are everywhere--at 
restaurants, department stores, merchant counters, doctors' 
offices, insiders at banks and brokerages and HMOs to the 
nation's three credit-reporting bureaus. By finding just a few 
holes, Abdallah allegedly was on his way to stealing millions 
of dollars.
    We urge this Committee to take the necessary steps to 
develop new ways to prevent this type of fraud without 
sacrificing the privacy rights of the consumers. Specifically 
our legislative recommendations are as follows.
    Entities which have access to consumers' personal 
identifying information should be strictly accountable as to 
who they provide such information to and the purpose that the 
information is being provided for.
    Credit reporting agencies should have to notify consumers 
when inquiries regarding credit histories are made. The 
consumer should have the ultimate ability to deny such 
information from being disseminated by the credit reporting 
agency.
    Internet service providers and web sites should be mandated 
to maintain detailed records of their transactions. Unlike 
telephone companies that keep detailed records of calls which 
are of great value to law enforcement in its investigation of 
identity theft, Internet companies have no set standards as to 
what records of transactions are kept, thereby providing an 
impediment to investigating identity theft.
    The posting of Social Security numbers on the Internet 
should be strictly prohibited.
    We believe that some of these legislative safeguards, if 
enacted, can have a significant impact on the crime of identity 
theft. Thank you for the opportunity to address the 
Subcommittee.
    [The prepared statement of Mr. Fabozzi follows:]
 Statement of Michael Fabozzi, Detective, Computer Investigations and 
Technology Unit, Special Investigations Division, New York City Police 
                               Department
    Good Morning, Mr. Chairman and members of the Subcommittee. On 
behalf of Mayor Rudolph Giuliani and Police Commissioner Bernard Kerik, 
we would like to thank you for the opportunity to appear before you 
today to discuss this very important subject.
    My name is Detective Michael Fabozzi. Seated next to me is Sergeant 
James Doyle. We share a combined 36 years experience in the New York 
City Police Department. During that time we have patrolled New York 
City's subways, housing developments and ultimately went on to serve in 
the NYPD's Detective Bureau. Presently, we are assigned to the Computer 
Investigations and Technology Unit, which is part of the Special 
Investigations Division. Investigators in the Special Investigations 
Division are responsible for the investigation of white-collar crimes, 
specifically bank and brokerage fraud, credit card fraud, and identity 
theft. For the past several years, we have been assigned to the 
Computer Investigations and Technology Unit that has been at the 
forefront in the area of investigating financial crimes perpetrated 
through the Internet.
    Over the past five years, there has been a significant increase in 
crimes where criminals compromise personal identification data of 
victims, in order to commit identity theft. The information that falls 
into criminal hands includes name, date of birth, Social Security 
Number, banking account number, and other personal and financial 
information.
    Victims of identity theft, like other crime victims, are made to 
feel personally violated. This is especially true in light of the 
vicious cycle of events that typically follows the perpetration of this 
crime. Imagine for a moment, a recently married couple just starting 
out in their life together. They work hard and save enough money to 
make a down payment on their first new home only to be denied a 
mortgage because of a negative payment history reflected in a credit 
report--information that they knew nothing about. The trauma this type 
of fraud causes its innocent victims is unimaginable. Moreover, once 
the crime is discovered and reported, victims are left to fend for 
themselves in attempting to clear their credit history and good name.
    Our unit has successfully conducted numerous investigations where 
perpetrators have used the personal information to not only obtain 
credit cards and personal loans, but also to purchase cars and homes. 
Although we in law enforcement garner some sense of satisfaction when 
we make arrests for these crimes, it is not enough when compared to the 
amount of time and energy a victim spends trying to undo the work of 
these criminals.
    Recently, I was the arresting officer and I am the lead 
investigator in the Abraham Abdallah case--an investigation that 
received national and international exposure. Since the matter is still 
an ongoing investigation, my comments are limited to only that 
information that has been reported publicly. Abraham Abdallah, a busboy 
in a local restaurant in Brooklyn, New York was able to successfully 
obtain personal information such as names, dates of birth, social 
security numbers, phone numbers, and sometimes bank and brokerage 
account information by using the Internet and other sources. While 
working as a busboy, Abdallah stole credit card numbers of various 
customers and then used those credit cards to order and purchase a 
variety of items over the Internet.
    In addition to ordering merchandise with stolen credit cards, he 
used the personal identification information of his victims to open up 
new credit card accounts. He requested that the new cards be mailed to 
a new address--usually a ``mail drop.'' A mail drop is a P.O. Box or 
Mail Receiving Agency that receives mail for an individual, such as 
Mailboxes Etc. New credit card accounts were then opened using these 
mailbox drops as the address of individuals, including celebrities and 
even a few prominent, well-known business leaders. Using these new 
credit card accounts, Abdallah went to the local library where he was 
able to purchase credit history reports on-line.
    Through the use of on-line information providers and other Internet 
based databases, Abdallah was able to penetrate the banking and 
brokerage accounts of his victims by using a common trick called 
``social engineering.'' Social Engineering is the process whereby an 
individual misleads another person such as a customer service 
representative into providing personal information about an individual 
or account. Once he obtained the account information and perhaps an 
account's password, he was then able to steal a vast amount of money 
from the accounts of our nation's wealthiest individuals.
    This tale of the busboy cyber thief is a frightening testament to 
the vulnerability of the entire e-commerce system--a system that has 
successfully lulled America into believing that encryption and on-line 
privacy policies have made Internet transactions secure. The holes in 
our system are everywhere--at restaurants, department stores, merchant 
counters, doctor's offices, insiders at banks and brokerages, places of 
employment and at the nation's three major credit reporting bureaus. By 
finding just a few of holes in the system, Abdallah was on his way to 
stealing $100 million.
    We urge this Committee to take the necessary steps to develop new 
ways to prevent this type of fraud without sacrificing the privacy 
rights of the consumers. Specifically, our legislative recommendations 
are as follows:

           Entities that have access to a consumer's personal 
        identifying information should be strictly accountable as to 
        who they provide such information to and the purpose that the 
        information is being provided.
           Credit reporting agencies should have to notify 
        consumers when inquiries regarding credit histories are made. 
        The consumer should have the ultimate ability to deny such 
        information from being disseminated by the credit-reporting 
        agency.
           Internet service providers and web sites should be 
        mandated to maintain detailed records of their transactions. 
        (Unlike telephone companies that keep detailed records of calls 
        that are invaluable to law enforcement, Internet companies have 
        no set standards as to what records of transactions are kept, 
        thereby providing an impediment to investigating identity 
        theft.)
           The posting of social security numbers on the 
        Internet should be prohibited.

    We believe that some of these legislative safeguards, if enacted, 
can have a significant impact on the crime of identity theft. Thank you 
for the opportunity to address the subcommittee. We will be happy to 
answer any questions that you may have.

                                


    Chairman Shaw. Thank you. Mr. Collins? Mr. Becerra?
    Mr. Becerra. Thank you, Mr. Chairman. And thank you to all 
the witnesses for their testimony.
    Let me begin by asking Mr. Huse his thoughts on a couple of 
things. One, we know that the use of the number, the Social 
Security number, is widespread and we know that in many cases 
private, including public sector agencies and firms, rely on 
the card to conduct business. We will hear in the next panel 
many witnesses who will tell us that we are going too far or 
that there are things that we could do to curtail the misuse of 
the number but still allow it to be used for other purposes. 
Some people say that we have been able to track down missing 
children, we have been able to track down deadbeat fathers by 
using the Social Security number.
    Is there a way, in your opinion, of addressing the concern 
of identity theft and, at the same time, trying to address the 
concerns raised by the private sector most particularly in the 
use of the card to undertake activities which are legitimate 
and could be beneficial to the public?
    Mr. Huse. I believe there is. We have to accept that the 
Social Security number is the de facto national identifier and 
its uses, both by the governmental entities at all levels and 
the private sector is too imbedded for us to change. It is 
probably impossible to change it.
    But, I think if we regulate an attempt to control the 
movement of these identifiers in terms of the sale and use of 
credit histories and credit information and make the entities 
that do this accountable for the sale and use of these by 
obtaining the permission of the cardholder himself or herself 
or notification at the very least, we have gone a long way in 
slowing down the reckless movement of these numbers, which is 
at the base of a lot of the criminal problems you have heard 
about this morning.
    I think the bill that the Committee put together last year, 
H.R. 4857, struck the right compromise there between balancing 
out all of the interests, leaving something for commerce, 
leaving something for government but, at the same time, giving 
people the right to have their good name intact.
    Mr. Becerra. Thank you.
    Let me ask any of the folks in law enforcement if they can 
give us some thoughts on how we can also try to curtail the 
activity that we see through this presentation that you made, 
Agent Robinson, where, in effect, you are promoting the use of 
fraudulent cards, identity cards, and you are, in essence, 
giving people license to go out there and commit fraud.
    Is there any way for us to try to strike at the type of 
businesses that would market this type of product yet still 
allow what Mr. Huse identified as legitimate interests to 
continue within the private and public sectors in the use of, 
say, the Social Security number?
    Mr. Robinson. Most of the sites that we actually visited 
and the companies that are selling these Social Security cards 
are usually not selling them for legitimate purposes and that, 
to me, gives us that feeling that as soon as you can see the 
card and see the fact that the novelty sticker or the sample 
sticker can be actually pulled off the card and usually they 
try to protect themselves with a disclaimer but most of the 
individuals or the individuals who will purchase those cards, I 
do not think there is a legitimate reason for selling a Social 
Security card over the Internet or anywhere else.
    Mr. Becerra. So, is there a way to go after that type of 
enterprise that really does not have a legitimate purpose, 
other than to help someone commit identity fraud?
    Mr. Huse. I think the accountability that we seek for these 
entities, to make them responsible for what they traffic in 
with both criminal sanctions and civil money penalty sanctions, 
these are the ways to push them back from these enterprises.
    Mr. Becerra. So you would make them criminally liable if 
someone, for example, is apprehended after using a fake ID 
obtained by one of these Internet sites, that that Internet 
company would be equally responsible, criminally liable in that 
case of any offense that may have been committed by the 
individual who obtained the fake ID?
    Mr. Huse. That is correct.
    Mr. Becerra. Thank you. Thank you, Mr. Chairman.
    Chairman Shaw. Mr. Johnson? Mr. Pomeroy?
    Mr. Pomeroy. I want to thank the entire panel. This has 
been extremely interesting. I regret the inconvenience and 
disruption to especially our witnesses that have been 
defrauded.
    Inspector General, on this point of how do we deal with 
this in a reasonable way, I would like to follow my colleague's 
questions.
    Presently in the implementation of Gramm-Leach-Bliley 
legislation there have been millions and millions of consumer 
privacy notices mailed out. I know a number of individuals, 
your basic average--a couple of retirement accounts, bank 
accounts, what have you--will have gotten a half dozen notices 
and I am not sure we have exactly clarified in the public's 
mind precisely the kind of informed status we wanted to achieve 
relative to privacy generally.
    Are suggestions, in terms of how to deal with this problem, 
would they require additional notices I am afraid potentially 
confusing the public in terms of the status of all this?
    Mr. Huse. I think the public is fairly well informed about 
the fact that this is a problem. The identity fraud problem, I 
think just even in recent months, you cannot turn on the 
television at night and not get an identity fraud story on one 
of the local television stations. In fact, I think one of them 
in the Baltimore area broadcasted a story very similar to Agent 
Robinson's demonstration here today last night.
    If we stick to trying to regulate what we can or to control 
what we can, I think the public will accept this, that they 
have a right, we all have a right to know to what uses our 
Social Security account number is being put to and when that 
information migrates from one database to another we should be 
notified as to the intent or purpose. I think that is a 
reasonable expectation for all of us.
    It will add costs to some of the financial uses of the SSN 
but I think that is a far better route to take than to try to 
expunge the use of them entirely because I do not think we 
could do that.
    Mr. Pomeroy. I was in the State legislature when we allowed 
the Social Security number to be substituted for driver's 
license and the public liked it. They did not have to remember 
their driver's license number anymore; it was simple. They had 
the opportunity under our law to choose either one but 
overwhelmingly there was a preference, just for simplicity's 
sake, to do that and that was pre having all these PIN numbers 
that you now have to remember in order to access your various 
accounts.
    There are two sides to the coin. I am very concerned about 
the public security issue you present so well on abuse of the 
Social Security number but, on the other hand, there is a 
convenience of business issue that I am trying to not totally 
interfere with, either.
    Mr. Huse. We all recognize with this rush of technology and 
the change that it has made in our lives just in the last 20 
years that ultimately the solution to all of this will be some 
other kind of national identifier. I mean that will come in 
time. What form that takes, whether it is a biometric 
thumbprint or eye scan or whatever, that will happen 
inevitably. Then the pressure on the Social Security number 
will go away. But to go from where we are today to there, no 
one can estimate when that will happen. Those biometrics exist 
now but they are too costly.
    So, I think we have to be careful here that we keep this 
balance. I think the way 4857 is put together, it has some 
measures that give us an opportunity to make some demonstrable 
effort in terms of trying to protect the privacy of people's 
identification data and yet, at the same time, still allowing 
enough commercial and governmental use of the number to keep 
commerce going.
    Mr. Pomeroy. Do you have any ideas about how we might 
easily assist victims in terms of getting everything 
straightened around, some central registry they could go to 
where in a one-call way they have their issues dealt with, as 
opposed to the incredible burden we place on victims today?
    Mr. Huse. Well, the Congress has made a lot of effort that 
way in the last five years and de facto, that kind of exists 
now between the Federal Trade Commission's hotline and the 
Social Security Administration's Office of Inspector General 
(OIG) hotline, who completely cooperate with each other. They 
have become really, in many instances, the court of last resort 
for a lot of victims of financial crime.
    What we need to do a better job in is putting together all 
of the pieces of law enforcement at the local, county, state 
and Federal levels to work on these things. Again the bill 
addresses some of this with the ability for my office, for 
example, to be able to task force with all of these law 
enforcement entities to create the kind of synergy we need to 
do a better job with this because we hear the victims speak 
about the inability of a lot of law enforcement to really make 
an impact.
    You see, this is a crime that you need real-time 
information for at the time of an apprehension and when that 
does not exist, that is how these people survive and move on 
and metamorphose into something else the next day with more 
stolen IDs.
    Mr. Pomeroy. Thank you.
    Chairman Shaw. Mr. Collins?
    Mr. Collins. Thank you, Mr. Chairman.
    I have a question for Agent Robinson. On the website Dog 
pile you have instant Social Security number searches. Can you 
just type in a number there and hit fetch and it will go and 
gather that information?
    Mr. Robinson. Yes, sir. What I actually used was the search 
engine and wrote in the quote to go out and search for websites 
that would actually assist me in obtaining instant Social 
Security number searches. No actual number was placed in there.
    Mr. Collins. Okay, that just searches for websites, then.
    Mr. Robinson. Correct.
    Mr. Collins. On any of the websites could you just put in a 
number and it would search that number?
    Mr. Robinson. With the Social Security number, if I had the 
Social Security number?
    Mr. Collins. Just make up a number.
    Mr. Robinson. No, you could put in someone's actual Social 
Security number and at those various websites they could go out 
and verify it for you or you could actually request a Social 
Security number that matches the information that you are 
providing to the service, such as the name, date of birth and 
the current address of an individual, is usually the minimum 
that most of those sites would need.
    Mr. Collins. But if I had none of that information, I just 
made up a Social Security number and asked it to search that, 
would it search it?
    Mr. Robinson. Some of those sites will do that and will 
provide that service. If you provide them with a Social 
Security number I think it is the second site that we used, the 
Et cetera site would provide that service. You actually place 
in the Social Security number and it will give you a response 
and in some of those responses--it varies--some responses will 
be just the name and some responses will be the name and the 
address. The response varies based on the price that you pay.
    Mr. Collins. It has been mentioned holding these people 
accountable that provide this type of information. If they are 
not a U.S. entity or using the net from another country, how do 
we approach that, that accountability question?
    Mr. Robinson. Well, the law enforcement agencies here will 
have to work closely with those countries that have those 
various websites that offer that service and we would have to 
see what their laws are in that particular country. Usually, 
regardless of what the laws are in that particular country, the 
person is going to misuse the information here in the States.
    Mr. Collins. Okay. This thing becomes a real mountain as 
you start moving it, does it not?
    Mr. Robinson. It does.
    Mr. Johnson OF TEXAS. Would the gentleman yield?
    Mr. Collins. I would be glad to, Mr. Johnson.
    Mr. Johnson OF TEXAS. Following up on that question, if 
some country like Russia, for example, had somebody in there 
manipulating our system and providing fraudulent information 
and we do not have any arrangement with them, I bet, between 
law enforcement to take care of that problem, how do we address 
that?
    Mr. Huse. Actually, the Department of Justice and the 
Department of Treasury both have foreign operations in most of 
these countries now. In fact, my own son is one of the agents 
from the Secret Service that oversees doing this, teaching 
financial crimes investigations to these new former Soviet 
republics and countries where they do not know much about 
financial crime.
    Mr. Johnson OF TEXAS. But they know how to mess with the 
Internet.
    Mr. Huse. And they are, but we actually have on-going 
efforts to bring up law enforcement in these countries to a 
level of cooperation that we have on other types of crime now 
through Interpol and other----
    Mr. Johnson OF TEXAS. Have you run into any of that with 
other countries trying to manipulate our system?
    Mr. Huse. The NYPD, I am sure, can answer that better than 
we can.
    Mr. Fabozzi. We have done investigations and what we do in 
the Computer Crime Squad is that we find where the host is, the 
computer where it is located that is actually hosting the site 
of the ID fraud or the novelty ID card, Social Security cards, 
and the host computer may be in the Soviet Union and that ends 
our investigation. We forward that to Interpol or another 
Federal agency.
    Mr. Johnson OF TEXAS. Have you ever had any indication that 
the Chinese might be doing that?
    Mr. Fabozzi. Not at this time.
    Mr. Johnson OF TEXAS. Okay, thank you.
    Chairman Shaw. Mr. Ryan?
    Mr. Ryan. Thank you, Mr. Chairman.
    Mr. Huse, I would like to ask you a couple of questions. 
You testified that legislation is needed to stop the ready 
availability of Social Security numbers over the Internet. I 
know we have been talking about last year's bill, 4857. Is 
there something else that you think is needed in this bill or 
are you pleased with the product from your perspective that 
came out of last year's Committee?
    Mr. Huse. I am very pleased with the product that came out 
last year. I think if we can get that, we are a long way to 
where we have to go.
    Mr. Ryan. You also mentioned that you have a hotline up and 
running that you have had for several years. Have you noticed a 
marked increase in allegations involving identity theft and 
Social Security misuse?
    Mr. Huse. Well, each year since we have had the hotline up 
and running we have received more and more allegations. A 
little over half the allegations we receive have to do with 
Social Security number misuse and identity fraud and those have 
increased every single year.
    Mr. Ryan. And that is in a steep incline?
    Mr. Huse. It is going up. It is going up.
    Mr. Ryan. Also you stated that your office has conducted 
undercover operations where you have purchased actual 
counterfeit Social Security number cards. You state that you 
are currently involved in an investigation of an Internet 
auction company that is selling names and Social Security 
numbers. Can you tell me about how many individuals or 
different companies are in existence today that do this?
    Mr. Huse. We do not have exact figures. I do not think 
anybody does. They crop up like mushrooms overnight on your 
lawn.
    Mr. Ryan. Pretty simple to get started?
    Mr. Huse. It is very simple to start a business on the 
Internet but we do not have exact figures.
    Mr. Ryan. I wanted to ask the two officers, Detective 
Fabozzi and Detective Doyle, all of our Social Security numbers 
are out there. Nothing can be done immediately to protect 
against that. But what would you recommend to individuals and 
citizens that they can do to protect their identity at this 
time right now? Even if they take such steps, what are the 
chances we can stem identity theft aside from any type of 
legislation that would be passed?
    Mr. Doyle. The biggest thing would be awareness of how 
prevalent your number is out there and your Social Security 
number is the key that unlocks the ability to do a lot of this 
identity-type fraud.
    The biggest problem we see with our victims is that 
helplessness when they discover they are a victim, how they 
have to try to repair their own credit. We try to make them 
aware of the FTC's website that has a lot of very good steps on 
how to repair their credit. All the phone numbers are on one 
website to make these fraud alerts, to get the credit-reporting 
agencies to put that alert on their accounts so that they are 
notified when a new account is opened up. But unfortunately, 
they are the last ones to know when these accounts are opened 
up because the bad guys are opening up good accounts using 
their good name so the accounts are going to be good until they 
run them into the ground.
    So again people have to keep in mind their own credit 
reports, as Ms. Robinson pointed out. She looks at it every 
year. But from year to year, that is plenty of time for someone 
to run up credit report----
    Mr. Ryan. So at this time it is really just reactive, is it 
not?
    Mr. Doyle. Yes, it is.
    Mr. Ryan. Nothing one can really do proactively to prevent 
this from occurring.
    Mr. Fabozzi. Proactively, one thing you can do is run your 
credit report annually, if not more. Second, be diligent as far 
as checking any bills that you receive in the mail and 
destroying them, shredding the bills and account numbers, name, 
address. I would not send mail out, like bills going out to 
different companies, in your mailbox. I would actually mail 
them myself at the post office because if you left them out 
with the flag up in front of your house, someone could come by 
and just take the mail out of your box and then they have your 
check number which has your banking information, maybe an 
account number, Social Security number.
    Mr. Ryan. That is very interesting. Thank you. I yield, Mr. 
Chairman.
    Chairman Shaw. Thank you.
    In looking through the book that you all supplied to us 
there are some incredible things that can be bought--death 
certificates, marriage licenses. Now who wants more than one 
marriage license? I have no idea. But driver's license?
    Do these documents appear to be accurate? If you are 
stopped by a policeman for a speeding violation in Florida and 
you have a fake Florida ID will you fool the Florida Highway 
Patrol?
    Mr. Doyle. Michael also had another case where this one 
group of individuals had very real-looking New York State 
driver's licenses including the magnetic code on the back and 
he will talk more about it.
    Mr. Fabozzi. What they were able to do is first of all, 
create the magnetic stripe on the back of the driver's license. 
In New York State it has a high amount of security features in 
it, such as the color and the security features that are built 
into the United States currency. But what they were able to do 
is through using pickpockets and burglars and working in a 
group they actually stole the identity, meaning they stole the 
driver's license and then using computers they created a new 
driver's license using the exact number of the victim but 
substituting the photograph.
    So let us say I would steal Sergeant Doyle's 
identification. I would put my picture on his driver's license 
but all the other information--account number, date of birth, 
address--is valid. So if they were stopped by police and I 
produced this license and even if the officer ran the driver's 
license through his computer, the number of the license would 
be valid and it would come back as James Doyle but it would 
just have my face on it.
    Chairman Shaw. But his description. What if you are 6 foot 
and 3 inches and he is 5 foot and 4 inches? Would that come 
through like that?
    Mr. Fabozzi. I am sorry, Mr. Chairman. I did not hear you.
    Chairman Shaw. What if there was a great difference in your 
height and weight, description, color of hair, color of eyes, 
those types of things that are on a driver's license?
    Mr. Fabozzi. That would be diligent upon the officer that 
pulled him over. Also, since it is a counterfeit document, you 
can alter that on the phony one but the records would come up 
legit on the print-out.
    Chairman Shaw. I see that there are college diplomas. Are 
not some of these things now illegal? Is not issuing someone a 
driver's license illegal now?
    Mr. Fabozzi. Yes. In New York State it is a forged document 
so if you are using it, let us say, to impersonate someone or 
even just to get a driver's license, it is possession of a 
forged instrument, which is a felony in New York State.
    Chairman Shaw. Is it a felony to distribute these 
documents?
    Mr. Huse. They distribute them as novelty items.
    Mr. Fabozzi. They skirt the issue by putting in a banner 
that this is for novelty purposes only.
    Chairman Shaw. I see they have a marriage license as a 
novelty item, 180 some dollars. That is a hell of a joke. And 
college and high school diplomas, I see right here. I think 
probably other committees should really broaden our net here to 
see exactly what is going on and universities should be able to 
be protected and have their name protected under copyright or 
something so that there is a cause of action that can close 
these people down.
    Mr. Huse. Mr. Chairman, this has gone on for a long time. 
What makes it really critical that we act now is that the 
Internet takes us, because of the speed with the way these 
things are done, to an entirely different place.
    When we just were dealing with paper and counterfeited 
documents, and trafficking in documents for false IDs has been 
as long as I have been in law enforcement----
    Chairman Shaw. I know the green card has been----
    Mr. Huse. Exactly. The Congress has attempted to keep up 
with this through the years but what the Internet did or the 
electronic age is it takes us to an entirely different level of 
activity where it makes it so easy for people to change 
identities overnight and it is risk-free. Why would not 
criminals do this, where they can steal from you or me or 
anybody else without involving any personal risk?
    And it is allowed because there is no way for us to know we 
have been victimized under the present system.
    Chairman Shaw. Well, I think it is illegal to use this type 
of identification. Now we have to be sure that it is illegal to 
distribute it.
    Mr. Huse. Right. Our traditional approach has been to 
attack it after the fact.
    Chairman Shaw. We need to go back to the wellhead.
    Mr. Huse. Right.
    Chairman Shaw. Miss Robinson, you spoke of the purchase of 
a car in San Antonio. Did that occur after you alerted the 
credit-reporting agency of your identity theft or after her 
arrest? Where is the point in time that that happened? Do you 
know?
    Ms. Robinson. Actually, from the beginning I had been in 
contact with the San Antonio police because when she went into 
the jewelry store in the San Antonio mall they did contact the 
police immediately and actually they contacted the police 
before they contacted me. So they were well aware that this was 
going on before I even knew about it.
    Chairman Shaw. How did they know?
    Ms. Robinson. Because when she came into the jewelry store 
on the second day to make purchases they ran my full credit 
report and noticed that I had a Maryland address, although she 
had provided a San Antonio address. They contacted their fraud 
department and they double-checked the information and when 
they double-checked it--because when she first came in they did 
an instant credit report and the only thing that came back was 
a credit score.
    The second time she came in the next day, when they thought 
the activity was suspicious, they ran a full credit report and 
saw that my last reported address was in Maryland. So they 
decided that they would contact this Nicole Robinson in 
Maryland to make sure that it was a different person and 
because I was a different person, they contacted the San 
Antonio police. So they were well aware that this was going on.
    Chairman Shaw. They went well beyond what most merchants 
would do. Most merchants would probably just shrug it off. So 
they are to be complimented. That is wonderful.
    Ms. Robinson. Yes.
    Chairman Shaw. And how about the insurance from GEICO?
    Ms. Robinson. Well, when I contacted GEICO they agreed the 
day that I called them to remove my identifying information 
from this policy. Then they said they would contact her to have 
her provide a different Social Security number and no longer 
use mine on the policy.
    Chairman Shaw. Mr. Moneme, you indicated there were only 
two pieces of identity that were stolen from you, credit card 
and your driver's license that had your Social Security number 
on it. What State is that?
    Mr. Moneme. The State of Ohio.
    Chairman Shaw. Are they still using Social Security numbers 
on driver's licenses?
    Mr. Moneme. I believe so.
    Chairman Shaw. I know Virginia did for a while but I think 
they have stopped that practice.
    Mr. Moneme. I have a DC driver's license now and I had the 
option of selecting a unique number and I chose to do so.
    Chairman Shaw. Kim just told me that it is optional in 
Ohio, also, so I assume you allowed them to use that number. 
Actually, you think it is a convenience until you start really 
thinking it through and then you say whoops.
    Mr. Moneme. Right, that was my feeling.
    Chairman Shaw. Do you feel that without your social 
security number that all of this would have been avoided, 
despite the fact that your wallet was stolen?
    Mr. Moneme. I feel, sir, that was the only piece of 
information that had anything unique. On all the applications 
there were different addresses, there was a signature that did 
not match up to the one on my driver's license. That was the 
only piece of information that connected me to that incident.
    Chairman Shaw. Mr. Huse----
    Mr. Huse. I just wanted to correct----
    Chairman Shaw. You go ahead but then I have another 
question for you.
    Mr. Huse. Very good. The only thing I wanted to correct, 
Mr. Chairman, because it proves that we do try to make an 
effort here and Congress did pass a law last session, the 
Internet False ID Prevention Act of 2000, which makes it 
illegal for these novelty ID items to be sold but you can see 
from real-time today they are still out on the Internet and 
available. It is illegal to do that but that does not mean it 
is not done.
    So, that piece has been dealt with in terms of the law. It 
is a criminal act to do that. But with the way the electronic 
world works, it is not a person. It is just a site and they 
move and they pop up all the time.
    Chairman Shaw. Well, can you elaborate on that? We always 
hear we are concerned about people introducing viruses that get 
into computer programs. Is there any way we could backup a 
virus and blow it up?
    Mr. Huse. They do, but a lot of these are break-out 
operations that just go on for what they can----
    Chairman Shaw. How do you get on the internet and whose 
service are these on? I mean they have to subscribe to a 
service somewhere.
    Mr. Doyle. What our unit does, we do a lot of these. If I 
have a website I want to put up I would just find a company 
that hosts websites, give them my web page, as you saw----
    Chairman Shaw. Is it trackable to----
    Mr. Doyle. They are trackable if the right records are 
kept.
    Chairman Shaw. Is it illegal? If I am one of these 
contractors that puts people websites up, could I be held 
criminally responsible for allowing this to go on?
    Mr. Doyle. It depends if you know what is on that website. 
Sometimes we have web-hosting companies that have no clue what 
is on their websites. They just have pages that are up-loaded 
from a remote location.
    Chairman Shaw. Well, should we make sure that they have a 
clue?
    Mr. Doyle. That was one of our recommendations, Mr. 
Chairman, was to look at better record-keeping by these 
Internet service providers as to who has this website, where is 
it hosted? We looked at some websites up there about where 
these novelty items are being sold from and I can register a 
website and make it appear to be somewhere else. It is again 
the skills of detectives like Mike Fabozzi that you may be able 
to trace back where is that website hosted and maybe conduct an 
investigation into buying these items in an undercover 
capacity, say, and trying to find out the money trail.
    But tracing these things back, again the skill of law 
enforcement has to get up to speed. Again there are very few 
detectives that could do what Mike does to find where is that 
website hosted, who is responsible for it. The records 
sometimes are not there.
    Chairman Shaw. Mr. Huse.
    Mr. Huse. I think in my written testimony I mention an eBay 
case where someone was auctioning Social Security numbers. When 
we contacted eBay about that they asserted that they have no 
legal responsibility for what is put on their auction site. 
That is still the case.
    Chairman Shaw. Well, maybe the Judiciary, Energy, and 
Commerce Committees should have a hearing on that. That is 
outside of our jurisdiction but I think it is something that 
really needs attention.
    One last question and then we are going to have to go on. 
Where do they get all these numbers?
    Mr. Robinson. Where do they get the Social Security 
numbers?
    Chairman Shaw. Yes. I assume, Mr. Robinson, I assume from 
your testimony that you could obtain the Social Security number 
of anybody in this room that has one. And if that's the case, 
where did they get it?
    Mr. Robinson. Most of the information that is provided by 
these sites is information not only from credit bureau headers 
but also from some publicly available documents, as well. What 
they do is there is a pool of information from these various 
sources and then they sell it to the public, anyone who would 
inquire for that information.
    Chairman Shaw. But how can their information be so 
complete?
    Mr. Huse. All our lives we leave these markers as we 
negotiate loans, obtain loans, buy----
    Chairman Shaw. Where is the clearinghouse for these 
markers? It seems like you have to go to so many sources in 
order to have a complete record that it would almost make it 
impractical to accumulate and put all this information into 
computers.
    Mr. Huse. The computers allow them to do it. Think of the 
credit applications you fill out for purchases of cars and so 
forth and homes. They are incredibly detailed. They give the 
story of your life and as this aggregates--a few years ago I 
had someone run my name in our office and the details were 
shocking. I mean they knew exactly in this database where I had 
lived throughout my life and who my neighbors were and what 
their income was. It is incredible. We have very little privacy 
left because of these databases. An amazing amount of 
information aggregates without our permission.
    Chairman Shaw. Mr. Becerra has a follow-up.
    Mr. Becerra. Mr. Huse, we are not so much talking about the 
Social Security being misused. We are just talking about what 
you said before, a de facto national ID number that is being 
used, which happens to be the Social Security number.
    Mr. Huse. That is correct.
    Mr. Becerra. And what we are discussing here today under 
the rubric of the Social Security Administration's number is a 
national ID number and the fact that it is being abused and 
what happens when you have a universal system used to track 
your identity and information about you.
    And if that is the case, this debate would take place 
whether or not we had a Social Security Administration and a 
Social Security number. It is the fact that that has become the 
de facto number that we are having this discussion but it would 
take place simply by the fact that we have now in a de facto 
world gone to the use of an identifier, a national identifier.
    Mr. Huse. Which is repugnant to most Americans.
    Mr. Becerra. Most people do not believe that or do not want 
to admit it but we have a national identifier.
    Mr. Huse. It has happened by accident and, to some extent, 
by intent but it has happened.
    Mr. Becerra. So, what we are discussing here is how we try 
to clean up the use of a national identifier?
    Mr. Huse. That is correct. And there are two approaches to 
this. The first is I think some of what we try to do or what 
you will try to do in your bill by allowing at least the 
number-holder to have some control over the migration of this 
information. I do not think that is unreasonable.
    On the other hand, I think the Social Security 
Administration, because de facto, whether we like it or not, we 
control the issuance of these numbers. Although it was never 
intended to be a national identifier, we, and my office has 
recommended through its audit work that the Social Security 
number tighten up its process of enumerating people and they 
have made efforts to do that and those efforts continue, 
although more needs to be done.
    I think the two pieces are about all we are really ever 
going to be able to do.
    Mr. Becerra. And how much of this that we are discussing 
today about the misuse of the number and the theft of identity 
has an impact on Social Security benefits themselves, what SSA 
is obligated to do? How much does this intrude on what you have 
to do in giving out benefits under Supplemental Security Income 
or Social Security retirement benefits? Are we into that area 
at all?
    Mr. Huse. Yes, we are. A lot of our fraud cases in Social 
Security are people who use bogus numbers or made up numbers or 
fake IDs. So there is a nexus there. It has a home with us at 
the OIG but also we have this unintended universal 
responsibility, too.
    Mr. Becerra. So one way or the other, whether this had 
become the national identifier or not, the Social Security 
Administration has to clean up the use of its own number for 
its own internal purposes because of the fraud committed within 
the Social Security Administration itself of people obtaining 
benefits fraudulently, et cetera.
    Mr. Huse. In our audit work--there are all kinds of issues 
here but in our audit work we have pointed out that Social 
Security's wage and earning information, which is critical to 
obtaining its benefits when those benefits come due, is flawed 
by the fact that it has a lot of this garbage number data in 
it. Our audit work has proved that and for lots of reasons, the 
underground economy and so forth, that exists. But, I suggest 
that if we ever go to individual accounts we will really need 
to have a better handle on enumeration. The two are 
inextricably linked.
    Mr. Becerra. Thank you. Thank you, Mr. Chairman.
    Chairman Shaw. I want to thank this panel. You have 
certainly given us a lot of things to think about. The world is 
far more dangerous out there than I think any of us have 
imagined and I appreciate very much your coming and giving us 
your time.
    [Questions submitted from Chairman Shaw to the panel, and 
their responses follow:]

                             Social Security Administration
                                    Office of the Inspector General
                                          Baltimore, Maryland 21235
                                                      July 20, 2001
The Honorable E. Clay Shaw, Jr.
Chairman, Subcommittee on Social Security
Committee on Ways and Means
House of Representatives
Washington, DC 20215
    1. In your testimony, you indicated the need for further 
legislation to prohibit the sale of Social Security number information, 
limit the use of Social Security numbers, provide sanctions for 
violations, criminalize the sale and purchase of the Social Security 
number and expand the Civil Monetary Penalty authority under the Social 
Security Act to include misuse of the Social Security number. Do you 
believe the bipartisan legislation recently introduced by certain 
Members of this subcommittee, H.R. 2036, adequately addressed your 
concerns? Is there anything else you believe should be included?
    H.R. 2036 goes a long way toward what I described in my testimony 
as ``putting the SSN back in its box.'' Given my position as Inspector 
General of the Social Security Administration, my perspective on this 
issue is a conservative one. My mission is to protect the integrity of 
the SSN, so I naturally favor more legislation, tighter restrictions, 
and more limited uses. For example, the use of the SSN as an 
identification number by private institutions such as hospitals and 
colleges creates a risk that those numbers will be misappropriated and 
misused. The investigation I cited in my testimony involving the sale 
of SSNs through an Internet auction site resulted from the theft of 
names and numbers from a private college. While H.R. 2036 would provide 
a means of punishing the online vendor of these numbers, it would not 
address the compilation, use, and storage of this information by the 
college. Similar uses of the SSN abound, and while I am certainly aware 
that competing interests must be weighed in the preparation of 
legislation, my mission is such that I will always favor a more 
restrictive approach to SSN use. That said, I am very happy to see the 
restrictions that H.R. 2036 does provide. The limitations it imposes 
are long overdue and will provide my office and others in law 
enforcement with significant tools in combating SSN misuse and identity 
theft.
    2. You mentioned in your testimony that you are currently involved 
with another Federal agency in an investigation involving an Internet 
auction site. You also stated that the sale of the Social Security 
numbers over the Internet should be made illegal. Do the provisions in 
H.R. 2036 adequately address this need in your view?
    The gentlemen who attempted to sell hundreds of names and SSNs over 
the Internet did so without significant fear of criminal prosecution. 
H.R. 2036 provides the criminal, civil, and administrative sanctions we 
so badly need to deter people such as this, and to punish them when 
they remain undeterred.
    3. You also indicated in your testimony that the sale of the Social 
Security number ``through other means'' should be outlawed. Could you 
elaborate as to what other means you are referring?
    I was not referring to any other ``means'' in particular, but was 
merely seeking to avoid limiting my statement to Internet transactions. 
Not all theft of SSNs takes place in cyberspace. Legislation which 
prohibited only the sale of SSNs over the Internet would likely give 
rise to other ``means'' of making such transfers. For example, the sale 
of a CD-ROM containing thousands of names and SSNs and other personal 
information, if sold at a computer show or through an ad in a magazine, 
would not constitute an Internet transaction, but would be just as 
harmful.
    4. You stated that the Federal government created the Social 
Security number and it is up to the Federal government to determine 
what are the appropriate and necessary uses of the Social Security 
number. How do you define appropriate and necessary uses?
    As I stated above, my definition of ``appropriate and necessary 
uses'' would necessarily be skewed by my position as Inspector General 
of the Social Security Administration. For a Government official whose 
mission is to protect the integrity of the SSN to the greatest extent 
possible, the most logical answer for me to give would be that the only 
``appropriate and necessary'' use would be for the administration of 
Social Security programs. Obviously, we are too far down the path to 
return to what was the SSN's original intended use. The income tax 
system relies on the SSN, as does the military, the bankruptcy courts, 
and other Federal benefit programs. Even these uses create risks and 
contribute to identity theft. Other Congressionally-mandated uses, 
particularly in the realm of financial transactions, are what swung the 
door wide and placed the SSN in the hands of the private sector. De 
facto uses ranging from use of the SSN for identification numbers in 
schools and hospitals to customer numbers or employee identification 
numbers in countless corporations across the company opened the door to 
misuse even wider. I could go on and on. Which of these uses is 
appropriate and necessary is not for me to determine, any more than it 
is the decision of the credit bureaus who so heavily rely on the free 
flow of SSN information, or the county governments that use the SSN for 
everything from land records to water bills. In my testimony, I suggest 
that the time has come to make these difficult determinations. All who 
are affected should have their say, but if I were to step outside of my 
role as Inspector General and propose a standard, it would be this: an 
appropriate and necessary use of the SSN is one which primarily 
benefits the holder of the SSN, not the entity seeking to obtain, use, 
or transfer it, and which prohibits any further use or transfer of the 
SSN without the holder's express consent.
    5. From reading your's and others' testimony, it sounds like there 
are several powerful Federal agencies involved fighting identity theft. 
Is this too many or too few? How do they interact with the state and 
local agencies? Has that relationship helped to prevent crime or does 
it complicate enforcement?
    I don't think that there are either too many or too few agencies 
involved. Each has its own area of expertise that is critical to the 
task. For example, the Federal Trade Commission's role is invaluable in 
that the FTC is in the business of imposing limitations on commerce and 
providing a remedy when those limitations are ignored. My office is 
intimately familiar with the issuance, use, and misuse of Social 
Security numbers in a wide variety of contexts, including identity 
theft. State and local agencies provide local knowledge and expertise, 
as well as much-needed resources and additional means of bringing 
violators to justice. To the extent that Identity Theft continues to 
grow, rather than being curtailed, I do not believe it is a problem 
with the agencies seeking to curtail it, or the relationships they 
enjoy. Rather, it is a matter of reducing the permissible uses of the 
SSN in the first instance, and then providing significant criminal, 
civil, and administrative sanctions for those who would exceed approved 
uses.
    6. Preventing Social Security number identity theft in the Internet 
era is a monumental task. While the public has some appreciation of the 
problem, would you not agree that it is the lack of assistance and 
protection to bono fide victims that also erodes public confidence in 
their privacy?
    Absolutely. The testimony of the two victims who appeared before 
the Subcommittee made that clear, as do the stories that we hear on a 
daily basis in the Office of the Inspector General.
    7. You mentioned the number of potential allegations of Social 
Security number misuse violations as over 90,000 in 2000. With the 
Internet and other forms of telecommunications growing, can we 
realistically believe we can make a dent in identity fraud even with 
new laws on the books. Don't we also need better protection of the 
consumer after the crime is committed, allowing victims to clear their 
records and making business a partner in stopping further fraud and 
getting records cleared?
    I believe that better laws can make a significant difference. As I 
state above, the two keys to reducing identity theft are restricting 
the uses of the SSN as much as is reasonably possible, and then 
providing criminal, civil, and administrative sanctions to punish those 
who ignore those restrictions and deter others from doing so. We cannot 
eliminate identity theft, but we can make a significant dent. However, 
I agree with your statement that victims must be given a way to emerge 
from the identity theft nightmare and recover their good names, and 
this cannot be done without help from the private sector. The true 
impact of identity theft in the vast majority of cases is the 
devastation to an individual's credit history. The businesses which 
write and control that history, and who enjoy a privileged position 
with respect to the use of the SSN, must be willing participants in a 
system that will reduce the impact of identity theft on the victims, 
even as we in government work to reduce the number of victims.
            Sincerely,
                                         James G. Huse, Jr.
                               Inspector General of Social Security

                                


                            New York City Police Department
                                           New York, New York 10038
Reply to Congressional Subcommittee

    1. We believe that the posting of Social Security numbers in 
``plain text'' on the Internet is a potential danger to all of us. 
Criminals can use these search tools to find out other's personal 
information. The posting that was referred to in the testimony can best 
be explained via example. Detective Fabozzi received a call from a 
complainant who stated that her identity had been stolen and personal 
information was posted on the Internet at a virtual school. A virtual 
school is one that provides classes and training via the Internet. The 
woman who called our office felt confident that the point of compromise 
was the virtual classroom. The perpetrator used an address and other 
identifiers that were only associated with information she did input 
into the system to register for the class. Upon investigating the NYPD 
Computer Crimes found that the school posted the student's name, SS#, 
and credit card information in clear text on the school web page. We 
notified the school and explained the dangers of this type of posting 
and the school agreed to take down the web page posting this type of 
information. We believe that the searching for social security numbers 
should be limited to agencies that are searching for a ``legitimate'' 
purpose. The responsibility of deciding legitimacy is something left 
for elected officials. However, requests for credit information should 
be logged and notification should be made to the individual whose 
information was requested. By putting in these precautions, a victim of 
identity theft can see who is inquiring about their credit history and 
can quickly identify fraud. By logging these requests, it enables 
victims and law enforcement to identify a point of compromise. A point 
of compromise is a location that contains identifying information and 
the perpetrators use a vehicle to steal personal information. For 
example, a restaurant that has a corrupt employee that steals credit 
card information is considered a point of compromise; since the 
victim's credit card numbers stolen all came from that one restaurant. 
We have investigated many cases where the point of compromise is a gas 
station, doctor's office, banks and brokerage firms. The only way to 
limit these internal leaks is place passwords and logs on systems that 
contain such information and to conduct background checks on employees. 
In addition training corporations on the vulnerabilities of having this 
information readily available is a must.
    2. We believe that steps should be taken to limit the printing of 
social security numbers on documents such as driver's licenses. In NYS, 
SS#'s are not used as an identifier for licenses. By limiting the 
display of SS#'s you are limiting an avenue for fraud. SS#'s should 
never be posted on checks. If a fraudster has a check, which includes a 
SS#, he will have account information victim's name and SS#. With that 
information an identity theft can occur.
    3. When an identity theft victim comes to the NYPD for help, we 
give them the address, phone numbers of the three major credit bureaus. 
Additionally, we take a police report for criminal impersonation or 
grand larceny depending upon the circumstances and begin an 
investigation.
    4. The credit bureaus control a vast amount of information on 
individuals and are the best agency suited to assist victims of 
identity theft. However, the credit bureaus must also be aware that 
people with credit problems may use the identity theft alibi to erase 
bad debt. Like all technology issues, it is a double sword.
    5. According to the Federal Trade Commission and reports done by 
the Consumers Union and others, identity theft is the number one 
growing crime in America. Estimates have been made that in the US in 
2000, there was estimated between 500,000 and 700,000 victims a year.
    6. The problems associated with identity theft is the clearing up 
your good name. Victims can be denied credit such as a loan or have to 
pay higher interest rate since their credit worthiness has been 
diminished. Other problems that we have seen is the looting of bank 
accounts by impersonating the victim with false identification. In 
2000, Detective Fabozzi conducted a major investigation where 
individuals were stealing victim's identities and creating ficticious 
id cards and walked into local bank branches and withdrew money from 
the victim's accounts. The loss to over 200 victims was over 1 Million 
dollars. One perpetrator also was arrested using the victim's name and 
date of birth and was given an arrest number belonging to the victim of 
identity theft. Others learn of the identity theft when a car is 
bought, or leased and used in a crime or an accident report.
    7. Social engineering is just a trick or deceit of obtaining 
information from someone that has information that the impersonator 
wants. For example, a pickpocket in NYC will obtain the drivers license 
number, dob and address of a victims and call a bank, impersonate a 
customer and obtain account information. Obviously this is a security 
breach and should not be done. However, untrained customer service 
representatives may give out this information.
    8. The encryption and secure socket layer is a secure transmission 
of information. However, the data is stored and is available once it 
reaches its destination. The data warehouses that contain the 
information may be vulnerable to hackers. A buffer overflow attack is a 
common means to obtain privleges that enable a hacker to steal 
information. A victim of identity theft usually assumes that his 
identity was stolen over the internet, but a majority of our 
investigations show that the point of compromise is usually an insider 
at a corporation that has been paid off.
            Sincerely,
                                            Michael Fabozzi
                                                          Detective
    [The attachment is being retained in Committee files.]

                                


    Chairman Shaw. The next panel we have is Charles Bacarisse, 
who is the Harris County District Clerk in Houston, Texas. Cory 
Kravit, a student at the University of Florida in Gainesville, 
Florida and, I might say, a former intern in my office that has 
a very interesting story to tell about how he put to use some 
of the information that he learned while serving here in my 
congressional office. Evan Hendricks, who is the Editor and 
Publisher of Privacy Times. Charles Dugan, who is a partner 
with Covington and Burling on behalf of Financial Services 
Coordinating Council. Mark Rotenberg, who is the Executive 
Director, Electronic Privacy Information Center. Ronald 
Plesser, who is a partner in Piper, Marbury, Rudnick and Wolfe 
on behalf of the Individual Reference Service Group (IRSG). And 
Paula LeRoy, who is President of the Pension Benefit 
Information Services, Tiburon, California. Edward Mierzwinski, 
who is the Consumer Program Director of the United States 
Public Interest Research Group.
    This is a very large panel. We appreciate your presence 
here. We have each of your full statements. They will be made a 
part of the record and I would invite each of you to summarize 
as you might be comfortable.
    Mr. Bacarisse, I am starting with you, sir.

 STATEMENT OF CHARLES BACARISSE, DISTRICT CLERK, HARRIS COUNTY 
                     COURT, HOUSTON, TEXAS

    Mr. Bacarisse. Thank you, Mr. Chairman. It is a pleasure to 
be before you and your Committee this afternoon.
    As the district clerk, the clerk of the courts, for the 
third largest county in the United States, we hold 
approximately 6 million Social Security numbers in our, our 
case files. They are there because, due to State statute, we 
are required to collect that information on divorce and family 
law cases primarily but also on some criminal cases, as well.
    So you had asked a question earlier, where does this type 
of information reseller get this data? They get it, one source, 
from the courthouses all over the United States. We are in a 
sense an untapped mine resource for these information 
resellers. I get requests in our office practically on a 
monthly basis from some of these information resellers to 
package my data in a certain way and sell a copy to them on 
either computer tape. Some of the requests are to download it 
directly off the Internet to them.
    We refuse those requests because they are too labor-
intensive--that is our basis for refusing that request--and 
would require undue expense to local government to comply with 
that request. But that does not stop them or any other private 
citizen from walking into the courthouse door and requesting a 
copy of that final divorce decree or any other public document 
that is in our courthouse.
    So I am sort of betwixt and between, if you will, in this 
very important issue. I am commanded by State law to acquire 
this information into our courthouse but then I am also 
commanded by State law to make this information publicly 
available. So clerks across the United States are in this same 
sort of position and it makes us quite uncomfortable, I might 
tell you.
    Let me also just share another point with you, if I may, 
that I hope will resonate with the Committee as you consider 
your new legislation. We are generally local government. I 
speak here as a member of NACO, the National Association of 
Counties, and also as an elected official. I am sensitive to 
privacy and to the need to protect our customers' and our 
citizens' privacy. But there is also a huge cost that could be 
placed on local government to comply fully with some 
legislation that might be enacted or might be considered by the 
Congress.
    Let me share with you some comments that my colleague, Mr. 
Michael Jeanes, who is the clerk of court in Maricopa County--
that is Congressman Hayworth's home district--Michael sent some 
comments to me, as well, which I think are important to 
remember. He says, ``We would only be able to protect the 
Social Security information contained within the existing court 
paper files by hiring a staff whose job would be to redact this 
information before allowing the public access to the file. In 
order to maintain our existing levels of public service we 
would require approximately 25 to 30 new staff and related 
clerk office accessories--space, equipment, and so forth--and 
the staff would be in place for the next 10 years. Salaries, 
benefits, space and equipment for at least 25 additional 
staffers for at least 10 years could run $1 million a year.'' 
My county is just a bit larger than Maricopa, but not much, and 
I would expect a similar financial impact.
    To sum up, I would ask the Committee to consider carefully 
balancing the huge mandates that might be placed on local 
governments to comply with whatever the Congress believes needs 
to be done and I would hope that you would call on us and we 
would work closely with you and the Committee to construct 
legislation we can all live with and that could be enforced 
effectively at the local level. Thank you.
    [The prepared statement of Mr. Bacarisse follows:]
 Statement of Charles Bacarisse, District Clerk, Harris County Court, 
                             Houston, Texas
    Mr. Chairman and distinguished members of the committee, I am 
honored you invited me to testify about such a huge issue as privacy. I 
know that many Americans expect the government to do something about 
it.
    As the Clerk of Court for Harris County, Texas, I understand this 
issue. My office deals with emotionally charged data like conviction 
and divorce records, and we administer a child support registry, so I 
know how people value their privacy . . . and how some hide from their 
responsibilities.
    I see two critical questions for your consideration at this 
hearing:
          --By regulating the accumulation and use of Social Security 
        Numbers, can something effective be done to enhance privacy 
        and/or reduce identity theft?
          --And, what are the costs--obvious and hidden--in trying to 
        restrict the accumulation and use of Social Security Numbers?
    I think the answer to the first question is, unfortunately, no. 
Regulating the accumulation and use of Social Security Numbers will not 
be effective. That horse left the barn, long ago. In fact, the 
government helped burn down the barn! Right now, the IRS requires 
employers and banks to collect the Social Security Numbers. In Texas' 
Family Code alone there are at least 11 statutes requiring the use of 
SSNs.
    In the private sector, landlords, blood banks, doctors, hospitals, 
life insurance companies and others collect Social Security Numbers.
    SSNs are so widely available that you can get 65 million of them 
for free on line. Try Ancestry.com and click on ``Social Security Death 
Index.'' You can obtain the full name, Social Security Number and 
birthdate of a dead person--who won't complain about identity theft!
    Information brokers have huge databases containing SSNs and other 
data. Suppose you banned all trafficking in Social Security Numbers. 
Would that deter identity thieves? Couldn't the databases operate 
offshore, like Internet gambling sites?
    Tighter regulations on the use of Social Security Numbers will 
increase the burdens and costs on everyone while doing little or 
nothing to enhance anyone's privacy.
    Every divorce case in my county eventually should contain the SSN 
of each party and any children--in more than one document! So does 
every order affecting a parent-child relationship, every wage 
withholding order and many other documents. That is a huge amount of 
numbers to safeguard.
    We estimate the cost of redacting one document at $8.07, and last 
year more than 16,600 divorces were granted in Harris County. Each year 
we sell about 930,000 certified pages from family law cases. That's a 
lot of pages to check.
    Michael Jeanes, the Clerk of Court for Maricopa County, AZ, the 
home of Congressman Hayworth, has calculated the cost another way. He 
asked me to pass along this comment:
    ``We would only be able to protect SSN information contained within 
existing court paper files by hiring a staff whose job would be to 
redact this information before allowing public access to the court 
file. In order to maintain our existing levels of public service, we 
would require approximately 25-30 new staff and related Clerk's Office 
accessories (space, equipment, etc.). This staff would be in place for 
at least the next 10 years.''
    Salary, benefits, space and equipment for at least 25 additional 
staffers for at least 10 years could run $1 million a year. My county 
is a bit bigger, and I expect the financial impact would be similar.
    Although I don't favor of it, user fees perhaps could cover the 
huge cost of redaction, but who's going to make up for the child 
support that won't be collected? Social Security Numbers are used by 
the private sector collection services that succeed--where government 
has failed miserably--in locating dead-beat parents and collecting 
child support.
    Look at government accountability. Open records and open courts 
greatly reduce the chances of corruption. How will the public and the 
press follow things if local governments redact vital SSNs?
    Your advisory announcing this hearing says, ``according to the 
(Social Security Administration), the SSN is the single-most widely 
used record identifier in the public and private sectors.''
    That genie is not going back in the bottle no matter how much the 
law threatens and burdens custodial parents, taxpayers, businesses and 
governments.
    I want to leave the committee with this thought: As you begin 
writing legislation, remember that those of us in state and local 
government want to work collaboratively and cooperatively with you to 
safeguard all our citizens' privacy. However, please bear in mind the 
fiscal and logistical costs involved in restricting the use of Social 
Security Numbers. Also, please keep in mind that whatever laws are 
passed must be effective and enforceable.
    Thank you for inviting me.

                                


    Chairman Shaw. Thank you. Mr. Kravit?

 STATEMENT OF CORY B. KRAVIT, CHAIRPERSON, STUDENT SENATE'S AD 
    HOC COMMITTEE ON SOCIAL SECURITY PRIVACY, UNIVERSITY OF 
                 FLORIDA, GAINESVILLE, FLORIDA

    Mr. Kravit. Good morning, Mr. Chairman and members of the 
Subcommittee. My name is Cory Kravit and I am currently a 
political science senior at the University of Florida. I am 
appearing before you today representing the University of 
Florida student body and specifically as the chairperson of the 
Student Senate's Ad Hoc Committee on Social Security Privacy. 
In addition, I have been appointed by the university provost to 
serve on the University of Florida Student ID Task Force.
    I would like to thank you, Mr. Chairman, and the esteemed 
members of this Committee for conducting this hearing today on 
such a vitally important issue. As members of this Committee, 
you are intimately aware of how widespread the problem of 
identity theft through the misuse of individual Social Security 
numbers has become. The problems of identity theft are not only 
confined to the working members of our society. Identity theft 
has become an issue for the students of our nation's 
universities, as well.
    Through the University of Florida Student Senate's Ad Hoc 
Committee on Social Security Privacy, we have worked very hard 
to protect the identities and privacy of the students of the 
University of Florida, as well as students enrolled at other 
universities throughout the State of Florida.
    It has become painfully clear that due to the misuse of 
Social Security numbers, an increasingly large number of 
university students within the State of Florida and throughout 
this nation have had their identities stolen. In fact, in 1998 
the local university police department arrested a desk clerk 
working for the Jennings Residence Hall located on the 
University of Florida campus after he stole the identities of 
23 college students. The desk clerk was charged with mail theft 
and credit card fraud after illegally spending nearly $70,000 
without the students' knowledge. According to the Gainesville 
Sun, Alachua County Sheriff's Detective Robert Gaff stated, 
``This kind of fraud happens all the time. It is just not 
always on this large scale.''
    In my testimony here today, I will endeavor to discuss the 
widespread use of Social Security numbers for identification 
purposes within the State University system and the State of 
Florida and more specifically at the University of Florida. In 
addition, it will be with a great sense of pride and 
accomplishment that I will provide the members of the 
Subcommittee with an update outlining our progress and efforts 
despite substantial economic and logistical barriers to change 
from a Social Security number-based identification system to a 
system that provides all students, staff and faculty with a 
more secure level of privacy and security.
    In 1966 Social Security numbers were first used at the 
University of Florida as a primary form of student 
identification. Over the last 35 years hundreds of thousands of 
students have been required to use their Social Security number 
for nearly everything on campus. In the 1970s, the Florida 
Board of Regents mandated that all public universities within 
the State of Florida use the student's Social Security number 
as their student ID number. It is hard to imagine, but as a 
result of this mandate there are quite probably millions of 
students and alumni within the State of Florida and elsewhere 
that currently have their Social Security numbers unsecured and 
waiting to become a tool of the unscrupulous identity theft 
practitioner.
    It is the opinion of the University of Florida Ad Hoc 
Committee on Social Security Privacy that Social Security 
numbers should be used for only two purposes: financial aid 
application requirements and reports requested by States and 
Federal governmental agencies. Students at the University of 
Florida are required to provide their Social Security number 
for virtually everything ranging from registering for classes 
to ordering Little Caesar's pizza using one's student debit 
account.
    For example, I have had to use my Social Security number to 
sign attendance sheets that are passed around the classroom, 
provide my Social Security number on exam grids and forms, 
purchase a parking decal to park on campus, qualify for student 
government elections and appointments, and one use that is most 
disturbing is that student Social Security numbers are 
routinely posted on grade sheets that are made public and 
become accessible via the Internet. The list goes on and on.
    As a student preparing to enter my senior year I am 
currently in the process of applying to law schools and as part 
of this process my transcripts must be sent to the Law School 
Data Assembly Service who, by the way, require that my Social 
Security number be placed on every document sent to them.
    Recently I took a summer class at Florida Atlantic 
University in my home town of Boca Raton. When paying for the 
transcripts to be sent back to the University of Florida the 
Florida Atlantic office staff specifically told me that I had 
to print my Social Security number on my check. Knowing what I 
do about identity theft, I cordially explained that I would 
prefer not to place my Social Security number on the check. I 
explained that a personal check with my account number and 
Social Security number printed on it was a con artist's dream 
and I would not allow myself to partake in such a risky 
practice. The university cashier grunted at me, rhetorically, I 
suppose, ``Well, you do know this is your student ID number.'' 
She eventually accepted my check without my Social Security 
number printed on it. Hopefully, my transcripts will be sent 
without any flaws because I really do want to go to law school.
    With everything that I have learned through my research 
into identity theft, I find that the scariest part of this 
equation is that students have become so accustomed to giving 
out their Social Security numbers, they instinctively offer it, 
even when it is not needed. Before I had had a chance to talk 
with the victims of identity theft I used to print my Social 
Security number on virtually all my term papers, reports and 
exams. Students just do not realize how unique and vulnerable 
their Social Security number is. I work part-time for the long 
distance telephone service on the University of Florida campus. 
My job brings me into contact with fellow students who come to 
pay their telephone bills. Not a day goes by that at least one 
student needs me to look up their account information and they 
ask me if I need their Social Security number. Of course, I 
explain to them the potential for disaster but unfortunately, 
many cannot understand the magnitude or the problem or perhaps 
they just do not care.
    So you may ask, who has access to our Social Security 
numbers? The answer is alarming. Pretty much anybody who 
requests them. Just last week a friend of mine phoned me 
infuriated that his girlfriend's professor printed her entire 
class's full nine-digit Social Security number on the class's 
Internet website. This act, although done with no malice or ill 
intent, could possibly lead to identity theft of every student 
in that class. I am so highly concerned with this issue that I 
have printed a copy of the class website for the members of the 
Subcommittee to review. Yes, it is just that easy.
    Con artists rarely need to put forth much effort. When you 
think about it, the Social Security number of each and every 
student is freely available to numerous individuals within the 
university. This list includes professors, teaching assistants, 
dormitory desk clerks, resident assistants, registrar staff, 
library staff, Little Caesar's Pizza employees, book store 
employees, mail carriers, and the general student body.
    The bottom line is that students in this country are at an 
increased risk for identity theft due to the often unrestricted 
and free use of their Social Security numbers within our 
country's university system. The average student might not 
realize that he or she were a victim of identity theft because 
many students do not have credit cards and have never applied 
for a loan and have not checked their credit histories. 
Students could graduate and leave for their new jobs, only then 
realizing that their credit has been destroyed.
    I have worked hard this past school year to recommend that 
the University of Florida administration abandon their current 
practice of using individual Social Security numbers as student 
identifiers. The university administration, despite the obvious 
economic and logistical barriers to such a change, has 
responded in a remarkable fashion. In January the university 
provost appointed representatives from all the major 
departments to the Student ID Task Force. I am currently a 
member of this task force and we are working to develop a 
state-of-the-art directory system that would only give those 
who absolutely need a student's Social Security number access 
to it. A random public ID number will be used for all other 
university transactions.
    Although it may seem like a simple project, it is not. To 
revamp the database, at the University of Florida alone it has 
been compared to the Y2K project squared. New computer programs 
must be written, new forms will need to be printed and over 
50,000 students, faculty and staff need to be advised of the 
new system once it is put in place.
    Mr. Chairman and the esteemed members of the Committee, 
there are many schools and universities across the United 
States that are just like the universities within the Florida 
State University system. These schools continue to use their 
students' Social Security numbers as their primary student ID 
numbers. Unfortunately, Representative Doggett is not present 
here today. However, the University of Texas in his district 
happens to be one of these schools. A student reporter from the 
University of Texas recently wrote a week-long special report 
on identity theft and how students are severely affected. It is 
currently perfectly legal for universities in this nation to 
continue the practice of using a student's Social Security 
number as his or her student ID number. Many schools cannot 
afford to change their database systems even if they wanted to. 
I believe that the proactive efforts of your Subcommittee will 
have a great effect at exponentially reducing the risk of 
identity theft that is now associated with students attending 
the colleges and universities of this nation.
    With my most sincere admiration and respect, thank you very 
much for your time.
    [The prepared statement of Mr. Kravit follows:]
   Statement of Cory B. Kravit, Chairperson, Student Senate's Ad Hoc 
     Committee on Social Security Privacy, University of Florida, 
                          Gainesville, Florida
    Good morning Mr. Chairman, and the members of the Subcommittee. My 
name is Cory B. Kravit and I am currently a Political Science senior at 
the University of Florida. I am appearing before you today representing 
the University of Florida student body and specifically as the 
Chairperson of the Student Senate's Ad Hoc Committee on Social Security 
Privacy. In addition, I have been appointed by the University Provost 
to serve on the University of Florida's Student ID Task Force.
    I would like to thank you Mr. Chairman, and the esteemed members of 
this committee for conducting this hearing today, on such a vitally 
important issue. As members of this committee, you are intimately aware 
of how widespread the problem of identity theft through the misuse of 
individual Social Security numbers has become. The problems of identity 
theft are not only confined to the working members of our society, 
identity theft has become an issue for the students of our nation's 
universities as well. Through the University of Florida Student 
Senate's Ad Hoc Committee on Social Security Privacy, we have worked 
very hard to protect the identities and privacy of the Students at the 
University of Florida, as well as students enrolled at the other 
universities throughout the State of Florida.
    It has become painfully clear that due to the misuse of Social 
Security numbers an increasingly large number of University students 
within the State of Florida and throughout this nation have had their 
identities stolen. In fact, in 1998 the local university police 
department arrested a desk clerk working at the Jennings Residence Hall 
located on the University of Florida campus after he stole the 
identities of 23 college students. The desk clerk was charged with mail 
theft and credit card fraud after illegally spending nearly $70,000 
without the students' knowledge. According to the Gainesville Sun, 
Alachua County Sheriff's Detective Robert Gaff stated, ``This (kind of 
fraud) happens all the time, it's just not always on this large 
scale.''
    In my testimony here today, I will endeavor to discuss the 
widespread use of Social Security numbers for identification purposes 
within the State University System of the State of Florida, and more 
specifically at the University of Florida. In addition, it will be with 
a great sense of pride and accomplishment that I will provide the 
members of this subcommittee with an update outlining our progress and 
efforts despite substantial economic and logistical barriers to change 
from a ``Social Security Number'' based identification system, to a 
system that provides all students, staff and, faculty with a more 
secure level of privacy and security.
    In 1966, Social Security numbers were first used at the University 
of Florida as the primary form of student identification. Over the last 
thirty-five years, hundreds of thousands of students have been required 
to use their Social Security number for nearly everything on campus. In 
the 1970's the Florida Board of Regents mandated that all public 
universities within the State of Florida use a student's Social 
Security number as their student ID number. It is hard to imagine, but 
as a result of this mandate, there are quite probably millions of 
students and alumni within the State of Florida and elsewhere that 
currently have their Social Security Numbers unsecured and waiting to 
become a tool of the unscrupulous identity theft practitioner.
    It is the opinion of the University of Florida Ad Hoc Committee on 
Social Security Privacy, that Social Security numbers be used for only 
two purposes: financial aid application requirements and reports 
requested by State and Federal governmental agencies. Students at the 
University of Florida are required to provide their Social Security 
numbers for virtually everything ranging from registering for classes 
to ordering a Little Caesar's pizza using one's student debit account.
    For example I have had to use my Social Security number to:
           Sign attendance sheets that are passed around the 
        classroom.
           Provide my Social Security number on exam grids/
        forms.
           Purchase a parking decal to park on campus.
           Qualify for Student Government elections and 
        appointments
           And one use that is most disturbing is that student 
        Social Security numbers are routinely posted on grade sheets 
        that are made public and become accessible to the world via the 
        internet
    The list goes on and on.
    As a student preparing to enter my senior year, I am currently in 
the process of applying to law schools. As part of the process, my 
transcripts must be sent to the Law School Data Assembly Service, who 
by the way require that my Social Security number be placed on every 
document sent to them.
    Recently, I took a summer class at Florida Atlantic University in 
my hometown of Boca Raton. When paying for the transcripts to be sent 
back to the University of Florida, the Florida Atlantic University 
office staff specifically told me that I HAD to print my Social 
Security number on the check. Knowing what I do about identity theft, I 
cordially explained that I would prefer not to place my Social Security 
number on the check. I explained that a personal check with my account 
number and Social Security number printed on it was a con artist's 
dream and I would not allow myself to partake in such a risky practice. 
The University cashier grunted at me (rhetorically I suppose) ``Well 
you do know it is your student ID number.'' She eventually accepted my 
check without my Social Security number printed on it. Hopefully my 
transcripts will be sent without any flaws, I really do want to go to 
law school.
    With everything that I have learned through my research into 
identity theft, I find that the scariest part of this equation is that 
students have become so accustomed to giving out their Social Security 
numbers, they just instinctively offer it even when it is not needed. 
Before I had a chance to talk with victims of identity theft, I used to 
print my Social Security number on virtually all my term papers, 
reports and exams. Students just don't realize how unique and 
vulnerable their Social Security number is. I work part time for the 
long distance telephone service on the University of Florida Campus. My 
job brings me into contact with fellow students who come to pay their 
telephone bills. Not a day goes by that at least one student needs me 
to look up their account information and they ask me if I need their 
Social Security number. Of course I explain to them the potential for 
disaster but unfortunately, many cannot understand the magnitude or the 
problem or perhaps they just do not care.
    So you may ask, who has access to student Social Security Numbers? 
The answer is alarming . . . pretty much anybody who requests them. 
Just last week a friend of mine phoned me infuriated that his 
girlfriend's professor printed her entire classes full nine digit 
Social Security number on the classes Internet website. This act, 
although done with no malice or ill intent could possibly lead to the 
identity theft of every student in that class. I am so highly concerned 
with this event, that I have printed a copy of the class website for 
the members of this Subcommittee to review. Yes, it is just that easy. 
Con artists rarely need to put forth much effort. When you think about 
it, the Social Security number of each and every student is freely 
available to numerous individuals within the university. This list 
includes professors, teaching assistants, dormitory desk clerks, 
Residence Assistants (RA's), registrar staff, library staff, Little 
Caesar's Pizza employees, bookstore employees, mail carriers, and the 
general student body.
    The bottom line is that students in this country are at an 
increased risk for identity theft due to the often unrestricted and 
free use of their Social Security numbers within our country's 
University system. The average student might not even realize that he 
or she were a victim of identity theft because many students do not 
have credit cards, have never applied for a loan, and have not checked 
their credit histories. Students could graduate and leave for their new 
jobs, only then realizing that their credit has been destroyed.
    I have worked hard this past school year to recommend that the 
University of Florida administration abandon their current practice of 
using individual Social Security numbers as student identifiers. The 
University administration, despite the obvious economic and logistical 
barriers to such a change has responded in a remarkable fashion. In 
January, the university provost appointed representatives from all the 
major departments to the Student ID Task Force. I am currently a member 
of this task force and we are working to develop a state of the art 
directory system that will only give those who absolutely need a 
student's Social Security number access to it. A random public ID 
number will be used for all other university transactions. Although it 
may seem like a simple project, it is not. To revamp the database at 
the University of Florida alone has been compared to the Y2K project 
squared. New computer programs must be written, new forms will need to 
be printed, and over 50,000 students, faculty, and staff need to be 
advised of the new system one it is put in place.
    Mr. Chairman and esteemed committee members, there are many schools 
and universities across the United States that are just like the 
universities within the Florida State University System. These schools 
continue to use their students Social Security numbers as their primary 
student ID numbers. Representative Doggett, I believe that the 
University of Texas in your district happens to be one of these 
schools. A student reporter from the University of Texas recently wrote 
a weeklong special report on identity theft and how students are 
severely affected. It is currently perfectly legal for the Universities 
in this nation to continue the practice of using a student's Social 
Security number as his or her student ID number. Many schools cannot 
afford to change their database systems even if they wanted too. I 
believe that the proactive efforts of your Subcommittee will have a 
great affect at exponentially reducing the risk of identity theft that 
is now associated with student's attending the colleges and 
universities of this nation.
    With my most sincere admiration and respect, thank you very much 
for your time.
    [The attachments are being retained in the Committee files.]

                                


    Chairman Shaw. Thank you. Mr. Hendricks?

  STATEMENT OF EVAN HENDRICKS, EDITOR/PUBLISHER, PRIVACY TIMES

    Mr. Hendricks. Thank you, Mr. Chairman and members of the 
Committee. Like most personal data, the Social Security numbers 
are not adequately protected by law and in order for the 
American people to have the legal protection they deserve there 
must be political leadership on the issue. Mr. Chairman, your 
continuous efforts to pass an SSN privacy bill are an example 
of the kind of leadership that will be necessary if Americans' 
right to privacy is to be effectively protected.
    I am on the Social Security Administration's privacy 
advisory panel. I have also been qualified by the courts as an 
expert on identity theft. One thing we have seen in several 
cases is that the use of the Social Security number actually 
helps facilitate fraud because if the real person, the victim 
has the name of Myra Coleman and the imposter's name is Maria 
Gayton and she uses the same Social Security number, the 
algorithm actually allow the data to match and for the credit 
reports to be disclosed because there is enough similarities 
between Myra and Maria and Coleman and Gayton.
    So, the Social Security number in some of these cases 
actually facilitates fraud, which is why I am here to urge you 
to enact a very strong bill with limited exceptions. There will 
be a concerted lobbying effort for exceptions to this bill; 
that can always be expected. But, if there are to be exceptions 
they should be narrowly drawn and if there is rulemaking, the 
bill should clearly state what the standards are to remove 
ambiguity for the agency rule-makers.
    Furthermore, I think the Subcommittee needs to proceed with 
the explicit recognition that in general, Americans' privacy is 
not adequately protected in law or in organizational practice 
and that more comprehensive legislative and organizational 
solutions are needed. The Subcommittee therefore should declare 
its SSN bill as a vital piece of a larger privacy policy that 
Congress and the president owe to the American people.
    There is a myriad of reasons why this is a great place to 
start. One of the reasons is the Social Security number is an 
example of what went wrong with privacy. Slowly but surely the 
number was used for purposes other than what it was originally 
intended for. The promise that the Social Security card would 
not be used for identification turned out to be a lie to the 
American people. So this is an exercise in restoring trust and 
rebuilding trust with the American people, and should be part 
of a larger effort that needs to be made with the use of 
personal information and with privacy.
    The problems with the Social Security number were 
recognized back in 1976 by a presidential study commission 
called the Privacy Protection Study Commission. My fellow panel 
member, Ron Plesser, was the general counsel of that 
commission. They did some excellent work. Though they did not 
at that time recommend restrictions on the SSN in the private 
sector, mainly because it was not being used that widely in the 
private sector, they saw a clear danger that a government 
record system such as that used by the SSA or the IRS could 
become a de facto central population register unless prevented 
by conscious policy decisions.
    Unfortunately, there were not conscious policy decisions 
and what they feared is what has happened. They made several 
recommendations, including the establishment of a permanent 
privacy commissioner to monitor the issue. But, their 
recommendations probably seemed somewhat esoteric at the time 
when they talked about fears about privacy. Now we see that the 
fears are not esoteric because the failure to protect privacy 
is directly tied to the facilitation of fraud and identity 
theft is the fastest growing crime in the information age. This 
makes sense. As the detective said, it is a low risk, high pay-
off crime.
    Legislation is urgently needed to address this issue. We 
should ban the sale of Social Security numbers in the private 
sector to stop what we saw this morning. We should prohibit the 
sale and display of SSNs by Federal, State and local government 
agencies, the Department of Motor Vehicles (DMVs).
    Another thing, we should take from the Privacy Act and 
place a duty on organizations. If they are going to collect 
Social Security numbers, particularly like life insurers and 
health insurers, then they have to take reasonable or 
appropriate steps to protect the security and privacy of that 
data. They cannot enjoy what they think are the benefits of 
collecting the SSN without assuming the responsibility for 
protecting it, and that standard could be lifted directly out 
of the Privacy Act.
    Basically, in terms of solutions it is going to come down 
to purpose tests. Good purposes should be allowed; bad purposes 
should be prohibited. But the current situation where any 
purpose goes is clearly unacceptable, both for privacy and for 
fighting fraud.
    The FTC's agreement with the Individual Reference Service 
Group (IRSG) companies in my view has turned out to be totally 
ineffective. I could answer more questions about that in the 
question period.
    The other thing, and it is not in my prepared statement but 
I just found this out last night, that industry is already 
preparing for life after any law that would restrict the sale 
of credit headers by simply working harder to collect the 
information from the public records, making separate databases 
there. And so if you only prohibit credit header data they will 
create a new silo, housing the information from public records.
    There are some important lessons from the last Congress. 
One is that there will be a concerted lobbying effort looking 
for exceptions. This is all the more important because we have 
had three excellent court decisions, one by the Federal appeals 
court here, one by the Federal district court and one by the 
State court in Washington State, saying that the Social 
Security number deserves protection and there is no First 
Amendment right to traffic in Social Security numbers without 
people's consent.
    At the beginning of the statement I spoke of the importance 
of political leadership. Unfortunately, a second lesson from 
last Congress is that the House Republican leadership has 
emerged as one of the main obstacles to privacy legislation. 
Last year sources told me the leadership was unwilling to allow 
privacy bills such as the chairman's to advance to the House 
floor. The speaker, J. Dennis Hastert, has denied Americans 
need for stronger protections. They say we should not legislate 
new laws for the private sector until the Federal Government 
cleans up its own systems to safeguard our citizens' personal 
information.
    Well, of course we should clean up the Federal Government 
but Americans want their privacy protected and they are not 
going to feel any better if it is being invaded by a private 
sector organization. Opinion poll after opinion poll show they 
want stronger protections. I can provide further information 
for the record.
    President Bush has made some very positive comments about 
the need to protect privacy and in his only action he has 
allowed the medical privacy rules to go forward, giving them a 
green light. But what is really needed is for the president to 
walk the walk now and come forward with a comprehensive 
legislative proposal for a national privacy policy. The 
American people want this and they are expecting it.
    The final comment I would like to say is that though you 
will hear loudly from the businesses that say privacy will 
negatively impact, there are a lot of forward-looking 
businesses that see privacy as integral to their business 
models. This includes the wireless communications industry and 
Microsoft's Hailstorm because they know that their business 
model depends on having consumer trust and being able to 
leverage personal information and using technology so it can 
serve individuals. So, privacy is actually a very pro-business 
issue now and increasingly recognized as one.
    And the final point I would like to make is as high-level 
policymakers, members of Congress, should understand that there 
are tremendous savings from moving into the electronic realm. 
Paper is slow and expensive and it is driving up costs for our 
Federal agencies, for large businesses and for banks. And so by 
moving into the electronic realm we can have tremendous savings 
on the bottom line for our largest organizations. That simply 
will not happen unless we have privacy trust and that will 
require a privacy-first policy. Thank you very much.
    [The prepared statement of Mr. Hendricks follows:]
      Statement of Evan Hendricks, Editor/Publisher, Privacy Times
    Mr. Chairman and Members of the Subcommittee, thank you for this 
opportunity to testify on the important issue of protecting the privacy 
and preventing the misuse of Social Security numbers (SSNs).
    Like most of other personal data, the privacy of Americans' SSNs is 
not adequately protected by law. In order for the American people to 
have the legal protection they deserve, there must be political 
leadership on the issue. Mr. Chairman, your continuous efforts to pass 
an SSN-privacy bill are an example of the kind of leadership that will 
be necessary if Americans' right to privacy is to be effectively 
protected.
    By way of introduction, I am Evan Hendricks, Editor/Publisher of 
Privacy Times, a Washington newsletter that I founded 21 years ago. I 
have been qualified by federal courts as an expert on identity theft in 
Fair Credit Reporting Act cases. I currently serve on the Social 
Security Administration's expert panel on privacy, assisting the SSA 
formulate and apply Privacy Impact Analyses to existing and 
contemplated electronic services.
    I am here to urge the Subcommittee to enact a bill that bans the 
sale of SSNs, particularly in ``credit headers,'' and prohibits 
organizations from coercing individuals from divulging their SSNs as a 
condition of service. Most importantly, there should be few, if any, 
exceptions. I expect that what will follow this hearing is a concerted 
lobbying effort by organizations to be exempted from the bill's 
restrictions. If there are to be exceptions, they must be narrowly 
tailored. If the bill mandates agency rulemaking, the bill's standards 
should be clearly stated so as to remove ambiguity for agency 
rulemakers.
    Moreover, I urge the Subcommittee to proceed with an explicit 
recognition that, in general, Americans' privacy is not adequately 
protected in law or in organizational practice, and that more 
comprehensive legislative and organizational solutions are needed. The 
Subcommittee therefore should declare its SSN bill as a vital piece of 
a larger privacy policy that Congress and the President owe to the 
American people.
    There are a myriad of reasons why Congress should move aggressively 
and comprehensively to protect privacy. A main philosophical reason is 
to restore and build trust between citizens and the institutions with 
which they must deal in the course of daily life. For a major aspect of 
trust in the information age is assuring citizens that their personal 
data will only be used in a fair manner, based upon their informed 
consent and that is consistent with their expectations.
    There are several reasons why the SSN is a logical starting point 
for creation of a more comprehensive national privacy policy.
Background
    The Social Security Card used to state: ``This card is not to be 
used for identification.'' The promises in the early days that the SSN 
would not become an identification number has turned out to be one of 
the great lies to the American people.
    Clearly, the history of the SSN is a classic case study in the 
erosion of privacy. The SSN has proved to be the valuable key element 
that allows computer to talk to each other, to search through each 
other's data files and to draw out individual profiles on people. 
Accordingly, the 1960s-era worry of one, centralized computer system on 
all Americans is no longer the only concern. Now the interconnection of 
small and large computer networks, made easier by widespread use of the 
SSN, coupled with the advent of the Internet, has created an enormous 
system capable of data surveillance.
    The original use of the SSN, of course, was to number personal 
accounts for the collection of taxes and benefits in the Social 
Security program. The first numbers were assigned in 1936. A year 
later, it was decided that the same identifier should be used to number 
accounts in State unemployment-insurance systems. In 1943, Executive 
Order 9397 was issued by President Roosevelt authorizing any federal 
agency to use the SSN for new data systems requiring permanent account 
numbers on records pertaining to individuals. This authority was not 
used for many years, even by the U.S. Civil Service Commission, for 
whose benefit it was originally intended.
    In 1961, the Internal Revenue Service decided to designate the SSN 
as the taxpayer identification number. Thereafter, new uses followed in 
rapid succession: for Treasury bonds, for old-age-assistance benefits 
accounts, for State and Federal civil-service employee records, for 
Veterans Administration hospital records, Indian Health Service patient 
records, and as the military-personnel service number.
    Congress also encouraged this trend. Under the Tax Reform Act of 
1976, it authorized States to use the SSN for motor vehicle 
registration records and driver's licenses. By 1990, about three dozen 
States used the SSN as a driver identification number. This meant that 
the number often was recorded on checks as an ID number when consumers 
made purchases. The1976 law also authorized SSN use for administration 
of local and State tax laws and of general public assistance programs 
and for implementation of the Parent Locator System.
    Another major step came in 1984, when the Deficit Reduction Act 
required all depositors to provide their SSNs to financial institutions 
so IRS computers could match the amount of interest reported back to 
taxpayers with the amounts reported to the IRS by banks. The law also 
required recipients of federal benefits to provide social service 
agencies with their SSNs. The 1986 Tax Reform Act required parents to 
show SSNs for children over the age of five who are claimed as 
dependents.
    By 1990, it became common for a wide array of private sector 
organizations to rely on the SSN as a customer identifier even though 
it was not required. These included utilities, insurance companies, 
health care providers, video rental outlets and universities.
    The expanding use of the SSN was contrary to the goals of the 
Privacy Act of 1974. Section 7 of the Act ostensibly prohibits Federal, 
State or local agencies from requiring the SSN as a condition of a 
governmental service or benefit. But as we have seen, that prohibition, 
to some extent, has been trumped by subsequent actions. (Marc 
Rotenberg, of the Electronic Privacy Information Center, will address 
the Privacy Act more fully in his testimony.)
    Moreover, the U.S. Privacy Protection Study Commission (PPSC) in 
its 1976 report to Congress warned that the SSN could, if unchecked, 
become a convenient tool for invading privacy. The SSN's use was not as 
widespread in the private sector in 1976. For instance, TRW, the major 
credit bureau, did not use it as its main identifier then for credit 
reports. Although the PPSC did not call for restrictions on private 
sector use of the SSN, it saw a ``clear danger that a government record 
system such as that maintained by the Social Security Administration or 
the Internal Revenue Service, will become a de facto central population 
register unless prevented by conscious policy decisions.''
    The PPSC made four recommendations concerning the SSN:
          (1) Keep the Privacy Act's Section 7 restrictions;
          (2) The President issue a new Executive Order rescinding 
        President Roosevelt's E.O. authorizing agencies to rely on the 
        SSN as an individual identifier--in essence, a moratorium on 
        new uses by federal agencies;
          (3) That Congress create an independent entity, a permanent 
        Privacy Commissioner, which would have many duties, including 
        monitoring SSN developments and recommending new restrictions.
          (4) ``That the Federal government not consider taking any 
        action that would foster the development of a standard, 
        universal label for individuals, or a central population 
        register. . . .
    Events of the past two decades have validated the PPSC's concerns 
and recommendations. Yet at the time, the fear that people's data 
theoretically could be merged and used in ways that would threaten 
privacy was a bit too esoteric to have much impact.
The New Paradigm: Identity Theft
    What virtually nobody realized was that the failure to protect the 
privacy of personal data and the SSN would make possible what soon 
became the fastest growing crime of the information age: Identity 
Theft. The first piece of data an identity thief wants is the SSN. 
Identity theft occurs when an imposter steals a consumer's identity, 
usually a Social Security number and sometimes a name and address, for 
the purpose of exploiting the credit-worthiness of an innocent 
consumer, obtains credit in the name of the innocent consumer, and 
absconds with goods. This activity leaves the innocent consumer with 
the debris of a polluted credit history.
    Identity theft was becoming an epidemic before the Internet became 
popular. The steady rise in the number of identity theft cases has been 
well documented. In May 1998, the General Accounting Office, relying on 
figures provided by the Trans Union Corp., reported that the number of 
consumer inquiries to Trans Union's fraud desk grew from 35,235 in 
1992, to 80,013 in 1993; to 154,365 in 1994; 265,898 in 1995, 371,220 
in 1996 and 522,922 in 1997. Trans Union estimates that about two-
thirds of these inquiries relate to identity fraud. Two more recent 
sources of statistics--the Federal Trade Commission and California 
police agencies--indicate the epidemic is worsening. The problem 
promises to worsen because there are indications that organized crime 
gangs are gravitating towards identity theft as a ``low-risk, high 
payoff crime.''
    What we are waiting to see is confirmation that identity thieves 
are regularly buying SSNs and other personal data from information 
brokers.
Legislation Urgently Needed
    While comprehensive legislation is needed to protect privacy across 
many sectors, the ultra-sensitive SSN warrants specific action now. An 
SSN-centric bill should be seen as the leading piece of a larger 
legislative effort.
    Here are some goals that SSN-privacy legislation should achieve:
           Ban the sale of SSNs by the private sector, 
        particularly as part of credit headers.
           Prohibit the sale and display of SSNs by Federal, 
        State and local governments.
           If not an outright ban on the use of SSNs as a 
        driver's license number, then mandate that DMVs can only use 
        the SSN if the driver opts in, as is currently practiced in the 
        District of Columbia.
           Place a duty on all organizations that collect and 
        maintain SSNs to establish appropriate administration, 
        technical and physical safeguards to insure the security and 
        confidentiality of records and to protect against any 
        anticipated threats or hazards to their security or integrity 
        which could result in substantial harm, embarrassment, 
        inconvenience, or unfairness to any individual on whom 
        information is maintained.
    (This standard is from the U.S. Privacy Act of 1974).
    I also agree with the more detailed comments on the bill that will 
be made by Ed Mierzwinski, of the U.S. Public Interest Research Group, 
in the next panel.
Lessons From Last Congress
    There were two central lessons from efforts in the last Congress to 
pass legislation to restrict uses of SSNs. The first is that a 
relatively small circle of companies, generally known as the IRSG 
Group, which hopes to continue trafficking in SSNs and personal data 
without the individual's consent, will lobby ferociously to preserve 
their free ride. Since it is not practical to oppose the bill outright, 
their strategy is to win enough exceptions so that the exceptions can 
swallow the statute. Indeed, last year, the Senate bill ultimately was 
riddled with so many loopholes that Amy Boyer's parents asked that 
their daughter's name not be associated with it.
    Last year made it clear that a bill containing anti-privacy 
exceptions and loopholes will not pass.
    It is particularly important to resist loopholes in light of two 
recent court rulings that have strengthened the consensus that personal 
data, credit headers and SSNs are protected federal privacy laws. The 
first ruling was by the U.S. Court of Appeals for the District of 
Columbia, and related to Trans Union's unsuccessful bid to continue 
selling credit header to marketers, even though it is prohibited by the 
Fair Credit Reporting Act and opposed by the FTC. The second ruling 
concerned Judge Ellen Segal Huvelle's rejection of the IRSG companies' 
challenge to the FTC privacy rule on credit headers. In both cases, the 
courts said the two laws reasonably furthered a substantial 
governmental interest in protecting privacy, and that the laws did not 
impinge on the companies' First Amendment right to commercial speech.
    A Washington State judge ruled in May that a Web site did not have 
a First Amendment right to post the SSNs of law enforcement officers 
because SSNs lack a ``substantive communicative purpose'' and, 
therefore, lack Constitutional protection.
    Mr. Chairman, at the beginning of my statement, I spoke of the 
importance of political leadership to Americans gaining the privacy 
rights they deserve. Unfortunately, a second lesson from last Congress 
is that the House Republican Leadership has emerged as one of the main 
obstacles to privacy legislation. Last year, sources told me that the 
Leadership was unwilling to allow privacy bills such as yours to 
advance to the House Floor.
    This year, Speaker J. Dennis Hastert incredibly denied that 
Americans need stronger privacy protection, stating, ``We should not 
legislate new laws for the private sector until the Federal government 
cleans up its own systems and safeguards our citizens' personal 
information.''
    It's difficult to see the logic in this. Sometimes Big Government 
invades our privacy; sometimes it's the private sector. Americans want 
their privacy protected--period. It's of little comfort to them if the 
mega-institution improperly using their data is a private business, and 
not the government. And besides, even those who say they only care 
about governmental invasion of privacy need to be concerned about data 
collection by the private sector, because government agencies have 
shown time and again that they are perfectly happy to ``piggyback'' off 
of data collected by businesses. Moreover, privately held data are 
usually only a subpoena away from being discovered by a civil or 
governmental attorney.
    The Leadership's position against privacy is a classic example of 
those, who by virtue of climbing the power ladder in Washington, seem 
to lose touch with the American people. In opinion poll after opinion 
poll, study after study, the American people have made it clear that: 
(1) they feel they are losing control over their personal information; 
(2) they don't feel current law or practice adequately protects their 
privacy and (3) they want more and stronger legal safeguards for their 
personal data.
    At best, it's a mystery as to how the Leadership can continue to 
ignore the overwhelming evidence that Americans want their privacy 
protected, and that adequate law is necessary. At worst, it's a case of 
narrow special interests and their lobbyists controlling Washington 
against the wishes of the American people.
President Bush
    In contrast to the House Leadership, President Bush has made strong 
pro-privacy statements, particularly about the need to protect medical 
and financial records--and yes, Social Security numbers. According to 
the Wall Street Journal, the President said he's ``a privacy kind of 
guy.'' White House spokesman Ari Fleisher said the President will 
``tend to side with the privacy point of view'' over business, and 
that, ``It's good for business to honor people's privacy.''
    These statements came out in April when the President decided to 
approve final adoption of the medical privacy rules--his first and only 
action to date on privacy. This is a good first step. But now the 
President should be ready to ``walk the walk,'' and prepare a 
comprehensive legislative package for a national privacy policy. As I 
said before, Mr. Chairman, your SSN bill is a good starting point for 
the larger effort.
Privacy Integral To Future Business Success
    The irony is that there is a growing realization among forward-
looking corporations that privacy is integral to future business 
success. This is because many corporations are developing technology, 
products and services that will bring new conveniences to consumers. 
But for these products to work, consumers must be willing to trust 
their personal data and profiles to a company's electronic information 
system. These corporations understand there must be credible and 
enforceable privacy protections in place if consumers are to provide 
personal data on which the business model rests. Examples include the 
Wireless communications industry and their plans for ``3G'' and 
location-based services, and Microsoft's Hailstorm.
    In addition, a review of the Internet's recent boom-to-bust cycle 
make clear that e-tailers did not make their numbers, in part because 
consumer concerns about 1) credit card security and 2) personal data 
privacy, made them reluctant to purchase online. I am convinced that to 
the extent we put in place a strong privacy regime is the extent to 
which we will accelerate e-commerce.
Privacy Will Prevail Because We Can't Afford Otherwise
    Shuffling paper is expensive and slow. Collecting and storing data 
and transacting electronically is much more cost effective, more 
convenient and faster. It probably costs the Social Security 
Administration a few dollars a piece to mail out checks or earnings 
statements, or process benefits claims--on paper. To do these same 
tasks electronically costs pennies apiece.
    Similarly, the Internal Revenue Service could reduce its costs by 
hundreds of millions--if not billions--if it could convince higher 
percentages of taxpayers to file electronically. The same could be said 
for virtually any government benefits program.
    Many corporations also could significantly reduce their bottom line 
costs if they could switch customers from a primarily paper environment 
to a primarily electronic environment. A recent survey by the 
TowerGroup found that 92 percent of the 3,033 households had used bank 
branches for transactions in the previous month. Only 18 percent of the 
households whose primary banks offered online services had actually 
used them, and even 85 percent of those said they also had visited a 
bank branch in the previous month.
    As was with e-commerce generally, privacy concerns pose a major 
barrier to Americans utilizing electronic services of government 
agencies or businesses. These concerns are not irrational. People saw 
that their privacy was not adequately protected in the pre-Internet 
age. The government essentially lied about the SSN only being for 
Social Security and wage reporting. People see their own names arrive 
in the form of junk mail from organizations they never heard of and 
then are unable to find out where these organizations got their names. 
People are assaulted at the dinner hour with annoying junk phone calls. 
Their credit reports are often plagued by inaccuracies. Identity theft 
has become an epidemic. And recently, there have been regular reports 
of specialized hackers, known as ``Carders,'' hacking into databases to 
steal thousands of credit card numbers at a time.
    It is high time that we realize that the majority of Americans are 
not going to opt for electronic services until they are convinced that 
the privacy and security of their personal data will be protected by 
law and by organizational practice. This means that government agencies 
and corporations will continue to incur the higher costs of paper-based 
processing. It also means that many consumers will be deterred from the 
speed and convenience of electronic services.
    I believe it is in our national interest to create an environment 
where organizations and individuals can enjoy the benefits of 
conducting business electronically. But in order to create that 
environment, we must show Americans that we are making a break with the 
past: namely, the United States is leaving behind its national policy 
of ``Privacy-Neglect,'' and adopting a national policy of ``Privacy-
First.''
    In trying to hold off privacy legislation, certain industries are 
producing ``Cost studies'' in an effort to show that complying with 
privacy law is too expensive. Two of the more shameless examples were 
the ``study'' produced by Ernst & Young for the Financial Services 
Roundtable, and the one conducted by Robert Hahn, paid for by the 
Association for Competitive Technology. Neither one of these studies 
will stand up to independent scrutiny. For example, neither of the 
studies acknowledged there was any benefit to privacy protection.
    What we need is independent, authoritative research that can 
evaluate the benefits and savings of a ``Privacy-First'' national 
policy that will create an environment of trust for electronic 
services.
    Mr. Chairman, again, thank you for this opportunity to appear 
before the Subcommittee.
    I'd be happy to answer any questions.
    [The attachment is being retained in the Committee Files.]

                                


    Mr. Collins. [Presiding.] Thank you, Mr. Hendricks. I hated 
to use the gavel but I thought you might have a third final. 
Mr. Dugan?

 STATEMENT OF JOHN C. DUGAN, PARTNER, COVINGTON & BURLING, ON 
       BEHALF OF FINANCIAL SERVICES COORDINATING COUNCIL

    Mr. Dugan. Thank you, Mr. Chairman and members of the 
Subcommittee. My name is John Dugan. I am a partner with the 
law firm of Covington & Burling, and I am testifying today on 
behalf of the Financial Services Coordinating Council, or FSCC, 
whose members are the American Bankers Association, American 
Council of Life Insurers, American Insurance Association, 
Investment Company Institute and the Securities Industry 
Association.
    The FSCC represents the largest and most diverse group of 
financial institutions in the country, consisting of thousands 
of large and small banks, insurance companies, investment 
companies and securities firms. Together, these financial 
institutions provide financial services to virtually every 
household in the United States.
    The FSCC very much appreciates the opportunity to testify 
today. While we recognize that there have been misuses of 
Social Security numbers, we strongly urge that any legislation 
intended to address this problem be carefully targeted to 
specifically identify abuses, such as measures to stop identity 
theft. We believe it is imperative to avoid restrictions on 
legitimate and beneficial uses of Social Security numbers.
    Let me summarize our written testimony by making three 
fundamental points. First, businesses' legitimate use of Social 
Security numbers as unique identifiers of individuals is now 
woven into the very fabric of commercial transactions 
throughout the country. Realizing the enormous value of a 
common, unique identifier, the Federal Government began the use 
of Social Security numbers for unrelated identification 
purposes nearly 60 years ago. It soon required businesses to do 
the same thing under certain Federal laws.
    Businesses, including financial institutions, have followed 
the government's example and have used Social Security numbers 
as common identifiers in ways that have produced tremendous 
efficiencies and benefits for all Americans. For example, our 
nation's remarkably efficient credit-reporting system relies 
fundamentally on the Social Security number as a common 
identifier to compile disparate information from many different 
sources into a single, reliable credit report. And as set forth 
in detail in our written statement, the banking, insurance, and 
securities industries each uses Social Security numbers for a 
variety of important business transactions, primarily to ensure 
that the person with whom a financial institution is dealing 
really is that person.
    Here is just a small sample of these uses. It is done to 
combat fraud and identity theft, to accurately assess 
underwriting risk, to identify money-laundering activities, to 
transfer assets to third parties, to comply with deadbeat dad 
laws, and to locate policyholders to pay insurance proceeds.
    This, then, leads me to my second point. Because the use of 
Social Security numbers as unique identifiers is so integral to 
our economy, overly broad restrictions on their use could have 
serious unintended consequences. For example, Social Security 
numbers are critical for fraud detection. Financial 
institutions rely on information compiled through Social 
Security numbers to check for inconsistencies that may suggest 
the occurrence of fraud or identity theft. Any proposal that 
unduly restricted the use of Social Security numbers for these 
purposes would make it easier, not harder, for an individual's 
identity to be stolen. Similarly, an overly broad prohibition 
on the sale of Social Security numbers, however well intended, 
could be construed to restrict such activities as the sale of 
assets among financial institutions where the assets use Social 
Security numbers as the basis for account identification.
    My third point is that there is no need to further restrict 
the use of Social Security numbers by financial institutions 
because of strong new protections imposed by the Gramm-Leach-
Bliley Act that take effect on July 1. Each financial 
institution consumer will have the right to block a financial 
institution from selling or transferring his or her Social 
Security number to an unaffiliated third party or the general 
public. There are exceptions to this general rule for 
legitimate transfers of these numbers; for example, to protect 
against fraud. But, in that case the recipient of the number is 
prohibited from reusing or redisclosing that number for an 
unrelated purpose.
    Thus, a financial institution consumer is protected with 
respect to a financial institution's transfer of Social 
Security numbers, yet legitimate and important uses of these 
numbers remain permissible. As a result, no additional 
restrictions on the use of Social Security numbers by financial 
institutions are warranted.
    Thank you, Mr. Chairman. The FSCC welcomes the opportunity 
to participate in this debate, and we would be happy to work 
with you and others as discussions on this issue proceed.
    [The prepared statement of Mr. Dugan follows:]
Statement of John C. Dugan, Partner, Covington & Burling, on behalf of 
                Financial Services Coordinating Council
    My name is John Dugan. I am a partner with the law firm of 
Covington & Burling, and I am testifying today on behalf of the 
Financial Services Coordinating Council--or ``FSCC''--whose members are 
the American Bankers Association, American Council of Life Insurers, 
American Insurance Association, Investment Company Institute, and 
Securities Industry Association. The FSCC represents the largest and 
most diverse group of financial institutions in the country, consisting 
of thousands of large and small banks, insurance companies, investment 
companies, and securities firms. Together, these financial institutions 
provide financial services to virtually every household in the United 
States.
    The FSCC very much appreciates the opportunity to testify before 
this subcommittee on the use and misuse of social security numbers (or 
``SSNs''). Our comments focus on the integral role of social security 
numbers in United States commerce; the many consumer benefits that 
result from financial institutions' use of these numbers; and the 
potentially negative effects that could occur if undue restrictions are 
imposed on such use. While the FSCC recognizes that there have been 
misuses of social security numbers, we strongly urge that any 
legislation intended to address this problem be carefully targeted to 
specifically-identified abuses, such as measures to stop identity 
theft. We believe it is imperative to avoid restrictions on legitimate 
and beneficial uses of SSNs.
    Our testimony today makes three fundamental points:
           First, following the lead of the U.S. Government for 
        the last 65 years, businesses' legitimate use of social 
        security numbers as unique identifiers of individuals is now 
        woven into the fabric of commercial transactions throughout the 
        country. The use of these numbers has produced real benefits 
        for American consumers and taxpayers, and has become critically 
        important for a wide range of government agencies, financial 
        institutions, hospitals, blood banks, and many other 
        businesses, both large and small.
           Second, broad restrictions on the use of social 
        security numbers could have serious unintended consequences, 
        including higher credit costs; increased fraud and identity 
        theft; fundamental and costly changes to internal business 
        operating systems; decreased consumer service; and costly 
        delays in consumer transactions.
           Third, Congress has recently enacted comprehensive 
        privacy protections under the Gramm-Leach-Bliley Act that, 
        among other things, place stringent restrictions on financial 
        institutions' use and transfer of social security numbers. In 
        light of these provisions, the FSCC strongly believes that 
        further legislative restrictions on financial institutions' use 
        and transfer of social security numbers are unnecessary.
    Our testimony also discusses the potentially negative impact of 
social security number restrictions on financial institutions' 
legitimate use of public records.
 Integral Role of Social Security Numbers in U.S. Commercial Activities
    As the GAO noted in its February 1999 report,\1\ the Social 
Security Administration created social security numbers 65 years ago as 
a means to maintain individual earnings records for the purposes of 
that program. But Congress soon realized the tremendous value to 
society of a unique identifier that is common to nearly every American. 
As a result, it began to require federal government use of the SSN as a 
common unique identifier for a broad range of wholly unrelated 
purposes. For example, ``a number of federal laws and regulations 
require the use of the SSN as an individual's identifier to facilitate 
automated exchanges that help administrators enforce compliance with 
federal laws, determine eligibility for benefits, or both.'' \2\ These 
include federal laws applicable to tax reporting, food stamps, 
Medicaid, Supplemental Security Income, and Child Support Enforcement, 
among others. Moreover, as the GAO acknowledged, it has repeatedly 
recommended in numerous reports that the federal government use SSNs as 
a unique identifier to reduce fraud and abuse in federal benefits 
programs.\3\
---------------------------------------------------------------------------
    \1\ ``Social Security--Government and Commercial Use of the Social 
Security Number is Widespread,'' February 1999, GAO/HEHS-99-28.
    \2\ Id. at p.4.
    \3\ Id.
---------------------------------------------------------------------------
    Following the federal government's lead, American businesses not 
only complied with federal requirements to use SSNs as identifiers for 
federal laws unrelated to social security, such as income tax 
reporting. They also realized the powerful consumer benefits to be 
derived from comparable business use of SSNs as a common unique 
identifier. Thus, businesses began to use SSNs in a manner similar to 
the federal government, e.g., to match records with other organizations 
to carry out data exchanges for such legitimate business purposes as 
transferring and locating assets, tracking patient care among multiple 
health care providers, and preventing fraud and identity theft. Many 
businesses also use SSNs as an efficient unique identifier for such 
internal activities as identifying income tax filers.
    Similarly, the financial services industry has used the SSN for 
many decades as a unique identifier for a broad range of responsible 
purposes that benefit consumers and the economy. For example, our 
nation's remarkably efficient credit reporting system--which has helped 
make America's affordable and accessible credit the envy of the world--
relies fundamentally on the SSN as a common identifier to compile 
disparate information from many different sources into a single, 
reliable credit report for a given individual. And as set forth in 
considerably more detail in Attachment A to this testimony, the 
banking, insurance, and securities industries each use SSNs as unique 
identifiers for a variety of important regulatory and business 
transactions, primarily to ensure that the person with whom a financial 
institution is dealing really is that person. Set forth below is a very 
incomplete sample of the many financial institution uses of SSNs that 
are listed in Attachment A:
           To combat fraud and identity theft;
           To accurately assess underwriting risk;
           To assist in internal benefits tracking;
           To identify money laundering activities;
           To comply with securities law reporting 
        requirements;
           To transfer assets and accounts to third parties;
           To comply with ``deadbeat dad'' laws;
           To verify appropriate Department of Motor Vehicle 
        records when underwriting auto insurance;
           To obtain verifiable medical information to 
        underwrite life, disability income, and long term care 
        insurance;
           To locate policyholders to pay insurance proceeds;
           To facilitate a multitude of administrative 
        functions.
    As noted in the GAO report, ``[s]imply stated, the uniqueness and 
broad applicability of the SSN have made it the identifier of choice 
for government agencies and private businesses, both for compliance 
with federal requirements and for the agencies' and businesses' own 
purposes.'' \4\ Put another way, the use of SSNs as common unique 
identifiers is now woven into the very fabric of both governmental and 
commercial transactions in this country, and has been so for decades.
---------------------------------------------------------------------------
    \4\ Id., p.2.
---------------------------------------------------------------------------
    In short, the federal government began the use of SSNs for 
unrelated identification purposes; it required businesses to do the 
same under certain federal laws; and its use served as an example for 
businesses, including financial institutions, for over half a century. 
These uses have produced tremendous efficiencies and benefits for all 
Americans. The FSCC strongly urges members of Congress to keep such 
legitimate uses and benefits, including those financial institution 
uses listed in Attachment A, in the forefront when considering 
proposals to restrict the use of SSNs.
Unintended Consequences of Broad Restrictions on Use of Social Security 
                                Numbers
    As a result of the widespread use of social security numbers for 
legitimate purposes, the FSCC remains fundamentally concerned about the 
unintended consequences of legislation that is intended to restrict the 
abuse of these numbers. Failure to carefully target legislation to 
avoid these unintended consequences risks serious harm to consumers and 
the smooth operation of the U.S. economy. Let me provide some specific 
examples:
           Potential Harm to Consumers. Financial institutions' 
        use of social security numbers makes it possible for them to 
        provide a level of service to customers that would otherwise 
        not be possible. By using such numbers to verify individual 
        identities, credit bureaus and others can quickly provide 
        financial institutions with accurate credit histories and 
        verification information on people seeking loans, insurance, 
        securities, and other financial products. This in turn permits 
        a financial institution to act swiftly and efficiently on 
        applications or requests related to these products. Use of 
        social security numbers also enables financial institutions to 
        provide more seamless administrative service, e.g., by allowing 
        a life insurer to more easily verify the identity of an 
        individual seeking to change a beneficiary under a life 
        insurance policy. The FSCC's concern is that a broad 
        restriction on the sale or use of social security numbers, 
        however well-intended, could seriously impede the delivery of 
        such important services by driving up processing costs and 
        impairing decision-making.
           Increased Risk of Fraud and Identity Theft. Social 
        security numbers are critical for fraud detection. Banks, 
        insurance companies, and securities firms rely on information 
        available from both public and private sources--with embedded 
        social security numbers to ensure correct identification--to 
        check for ``inconsistencies'' that may suggest the occurrence 
        of fraud or identity theft. The use of these numbers also helps 
        financial institutions verify credit and other information in 
        order to make sound underwriting decisions that minimize 
        losses. The sophisticated processes used for these purposes 
        rely fundamentally on social security numbers as the common 
        unique identifier to assemble accurate and verifiable 
        information for a given individual. Put another way, without a 
        unique common identifier such as a social security number, we 
        believe it would be easier, not harder, for an individual's 
        identity to be stolen. Thus, to reiterate, we believe that 
        Congress should exercise great caution in restricting the use 
        of social security numbers so as not to risk an increase in 
        consumer fraud or identity theft--a result that would be 
        squarely at odds with the intended purpose of such 
        restrictions.\5\
---------------------------------------------------------------------------
    \5\ Existing law already includes provisions that prohibit identity 
theft. Stealing someone's identity is punishable by civil and criminal 
penalties under 18 U.S.C. 1028. Moreover, the recently-passed Gramm-
Leach-Bliley Act bans pretext calling, which is a basic tool of 
identity thieves.
---------------------------------------------------------------------------
           Market Disruption. A prohibition on the sale of 
        social security numbers could be construed to restrict such 
        activities as the sale of assets among financial institutions, 
        or even the sale of the institution itself. This is so because 
        financial institution assets (e.g., mortgage servicing 
        accounts, credit card accounts, and traditional bank accounts) 
        often use social security numbers as the basis for account 
        identification. When it sells such an asset, a financial 
        institution could be viewed as technically ``selling'' the 
        embedded social security number as well. Thus, legislative 
        efforts that ``directly or indirectly'' limit the transfer of 
        social security numbers could effectively preclude such plainly 
        legitimate transactions. To address this problem, businesses 
        would need to rework their internal systems completely to 
        eliminate the reliance on such numbers--a massive and needless 
        expense. Accordingly, we believe that any legislative proposal 
        must be crafted to avoid such a significant unintended 
        consequence.
             The Protections of the Gramm-Leach-Bliley Act
    The FSCC believes there is no need to further restrict the use of 
social security numbers by financial institutions in light of the 
strong new social security number restrictions that will apply to such 
institutions under the Gramm-Leach-Bliley Act (``GLB Act''), which take 
effect in just over one month. The GLB Act and its implementing 
regulations treat a financial institution consumer's social security 
number as protected ``nonpublic personal information.'' \6\ As a 
result, each financial institution consumer has the right to block a 
financial institution from selling or transferring his or her social 
security number to a nonaffiliated third party or the general public.
---------------------------------------------------------------------------
    \6\ See, e.g., 12 C.F.R. Sec. 40.3(o), generally defining protected 
``personally identifiable financial information'' to include ``any 
information . . . [t]he bank . . . obtains about a consumer in 
connection with providing a financial product or service to that 
consumers'' (emphasis added).
---------------------------------------------------------------------------
    There are exceptions to this general rule for legitimate transfers 
of social security numbers, such as ones that are necessary to carry 
out a transaction requested by the consumer; to protect against fraud; 
to provide necessary identifying information to a credit bureaus, etc. 
However, even with respect to such legitimate transfers of social 
security numbers, the consumer remains protected because the recipient 
of the number is prohibited by law from re-using or re-disclosing the 
number--it may do so only as necessary to carry out the purpose of the 
exception under which the number was received from the financial 
institution. Indeed, this unprecedented restriction on the re-use and 
re-disclosure of consumer information, including social security 
numbers, was recently upheld by the federal district court of the 
District of Columbia.\7\
---------------------------------------------------------------------------
    \7\ ISRG v. FTC, C.A. No.: 00-1828 (ESH) (Dist. DC, April 30, 
2001).
---------------------------------------------------------------------------
    In short, as the result of the GLB Act's carefully-targeted 
restrictions, a financial institution consumer is fully protected with 
respect to a financial institution's transfer of social security 
numbers, yet legitimate and important uses of these numbers remain 
permissible. In light of these restrictions, no additional restrictions 
on use of SSNs by financial institutions are warranted.
         Concerns Over Restrictions on Access to Public Records
    Finally, some concerns have also been expressed regarding the 
inappropriate use of social security numbers available in the public 
record. The FSCC believes it is important to remember that a wide range 
of private sector enterprises--including banks, insurance companies, 
and securities firms--rely on such records to conduct a broad range of 
legitimate business activities. For example, financial institutions use 
public records to:
           Uncover fraud and identity theft;
           Make sound credit and other financial product 
        determinations;
           Verify identities of the customer at the account 
        opening phase;
           Assist in internal security operations (e.g., 
        employee background checks); and
           Otherwise verify identities in order to conduct a 
        broad range of business transactions.
    Business reliance upon such records facilitates the efficient 
operation of the financial and credit markets, limits mistakes, and 
ensures that consumers receive prompt and lower-cost service. It also 
helps protect the customer from fraud.
    More specifically, to achieve the purposes described above, 
financial institutions directly use court bankruptcy records; public 
records involving liens on real estate; criminal records and fraud 
detection databases, such as the National Fraud Center database; and 
similar types of public records. Financial institutions also indirectly 
use such records for the same purposes by relying on databases 
developed by third parties that themselves rely on information from 
public records. Importantly, SSN identifiers are central to ensuring 
that the information included in these records matches the correct 
individual. This allows banks, for example, to verify the identity of a 
person so that a direction from a customer to transfer funds to a third 
party can be executed without mistake, as well as to check important 
credit-related characteristics of loan applicants (such as pending 
bankruptcies, tax liens, or other credit problems).
    Moreover, financial institutions employ sophisticated programs that 
cross-check public information against information supplied by an 
applicant in order to uncover fraud. For example, if the age 
information provided by an applicant posing as another individual were 
inconsistent with other information known about that individual from 
public records made available through SSN identification, a ``red 
flag'' would be raised, which would trigger further checking to uncover 
the identity theft.
    Thus, overly-broad limits on access to public record information 
would compromise a financial institution's ability to make sound 
business decisions and protect its customers. Such limits could also 
greatly slow the decision-making process of U.S. businesses, to the 
detriment of consumers and the economy.
    Finally, even if financial institutions were exempted from 
restrictions on access to public records containing social security 
numbers, such restrictions could still create indirect problems for 
financial institutions and their customers. For example, if a social 
security number were stricken from a public record, it is possible that 
the ability to use that record for legitimate purposes would become 
impossible because of the expense involved in verifying the identity of 
the person covered by that record. The consequences could be delayed 
loan approvals, increased consumer costs for products and services, and 
limits on an institution's ability to discover identity theft on a 
timely basis.
    Even if public entities could still retain social security numbers 
in their internal nonpublic files, the cost and delays in efficiently 
accessing such files would be significant. Ultimately, the cost 
efficiencies and speed of delivery inherent in our current market 
system would be compromised. The effect could be the same as denying 
financial institutions access to such records.
                               Conclusion
    The benefits to society from the legitimate and responsible use of 
social security numbers are real and substantial. As a result, the FSCC 
believes that policymakers should look carefully at the unintended 
consequences that could occur with any proposal that would restrict the 
use of these numbers. And, because of the GLB Act's imminent 
restrictions on financial institution disclosure of social security 
numbers, we believe that no new SSN restrictions are required for the 
financial services industry. The FSCC welcomes the opportunity to 
participate in this debate, and would be happy to work with you and 
others as discussions on this issue proceed.

                              ATTACHMENT A

  Activities Potentially Impaired by Restrictions on Social Security 
                                Numbers

    As noted above, a wide range of legitimate activities conducted by 
financial institutions would be affected by broad restrictions on the 
use of social security numbers. Set forth below are examples of such 
activities, grouped by the respective industries represented by the 
FSCC.
                        I. Banking Industry Uses
A. General Uses of Social Security Numbers
           To assist in account administration and better 
        respond to customer requests. Financial institutions must use 
        shared information to create central databases that then permit 
        institutions to better respond to customer requests or needs 
        (e.g., provide account balances, correct inaccuracies, process 
        loan requests, etc.). To do this, many institutions use social 
        security numbers as a unique identifier to ensure more accurate 
        records.
           To combat fraud and identity theft. Financial 
        institutions rely on third-party databases to investigate 
        claims of fraud and identity theft. These third-party databases 
        in turn rely on social security numbers as the common unique 
        identifier that is used by a variety of data sources. Without 
        such common unique identifiers, there would be no way to ensure 
        that particular information is associated with a particular 
        individual, and not with someone posing as that individual. 
        Thus, SSNs are integral mechanisms for accumulating and 
        processing authentic information for both law enforcement 
        officials and financial institutions.
           To accurately assess risk. Everyday, financial 
        institutions make judgments regarding financial risks. 
        Institutions must rely on information databases to make such 
        judgments, whether they are decisions on loans, insurance 
        products, or other financial services. Social security numbers, 
        when used by internal and third-party data providers as a means 
        of compiling accurate information on an individual, help 
        institutions make prudent decisions on product offerings.
           To verify the identity of the customer--in person, 
        over the phone, by mail, or over the internet--in the account 
        opening stage. A financial institution uses a social security 
        number as the unique individual identifier when verifying 
        information of a person with whom the institution has had no 
        previous contact.
           To identify potential money laundering activities. 
        Institutions use social security numbers as unique identifiers 
        to comply with various government requirements, such as Office 
        of Foreign Assets Control (OFAC) verifications or the 
        processing of certain Bank Secrecy Act-related documents (e.g., 
        cash transaction reports).
           To meet other government safety and soundness 
        requirements. Federal and State bank regulators require banks 
        and savings associations to operate in a safe and sound manner, 
        and require institutions to develop sophisticated internal 
        policies and procedures to that end. To do so, banks often rely 
        on third-party databases that themselves rely on social 
        security numbers to promote accuracy. As a result, the use of 
        social security numbers plays a significant role in bank 
        internal risk activities.
           When providing tax reporting information to the 
        Government (e.g., Forms 1098/1099), as well as to the employee 
        (e.g., W-2s).
           To facilitate internet banking operations. Many 
        third-party vendors who provide links to such services rely on 
        social security numbers as account identifiers.
           To assist in internal security operations. 
        Institutions use social security numbers as an employee 
        identifier for purposes of background checks and other 
        activities.
           To assist in internal benefits tracking. For 
        example, to provide reimbursements to employees incurring 
        business expenses, or to track employee participation in 
        employee retirement funds (e.g., 401(k) plans).
           To track external payments to vendors for tax 
        reporting purposes.
           To permit customer access to a wide range of 24-hour 
        banking services via phone or internet. Many banks use social 
        security numbers as the account identifier, both as a 
        convenience to customers and to maintain consistency with other 
        internal processing needs, such as the maintenance of an 
        accurate central database and the subsequent ability to use 
        such numbers when making external credit checks.
B. Type of Institutions that Benefit
           To facilitate financial holding company operations 
        of benefit to the company and its customers. Holding companies 
        share customer information (including social security numbers) 
        within their corporate family (i.e., affiliates) for a variety 
        of purposes, including:
           Providing customers with consolidated statements 
        reflecting the status of all of their financial accounts and 
        investments. To do so, companies need to ensure that customer 
        information matches the correct file--e.g., that the ``John 
        Smith'' on the phone is the John Smith that has two checking 
        accounts, a variable life insurance policy, and holds the 
        securities of four particular companies. Using social security 
        numbers--the only truly common unique identifier--to verify 
        this information greatly enhances company accuracy and 
        increases customer confidence.
           Assisting each affiliate in combating identity theft 
        by giving these affiliates necessary information on the 
        customer so that they may protect the customer's interest. For 
        example, having accurate, up-to-the-minute customer information 
        allows affiliates to quickly identify inconsistencies or 
        irregular activities in a customer's accounts that may reflect 
        that identity theft is occurring. Again, reliance on social 
        security numbers as the ``common'' element that permits 
        institutions to cross-check existing customer information with 
        new information helps institutions help their customers.
           Allowing all aspects of the company to prudently 
        manage risk. When a customer enters a bank, insurance company 
        or securities firm in search of a financial product or service, 
        a financial institution must quickly and accurately gauge its 
        financial risks in providing that product or service. The 
        institution must rely on a variety of credible internal and 
        external databases, such as those provided by credit bureaus, 
        third-party vendors and other affiliates, for accurate 
        information on the credit standing and financial health of the 
        applicant. To ensure that these databases are as accurate as 
        possible, such providers must rely upon some form of common 
        identifier that ensures that correct financial history 
        information is associated with the right person. Social 
        security numbers, as the most accurate common identifier 
        available, help ensure the highest available level of accuracy 
        in these databases. Since a financial institution can then rely 
        on the accuracy of this information in assessing its risk, it 
        can make quick, efficient and prudent decisions regarding the 
        new customer.
C. Securities Industry Uses
           Account identification. Many securities firms' 
        systems rely heavily on social security numbers for 
        identification. In general, account relationships are 
        maintained based on SSN as the sole unique identifier for an 
        individual.
           Tax reporting. SSNs appear on account opening 
        documentation, primarily for tax reporting purposes.
           Telephone verification. Firms use SSNs to verify the 
        identity of a client transacting business over the telephone--
        this enables firms to access an account by keying in the SSN if 
        the customer does not remember his/her account number.
           Account searches. Firms use SSNs for account 
        searches, thus enabling firms to sort all accounts for a 
        customer under the same SSN.
           Court Actions/Judicial Process/Subpoenas. Securities 
        firms are often required to provide documents, which would 
        reveal SSNs of a client in responding to a subpoena, court 
        order, or judicial process. Firms also use SSNs to search for 
        accounts in response to requests from regulators and law 
        enforcement officials.
           Securities law reporting. Many of the reports 
        securities firms are required to file with the SEC and self 
        regulatory organizations are based on SSN searches and identify 
        SSNs. For example, certain reports to stock exchanges are based 
        on total positions by related party (i.e., SSN).
           Institutional risk control/anti-fraud. Firms may use 
        SSNs to perform anti-fraud background checks on potential 
        clients in order to determine whether for example the person 
        has a history of defrauding others.
           Compliance. SSNs are used to identify certain types 
        of activity that firms are required to conduct surveillance 
        for, such as excessive turnover in accounts.
           Communications to shareholders. SSNs are used in 
        connection with mutual fund mailings, including the mailing of 
        proxy statements and prospectuses to proprietary fund 
        shareholders. SSNs are also used in connection with 
        dissemination of a company's annual report, quarterly report, 
        or interim report.
           Escheatment/Abandoned Property. Securities firms are 
        required to provide on an annual basis to individual States the 
        name, last known address, SSN, and other information for 
        purposes of complying with various State escheatment and 
        abandoned property laws, and intangible property tax laws.
           Transfers of accounts to third parties. SSNs are 
        used to facilitate a customer request to transfer an account to 
        another securities firm, or to satisfy a customer request that 
        a physical stock certificate be transferred from street name 
        into his or her name.
           Insurance. SSNs may also be disclosed where a client 
        purchases an insurance policy through the securities firm--the 
        securities firms would then have to disclose (through the 
        client's application) information, including SSN, to the 
        insurance company.
D. Insurance Industry Uses:
1. Property/Casualty Insurers' Use of Social Security Numbers
           To the extent the p/c insurance industry uses SSNs, 
        that use is confined to legitimate business practices such as 
        underwriting policies, complying with numerous state and 
        federal laws, and verification of identity.
           A proposal to prohibit or limit the disclosure of 
        SSN could restrict p/c insurers from obtaining necessary 
        information for underwriting and verification purposes.
           For example, auto insurers use motor vehicle records 
        to assess insurance risks, reevaluate risks undertaken, conduct 
        claims fraud investigations and pay injured victims. Motor 
        vehicle records, which include social security numbers as 
        identifiers, are an essential source of information needed by 
        insurers to comply with state consumer protection laws and 
        existing contracts.
           Auto insurers may use SSNs obtained from the 
        consumer in order to verify the receipt of proper Department of 
        Motor Vehicle records.
           Undue restrictions on use of SSNs could also impair 
        the ability of p/c insurers to comply with reporting 
        requirements under current federal and state laws, such as 
        those described below.
           Federal laws require p/c insurers to report certain 
        payments with the claimant's SSN to the IRS.
           P/C insurers are required under the Federal Welfare 
        Reform Act to report to state welfare agencies certain 
        information, including SSNs, so that the state can seize 
        settlement dollars from non-custodial parents.
           Under state workers compensation laws, p/c insurers 
        are required to file accident claims (which include the 
        claimant's SSN) with various agencies for those agencies' 
        claims administration purposes.
           States laws require p/c insurers to disclose to 
        state-licensed advisory organizations certain information, 
        which may include a SSN. The state-licensed advisory 
        organizations perform a critical function in insurance pricing 
        by using the information to conduct actuarial projections of 
        anticipated losses so that state insurance regulators are able 
        to perform their duties and insurance companies can establish 
        rates in accordance with state-approved rating systems.

2. Life, Disability Income, and Long Term Care Insurers' Use of Social 
Security Numbers.
    Life, disability income, and long term care insurers are strongly 
committed to the principle that individuals have a legitimate interest 
in the proper collection and handling of their personal information and 
that insurers have an obligation to assure individuals of the 
confidentiality of that information. However, in order for insurers to 
serve their prospective and existing customers, they must use and share 
nonpublic personal information, including social security numbers, in 
connection with the origination, administration, and servicing of 
insurance products and services. These functions are essential to 
insurers' ability to serve and meet their contractual obligations to 
their existing and prospective customers. ACLI member companies also 
believe that the use and responsible sharing of information generally 
increases efficiency, reduces costs, and makes it possible to offer 
economies and innovative products and services to consumers that 
otherwise would not be available.
    (a) Underwriting life, disability income, and long-term care 
insurance policies--The price of life, disability income, or long term 
care insurance is generally based on the proposed insured's gender, 
age, present and past state of health, possibly his or her job or 
hobby, and the type and amount of coverage sought. Life, disability 
income, and long term care insurers gather this information during the 
underwriting process. Based on this information, the insurer groups 
insureds into pools in order to share the financial risks presented by 
dying prematurely, becoming disabled, or needing long term care.
    This system of classifying proposed insureds by level of risk is 
called risk classification. It enables insurers to group together 
people with similar characteristics and to calculate a premium based on 
that group's level of risk. Those with similar risks pay the same 
premiums. The process of risk classification provides the fundamental 
framework for the current private insurance system in the United 
States. Risk classification is essential to insurers' ability to 
determine premiums that are adequate to pay future claims, and are fair 
relative to the risk posed by the proposed insured.
    Insurers must be able to obtain and use both medical and nonpublic 
personal information, including SSNs, in order to underwrite 
applications for coverage. SSNs are used in a number of different ways 
in connection with this process:
           To obtain verifiable medical information. Insurers 
        sometimes must use proposed insureds' SSNs in order to obtain 
        medical information about them from doctors and hospitals which 
        use SSNs as identification numbers.
           To obtain drivers' record information. Insurers 
        sometimes use motor vehicle record information in underwriting. 
        In some states, insurers are required to use SSNs to obtain 
        this information from the motor vehicle department.
           To obtain credit report information. Insurers 
        sometimes use information from credit reporting agencies in 
        underwriting, and SSNs are sometimes required to obtain 
        information from consumer reporting agencies.
    (b) Performance of Essential Insurance Business Functions
    Once life, disability income, or long term care insurance policies 
are issued, insurers use their customers' personal information to 
perform essential, core functions associated with insurance contracts, 
such as for claims evaluations and policy administration. The ability 
to use this information for these purposes is crucial to insurers' 
ability to meet their contractual obligations to their customers and to 
perform important related service and administrative functions. The 
economies and efficiencies devolving from these functions inure to the 
benefit of insurers' customers.
    Life, disability income, and long term care insurers view SSNs as 
unique identifiers and use them in a number of ways that enable them to 
better and more efficiently serve their customers and to protect their 
interests. They use SSNs to perform a number of these core insurance 
business functions, which include the following:
           To locate policyholders. SSNs are used by insurers 
        to find missing or lost policyholders to inform them that they 
        are entitled to life insurance proceeds.
           For customer service. SSNs are used to identify 
        policies owned by an individual who does not have the account 
        or policy number available when a service request is made.
           For phone call verification. Insurer call centers 
        use SSNs as part of the data requested to authenticate 
        customers who call with requests for service or for product or 
        account information or status.
           To transfer assets to unaffiliated financial 
        institutions. SSNs are often needed to transfer assets from one 
        financial institution to another, for example, for purposes of 
        transfers between mutual funds or annuities and life insurance. 
        (Since one financial institution generally does not know an 
        individual's account number at another financial institution, 
        the SSN is needed to identify the client's identity for the two 
        institutions. This reduces delay, error, and misplaced assets 
        in such transfers.)
           Pension plan administration. Insurers also use SSNs 
        in connection with the administration of pension plans, as 
        identification numbers.
           For online services. Insurers use SSNs as PIN 
        numbers for customers' use of on-line services.
           As identification for group insurance plans. 
        Insurers use SSNs in reporting to employer policyholders under 
        employee group insurance plans and in connection with payroll 
        deductions under these plans.
    (c) Disclosures Pursuant to Regulatory/Legal Mandates or to Achieve 
Certain Public Policy Goals
    In furtherance of public policy goals designed to protect American 
insurance consumers, life, disability income, and long term care 
insurers share personal health and nonpublic personal information, 
including SSNs, to:
           State insurance departments to assist them in their 
        general regulatory oversight of insurers, which includes 
        regular market conduct and financial examinations of insurers;
           Self-regulatory organizations, such as the Insurance 
        Marketplace Standards Association (IMSA), which impose and 
        monitor adherence to requirements with respect to member 
        insurers' conduct in the marketplace; and
           State insurance guaranty funds, which seek to 
        satisfy policyholder claims in the event of impairment or 
        insolvency of an insurer or to facilitate rehabilitations or 
        liquidations which typically require broad access to 
        policyholder information.
    Any limitation on these disclosures would seem likely to operate 
counter to the underlying public policy reasons for which they were 
originally mandated--to protect consumers.
    Life, disability income, and long term care insurers are also 
required to make certain disclosures of information by the federal 
government. In addition, they need to (and, in fact, in some states are 
required to) disclose personal information in order to protect against 
or to prevent actual or potential fraud. Such disclosures are made to 
law enforcement agencies and state insurance departments. Their primary 
purpose is to reduce the cost of insurance by helping insurers detect 
(and deter) attempts by insurance applicants to conceal or misrepresent 
facts. Any limitation on insurers' right to make these disclosures 
would seem likely to undermine the public policy goal of reducing 
fraud, the costs of which are ultimately borne by consumers.
    Life, disability income, and long term care are required to use 
SSNs to report to the IRS a variety of payments to insurance consumers, 
including, but not limited to, interest payments, certain dividends, 
and policy withdrawals and surrenders. At least one state, Rhode 
Island, requires that insurers match ``deadbeat'' parents data before 
making payments on claims. SSNs are required for that matching.
    (d) Ordinary Business Transactions
    In the event of a proposed or consummated sale, merger, transfer, 
or exchange of all or a portion of an insurance company, it is often 
essential that the insurer be able to disclose company files. 
Naturally, these files can contain personal information, including 
customers' SSNs. Such disclosures are often necessary to the due 
diligence process that takes place prior to consummation of the deal 
and are clearly necessary once the deal is completed when the newly-
created entity often must use policyholder files in order to conduct 
business.
    Insurers also frequently enter into reinsurance contracts in order 
to, among other things, increase the amount and volume of coverage they 
can provide. These arrangements often necessitate the disclosure of 
personal information, which may include SSNs, by the primary insurer to 
the reinsurer.

                                


    Mr. Collins. Thank you, Mr. Dugan. Mr. Rotenberg?

  STATEMENT OF MARC ROTENBERG, EXECUTIVE DIRECTOR, ELECTRONIC 
 PRIVACY INFORMATION CENTER, AND ADJUNCT PROFESSOR, GEORGETOWN 
                     UNIVERSITY LAW CENTER

    Mr. Rotenberg. Thank you very much, Mr. Chairman, and 
members of the Committee. I am both executive director of the 
Electronic Privacy Information Center and on the faculty at 
Georgetown Law Center where I have taught privacy law for the 
last 10 years. I have also participated in two of the leading 
Social Security number cases, and I would like to fill in a bit 
of the background on the legal history for this issue to give 
you some sense of Congress's authority to act to regulate the 
misuse of the Social Security number.
    As Mr. Hendricks described earlier, an important report in 
1973 on record keeping practices across both the Federal 
Government and the private sector recommended restrictions on 
the use of the SSN. One of the key recommendations of the 
report in 1973 was prohibiting the use of the Social Security 
number or any number represented as an SSN for promotional or 
commercial purposes.
    Now in 1974 with the passage of the Privacy Act, Congress 
did not act on the recommendation to regulate the use of the 
SSN in the private sector. It did, however, regulate the use of 
the SSN by Federal agencies. And an important provision in the 
Privacy Act, Section 7, set out a series of safeguards in an 
effort to ensure that the SSN would not be too widely used by 
the Federal Government.
    Now, as several of the witnesses have testified earlier, 
the use of the SSN has expanded significantly over the last 25 
years but this has been particularly true in the financial 
services sector and that is what has given rise to growing 
concerns about identity theft.
    I would like to say a few words about the cases that I 
participated in regarding the use of the SSN because I think 
they speak to the critical issue here and the privacy interest 
that underlies Congress's efforts to regulate in this area, as 
well as the court's recognition that it is appropriate to 
regulate in this area.
    In 1992 I filed a brief in support of a registered voter in 
the State of Virginia, Mark Greidinger, who was asked to 
provide his Social Security number as a condition of his right 
to vote in that State. He objected to the fact that he was 
asked for his SSN because the State of Virginia at that time 
not only collected the SSN but they also published it in the 
voting roll, effectively a public record and making it freely 
available for others to use for whatever purposes they wished.
    We argued that this was an unreasonable burden on the right 
to vote. The Fourth Circuit agreed and this is what they had to 
say: ``Since the passage of the Privacy Act, an individual's 
concern over his SSN's confidentiality and misuse has become 
significantly more compelling. For example, armed with one's 
SSN an unscrupulous individual could obtain a person's welfare 
benefits or Social Security benefits, order new checks at a new 
address on that person's checking account, obtain credit cards 
or even obtain the person's paycheck. Succinctly stated, the 
harm that can be inflicted from the disclosure of an SSN to an 
unscrupulous individual is alarming and potentially financially 
ruinous.'' I think there was a great deal of prescience in this 
opinion from the court more than eight years ago.
    In a second case testing whether a State could be required 
to disclose the Social Security number of a State employee 
under a State open record law where there was a strong 
presumption in favor of disclosure, the Ohio Supreme Court held 
that there were privacy limitations in the Constitution that 
weighed against disclosure of the SSN. The court said in that 
case, ``We find today that the high potential for fraud and 
victimization caused by the unchecked release of city employee 
SSNs outweighs the minimal information about government 
processes gained through the release of the SSNs.''
    In both of these cases courts have made clear the 
importance of restricting the use of the Social Security number 
and drew particular attention to the potential financial 
consequences of the misuse of this information.
    Now the question has been raised recently whether it is 
possible that the First Amendment limits the ability of 
Congress to legislate in this area. I think based on the two 
recent opinions in TransUnion versus FTC and in IRSG versus 
FTC, the courts have made clear that it is appropriate to 
legislate to protect privacy where there is a substantial 
interest in that outcome.
    Finally, I would like to say just a few words about the 
form of the legislation that we think the committee should 
adopt at this point in time. We think the best guiding 
principle is to try to limit the use of the Social Security 
number to those circumstances where use is explicitly 
authorized by law. So, for example, if an employer needs an SSN 
for tax reporting purposes or if a bank needs an SSN for the 
purpose of identifying an interest-bearing account, I do not 
think there could be any objection to the collection and use of 
SSNs in those circumstances.
    But the types of open-ended uses, which I think were very 
well described by Mr. Kravit earlier, that students and 
consumers and many people today across America face for 
transactions totally unrelated to tax-reporting purposes, could 
quite appropriately be limited.
    There are other recommendations in my statement for the 
Committee and I would be pleased to answer your questions.
    [The prepared statement of Mr. Rotenberg follows:]
  Statement of Marc Rotenberg, Executive Director, Electronic Privacy 
 Information Center, and Adjunct Professor, Georgetown University Law 
                                 Center
    My name is Marc Rotenberg and I am the executive director of the 
Electronic Privacy Information Center, a public interest research 
organization based here in Washington DC. I am also on the faculty of 
the Georgetown University Law Center where I have taught the Law of 
Information Privacy for ten years. I have also participated in the 
litigation of two of the leading cases on the use of the Social 
Security Number.
    I appreciate the opportunity to testify this morning. I will 
briefly review the legal status of efforts to regulate the use of the 
SSN, discuss some of the recent problems with universal unique 
identifiers, such as the SSN, and make a few brief recommendations. I 
believe that legislation to limit the collection and use of the SSN is 
appropriate, necessary, and fully consistent with US law. I also 
believe that if Congress fails to act, the problems that consumers will 
face in the next few years are likely to increase significantly.
    I should note also that the Supreme Court just yesterday issued a 
ruling in an important case concerning a First Amendment challenge to 
the publication of information obtained by means of illegal wiretap. I 
will say a few words about the possible significance of this opinion 
for SSN legislation under consideration now by Congress.
History of the SSN and the Efforts to Regulate
    The Social Security Number (SSN) was created in 1936 as a nine-
digit account number assigned by the Secretary of Health and Human 
Services for the purpose of administering the Social Security laws. 
SSNs were first intended for use exclusively by the federal government 
as a means of tracking earnings to determine the amount of Social 
Security taxes to credit to each worker's account. Over time, however, 
SSNs were permitted to be used for purposes unrelated to the 
administration of the Social Security system. For example, in 1961 
Congress authorized the Internal Revenue Service to use SSNs as 
taxpayer identification numbers.\1\
---------------------------------------------------------------------------
    \1\ Pub. L. No. 87-397, 75 Stat. 828 (codified as amended at 26 
U.S.C. Sec. Sec. 6113, 6676) cited in Greidinger at 27-28.
---------------------------------------------------------------------------
    A major government report on privacy in 1973 outlined many of the 
concerns with the use and misuse of the Social Security Number that 
show a striking resemblance to the problems that consumers face today. 
Although the term ``identity theft'' was not yet in use, Records 
Computers and the Rights of Citizens described the risks of a 
``Standard Universal Identifier,'' how the number was promoting 
invasive profiling, and that many of the uses were clearly inconsistent 
with the original purpose of the 1936 Act. The report recommended 
several limitations on the use of the SSN and specifically said that 
legislation should be adopted ``prohibiting use of an SSN, or any 
number represented as an SSN for promotional or commercial purposes.'' 
\2\
---------------------------------------------------------------------------
    \2\ Records, Computers and the Rights of Citizens at 135.
---------------------------------------------------------------------------
    In response to growing concerns over the accumulation of massive 
amounts of personal information and the recommendations contained in 
the 1973 report, Congress passed the Privacy Act of 1974. Among other 
things, this Act makes it unlawful for a governmental agency to deny a 
right, benefit, or privilege merely because the individual refuses to 
disclose his SSN. This is a critical principle to keep in mind today 
because consumers in the commercial sphere often face the choice of 
giving up their privacy, their SSN, to obtain a service or product. The 
drafters of the 1974 law tried to prevent citizens from facing such 
unfair choices, particularly in the context of government services. But 
there is no reason that this principle could not apply equally to the 
private sector, and that was clearly the intent of the authors of the 
1973 report.
    In addition, Section 7 of the Privacy Act further provides that any 
agency requesting an individual to disclose his SSN must ``inform that 
individual whether that disclosure is mandatory or voluntary, by what 
statutory authority such number is solicited, and what uses will be 
made of it.\3\ At the time of its enactment, Congress recognized the 
dangers of widespread use of SSNs as universal identifiers. In its 
report supporting the adoption of this provision, the Senate Committee 
stated that the widespread use of SSNs as universal identifiers in the 
public and private sectors is ``one of the most serious manifestations 
of privacy concerns in the Nation.'' \4\ Short of prohibiting the use 
of the SSN outright, this provision in the Privacy Act attempts to 
limit the use of the number to only those purposes where there is clear 
legal authority to collect the SSN. It was hoped that citizens, fully 
informed where the disclosure was not required by law and facing no 
loss of opportunity in failing to provide the SSN, would be unlikely to 
provide an SSN and institutions would not pursue the SSN as a form of 
identification.
---------------------------------------------------------------------------
    \3\ (a)(1) It shall be unlawful for any Federal, State, or local 
government agency to deny any individual any right, benefit or 
privilege provided by law because of such individual's refusal to 
disclose his social security account number. (2) the provisions of 
paragraph (1) of this subsection shall not apply with respect to--(A) 
any disclosure which is required by Federal statute, or (B) the 
disclosure of a social security number to any Federal, State, or local 
agency maintaining a system of records in existence and operating 
before January 1, 1975, if such disclosure was required under statute 
or regulation adopted prior to such date to verify the identity of an 
individual. (b) Any Federal, State, or local government agency which 
requests an individual to disclose his social security account number 
shall inform that individual whether that disclosure is mandatory or 
voluntary, by what statutory or other authority such number is 
solicited, and what uses will be made of it.
    See Pub. L. No. 93-579, 7. This provision of the Privacy Act was 
never codified, but is instead set out as a historical note to 5 
U.S.C.A 552a (West 1996).
    \4\ S. Rep. No. 1183, 93d Cong., 2d Sess., reprinted in 1974 U.S. 
Code Cong. & Admin. News 6916, 6943, cited in Greidinger at 29.
---------------------------------------------------------------------------
    The use of the SSN has expanded significantly since the provision 
was adopted in 1974. This is particularly clear in the financial 
services sector. In an effort to collect and share financial 
information about Americans, companies trading in financial information 
are the largest private-sector users of SSNs, and it is these companies 
that are among the strongest opponents of SSN restrictions. For 
example, credit bureaus maintain over 400 million files, with 
information on almost ninety percent of the American adult population. 
These credit bureau records are keyed to the individual SSN. Such 
information is freely sold and traded, virtually without legal 
limitations.\5\
---------------------------------------------------------------------------
    \5\ Komuves at 557.
---------------------------------------------------------------------------
    But it is also critical to understand that the legal protection to 
limit the collection and use of the SSN is still present in the Privacy 
Act and can be found also in court decisions, which recognize that 
there is a constitutional basis to limit the collection and use of the 
Social Security Number. When a Federal Appeals court was asked to 
consider whether the state of Virginia could compel a voter to disclose 
an SSN that would subsequently be published in the public voting rolls, 
the Court noted the growing concern about the use and misuse of the 
SSN, particularly with regard to financial services. The Fourth Circuit 
said:
          Since the passage of the Privacy Act, an individual's concern 
        over his SSN's confidentiality and misuse has become 
        significantly more compelling. For example, armed with one's 
        SSN, an unscrupulous individual could obtain a person's welfare 
        benefits or Social Security benefits, order new checks at a new 
        address on that person's checking account, obtain credit cards, 
        or even obtain the person's paycheck. . . . Succinctly stated, 
        the harm that can be inflicted from the disclosure of a SSN to 
        an unscrupulous individual is alarming and potentially 
        financially ruinous.\6\
---------------------------------------------------------------------------
    \6\ Greidinger at 30-31.
---------------------------------------------------------------------------
    The Court said that:
          The statutes at issue compel a would-be voter in Virginia to 
        consent to the possibility of a profound invasion of privacy 
        when exercising the fundamental right to vote. As illustrated 
        by the examples of the potential harm that the dissemination of 
        an individual's SSN can inflict, Greidinger's decision not to 
        provide his SSN is eminently reasonable. In other words, 
        Greidinger's fundamental right to vote is substantially 
        burdened to the extent the statutes at issue permit the public 
        disclosure of his SSN.\7\
---------------------------------------------------------------------------
    \7\ Greidinger at 32-33.
---------------------------------------------------------------------------
    The Court concluded that to the extent the Virginia voting laws, 
``permit the public disclosure of Greidinger's SSN as a condition of 
his right to vote, it creates an intolerable burden on that right as 
protected by the First and Fourteenth Amendments.'' \8\
---------------------------------------------------------------------------
    \8\ Greidinger at 36.
---------------------------------------------------------------------------
    In a second case, testing whether a state could be required to 
disclose the SSNs of state employees under a state open record law 
where there was a strong presumption in favor of disclosure, the Ohio 
Supreme Court held that there were privacy limitations in the federal 
Constitution that weighed against disclosure of the SSN. The court 
concluded that:
          We find today that the high potential for fraud and 
        victimization caused by the unchecked release of city employee 
        SSNs outweighs the minimal information about governmental 
        processes gained through the release of the SSNs. Our holding 
        is not intended to interfere with meritorious investigations 
        conducted by the press, but instead is intended to preserve one 
        of the fundamental principles of American constitutional law--
        ours is a government of limited power. We conclude that the 
        United States Constitution forbids disclosure under the 
        circumstances of this case. Therefore, reconciling federal 
        constitutional law with Ohio's Public Records Act, we conclude 
        that [the provision] does not mandate that the city of Akron 
        discloses the SSNs of all of its employees upon demand.\9\
---------------------------------------------------------------------------
    \9\ Beacon Journal at 17.
---------------------------------------------------------------------------
    While it is true that many companies and government agencies today 
use the Social Security Number indiscriminately as a form of 
identification, it is also clear from the 1936 Act, the 1974 provision, 
and these two cases--Greidinger v. Davis and Beacon Journal v. City of 
Akron--that there is plenty of legislative and judicial support for 
limitations on the collection and use of the SSN. The question is 
therefore squarely presented whether the Congress will at this point in 
time follow in this tradition, respond to growing public concern, and 
establish the safeguards that are necessary to ensure that the problems 
associated with the use of the SSN do not increase.
    More recently, the question has been raised whether the First 
Amendment could limit the ability of Congress to pass legislation 
protecting personal information. But two different courts in the 
context of the privacy provisions contained in the Financial Services 
Modernization Act have made clear that such statutes are permissible.
    In TransUnion v. FTC the DC Circuit found that the government's 
interest in keeping personally identifiable information private was 
substantial and upheld the FTC's ban on the sale of target marketing 
lists. And a DC District Court in IRSG v. FTC upheld restrictions on 
``credit header'' information, which includes names, address, and 
social security number, and said that:
          The speech does not involve any matter of public concern, but 
        consists of information of interest solely to the speaker and 
        the client audience. Thus, restriction on the dissemination of 
        this nonpublic personal information does not impinge upon any 
        public debate.
Id. at 51.
    In some circumstances, for example when the SSN is used in the 
context of political speech, then the privacy interest would likely 
give way to the First Amendment interest. If, for example, a journalist 
or a political activist were to disclose an SSN for the purpose of 
drawing attention to a privacy issue, then I believe a court must 
review any effort to restrict such speech under strict scrutiny 
analysis. But where the SSN is collected, used, and disclosed in the 
context of commercial relations, then I believe a privacy statute would 
survive a Constitutional challenge.
Specific Problems with the IRSG
    Several years ago significant public concern was raised about 
information brokers that routinely buy and sell detailed personal 
information, including Social Security Numbers. The Individual 
Reference Services Group was established to improve practices in the 
industry. We do not believe these principles provide sufficient 
safeguards for consumers. We also do not think the discussion between 
public and non-public information incorporated in GLB is consistent 
with the general purpose of privacy laws.
    IRSG companies gather and sell Social Security numbers. Social 
Security numbers are collected from a variety of public and non-public 
sources. Public documents such as bankruptcy filings and other types of 
court records often contain Social Security numbers of the parties to a 
proceeding. Non-public documents such as credit headers, the 
identifying information at the top of credit reports (including names, 
addresses, ages and SSNs), are also culled for information. IRSG 
companies use both public and non-public sources of personal 
information to compile data on individuals.
    During 1997, the IRSG worked with the Federal Trade Commission, 
absent public input, to develop a set of self-regulatory 
principles.\10\ These self-regulatory principles allow the sale of 
Social Security numbers without the knowledge and permission of the 
data subject.
---------------------------------------------------------------------------
    \10\ http://www.irsg.org/html/industry__principles__principles.htm
---------------------------------------------------------------------------
    Under the IRSG Principles, companies can freely sell and distribute 
SSNs gathered from public records. The IRSG Principles treat the same 
data, Social Security numbers, differently if it comes from a non-
public source such as credit headers. However, the guidelines for the 
sale of Social Security numbers from non-public sources are completely 
subjective and largely ignore the privacy interests of the data 
subject.
    The IRSG Principles create a three-tier system for the sale of 
information gathered from non-public sources. The first tier for the 
sale of Social Security numbers applies to ``qualified subscribers.'' 
Complete Social Security numbers can be sold to those deemed to fall 
into this category. There is no definition of what makes someone whom 
wishes to purchase a social security number a ``qualified subscriber.'' 
Moreover, the conditions that qualified subscribers must meet under the 
IRSG Principles rely entirely on the determination of the data seller 
and the data purchaser on what is an ``appropriate'' use of such 
information. The data subject, the person whose Social Security number 
is being collected and sold, has no input into whether such use is in 
fact ``appropriate.'' \11\ The balancing process for deciding whether 
such uses are appropriate is carried out by the parties selling and 
purchasing the data; that is, the ones that have a strong interest in 
letting a transaction proceed. In addition, IRSG companies do not have 
a strong incentive to establish whether information being sold to a 
responsible entity that will use data in a strictly appropriate manner.
---------------------------------------------------------------------------
    \11\ The terms appropriate or appropriately are defined as 
``actions or uses that are reasonable under the circumstances 
reflecting a balance between the interest of individual privacy and 
legitimate business, governmental, and personal uses of information, 
including prevention and detection of fraud.''
---------------------------------------------------------------------------
    Oversight of IRSG companies is generally weak. Yearly assessments 
required by the IRSG Principles, are conducted by ``reasonably 
qualified independent professional'' services. The assessment criteria, 
in many places, simply ask whether IRSG companies have some process in 
place, rather than evaluating whether such a process is effective.\12\ 
The assessment criteria do not seek to evaluate whether such 
qualifications are stringent enough or even if they are evenly applied 
among different IRSG companies. The criteria do not even try to offer 
some metric against which qualifications can be measured. In addition, 
none of the results of assessments are publicly displayed. None of the 
third-party assessments conducted in the past three years provide the 
answers to the questions asked during the assessments.\13\ The third-
party assessment information page simply lists the company that 
conducted the assessment.
---------------------------------------------------------------------------
    \12\ http://www.irsg.org/html/criteria.htm
    \13\ http://www.irsg.org/html/3rd__party__assessments.htm
---------------------------------------------------------------------------
    The failings of the IRSG Principles, and their general disregard of 
privacy protections, are a result of the lack of statutory protections 
for the underlying information. Without such legal protection for 
personal information, companies like the members of the IRSG will 
continue to traffic in personal data without the knowledge or 
permission of data subjects.
Crafting SSN legislation
    We believe it is appropriate, necessary and consistent with other 
privacy measures to develop and enact legislation in the 107th Congress 
that will safeguard the use of the SSN. We also believe it is important 
to take a long-term view of the SSN. The best legislative strategy is 
one that discourages the collection of the SSN and that encourages 
organizations to develop alternative systems of record identification.
    We further recommend that legislation:
           Limit the use of the SSN to those circumstances 
        where use is explicitly authorized by law. For example, an 
        employer should be permitted to ask an employee for an SSN for 
        tax-reporting purposes (as long as the SSN remains the Taxpayer 
        Identification Number), but a health club should not be 
        permitted to ask a customer for an SSN as a condition of 
        membership.
           Prohibit the sale and limit the display of the SSN 
        by government agencies. It is simply inconsistent with Section 
        7 of the Privacy Act to allow the federal government to 
        disseminate the SSN.
           Prevent companies from compelling consumers to 
        disclose their SSN as a condition of service or sale unless 
        there is a statutory basis for the request
           Penalize the fraudulent use of another person's SSN 
        but not the use of an SSN that is not associated with an actual 
        individual. This would permit, for example, a person to provide 
        a number such as ``123-00-6789'' where there is no intent to 
        commit fraud.
           Encourage the development of alternative, less 
        intrusive means of identification. We believe that the National 
        Research Council should be funded to undertake research on new 
        techniques that enable records management while minimizing 
        privacy risks.
    We do not believe there is any reason to distinguish between 
Internet-based and non-Internet based disclosure of SSN. The 
legislation in this area should focus on the subject matter and remain 
``technologically neutral.'' We also favor a proposal made by Robert 
Ellis Smith, publisher of the Privacy Journal, that would prohibit the 
sale or purchase of an SSN.
Conclusion
    It is important to emphasize the unique status of the Social 
Security Number in the world of privacy. There is no other form of 
individual identification that plays a more significant role in record-
linkage and no other form of personal identification that poses a 
greater risk to personal privacy. Given the unique status of the SSN, 
the established link to identity theft and the specific economic harms 
that result, as well as the clear history in federal statute and case 
law, it is fully appropriate for Congress to pass legislation.
    Thank you for the opportunity to testify today. I will be pleased 
to answer your questions.

                               References

    Electronic Privacy Information Center, ``Social Security Numbers'' 
[http://www.epic.org/privacy/ssn/]
    Flavio L. Komuves, ``A Perspective on Privacy, Information 
Technology and the Internet: We've Got Your Number: An Overview of 
Legislation and Decisions to Control the Use of Social Security Numbers 
as Personal Identifiers,'' 16 J. Marshall J. Computer & Info. L. 529 
(1998)
    Testimony of Marc Rotenberg, Computer Professionals for Social 
Responsibility, ``Use of Social Security Number as a National 
Identifier,'' Before the Subcomm. on Social Security of the House Comm. 
on Ways and Means, 102d Cong., 1st Sess. 71 (February 27, 1991)
    Greidinger v. Davis, 988 F.2d 1344 (4th Cir. 1993) and brief amicus 
curiae for CPSR (Marc Rotenberg and David Sobel) (SSN requirement for 
voter registration) (lead case on privacy of Social Security number)
    Beacon Journal v. City of Akron, 70 Ohio St. 3d 605 (Ohio 1994) and 
brief amicus curiae for CPSR (Marc Rotenberg and David Sobel) (SSN 
disclosure of city employees)
    IRSG v. FTC, Memorandum Opinion, D.C. Cir., Apr. 30, 2001.
    Marc Rotenberg, Privacy Law Sourcebook: United States Law, 
International Law, and Recent Developments (EPIC 2000)
    Department of Health, Education, and Welfare, Records, Computers, 
and the Rights of Citizens 108-35 (MIT 1973) (Social Security Number as 
a Standard Universal Identifier and Recommendations Regarding Use of 
Social Security Number)

                                


    Mr. Collins. Thank you, sir. Mr. Plesser?

STATEMENT OF RONALD L. PLESSER, PARTNER, PIPER MARBURY RUDNICK 
  & WOLFE LLP, AND COORDINATOR, INDIVIDUAL REFERENCE SERVICES 
                             GROUP

    Mr. Plesser. Thank you. My name is Ron Plesser and I will 
speak quickly. With me is Paula LeRoy, who is president of 
Pension Benefit Information Services from California and Mrs. 
LeRoy, I think, has some very interesting and important uses of 
Social Security numbers.
    I would like to make several very quick points. I am the 
coordinator of the Individual Reference Services Group, which 
is a group of 14 companies that came together five years ago to 
try to create a self-regulatory environment with the approval 
of the Federal Trade Commission to limit some of the abuses of 
Social Security numbers and to put on industry some controls.
    We think it has worked well but we have also supported 
legislation, particularly legislation that would prohibit the 
use of the Social Security number on the Net. Our rules 
prohibit the use of disclosure to the public and the kind of 
demonstrations we saw today were ones that would certainly have 
been outside and in violation of our rules and we would support 
legislation.
    We think display should be limited to the public but it 
should allow for broad benefits to allow legitimate business 
uses. We can notice from the testimony this morning all of the 
awful cases of identity theft that we heard all had the word 
``theft'' in it. All had theft of a gym bag, theft by a waiter, 
theft of somebody who worked in an HMO. I think we have to 
focus on what the real problems are, which are people actually 
stealing information, not legitimate business purposes.
    I would like to go through very quickly, in addition to 
Mrs. LeRoy's example, it is used indeed for missing children. 
It is used for locating witnesses. The information is used by 
law enforcement when they want to identify people.
    And I think I would like to make one final point, that the 
uses of lists of individuals with the names and addresses and 
Social Security numbers for business purposes allows identity 
theft to be decreased. If a bill prohibiting those uses are 
passed it would be my sense and I think I agree with my 
colleague here that identity theft would increase. I do not 
think there is very much question about that and I think that 
has to be looked at.
    We look very much forward to working with the Committee on 
legitimate purposes and going forward and working with you on 
the legislative process.
    [The prepared statement of Mr. Plesser follows:]
Statement of Ronald L. Plesser, Partner, Piper Marbury Rudnick & Wolfe 
       LLP, and Coordinator, Individual Reference Services Group
    Good morning, Mr. Chairman, and thank you for the opportunity to 
appear before your Subcommittee as it examines the issues of protecting 
privacy and preventing misuse of social security numbers. My name is 
Ronald Plesser and I am the coordinator of the Individual Reference 
Services Group (IRSG). The IRSG is a group of the leading information 
industry companies, including major credit reporting agencies, that 
provide services to help identify, verify identity of, or locate 
individuals. Since 1997, member companies have followed self-regulatory 
principles to respect consumer privacy. These principles were developed 
in 1997 in conjunction with the Federal Trade Commission.
    The members of the IRSG are committed to the responsible 
acquisition and use of personally identifiable information in business-
to-business transactions. We strive to respect consumer privacy as we 
provide services to the government and businesses. We do not oppose a 
prohibition of the public display of Social Security Numbers (SSNs) to 
the public. We share the Committee's concern about the potential misuse 
of SSNs for identity theft and other harmful purposes. Indeed, in the 
fight against identity theft, where verifying an individual's identity 
is crucial, individual reference service products are absolutely 
essential.
    My remarks today will focus on three areas. First, because most 
people know relatively little about our industry, I will explain the 
customer base and socially beneficial uses for individual reference 
information. Second, I will provide some background about the IRSG 
principles and their enforcement mechanisms to demonstrate the 
effectiveness of the IRSG approach to privacy protection. Finally, I 
will discuss the IRSG's support of legislative efforts to prevent SSN 
abuse, and the importance of ensuring that any legislation concerning 
SSNs preserves the use of SSNs to match records or allow retrieval of 
location information for an individual by searchers who already know 
that SSN. We do oppose legislation that would prohibit the purchase and 
sale of SSNs for legitimate business purposes.
II. Uses of Individual Reference Service Information
    Individual reference services are companies that furnish timely and 
reliable information to identify and locate individuals. The 
information is used by governmental, private sector, and non-profit 
entities for a wide range of beneficial purposes. Use of individual 
reference services often is the only way that individuals with limited 
resources, through the assistance of a professional who has access to 
these services, can obtain critical information. IRSG customers are 
professionals, primarily in the fields of law, business, journalism, 
and law enforcement.
    For example, law enforcement agencies use these services to locate 
criminals and witnesses to crimes, and to confirm identities. In fact, 
individual reference services play an important role in combating the 
very sorts of fraud that flow from personal financial information 
falling into the wrong hands. At the June 1997 FTC workshop examining 
reference services, witnesses from both the U.S. Department of 
Treasury's Financial Crimes Enforcement Network (FINCEN) and the 
Financial Crimes Section of the U.S. Secret Service testified to the 
value and importance of these services for their work.
    In the fight against identity theft, where verifying an 
individual's identity is crucial, individual reference service products 
are absolutely essential. Banks, credit card companies, and other types 
of credit institutions, as well as gas, electric, and telephone 
companies and governmental entities distributing funds in conjunction 
with public entitlement programs, are all becoming increasingly plagued 
by fraudsters who use an existing person's identity to illegally obtain 
products, services and money. The best, and perhaps only, means of 
preventing this type of fraud is to crosscheck through the use of 
personal identifying data, often provided by individual reference 
services. Since the victims of identity theft are not only the 
businesses that lose billions to various forms of identity theft per 
year, but also the consumers whose credit is often ruined by this 
insidious act, everyone directly benefits by this application of the 
personal identifying information provided by individual reference 
services.
    Individual reference service products also are an important tool 
for other types of fraud prevention efforts by businesses. The 
insurance industry, for example, relies on individual reference service 
products to investigate fraudulent claims. Credit card companies and 
department stores use them to detect and limit credit card fraud. Banks 
use them to detect and report credit card fraud, insider abuse, and 
money laundering. Many businesses use them to minimize the risk of 
financial fraud when they receive an unusual order for delivery of 
merchandise. Other businesses use them when performing due diligence 
before engaging in a business venture with a little-known corporation 
in the increasingly mobile world economy. The Insurance Information 
Institute reports that special investigation units save their companies 
about $10 for every dollar invested in them.
    Reference services help people in many other ways. One of the most 
compelling is child support enforcement. Whereas government-compiled 
child support databases have encountered difficulties in some 
instances, individual reference services have proven to be invaluable 
in tracking down parents who are delinquent in these obligations. In 
this way, these services advance personal responsibility, give much-
needed income to divorced parents and their children, help free 
families from welfare dependency, and provide an additional source of 
revenue to state welfare programs. Individual reference services can 
locate non-custodial parents quickly and inexpensively, even in 
circumstances where they move to a different state or begin using a 
different name. The Association for Children for Enforcement of Support 
(``ACES''), the leading child support advocacy organization, uses 
LEXIS-NEXIS' P-TRAK service to assist families--approximately 80 
percent of whom are on welfare--in locating parents who have failed to 
meet legal child support obligations. ACES has reported tremendous 
success with this service, locating more than 75 percent of the 
``deadbeat'' parents they sought, and helping families receive much-
needed support.
    Among the many other important uses of individual reference 
services are:
           locating pension fund beneficiaries who have left a 
        company,
           finding long-lost family members and missing 
        children,
           locating heirs to estates who have moved or changed 
        their names through marriage,
           locating victims of fraud schemes
           notifying former residents of areas determined to 
        contain environmental hazards,
           protecting consumers from unlicensed professionals 
        and sham businesses,
           locating blood, organ and bone marrow donors,
           promoting the transparency of the political process 
        by providing easy-to-search information on individuals' 
        campaign donations,
           locating witnesses, and
           providing citizens with efficient, ready access to 
        federal, state, and local government information.
    These examples reflect the positive benefits that can be derived 
from careful use of SSNs.
III. The IRSG Approach
Privacy Protection
    Rapid advances in technology, a highly mobile society, the need to 
prevent fraud, and other market demands for information have spurred 
increased reliance upon information services provided by individual 
reference service companies. These changes in society and technology 
also have resulted in a heightened interest in the privacy 
considerations implicated by such services. The IRSG members have taken 
a leadership role in effectively addressing privacy concerns.
The IRSG Principles
    The importance of defining privacy practices tailored to specific 
types of information is demonstrated in the IRSG principles.
    In September 1996, in the closing days of the 104th Congress, the 
Federal Trade Commission proposed a broad prohibition on the use of 
credit header information--non-financial identifying information 
obtained from a consumer reporting agency's database. Members of the 
individual reference service industry and those who rely on credit 
header information alerted Congress that such a prohibition would 
severely limit important uses of this information. As a result of 
arguments made by industry, regulatory efforts were postponed until a 
further study of the issues could be conducted.
    Fourteen of the leading companies in the individual reference 
services industry joined together to form the IRSG. The companies that 
comprise the IRSG provide information and assist users in identifying 
and locating individuals. In close consultation with the Federal Trade 
Commission, the IRSG developed a comprehensive set of self-regulatory 
principles backed by third-party assessments and government enforcement 
that these companies follow.
    These principles focus on non-public information, that is, 
information about an individual that is of a private nature and neither 
available to the general public nor obtained from a public record. For 
example, the principles govern information obtained from credit 
headers, such as SSNs and addresses and telephone numbers.
    Companies that sign on to the IRSG principles commit--among other 
things--to:
           acquire individually identifiable information only 
        from sources known as reputable,
           restrict their distribution of non-public 
        information through appropriate safeguards,
           educate the public about their database services, 
        and
           furnish individuals with a copy of the information 
        contained in services and products that specifically identifies 
        them, unless the information is publicly available.
    One of the key safeguards on the distribution of non-public 
information is a prohibition on the display of SSNs and dates of birth 
in individual reference service products distributed to the general 
public and, for products distributed to professional or commercial 
users, a prohibition on the display of such information unless 
truncated in an appropriate manner (e.g., masking of the last four or 
more digits of SSNs). Our companies do not sell SSNs on the Internet, 
and we do not oppose such a prohibition. Indeed, we have worked hard to 
prevent SSNs from being sold on the Internet.
Self-Regulation with ``Teeth''
    Third-party assessments backed by government enforcement provide 
real ``teeth'' for enforcing these principles. Enforcement rests on the 
following three pillars:
           Legal sanctions--Any company that holds itself out 
        to the public as following the principles may be responsible 
        under existing federal and state law if the company fails to 
        live up to them. Both the Federal Trade Commission and state 
        attorneys general can bring charges under Section 5 of the 
        Federal Trade Commission Act and similar state laws against 
        member companies that fail to adhere the principles.
           Cut-off of data supply--Signatories to these 
        principles require by contract that all companies buying non-
        public data from them for resale abide by the principles. Non-
        complying companies risk losing access to the data they need 
        for their products or services. This is particularly 
        significant in that the FTC estimated that IRSG signatories 
        control 90% of all non-public information obtained from credit 
        headers.
           Independent assurance reviews--Every IRSG company 
        must undergo an annual third-party assessment to verify 
        compliance with the principles. I describe this in more detail 
        below.
Information Practices
    In the spirit of openness, the principles require individual 
reference services to have an information practices policy statement 
available to the public upon request. These statements describe:
           the types of information included,
           the types of sources from which that information is 
        obtained,
           the nature of how the information is collected,
           the type of entities to whom the information may be 
        disclosed, and
           the type of uses to which the information may be 
        put.
    This openness enables individuals to understand the reference 
service's use of the information it possesses. Individual reference 
services also inform individuals, upon request, of the choices 
available to limit access to or use of information about them contained 
in a company's products and services. Further, the principles require 
an individual reference service to provide information about the nature 
of public record and publicly available information that it makes 
available in its products and services and the sources of such 
information.
Third-Party Assessments
    To help ensure that member companies do not make unsubstantiated 
assertions of compliance, the IRSG principles require that independent 
professional services conduct annual third-party assessments of their 
compliance. These independent professional services can be accounting 
firms, law firms, or security consultants who use the criteria 
developed by PriceWaterhouseCoopers for the IRSG.
    When the principles were adopted in December 1997, these companies 
agreed that the first assurance reviews would be completed within 15 
months. I am pleased to report that this is the third consecutive year 
in which the companies that offer products that fall within the scope 
of the IRSG principles and subscribe to the principles have 
successfully undergone these assessments. As this milestone attests, 
the IRSG has made great strides through self-regulation to secure the 
benefits of information service resources while ensuring effective 
protection of consumer privacy.
IV. The IRSG Supports Legislative Efforts to Address SSN Abuse
    In addition to the internal measures that we have taken to protect 
consumer privacy and ensure responsible use of information, including 
SSNs, the IRSG has supported efforts by some Members of Congress that 
strike the right balance on SSN privacy. For example, the IRSG 
supported legislation last year to prevent the public display of SSNs 
on the Internet. In addition, we supported legislation to prohibit 
pretext calling. We also have supported legislation to prohibit the 
purchase, sale, or use of SSNs for illegal purposes, including 
legislation to prevent individuals from obtaining SSNs for identity 
theft purposes.
    We believe that efforts that focus upon restricting the display or 
sale of SSNs to the public rather than any sale of SSNs strike the 
right balance. This approach prevents people from discovering anyone's 
SSN from a commercial source, thereby protecting privacy. At the same 
time, it preserves the ability of people who already know someone's 
SSN, typically in a commercial, governmental, or law enforcement 
context, to use a commercial database for beneficial purposes.
    We would oppose legislation that would ban the purchase and sale of 
SSNs by businesses who have legitimate business purposes to use the 
number. Enactment of such legislation would not allow for the continued 
use of SSNs for indexing and verification of information that is 
critical to ensuring that the products that the IRSG members offer to 
professional and governmental agencies contain accurate and complete 
information. The inability to use SSNs for indexing and verification 
would, ironically, result in more rather than less identity theft and 
undermine many of the positive uses outlined above.
V. Conclusion
    Members of the IRSG are committed to the responsible acquisition 
and use of personally identifiable information, and share the 
Subcommittee's concern about the potential abuse of SSNs. Nevertheless, 
individual reference service products are absolutely essential to all 
of the positive and socially beneficial uses outlined above. Congress 
should not take any steps that would jeopardize the usefulness of such 
services. We look forward to working with you on this important issue.

                                


    Mr. Collins. Ms. LeRoy?

     STATEMENT OF PAULA LEROY, PRESIDENT, PENSION BENEFIT 
                INFORMATION, TIBURON, CALIFORNIA

    Ms. LeRoy. Thank you. It is my pleasure to appear before 
the Subcommittee today as you examine privacy and Social 
Security numbers.
    My name is Paula LeRoy. I am president of Pension Benefit 
Information, a company located in California. We provide a 
service that uses Social Security numbers to locate former 
employees and beneficiaries to ensure that they receive their 
retirement benefits. We represent approximately 2,500 to 3,000 
of the largest pension plans and we locate former employees on 
behalf of these plan sponsors and benefit administrators.
    Often our services are required by law, as in the case of 
the Pension Benefit Guaranty Corporation (PBGC) accepting 
assets for a terminating plan. You must use a locating service 
to try to find all the people first. More often, our services 
are used for companies and plans who need to do lump sum pay-
outs to former employees. Every year we locate over 200,000 
individuals who have benefits that they often leave behind and 
forget about. We locate them and the monetary value is several 
hundred million dollars returned to individuals.
    To find these individuals we are given two pieces of 
information from the companies: the name and the Social 
Security number. The last known address does not work because 
generally the people are mobile. They leave a job and they 
move.
    When we are given an SSN we search for a current address in 
one of the commercial databases. If we find several addresses 
for the individual we mail each address a letter explaining 
their benefits and what they have due to them and at that time 
they have the option to respond to our letter and ask for us to 
put them in touch once again with the employer.
    One of the most serious difficulties we have is with women 
whose names change, so even a name given to us does not work 
because their names change through marriage.
    Continued access to Social Security numbers is critical to 
this positive use. Searching with the Social Security number we 
have a success rate of 85 to 90 percent of the people found and 
put in touch with the employer. Without the Social Security 
number, the results are dramatically decreased and I fear as we 
go forward the results will be disastrous.
    Any legislation that Congress passes on SSNs should take 
into account the positive uses, as I just explained, and allow 
for Social Security numbers to be purchased with addresses. 
Thank you. I appreciate your interest.
    [The prepared statement of Ms. LeRoy follows:]
   Statement of Paula LeRoy, President, Pension Benefit Information, 
                          Tiburon, California
    Good morning Mr. Chairman, and thank you for the opportunity to 
appear before your Subcommittee as it examines the privacy and use of 
Social Security Numbers (``SSN'') in both the public and private 
sectors. I am Paula LeRoy, President of Pension Benefit Information, a 
company that provides a service that works to ensure that former 
employees, who are owed retirement benefits, receive them.
    Our pension plan clients would be severely impacted by the 
enactment of legislation that would restrict the purchase and sale of 
SSNs for matching, search, and retrieval purposes. Such legislative 
restrictions would have serious consequences for millions of Americans 
who have earned benefits for their years of employment. We, thus, urge 
that you oppose any legislation that would restrict the purchase or 
sale of SSNs to match records or allow retrieval of location 
information for an individual by searchers who already know the SSN and 
have a legitimate business purpose.
    Pension Benefit Information represents approximately 2,500 pension 
plans in the United States. We locate missing pension plan participants 
on behalf of pension plan sponsors and benefit administrators. In the 
course of administering these pension plans, it is mandated that 
important plan information, plan changes, and account balances be 
communicated to all participants, whether they work for the company, or 
have left employment and moved away. Also, by law, pension fund 
administrators and sponsors are required, in the case of terminated 
plans, to conduct a diligent search for missing participants before 
information about the participant or payment is submitted to the 
Pension Benefit Guaranty Corporation (PBGC). Under the law, a search is 
considered diligent if it ``includes use of a commercial location 
service to search for the missing participant. . . .'' 29 C.F.R. Sec.  
4050.4(b)(3).
    Every year, we locate over 200,000 individuals who have retirement 
benefits due and owing to them. To find these individuals, companies 
provide us with plan participants' names and SSNs, but in some cases 
companies are able to only provide us with beneficiaries' names and 
addresses. In those cases where we are given SSNs, we search for an 
individual's current address in commercial databases, such as those 
offered by IRSG members, by typing in the individual's social security 
number. If several addresses are found during this search, we conduct 
further research to find the most current address for an individual. We 
have had tremendous success in using SSNs in these search databases to 
locate, notify, and provide participants or pension fund beneficiaries 
with pension plan contact information so that they may obtain pension 
benefits due and owing to them.
    My role here truly is to set forth the positive uses of SSNs. We 
believe that our business is a prime example of how the use of SSNs 
yields socially beneficial results. Many of the people we help are 
older Americans, who desperately need their pension benefits, no matter 
how small or large. With so many people changing jobs today, the task 
of locating former employees is becoming increasingly difficult. 
Americans move on average every five years, particularly when they 
change jobs. They also often change their names with marriage or list 
slightly different names (i.e., leave out a middle initial) on 
employment documents. These services are, by far, the most cost-
effective and efficient way to find these former workers.
    The Department of Labor is well aware that billions of dollars in 
vested pension benefits go unclaimed because people leave an employer 
and are never advised that they have a benefit due to them at a future 
date. In some cases, pension fund beneficiaries never receive this 
income because their current address is unknown to the pension fund 
trustee or administrator. Although it may have been years since a 
company employed a beneficiary, personnel records provide the 
employee's SSN. The SSN can then be used to track this individual in 
the database.
    Our services have been used successfully by numerous employers 
across America to locate individuals entitled to retirement benefits. 
On a weekly basis we serve the Fortune 500, as well as the major labor 
unions, and state governments. One of the most recurring corporate 
events that contribute to lost participants is mergers and acquisitions 
(``M & A''). When an M & A activity takes place, the pension assets 
move to the new company, often in a different city, with a new 
corporate name. Individuals lose track of these occurrences and, thus, 
have obvious difficulties tracking down their vested benefits. It is in 
these situations that employers turn to us for the notification 
process. For one aerospace contractor, we located 55,000 former 
employees to give them the information they needed regarding the change 
in their benefit center information.
    Sometimes we locate individuals whose lives are changed 
dramatically by our use of SSN searches. For example, we were able to 
track down an estranged wife of a bank executive who had had no contact 
with her former husband for several years. The woman had been forced to 
move in with her daughter and had virtually no possessions. Because we 
knew her SSN and were able to search by using her SSN in a commercial 
database, we were able to locate her and provide her with pension 
benefits that she greatly needed.
    Similarly, we were able to find a 73-year-old former General Motors 
employee from Mississippi to notify him of his lost pension, because we 
knew his SSN and used it to search for his current address in a 
commercial database. He was entitled to receive these benefits at age 
65, but he had never before received notice of this entitlement. This 
gentleman was awarded his pension once we found him, and he now 
receives a monthly benefit that he would otherwise never have received, 
even after 20 years of service to General Motors. Once he started to 
receive his much-welcomed benefits, he was able to buy himself new 
eyeglasses and take his first vacation in 10 years. He told us, ``I 
hope others can benefit from your efforts, as I did.''
    As the above examples underscore, the ability to use SSNs for 
matching purposes as a search term in commercial databases is critical 
to our efforts to give retired workers the benefits that they have 
earned. Without the ability to search using an SSN, a slight 
misspelling in a name, the presence or absence of a middle initial, and 
a less distinctive name can drastically reduce a pension plan's ability 
to locate pension fund beneficiaries. In our experience, searching with 
a retiree's SSN gives us an 85-90% chance of locating that retiree, 
compared to a less than 8% rate with only the ability to use a 
participant's name and address information.
    If Congress were to enact legislation requiring prior consent on an 
individualized basis to use SSNs, this would effectively eliminate the 
availability of SSNs in the databases that we depend upon. Loss of this 
search term would dramatically increase the costs of locating former 
employees--costs that many fund administrators could refuse to pay. 
Moreover, in many cases, we would be unable to find the employee, and 
he or she would simply lose their pension benefits. Millions of dollars 
in vested accounts would be left behind.
    Thank you, Mr. Chairman and Members of the Subcommittee, for the 
opportunity to express the views of the Pension Benefit Information. We 
know that Congress and this Subcommittee will continue to monitor this 
issue closely and we look forward to working with you to ensure that 
the positive uses of SSNs, that I have mentioned, continue to be 
protected.

                                


    Mr. Collins. Thank you. Mr. Mierzwinski.

  STATEMENT OF EDMUND MIERZWINSKI, CONSUMER PROGRAM DIRECTOR, 
              U.S. PUBLIC INTEREST RESEARCH GROUP

    Mr. Mierzwinski. Thank you, Congressman. My name is Ed 
Mierzwinski with the State Public Interest Research Groups 
(PIRGs) national office and we are pleased to join the 
Committee today to testify once again on the importance of 
enacting legislation to protect Social Security numbers from 
misuse.
    U.S. PIRG and the State PIRGs believe that the widespread 
availability of the Social Security number contributes to 
identity theft, which is well documented as one of the nation's 
fastest growing white collar crimes. The 1999 and 2000 
amendments to the Drivers Privacy Protection Act championed by 
Senator Shelby form an excellent basis for changing the 
previously misguided congressional strategy of carving out 
exceptions to Social Security number protection and instead 
working to close loopholes. We look forward to working with the 
Committee on developing additional protections.
    We believe the two most important things that the Congress 
could do would be to extend a strong anti-coercion provision on 
private sector use of the Social Security number and to close 
the recently narrowed credit header loophole which allows 
secondary use of the Social Security number without consumer 
consent. The credit header loophole has helped lead to the 
proliferation of information broker websites that make it easy 
for identity thieves and stalkers to obtain Social Security 
numbers and the other bits and pieces of the consumer's 
identity used to build a fraudulent identity in the consumer's 
name.
    Any legislation that you enact should be simple, should be 
based on fair information practices, and contain as few 
loopholes and exceptions as possible. It is also critical that 
any new legislation not preempt or roll back or weaken any of 
the existing privacy protections, including those recently 
upheld by the courts in the Gramm-Leach-Bliley law and of 
course including the new Shelby amendments.
    U.S. PIRG concurs with the views of our colleagues today 
from the Electronic Privacy Information Center and Privacy 
Times. We believe that your legislation should be simple. 
Probably you should extend Section 7 of the Privacy Act to 
private uses of the SSN, extend it to the commercial sector. 
The anti-coercion provision in H.R. 4857 I think is a good step 
toward doing that.
    The other important provision in last year's bill, H.R. 
4857, was its provision taking the Social Security number out 
of credit headers and moving them into the body of credit 
reports. Those are two very important provisions.
    I think the other thing that you need to do is to look at 
what the commercial sector has done over the years in using the 
Social Security number. They have used it as a crutch. It is 
really not as accurate as they say and, in fact, based on our 
statistics from reports published by the Public Interest 
Research Groups, reports by the Privacy Rights Clearinghouse 
and even reports by the Federal Trade Commission as mandated by 
the Identity Theft Act of 1998, and their data are all up on 
their website, identity theft is skyrocketing. It is a major 
problem.
    I talk to consumers. I talk to victims. I got a phone call 
today from a victim. I talk to them all the time. I also know 
how easy it is to do exactly what the investigators did this 
morning with their computer demonstration. It is easy to use 
Social Security numbers and other information to commit 
identity theft and I submit to you that protecting the Social 
Security number with some technology-forcing provisions that 
forces the industry to switch to a more precise and accurate 
number and stop using the Social Security number will actually 
reduce identity theft.
    Last year, as you may know, consumer and privacy groups 
ended up opposing the bill that came closest to passing, the 
Amy Boyer law. We believe that the Amy Boyer law, although 
named for the first known victim of an Internet stalker, 
contained too many loopholes that would have allowed 
information brokers, private detectives and others to slip 
through its nominal protections. And, of course, loopholes is 
not what we want in any final legislation. We did think that 
H.R. 4857 was a better basis for legislation and we hope the 
Committee will work to enact a bill somewhat similar to that.
    In terms of fair information practices, my testimony goes 
into great detail on the report that was issued in 1973 that 
talks about the fair information practices and the need to 
protect the Social Security number, which may provide the 
Committee with guidance.
    Throughout the lobbying on privacy and Social Security 
numbers and other privacy issues over the last several years in 
the Congress, and I want to commend the numerous Republican 
members at the rank and file level who have been leaders on 
privacy, by the way, although I share the concerns of Mr. 
Hendricks that the very top levels of the leadership have had a 
disappointing record on privacy--throughout this debate on not 
only Social Security numbers but on other issues, industry 
groups have sought to dumb down the fair information practices, 
which are actually quite detailed. They believe that notice is 
enough.
    Notice is not enough. Nor is notice and choice when choice 
is limited to only an opt-out some of the time. Consumers need 
to control the use of their personal information on an 
expressed opt-in consent basis all the time, not an opt-out 
some of the time.
    My testimony goes into detail on the credit header loophole 
and the two recent court cases upholding the right of the 
government to protect privacy. My testimony also discusses why 
the voluntary regulations of IRSG just plain and simple are not 
good enough. And my testimony also details the problem of 
identity theft. I would be happy to answer any of the 
Committee's questions. Thank you very much.
    [The prepared statement of Mr. Mierzwinski follows:]
Statement of Edmund Mierzwinski, Consumer Program Director, U.S. Public 
                        Interest Research Group
    Chairman Shaw and members of the committee: We are pleased to 
present the views of the U.S. Public Interest Research Group on the 
misuses of Social Security numbers. As you know, U.S. PIRG serves as 
the national lobbying office for state Public Interest Research Groups, 
which are non-profit and non-partisan consumer and environmental 
advocacy groups active around the country.
Summary
    U.S. PIRG believes that the widespread availability of the social 
security number contributes to identity theft, which is well-documented 
as one of the nation's fastest growing white-collar crimes. The 1999 
and 2000 amendments to the Drivers Privacy Protection Act by Senator 
Shelby form an excellent basis toward changing the previous misguided 
Congressional strategy of carving out exceptions to Social Security 
Number protections and instead working to close loopholes.\1\ We look 
forward to working with the committee on developing additional 
protections.
---------------------------------------------------------------------------
    \1\ Senator Shelby's 2000 amendments to the Driver's Privacy 
Protection Act were incorporated as Section 309 of the Transportation 
Appropriations bill (PL 106-346) signed by the President 23 October 
2000. The amendment requires states to obtain express consent of 
drivers before the sharing or selling of a driver's ``highly sensitive 
personal information,'' including Social Security Number, photograph, 
image, or medical or disability information. In 1999, Shelby had 
incorporated these provisions into law as part of the Appropriations 
bill, but only for one year, while the 2000 amendment amends the DPPA 
itself. In 2000, the Supreme Court upheld the constitutionality of the 
DPPA in Reno vs. Condon.
---------------------------------------------------------------------------
    We believe that the two most important actions Congress could take 
would be to extend a strong anti-coercion provision to private sector 
use of the Social Security Number and to close the recently-narrowed 
credit header loophole, which allows secondary use of Social Security 
Numbers without consent. The credit header loophole has led to the 
proliferation of information broker websites that make it easy for 
identity thieves and stalkers to obtain Social Security Numbers and 
other bits and pieces of a consumer's identity that are used to build a 
fraudulent identity in the victim's name. Any legislation enacted 
should be simple, based on Fair Information Practices, and contain as 
few loopholes and exceptions as possible. It is critical that new 
legislation not preempt or roll back existing privacy protection under 
either the Gramm-Leach-Bliley regulations or the Shelby amendments.
(1) Principles of Social Security Number Protection: Simplicity, With 
        Few, If Any Exceptions and Loopholes
    U.S. PIRG concurs with the views of our colleagues today from the 
Electronic Privacy Information Center (EPIC) and the Privacy Times. We 
believe that the most effective way to protect Social Security Numbers 
would be to enact simple, straightforward legislation that reins in the 
widespread non-statutory uses of the Social Security Number as an 
identifier in the private sector.\2\ One simple way to do this would be 
to extend Section 7 of the Privacy Act,\3\ which protects the Social 
Security Number in government uses with an anti-coercion provision, to 
the private sector. Your bill in the 106th Congress, HR 4857, included 
such a provision. It would have made coerced demand of a consumer's 
Social Security Number an unfair trade practice under Section 5 of the 
Federal Trade Commission Act.
---------------------------------------------------------------------------
    \2\ Ideally, such a bill would also narrow many of the government 
use exceptions that have been established over the years allowing the 
Social Security Number to be used as an identifier and matching element 
for secondary purposes unrelated to Social Security.
    \3\ Privacy Act of 1974, Public Law 93-579.
    \4\ See the Privacy Journal website for more information. Smith's 
latest book is ``Ben Franklin's Web Site: Privacy And Curiosity From 
Plymouth Rock To The Internet'' 
---------------------------------------------------------------------------
    Privacy expert Robert Ellis Smith,\4\ the publisher of Privacy 
Journal and author of ``Social Security Numbers: Uses and Abuses'' (May 
2001) has recently proposed a similarly simple Social Security Number 
protection scheme. Here is Smith's proposal, with his explanations in 
brackets:

          1. ``It shall be illegal to buy or sell the Social Security 
        number of a person.'' [This is the source of much identity 
        theft; it is always a secondary use of the SSN; and it is 
        inconsistent with using the SSN as an AUTHENTICATOR of personal 
        identity.]
          2. ``No person shall be required to provide a Social Security 
        number on an application for credit or on a request for a copy 
        of one's own credit report under the Fair Credit Reporting 
        Act.'' [The FCRA merely requires satisfactory proof of identity 
        to see one's own credit file. Use of SSNs to make a match 
        between a requested credit report (by a credit grantor) and a 
        credit report in a credit bureau's system has been the cause of 
        confusion for credit grantors, nightmares for consumers, and 
        identity theft. If credit bureaus did not rely on SSNs to make 
        a match, 80 percent of identity theft would cease. There is a 
        long list of case law to support the need for this provision.]
          3. ``No person shall be compelled or coerced into providing a 
        Social Security number for any transaction unless there are 
        income-tax consequences in the transaction or there is 
        relevance to Social Security, Medicare, or Medicaid benefits. 
        No person shall be compelled or coerced into providing a Social 
        Security number on an application of employment until there has 
        been a firm offer of employment. Any application for employment 
        shall state that the request for the Social Security number 
        prior to a firm offer of employment is voluntary.'' [This would 
        essentially freeze demands for Social Security numbers in a way 
        least disruptive to organizations currently relying on SSNs. It 
        would tie demands for Social Security numbers to the two 
        original purposes (SSA administration and federal taxes)--two 
        uses that are at least anchored in long-standing law. Placing 
        SSNs on job-application forms increases the risk of exposing 
        them to fraudulent users of SSNs.]
          4. ``No institution of higher education or elementary or 
        secondary school shall use a student's Social Security number 
        as a student identification number.'' [An alarmingly high 
        number of identity theft frauds originated from SSNs taken from 
        universities. Deterring school systems from using the SSNs as a 
        student ID number will permit parents to delay labeling their 
        children with numerical IDs.]

    Alternatively, several more comprehensive proposals were presented 
in the 106th Congress to protect Social Security Numbers. Most notably, 
HR 4857 (Shaw-Matsui-Kleczka) was favorably reported by the Ways and 
Means Committee.\5\ The bill included two critical provisions. In 
addition to its strong private sector anti-coercion provision, HR 4857 
incorporated provisions championed by Rep. Kleczka closing the so-
called credit header loophole. Under an egregious 1994 decision of the 
Federal Trade Commission, credit reporting agencies (credit bureaus) 
have developed a thriving business selling Social Security Numbers 
without consumer consent. While a recent federal court decision 
upholding the Gramm-Leach-Bliley Act privacy regulations has narrowed 
the credit header loophole,\6\ more needs to be done (see below).
---------------------------------------------------------------------------
    \5\ The Social Security Number Privacy And Identity Theft 
Protection Act of 2000, House Report 106-996, 24 October 2000.
    \6\ Individual Reference Services Group, Inc., and Trans Union LLC 
v. FTC (District of the District of Columbia) Civil Action 00-1828, 30 
April 01, granting summary judgment to the Federal Trade Commission on 
all counts and dismissing plaintiffs' complaints with prejudice.
---------------------------------------------------------------------------
    In the 107th Congress, meritorious proposals include HR 1478 
(Kleczka), HR 220 (Paul) and S 324 (Shelby) to protect Social Security 
Numbers. Among other Social Security Number bills with positive 
features in the 106th Congress was a proposal by Rep. Markey (HR 4611).
    Unfortunately, the most prominent 2000 Senate proposal to 
ostensibly protect Social Security Numbers actually would have expanded 
commercial availability of Social Security Numbers. Originally intended 
to serve as a legacy for Amy Boyer, the first known victim of an 
Internet stalker, the Amy Boyer Law, as very nearly enacted into 
law,\7\ was actually a Trojan Horse \8\ and would have expanded 
commercial loopholes for obtaining Social Security Numbers, failed to 
protect Social Security Numbers on public documents and also would have 
preempted stronger state privacy laws.
---------------------------------------------------------------------------
    \7\ The Amy Boyer Law, introduced as S. 2554, (Gregg), was 
incorporated as Section 626 into the Commerce-Justice-State 
Appropriations (HR 4690 RS) and passed into law as Section 635 of HR 
5548, which was included in HR 4492 as sent to the President, but then 
was rescinded on the same day by language reversing its effect included 
in the Conference Report on HR 4577, the Consolidated Appropriations 
Act, (Labor-HHS Approps). Section 213 of HR 4577 amends HR 5548 by 
deleting a number of sections of HR 5548. Section 213(a)(6) of HR 4577 
strikes the Amy Boyer Law (Section 635 of HR 5548). See page H12261 of 
the Congressional Record for 15 Dec 00.
    \8\ See the U.S. PIRG Fact Sheet, ``Why The Amy Boyer Law Is A 
Trojan Horse'' at 
---------------------------------------------------------------------------
    We are, however, pleased that the Amy Boyer Law's chief sponsor, 
Senator Gregg, is working on a stronger bill this year. However, we 
believe that your stricter HR 4857 anti-coercion provision is a better 
approach than the weaker anti-coercion language in the 2001 proposal by 
Sens. Feinstein and Gregg, S. 848, which includes broad ``credit 
check'' exceptions that swallow its nominal anti-coercion rule. Any 
time the Congress determines that an exception is needed, it should 
more narrowly define the exception--in this case, for example, 
reference should be made to obtaining a credit report under the Fair 
Credit Reporting Act.\9\ In addition, although its business-to-business 
exceptions are more narrowly construed than the Amy Boyer Law's and 
also subject to a rulemaking, S. 848 still retains the weak, pro-
information broker structure of the Amy Boyer Law's ``professional and 
commercial'' user business exceptions, rather than closing the credit 
header loophole.
---------------------------------------------------------------------------
    \9\ As another example, the law enforcement exception in S 848 
makes collection of delinquent child support a ``law enforcement'' 
purpose. Does that extend the exception to allow any private firm 
collecting child support to take advantage of the exception? It appears 
to do so, despite well-documented circumstances where some private 
child support collection firms have abused debt collection laws. Last 
year, a controversial proposal originally included as Title III in HR 
4469 (Nancy Johnson) before the Ways and Means Committee would have 
extended child support enforcement to private firms but did not become 
law. See ``Problems At Child Support, Inc., Business, Complaints 
Increase For Specialized Collection Firms'' 18 May 2000, Washington 
Post, Caroline E. Mayer and Jacqueline Salmon.
---------------------------------------------------------------------------
    We hope we can work with you, your staff, and the committee to 
ensure that any final legislation includes the strongest protections 
and the fewest exceptions possible to the use of Social Security 
Numbers for any purposes not associated with the Social Security Act. 
If the committee believes it is necessary to extend any exceptions at 
all allowing continued non-statutory collection of Social Security 
Numbers by the private sector, which has unfortunately come to depend 
on the Social Security Number as a crutch, then the committee should 
include technology-forcing time limits on private uses so that firms 
are forced to develop more accurate alternatives that do not pose the 
secondary use problems of continued use of the Social Security Number, 
which was originally intended only for Social Security and certain tax 
purposes.
(2) What Are Fair Information Practices?
    A government report, produced by the Advisory Committee on 
Automated Personal Data Systems created by the U.S. Department of 
Health, Education, and Welfare in 1973, considered government use of 
social security numbers and issued the following recommendations: \10\
---------------------------------------------------------------------------
    \10\ Records, Computers, and the Rights of Citizens, Report of the 
Secretary's Advisory Committee on Automated Personal Data Systems, U.S. 
Department of Health, Education & Welfare, (1973) 124. (emphasis 
theirs)
---------------------------------------------------------------------------
          First, uses of the SSN should be limited to those necessary 
        for carrying out requirements imposed by the Federal 
        government.
          Second, Federal agencies and departments should not require 
        or promote use of the SSN except to the extent that they have a 
        specific legislative mandate from the Congress to do so.
          Third, the Congress should be sparing in mandating use of the 
        SSN, and should do so only after full and careful consideration 
        preceded by well advertised hearings that elicit substantial 
        public participation. Such consideration should weigh carefully 
        the pros and cons of any proposed use, and should pay 
        particular attention to whether effective safeguards have been 
        applied to the automated personal data systems that would be 
        affected by the proposed use of the SSN.
          Fourth, when the SSN is used in instances that do not conform 
        to the three foregoing principles, no individual should be 
        coerced into providing his SSN, nor should his SSN be used 
        without his consent.
          Fifth, an individual should be fully and fairly informed and 
        of his rights and responsibilities relative to uses of the SSN, 
        including the right to disclose his SSN whenever he deems it in 
        his interest to do so.
    More broadly, that report developed the concept of Fair Information 
Practices, which apply to any use of personal information on consumers 
or citizens. Collecting information for one purpose (Social Security) 
and using it for another (government sector matching, private sector 
locator services, etc.) without the individual data subject's consent 
violates those Fair Information Practices. The Fair Information 
Practices were incorporated in the Privacy Act of 1974 (for government 
uses) and articulated internationally in the 1980 Organization of 
Economic Cooperation and Development (OECD) Guidelines. Information use 
should be subject to Fair Information Practices that limit information 
collection, guarantee its integrity, security and accuracy and provide 
for the following consumer rights: notice, consent, access, correction, 
liability for violations.\11\
---------------------------------------------------------------------------
    \11\ Noted privacy expert Beth Givens of the Privacy Rights 
Clearinghouse has compiled an excellent review of the development of 
FIPs, ``A Review of the Fair Information Principles: The Foundation of 
Privacy Public Policy.'' October 1997. 
---------------------------------------------------------------------------
    Fair Information Practices are discussed in numerous contexts in 
the Congress today. Unfortunately, many industry-supported bills and 
nearly all industry ``studies'' seek to dumb-down the comprehensive 
Fair Information Practices to unacceptable levels.
           First, industry groups seek to substitute a weaker 
        opt-out choice, instead of providing express opt-in consent 
        before secondary uses,
           Second, industry groups claim that notice is enough. 
        They claim that disclosure and correction are unnecessary.
           Third, they contend that either agency enforcement 
        or self-regulation is an adequate substitute for a consumer 
        private right of action.
    Notice is not enough. Nor is ``notice and choice,'' especially when 
choice means the virtually meaningless right to opt-out, rather than 
the right to expressly consent, or opt-in. Consumers and citizens are 
both entitled to and need the full panoply of rights and protections 
proposed by the 1973 committee, especially as recordkeepers develop 
new, unanticipated secondary uses, and newer, more powerful mechanisms 
for collecting, slicing and dicing data.
(3) What Is The Credit Header Loophole That Allows Easy Availability Of 
        Social Security Numbers?
    In 1994, the Federal Trade Commission granted an exemption to the 
definition of credit report when it modified a consent decree with TRW 
(now Experian). The FTC said that certain information would not be 
regulated under the Fair Credit Reporting Act. The so-called credit 
header loophole allowed credit bureaus to separate a consumer's so-
called header or identifying information from the balance of an 
otherwise strictly regulated credit report and sell it to anyone for 
any purpose.
    Credit headers include information ostensibly not bearing on 
creditworthiness and therefore not part of the information collected or 
sold as a consumer credit report. The sale of credit headers involves 
stripping a consumer's name, address, Social Security Number and date 
of birth from the remainder of his credit report and selling it outside 
of the FCRA's consumer protections. Although the information, marketing 
and locater industries contend that header information is derived from 
numerous other sources, in reality, the best source of credit header 
data is likely financial institution information, which is updated 
regularly.
    Two recent court decisions have narrowed, but not closed, the 
credit header loophole. In March 2000, the FTC had banned target 
marketing from credit reports and also held that dates of birth are 
credit-related information and removed them from headers. That decision 
was upheld on 13 April 01 by the U.S. Court of Appeals for the DC 
Circuit in a strong victory for privacy protection, since it also 
upheld the constitutionality of the Fair Credit Reporting Act.\12\
---------------------------------------------------------------------------
    \12\ At the time, Equifax voluntarily agreed to stop target 
marketing from credit reports. Trans Union, on the other hand, refused, 
and then led the FTC through eight years of litigation, while it 
continued to use credit reports to generate target marketing lists in 
defiance of the FTC. On 1 March 2000, the FTC again ordered Trans Union 
to stop, although it agreed to stay the ruling while Trans Union 
appealed yet again.  
Last month, in rejecting Trans Union's constitutional arguments in that 
appeal, the U.S. Court of Appeals said ``Contrary to the company's 
assertions, we have no doubt that this interest--protecting the privacy 
of consumer credit information--is substantial.'' United States Court 
of Appeals For The District Of Columbia Circuit, 13 April 2001, No. 00-
114, Trans Union Corporation v. Federal Trade Commission, On Petition 
for Review of an Order of the Federal Trade Commission.
---------------------------------------------------------------------------
    The final Gramm-Leach-Bliley financial privacy rules issued later 
that spring by the FTC and 5 other federal financial agencies defined 
Social Security Numbers as non-public personal information. That 
decision was upheld on summary judgment on 30 April 01 by U.S. District 
Court Judge Ellen Huvelle.
    The result of the district court's strong ruling, if upheld, is 
that credit bureaus cannot share credit header information (including 
Social Security Numbers) obtained from financial institutions, since 
the financial institutions have failed to provide consumers with notice 
of this information sharing practice and the right to opt-out of 
nonaffiliated third party sharing, as required by the Gramm-Leach-
Bliley regulations. However, once banks and other financial 
institutions modify their defective privacy notices to describe this 
sharing, the protection will then only apply to consumers who exercise 
their right to opt-out.
    While this is a very strong, pro-privacy decision, we believe that 
it still makes sense for the Congress to enact legislation closing the 
credit header loophole by statute. Even if Gramm-Leach-Bliley continues 
to be upheld, ultimately, consumers would have to exercise their modest 
opt-out rights to gain protections they should have by law. For 
example, HR 1478 (Kleczka) would re-define all sensitive information, 
including Social Security Numbers, held in credit report files to be 
protected by the Fair Credit Reporting Act as part of credit reports 
``except the name, address, and telephone number of the consumer if 
listed in a residential telephone directory available in the locality 
of the consumer.''
(4) Why Isn't Voluntary Self-Regulation Good Enough?
    In 1997, the credit bureaus and several of the firms that traffic 
in the credit headers that the credit bureaus sell formed a so-called 
``self-regulatory'' association known as the Individual References 
Services Group. The organization says its ``principles impose 
significant restrictions on the access and distribution of non-public 
information, such as non-financial identifying information in a credit 
report. For example, Social Security numbers obtained from non-public 
sources may not be displayed to the general public on the Internet by 
IRSG companies.'' \13\ (How does IRSG protect Social Security Numbers 
obtained from other than ``non-public sources?'')
---------------------------------------------------------------------------
    \13\ See http://www.irsg.org
---------------------------------------------------------------------------
    Despite these nominal voluntary rules, U.S. PIRG, the Privacy 
Rights Clearinghouse, other advocates, reporters, and identity thieves 
and stalkers have found that SSNs can still be purchased from websites. 
We strongly support closing the credit header loophole because, even if 
the IRSG's voluntary rules were effective in halting the sale of SSNs 
to the general public, it is easy to use a ``pretext'' to obtain SSNs 
from one of the many sites on the Internet that purports to only sell 
it to qualified requestors.
    We also support Congressional review of the adequacy of the IRSG's 
self-regulatory system. While the FTC encouraged the formation of the 
IRSG in 1997, it said at the time that the IRSG Principles did not meet 
all Fair Information Practices. The FTC also said that the IRSG must 
make public a ``Summary'' of the results of ``third-party 
assessments,'' or audits, of its members. To our knowledge, while the 
IRSG provided the FTC in 1999 with what we believe to be a highly 
unsatisfactory letter \14\ stating that the assessments were completed, 
no summaries have ever been made public.
---------------------------------------------------------------------------
    \14\ See Letter from IRSG's Ron Plesser to FTC, 28 April 1999, 

---------------------------------------------------------------------------
    Unfortunately, the 106th Congress Amy Boyer Law and several 107th 
Congress proposals include private sector business-to-business 
loopholes allowing ``professional and commercial'' users continued 
access to Social Security Numbers. The Amy Boyer Law would have even 
expanded the access now allowed, under IRSG's own weak voluntary 
operating rules.
    To stave off legislation four years ago, IRSG proposed to FTC a set 
of principles its members are required to operate by. Under one 
principle, so-called ``professional and commercial users'' can use 
Social Security numbers, but only if displayed in truncated form. Here 
is the provision:\15\
---------------------------------------------------------------------------
    \15\ < http://www.irsg.org/html/
industry__principles__principles.htm>
---------------------------------------------------------------------------
          B. Commercial and Professional Distribution of Non-Public 
        Information: Individual reference services, when they limit the 
        non-public information content of their products or services as 
        set forth below, may distribute such products or services only 
        to established professional and commercial users who use the 
        information in the normal course and scope of their business or 
        profession and the use is appropriate for such activities.
          1. non-public information products or services distributed 
        pursuant to this subsection shall not include:
                  a. Information that reflects credit history, 
                financial history, medical records, mother's maiden 
                name identified as such, or similar information;
                  b. Certain information like social security number 
                and birth information unless truncated in an 
                appropriate and industry consistent manner.
    Yet, the Amy Boyer Law included specific language exempting 
``professional and commercial users,'' exactly the phrase from IRSG. 
These firms--including private detectives, Internet information 
brokers, debt collectors and skip tracers, would appear to gain a new 
right to use full untruncated Social Security Numbers under law, even 
though their own trade association had previously apparently limited 
them to truncated uses, to protect consumer privacy. In some states 
private detectives are not regulated at all, in most other states, 
private detectives are under-regulated at best.
(5) What Does It Mean To Be An Identity Theft Victim?
    In our view, the mere fact that Social Security Numbers were never 
intended as a national identifier yet are being routinely used in the 
private sector for secondary purposes without consent is adequate 
reason for the committee to act. Yet, the Social Security Number is 
also the key to a consumer's financial identity. Easy access to Social 
Security Numbers aids identity thieves and stalkers.
    Just as one of the other witnesses has demonstrated today, I, along 
with other consumer and privacy advocates, have often used pretexts to 
demonstrate how easy it is to obtain Social Security Numbers from on-
line information broker websites, despite supposed limitations on 
disclosure to unauthorized persons claimed by the sites. While identity 
thieves can also obtain social security numbers from other sources, 
such as drivers' licenses in some states, student IDs, and medical 
records, why go to the trouble when you can log onto the Internet?
    The committee has heard today from several identity theft victims. 
The committee has also heard from experts about how easy it is to buy 
Social Security Numbers. This winter, stories about identity theft 
victim Tiger Woods were prevalent. In March, newspaper stories reported 
on how sloppy financial industry security practices enabled a high-
school dropout working as a busboy to steal the identities of numerous 
celebrities:
          Using computers in a local library, a Brooklyn busboy pulled 
        off the largest identity-theft in Internet history, victimizing 
        more than 200 of the ``Richest People in America'' listed in 
        Forbes magazine, authorities say. Abraham Abdallah, 32, a 
        pudgy, convicted swindler and high-school dropout, is suspected 
        of stealing millions of dollars as he cunningly used the Web to 
        invade the personal financial lives of celebrities, 
        billionaires and corporate executives, law enforcement sources 
        told The Post.\16\
---------------------------------------------------------------------------
    \16\ See New York Post, 20 March 2001, ``HOW NYPD CRACKED THE 
ULTIMATE CYBERFRAUD'' 
---------------------------------------------------------------------------
    In May 2000, California PIRG and the Privacy Rights Clearinghouse 
released a report \17\ summarizing the results of a survey of victims. 
We found that identity theft victims had labored 2-4 years or more to 
rid themselves of an average of $18,000 in fraudulent accounts. 
However, worse than cleaning up the financial mess is the enormous time 
commitment victims spend cleaning up their lives:
---------------------------------------------------------------------------
    \17\ ``Nowhere To Turn,'' Benner, Givens and Mierzwinski, CALPIRG 
and Privacy Rights Clearinghouse, 1 May 2000. See . We have released two previous 
reports on identity theft ``Theft of Identity: The Consumer X-Files'', 
CALPIRG and US PIRG, 1996 and ``Theft of Identity II: Return to the 
Consumer X-Files'', CALPIRG and US PIRG, 1997, as well as four reports 
on errors by credit reporting agencies since 1991, most recently 
``Mistakes Do Happen,'' 1998.
---------------------------------------------------------------------------
    Respondents spent an average of 175 hours actively trying to 
resolve problems caused by the theft of their identity. The victims 
reported missing several days or weeks of work to put their lives back 
together, and two people even reported losing their jobs due to the 
time devoted to identity theft resolution. A victim from California 
felt that resolving her problem was ``nearly a full-time job.'' Robin, 
a victim from Los Angeles, explains, ``One bill--just ONE BILL--can 
take 6-8 hours to clear up after calling the 800 numbers, waiting on 
hold, and dealing with ignorant customer representatives.'' She 
concludes, ``The current system is not created for actual assistance, 
it is created to perpetuate the illusion of assistance.'' \18\
---------------------------------------------------------------------------
    \18\ See ``Nowhere To Turn,'' 
---------------------------------------------------------------------------
          Recently, the Federal Trade Commission published a detailed 
        report summarizing identity theft complaints to the agency 
        since passage of 1998 legislation requiring it to establish a 
        database and clearinghouse. Highlights of the report,\19\ which 
        covers the period from November 1999 through March 2001, are 
        the following:
---------------------------------------------------------------------------
    \19\ See Figures and Trends On Identity Theft November 1999 through 
March 2001 Federal Trade Commission  Also see accompanying charts. According to the 
FTC identity theft complaint summary, ``The FTC's Identity Theft 
program, established pursuant to the Identity Theft and Assumption 
Deterrence Act, Pub. L. No. 105-318, 112 Stat. 3007 (1998)(codified at 
18 U.S.C. Sec. 1028)(the ``ID Theft Act''), assists consumers who are, 
or are concerned about becoming, identity theft victims.''
---------------------------------------------------------------------------
           The volume of calls to our Hotline has grown 
        dramatically. In November 1999, the Hotline answered about 445 
        calls per week. By March 2001, the Hotline was answering over 
        2,000 calls per week.
           Taken together, the information in the Clearinghouse 
        Database shows that identity theft has a devastating effect on 
        consumers' lives. Most consumers have no idea how this happened 
        to them and do not discover their personal information has been 
        misused for more than a year, and sometimes as long as five 
        years.
           Victims must spend significant amounts of time 
        contacting creditors and credit reporting agencies in order to 
        repair the damage done to their credit histories. In the 
        meantime, they are often unable to obtain credit and financial 
        services, telecommunication and utility services, and sometimes 
        employment. Wages may be garnished, or tax refunds withheld, 
        due to the bad debts or other penalties levied in their names.
           Where the identity thief has created a criminal 
        record in the victim's name, consumers report having driving 
        and other licenses revoked, failing background checks for 
        employment and other purposes, and even being arrested and 
        detained.
    The difficulties victims experience as a result of identity theft 
are of great concern to the FTC.
(6) Who Else Wants Your Social Security Number? Stalkers.
    As the Christian Science Monitor and Nando News explained last 
year:
          So you think your private information is relatively safe? 
        Think again. For a mere $49, someone can hop on the Internet, 
        give a company your name, wait a few days, and bingo: up pops 
        your Social Security number. Want someone's bank account 
        balance? That costs $45. An unpublished telephone number? 
        $59.\20\
---------------------------------------------------------------------------
    \20\ ``Suit alleges online privacy breach had deadly consequences'' 
By KRIS AXTMAN, The Christian Science Monitor (May 9, 2000 1:34 a.m. 
EDT http://www.nandotimes.com)
---------------------------------------------------------------------------
    The reporter in that story wasn't writing about the ``white-
collar'' crime of identity theft, however. Actually, the story was 
about the brutal stalker murder of Amy Boyer in New Hampshire. As the 
story explains:
          Her killer, a man obsessed with her since 10th grade, left 
        evidence that he tracked her down through the online personal-
        data service Docusearch.com.
          On his own Web site, Liam Youens detailed his plans for 
        killing Boyer, including how he found her: ``I found an 
        internet site to do that, and to my surprize everything else 
        under the Sun. Most importantly: her current employment. It's 
        accually obscene what you can find out about a person on the 
        internet.'' After shooting Boyer, Youens turned the gun on 
        himself.
          Stunned that such information could be purchased by anyone, 
        Boyer's parents, Tim and Helen Remsburg, recently filed a suit 
        against Docusearch.com. They also testified before a Senate 
        subcommittee about the killing.\21\
---------------------------------------------------------------------------
    \21\ Ibid.
---------------------------------------------------------------------------
(7) What Other Actions Would Protect Social Security Numbers From 
        Misuse?
    Using the Social Security Number as a employment ID, medical ID, 
college student ID or motor vehicle ID leads to identity theft or other 
problems. As noted above, last year Congress made permanent the 1999 
Shelby amendment expanding consumer privacy rights in information held 
by state motor vehicle departments. The committee has heard testimony 
today about the widespread use of Social Security Numbers as student 
identification and as a health record identifier. These uses should be 
phased out, by enactment of trigger-based, sunset regulation 
prohibiting the use of Social Security Numbers in the private sector 
after a certain time.
Conclusion
    While the U.S. has a strong history of privacy protection, our 
statutory privacy protections are a patchwork--what industry prefers to 
call a ``sector-by-sector'' approach. Yet, whatever the merits, if 
there ever were any, of the industry-prescribed sector-by-sector 
approach, it is rapidly obsolescing as industry sectors converge. The 
names of the videos you rent are better protected than your not-so-
confidential bank account balances, credit card records and medical 
history. U.S. PIRG strongly supports enactment of over-arching privacy 
legislation that requires all businesses to protect consumer and 
customer information under laws based on Fair Information Practices and 
gives consumers enforceable rights if their personal information is 
misused.
    The basic structure of information privacy law is to place 
responsibilities on organizations that collect personal data and to 
give rights to individuals that give up their data. This is sensible 
for many reasons, including the fact that it is the entity in 
possession of the data that controls its subsequent use. Information 
privacy law also promotes transparency by making data practices more 
open to scrutiny and encourages the development of innovative technical 
approaches.\22\
---------------------------------------------------------------------------
    \22\ See the ``Privacy Law Sourcebook, 2000: United States Law, 
International Law and Recent Developments,'' by Marc Rotenberg, 
Electronic Privacy Information Center, for a comparision of all 
important privacy laws.
---------------------------------------------------------------------------
    We want to thank you, Mr. Chairman, for the opportunity to present 
our views on the need for strong privacy protections to protect Social 
Security Numbers from misuse. We look forward to working with you on 
this and other matters to guarantee the privacy of American citizens. 
Restricting the widespread availability of Social Security Numbers is 
one of the most important solutions to the identity theft epidemic.

                                


    Mr. Collins. Thank you. Thank you all for your testimony. 
Mr. Becerra, any questions?
    Mr. Becerra. Mr. Chairman, thank you. Let me see if I can 
limit the number of questions I have here.
    Let me ask Mr. Dugan and perhaps Mr. Plesser and Ms. LeRoy 
first if they can comment on based on the legislation from last 
year, what you would not want to see in the bill. What do you 
object to?
    Mr. Dugan. Mr. Becerra, we had several concerns that, for 
example, prohibitions on sales of information could sweep in 
things that are routinely done in business-to-business 
transactions that really do not raise of the kinds of concerns 
that we talked about this morning.
    For example, it is critical for two financial institutions 
that are trying to transfer assets to each other to be able to 
use Social Security numbers. SSN's are often the only way that 
you can make sure that the right money is going from one 
financial institution to a totally unrelated financial 
institution, and I do not think there is anybody who thinks 
that is an illegitimate type of transaction. So when you talk 
about ``sale,'' you have to be quite careful about what exactly 
it covers so that it does not unintentionally sweep in that 
kind of unintended use.
    We are also concerned that the effort to restrict SSN use 
more generally would prohibit financial institutions from using 
it for the kinds of fraud detection purposes that they use it 
for now.
    One point I think is worth making is to respond to the 
implicit suggestion that financial institutions somehow benefit 
from, or favor, identity theft. In fact, just the opposite is 
true. Financial Institutions absolutely oppose identity theft 
not only for the pain it causes customers, but also because it 
is expensive. We, too, are very much in favor of measures that 
are very targeted to that identity theft and to prevent it. It 
is just that we also believe that there are real beneficial 
uses of Social Security numbers to detect identity theft and 
other benefits, as well.
    Mr. Becerra. Let me just make sure you are focusing on that 
because I do not want to run out of time and I do have several 
questions I want to ask.
    Mr. Plesser and Ms. LeRoy, if you could add to that. And I 
know what some of the governmental concerns are and I think 
those are legitimate but in terms of the private sector, I am 
trying to figure out what it is that the private sector would 
object to with regard to last year's legislation.
    Mr. Plesser. Let me just echo those comments. I think the 
biggest concern we have now is the exemptions do not cover many 
of the positive purposes and uses that I think we have been 
discussing this morning. They would not allow what Mrs. LeRoy 
does. They do not allow finding a lawyer who identifies 
witnesses and takes their Social Security number because five 
years later they are going to need them to testify and people 
move. Twenty percent of America moves every year.
    So, the question is we want to be able to find lost 
witnesses. We want to be able to provide information so that 
heirs can be located on wills. Perhaps a will was done 30 years 
before. I think there are a lot of positive uses in business, 
the business-to-business use.
    We would support the restriction of the Social Security 
number from being displayed to the public. I think last year 
use was not restricted and we think that was positive but the 
purchase and sale--in order to use it, it has to be obtained.
    So those are really the points we have talked to staff 
about. We have had very positive dialogue with staff and we 
continue to feel that that will be fruitful and we would like 
to work with the Committee on that.
    Mr. Becerra. Ms. LeRoy?
    Ms. LeRoy. May I say that every day we deal with people who 
we find and communicate to them that they have money coming to 
them from really a forgotten source. And while the flavor I 
hear is that the American public is outraged that people do 
have access to their Social Security numbers, this is not an 
issue we encounter. Out of 200,000 people per year perhaps five 
have an objection: Who gave you my Social Security number? How 
did you get it? And when we explain fully----
    Mr. Becerra. Let me have you focus because I am going to 
run out of time and I am just trying to find out what you 
object to in the legislation as it was proposed, if you are 
familiar with it, or the uses that were being prohibited 
through last year's legislation. I am trying to get a sense of 
what you do not want to see in it or maybe you want to tell me 
what you can see in it.
    Ms. LeRoy. What I would like to see is legitimate business 
practices.
    Mr. Becerra. Be exempted?
    Ms. LeRoy. Yes.
    Mr. Becerra. Which are those legitimate business practices 
that you would like to see exempted?
    Ms. LeRoy. I think when someone has an asset for a person, 
that the person having their Social Security number be utilized 
to find them, they are better off than they were before.
    Mr. Becerra. So assets. What else?
    Ms. LeRoy. Probably the greater good. I know the blood 
banks like to use that to find tissue donors and blood donors 
in emergencies.
    Mr. Becerra. Really what you are talking about is the need 
for some unique identifier for individuals to ensure that when 
you give this information or this financial asset or this 
greater good, this benefit to the individual, that you are 
giving it to the right person.
    Ms. LeRoy. Exactly.
    Mr. Becerra. And right now we use the Social Security 
number for that purpose of acting as the unique identifier but 
there is nothing that stops us from creating some other type of 
unique identifier, right? And the problem we have right now is 
the Social Security number was never created to be that unique 
identifier and it, of itself, is not the best or it can be a 
better and more integrated form of identification if the Social 
Security Administration had first and foremost meant it to be 
that. But it was never meant to be that, so it is an 
inefficient identification number to begin with. We have 
nothing else in place to use and it does cause problems and it 
puts it at the foot of the Federal Government to try to 
maintain that identifier.
    Let me ask a question of you, Mr. Dugan, because you 
mentioned the transactions, verifying transactions and the sale 
of that information. One financial institution can provide the 
information to another financial institution so you can make 
sure the transfer of assets or the sale of assets or purchase 
can be done. Why does one business have to charge the other for 
that? Why can you not just provide it free?
    Mr. Dugan. I'm sorry?
    Mr. Becerra. Merrill Lynch sells information to somebody 
else.
    Mr. Dugan. Actually, what I was trying to get at is suppose 
you want to transfer your assets from Merrill Lynch to Solomon 
Smith Barney.
    Mr. Becerra. Okay, does Merrill Lynch charge Solomon Smith 
Barney?
    Mr. Dugan. No, but they have to have a way to make sure 
that the John Dugan who walks in in one place is the John Dugan 
in the other and there may be hundreds of John Dugans. And 
unfortunately or fortunately, depending on how you look at it, 
the one really common unique identifier we use with systems 
that are not closed systems is the Social Security number.
    The other point I would just make is that financial 
institutions have a set of restrictions already in place under 
Gramm-Leach-Bliley that apply to Social Security numbers, and 
when SSN's are sold there are restrictions on their 
redisclosure and reuse. So, an exemption for financial 
institutions is something that we would want to see in any 
legislation that is enacted.
    Mr. Becerra. But other than something already written in 
Federal law, why should we allow the sale or purchase of a 
Social Security number?
    Mr. Dugan. It depends on----
    Mr. Becerra. Why should somebody make money off of the sale 
of a Social Security number, which is a number generated by the 
Federal Government for purposes of Social Security benefits?
    Mr. Dugan. If, for example, a consumer did not object to 
the sale to a service that was allowing people to track down 
pension benefits, there may be perfectly legitimate reasons for 
doing that. That is number one.
    Number two, if you define ``sale'' too broadly you are 
going to sweep in things that you do not want to sweep in.
    Mr. Becerra. Well, why would a consumer want to allow his 
or her Social Security number to be sold?
    Mr. Dugan. Well, what do you call it, for example, when 
your Social Security number is used in the process of creating 
a credit report where it is provided to a third party as part 
of a process to make sure that that person's credit is good? We 
have the most efficient credit system in the world and the 
reason why we do is because we have the most efficient sharing 
of information in the world.
    Mr. Becerra. So somebody is making money off of that 
identifier, being able to use that identifier.
    Mr. Dugan. And the consumer is benefiting because the cost 
of credit is much, much lower in this country than anyplace in 
the world.
    Mr. Becerra. So as we try to solve the issues of identity 
theft and the problems with correct identifiers and somebody 
fraudulently securing a Social Security number, the taxpayer 
pays for us to generate those numbers, correct the fraud, go 
after those who commit the fraud. A credit card company gets to 
charge anyone who wishes to get a credit report of an 
individual money for the use of that report or to disclose that 
report. Somehow we have to clean up the Social Security number 
and its use for that identification purpose but unless we 
charge the taxpayer, you all will not have an identifying 
number to use.
    Mr. Dugan. And that is our concern. We are worried about 
throwing the baby out with the bathwater. There are many things 
like what we talked about this morning where people are selling 
fake Social Security IDs. And, by the way, I think there are 
laws on the books that can be enforced to go after that sort of 
thing, which are real abuses that have to be addressed.
    It seems to me it is a very different thing if in the way 
you address that kind of identity theft you end up--not 
intending to--but you end up impairing things that produce real 
benefits to consumers. That is the problem.
    Mr. Becerra. And I would love Mr. Hendricks or Mr. 
Rotenberg or Mr. Mierzwinski to chime in but my difficulty is 
that we have to take care of this identity thing. We have to do 
something to address the fraud. We also want to make sure that 
whether it is public or private enterprise that there are 
opportunities to have some way to identify people as being who 
they claim to be.
    There is nothing unique about the Social Security number 
other than it became a pretty universal number. So, I guess 
what we are trying to do is grapple with how we try to maintain 
the Social Security number for what it was intended to be used 
for and perhaps allow it to be used for things that were not at 
first contemplated.
    And if Mr. Hendricks or Mr. Rotenberg have any comments or 
Mr. Mierzwinski, I would love to hear how you respond to those 
who are in the private sector or in government, as well, who 
say that we have no choice but to use these numbers in order to 
continue in business.
    Mr. Hendricks. Social Security numbers are used in a wide 
variety of contexts and they are mandated by Congress to be 
used by banks.
    Let me first say that I think legislation is necessary to 
stop the abuses that we have talked about, the kind of bill 
that came out of this Committee last year, because if you look 
at the websites selling the Social Security numbers, the IRSG 
companies very likely could be the sources of that information 
that these guys are selling. And the IRSG companies need to do 
an audit where they buy from these brokers and trace it back to 
find out the source of the information.
    Mr. Becerra. Stop right there.
    So, Mr. Plesser, how do you respond to that?
    Mr. Plesser. First of all, I respond that they are not the 
source. The IRSG companies absolutely have not been the source 
of those records since 1977. When we make those searches on Dog 
pile and others we find it very difficult to find the 
information.
    I had a reporter from the National Journal who told me that 
in making her search they had to go to 100 sites. They may be 
from old sites, from old information, but they are not coming 
from the credit-reporting agencies. We are pretty certain of 
that in terms of anything past 1997. It may be that prior to 
1997 those databases are still around and people are using 
them. And I think a lot of those services probably are 
pretexting--there is a time delay in many of them. We do not 
know that they are really getting them from open-ended 
databases. Many of those sites at the bottom of them say we are 
a private investigator and then they will go ahead and do a 
pretext interview or a pretext call and get the Social Security 
number.
    So, I think that the problem is a legitimate one but I do 
not think the causes or the source of the information was from 
the IRSG companies.
    Mr. Hendricks. I think that Chairman Shaw asked the right 
question. Where are all these numbers coming from? They make 
them available in 15 to 30 seconds. They have to be available 
in automated systems.
    It is ironic that these companies that specialize in audit 
investigation are not doing the most fundamental audit 
investigation to ensure that their databases are not being used 
for these purposes.
    I think ultimately you are going to have to look at the 
Fair Credit Reporting Act as a model of what to do. You have to 
have a purpose test. The goal is the information collected for 
one purpose not be used for other purposes without people's 
consent.
    One of the reasons is that when information is used outside 
of its context the way the Social Security number has been, 
then data integrity suffers, too. So when it was created for 
wage reporting and now it is used in the financial services, 
then the unintended consequence is that fraudsters realize this 
can be used to create fraud.
    So, I think we have to start with the idea of basically a 
moratorium so there will be no more authorized uses, we look at 
specifying what purposes will be allowed through good public 
debate. And then pretty soon technology--Mr. Rotenberg can tell 
you that technology has some solutions for this. There are ways 
now of anonymizing information so it can only be seen behind 
fire walls, too, and in the future that could hold out some 
promise not to put the genie back in the bottle, but at least 
spank the genie.
    Mr. Rotenberg. I would just say that I think the problem 
with the misuse of the SSN are likely to accelerate. One of the 
very interesting things about the reporting of identity theft 
of which we were aware when we did the Greidinger case 10 years 
ago was that the problem at that time was just emerging, there 
was not the easy on-line accessibility that you have today or 
the increasing use of the SSN across the private sector for a 
whole slew of unrelated purposes.
    The SSN is literally the flypaper of the information age: 
You hold it out there and anything with the same number will 
start sticking to it. So we need to find a way, I think through 
legislation, to restrict its use as the de facto identifier.
    It was never intended, as you said, for this purpose. The 
problem of having an exception that says legitimate business 
purpose, is that, any purpose presumably done in good faith 
could be a legitimate business purpose.
    As to Mr. Dugan's concerns, I think one of the ways to 
resolve these is that where the transfer takes place with the 
SSN in the context of financial institutions that are required 
to link a tax identification number with an asset, no one would 
reasonably object that that tax identification number follows 
the asset as it moves between institutions. But that is really 
not the type of problem that has been described today. I think 
it is important that we focus on the real problem, which is the 
open-ended unrestricted use of the SSN, the real source of the 
identity theft problem.
    Mr. Mierzwinski. Just very briefly, Congressman, I want to 
make the point that the financial industry's practices are just 
inadequate and unbelievably, the number of mistakes that they 
make in credit reporting leads not only to identity theft but 
many consumers, many of your constituents paying too much money 
for credit because of mistakes in their credit report causing 
their credit scores, their risk scores, to be lower than they 
should be and probably costing consumers billions of dollars.
    As I think Mr. Hendricks pointed out earlier and the 
officers discussed earlier, you do not need to be the Russian 
mafia to commit identity theft. You can be an unemployed high 
school drop-out working as a--well, actually not unemployed--
you can be a high school drop-out working as a busboy and you 
can type in the Social Security number of VIPs and have their 
credit transferred into your name. That is how easy it is.
    If I know your Social Security number and I submit a credit 
application in your name at a new address, these systems are so 
poorly designed that I am going to get the credit in your name 
and that is unacceptable.
    So we need to do more than just protect the Social Security 
number. I think we need to impose some higher standards on the 
credit reporting and the financial industry. Thank you.
    Mr. Bacarisse. Congressman, may I take a moment just to 
remind the Committee--of course, you are well aware that there 
is in the government side on the child support area there is a 
key need for that data element to exist in order for the 
government to go after the $50 billion in unpaid child support 
that is out there in this country.
    So, on the one hand, we have a certain segment of the 
population that is very interested in seeing the government 
perform better there at all levels. Thank you.
    Mr. Becerra. I get confused trying to just think about this 
or ask the question. Certainly we have to resolve this, Mr. 
Chairman. I think we do need to move forward with something. 
Obviously there are some legitimate uses of the number and 
there are some needs for the private and public sectors to 
continue to engage in their business but this is just going to 
get worse, as somebody just said.
    I do not know what we do. Unless there can be some 
reconciliation between those who believe that the bill that we 
had last year was too restrictive and those who believe it does 
not go far enough, we will not go anywhere. I would just hope 
that we can come up with something because we do see too many 
cases like the two individuals who were here recently, earlier 
testifying about the abuses that occur.
    I will yield back.
    Mr. Collins. Thank you, Congressman.
    It is a typical political problem. We have friends for it 
and friends who are against it and we are for our friends. The 
problem here is theft and the concern is punishing the good 
guys rather than those who commit the theft.
    If not the Social Security number, what number? What would 
be used for an identifier? Anyone. What would be used? How 
would you identify people?
    I see in part of the report here that prior to '76 there 
was a major credit card bureau that did not use this as an 
identifier. What did they use?
    Mr. Hendricks. They just used names and addresses at that 
point and their databases were not as big. And what happened 
was that the Social Security number was just laying there. Mr. 
Rotenberg said it was like the flypaper. To me it was like a 
lamb chop and all these wolves are circling and it was just too 
convenient to use.
    Right now even the credit reporting agencies can do 
searches based on name and address. They have different 
information fields that they can use. But now that they have 
incorporated the Social Security numbers into their system it 
is an integral part of their system. Congress has mandated its 
use by the banks. It is an integral part of the banking system 
and I do not see that changing any time soon.
    But, I think we can stop newer uses from spreading. To 
answer your question, the technology allows information to be 
compiled, searched and merged without using a Social Security 
number. You have other fields, like name, address, zip code. 
So, the technology is getting better to be able to do it so 
that it does not need to rely on a Social Security number.
    Mr. Collins. But I can find that in the local telephone 
directory, name and address.
    Mr. Hendricks. Phone number?
    Mr. Collins. Yes. Well, not the phone number. I can find a 
person's name. I mean I can go to the telephone directory and 
find the names. What is to keep me from using those names in a 
false way to commit a theft? What we are dealing with is a 
number.
    Prior to '76 when they did not use the number, do we have 
any numbers, any data that indicates the number of fraud and 
abuse or theft that occurred in the financial world?
    Mr. Rotenberg. As I recall, Congressman, it was about 10 
years ago that the Attorney General started reporting on the 
use of the SSN in credit card theft because it became 
increasingly a part of that type of commission of crime as it 
became more accessible, and this is in support of my point that 
I think the problem is likely to increase.
    But, the other point I wanted to make is in response to 
your question about systems of identification. It is true, we 
have many systems of identification. You have an account number 
for your credit card, for your utility bill, for your telephone 
number. These account numbers are unique to the institutions, 
which create unique account numbers. They do not use the Social 
Security number because they are trying to establish some 
confidentiality in the relationship with you in the information 
that they have about you, the bills that they send to you. It 
is standard practice. And it is a good practice.
    Mr. Collins. That is my point. How many cases of credit 
card abuse were there last year? Anyone know? How many credit 
cards were stolen and misused last year?
    Mr. Mierzwinski. Two years ago I believe the General 
Accounting Office reported to this Committee that in its 
studies it found that one of the credit bureaus reported 
500,000 calls a year pertaining to identity theft. I think 
about one third of those may have been people inquiring about 
finding out more information but I think most people think it 
is in the half-million range today.
    The Federal Trade Commission's most recent statistics 
required by the new law say that their number of phone calls 
has increased from the end of 1999, 449 calls a week, to about 
2,000 calls a week.
    Mr. Collins. This is on credit card abuse?
    Mr. Mierzwinski. This is on identity theft, Congressman.
    Mr. Collins. I am talking about credit card----
    Mr. Mierzwinski. You have to ask the industry for credit 
card data but our reports have found it very difficult to 
compile credit card data. The industry looks at a lot of it as 
proprietary and they calculate fraud differently, but I would 
ask the industry witnesses to provide you with that.
    Mr. Collins. Does anyone have any idea how many credit card 
thefts there were last year?
    Mr. Hendricks. On the one hand, the European Union said 
credit card fraud itself, not identity but credit card fraud 
itself was up 50 percent in the last year and they attribute 
some of that to growing on line and the fact that organized 
crime are getting into hacking and getting credit card numbers. 
Industry people have told me in the U.S.----
    Mr. Collins. Fifty percent of what?
    Mr. Hendricks. It was up 50 percent. I am sorry. I have to 
provide that for the record.
    Mr. Collins. Mr. Dugan, do you have a number?
    Mr. Dugan. I was just going to say we will be happy to 
provide that for the record. I do not.
    Mr. Collins. The point is that we had 95,000 reports of 
misuse of the Social Security number. How many reports of 
misuse of a credit card, stolen or whatever, occurred last 
year? It is a different number, different credit card numbers.
    Mr. Hendricks. Yes. I am sorry; the credit card industry 
still says--the U.S. industry folks I spoke to said it is still 
a very small percentage, like 1 percent of their transactions 
or fewer is credit card fraud. But that is why one of the 
solutions that people are starting to look at is disposable 
credit card numbers so that the credit card numbers are only 
good for one transaction.
    Mr. Collins. I had one of my credit cards stolen.
    Well, we have 95,000 reports of misuse of the Social 
Security number and we have 200,000 reports of good use of the 
Social Security number. What do you think? Which outweighs 
what?
    Mr. Hendricks. Well, the misuse of the Social Security 
number--you are citing the Social Security Administration's 
numbers. That is just calls to one hotline. The calls to the 
Federal Trade Commission, the misuse of Social Security numbers 
has to be running well toward a million right now if you 
include the police agencies in California, the Federal Trade 
Commission Clearinghouse, the Privacy Rights Clearinghouse, all 
the different places that are taking complaints. The numbers 
are much higher than 95,000.
    Mr. Collins. Well, why would the inspector general report 
to this Committee in 95,000?
    Mr. Hendricks. That is the ones going directly to him.
    Mr. Collins. Directly to Social Security?
    Mr. Hendricks. Yes.
    Mr. Collins. And that is where it should be reported.
    Mr. Plesser. The 200,000 is just the one company.
    Mr. Collins. Sir?
    Mr. Plesser. And the 200,000 is just the one company.
    Mr. Collins. How many companies are there? You say you 
represent what, 14?
    Mr. Plesser. Fourteen companies.
    Mr. Collins. How many other companies are there?
    Mr. Plesser. Excuse me?
    Mr. Collins. How many other companies beyond the 14?
    Mr. Plesser. It would be hard to count. There are probably 
a lot of companies, smaller companies beyond. I do not think 
there is any fairly substantial companies in the reference 
services area that has not a member of the group. There are 
probably a lot of these fly-by-night guys who are up on the Web 
with illegal activities that certainly are not members of the 
IRSG.
    Mr. Collins. These people on the websites, we all agree 
that is quite a problem. Where do they get that data? What is 
the easiest access for them to obtain their data?
    Mr. Plesser. My own view on that is that many of it, and I 
would be happy to have a dialogue with the investigator from 
the Social Security Administration, I think many of that, I 
think the time delay was not 15 to 30 seconds. I think the time 
delay they talked about was 15 minutes or 30 minutes and in 
most of the cases, many of the cases I am aware of, it takes 24 
hours to get the response and I think a lot of that is 
individual----
    Mr. Collins. That is not my question, though. My question 
is not how long it takes them to download, to transmit to you 
the information, but where do they get their information? This 
gentleman on the end down here.
    Mr. Bacarisse. Congressman, if I may offer, I believe a lot 
of the courthouses, both Federal and State across this country, 
are the ultimate sort of origination point for this data. We 
sell, because these documents are public records, we sell--
16,600 divorces were granted in Harris County. We sell 930,000 
pages of data every year in our office and many of those pages 
contain sensitive information.
    Now you would imagine that most of the people purchasing 
this data are parties to the suit and, in fact, they are. When 
you go to buy a house you have to prove that you were divorced, 
and so forth. The title company will ask you to present this 
final divorce decree. So, in many cases the people coming in to 
buy the document are the people themselves but not in every 
case. And we do not and cannot control who buys this 
information because it is technically public record.
    So, you see, we are the origination point, I think, for 
some of this data.
    Mr. Hendricks. And I think you have all asked the same 
question. One clearinghouse to start looking at is a company 
called Choice Point. They specialize in buying public records 
and putting them into electronic database form. And I think 
that if all of you got your Choice Point file, it would be a 
real eye-opener because they get public records from all across 
the country so they can put together rich files on people.
    Mr. Collins. Mr. Chairman?
    Chairman Shaw. Thank you, Mr. Collins.
    I would like to ask Cory a question. I know you have been 
working with the State of Florida university system on getting 
these numbers eliminated and change the ID system. Will it 
require different numbers for in-coming admissions only or will 
it take changes to currently enrolled students? And what does 
Florida intend to do with all of the old records that have the 
numbers on them?
    Mr. Kravit. Mr. Shaw, what we would like to do is obviously 
all the new in-coming students would get a new number and for 
the old records, they want to go back as far as they can and 
issue new numbers for them.
    They are looking at instituting a state-of-the-art 
directory system that would have a hidden number that nobody 
would ever see, which would be linked to all the other numbers, 
like public numbers. There would be that one number that nobody 
ever sees, a public number, which as a student ID number or an 
alumni association number, and there would also be private 
numbers that only people who have designated access to, like 
your Social Security number, would be able to view.
    Chairman Shaw. Thank you.
    Mr. Bacarisse. You talked about the court files and the 
amount of information that you have to make. I imagine that in 
Florida, with the sunshine law, a reporter can come to a County 
Clerk's desk and go through his in file and look what is in 
there. I mean there is absolutely no privacy left at all in 
that situation.
    But, when you have been requested to supply a document you 
talked about the large expense that would go into changing over 
to a new system. That is one of things we are going to have to 
worry about because we do have unfunded mandates. Now whether 
this would be considered a mandate or a prohibition, I guess we 
would leave to the lawyers to decide. But, it seems to me that 
in supplying a document, and I assume it is all on microfilm, 
that when you print the document out you could simply put a 
black marker through a Social Security number. So that would 
not be that overly burdensome. I assume that you could also 
change your procedures so that Social Security numbers would 
not appear on public documents henceforth and that would cost 
you zero. I cannot think of any expense connected with that.
    What would be your recommendation going forward, assuming 
that one of the possibilities is not Federally funding every 
courthouse in the country to change over?
    Mr. Bacarisse. Correct. At this point, Mr. Chairman, we 
have calculated the cost of redaction at about $8.07 per 
document. And when you consider that I have 6 million Social 
Security numbers in my database today, that is a cost I do not 
believe any local government could absorb.
    Chairman Shaw. It is how much per document?
    Mr. Bacarisse. Eight dollars per document. When you are 
talking about human staff time because you have to have----
    Chairman Shaw. Is this because you have to go back and 
change the microfilm? I guess?
    Mr. Bacarisse. You would either have to do that or we began 
in November of 1998 digitally imaging all of our court minutes, 
which are the signed orders in civil courts. So, there is some 
technology available today that would enable you to redact 
sensitive information but here again it is labor. It is labor 
costs. You are paying someone to go in and do that work that 
they had not previously had to do. So, local governments will 
have to figure out a way in which to handle that additional 
burden.
    We believe that if that is going to be the case that 
perhaps the best way to do it is just to say at the time that 
the document is publicly requested, that information is 
redacted. It would be a little easier for us to handle 
administratively than just to have us go back wholesale and do 
this.
    Of course, we also, I believe the Congress should ask 
States to change their laws. We are mandated by State law. The 
bar is mandated in the family code at least 15 times, 15 
different statutes within the family code, to get that 
information and place it in the document.
    Chairman Shaw. Let me interrupt you right there. Are you 
required by Federal law to take the Social Security number and 
place it on the public document?
    Mr. Bacarisse. I am required by State statute to do that.
    Chairman Shaw. State statute?
    Mr. Bacarisse. Yes, sir. The bar, actually.
    Chairman Shaw. In a lot of instances the Federal law would 
not override State law but in this instance, in that the social 
security number is issued by the Federal Government, we can 
certainly legislate that the social security number is the 
property of the Federal Government and then from that point 
forward go back and dictate how it can or cannot be used.
    Mr. Bacarisse. Yes, sir. As a matter of fact, in a case 
affecting a parent-child relationship, a divorce with children 
involved, the State family code says that the Social Security 
numbers of the two parties in the divorce, as well as all the 
children, be listed in the decree, in the document.
    Chairman Shaw. Is that typical? It has been 20 years since 
I practiced law. Is that typical?
    Mr. Bacarisse. I believe these statutes have been on the 
books in Texas for quite a while. These are not new statutes. 
So, it is unfortunate that the bar is being commanded to put 
this information in documents which they then file with our 
office, which are open records. In a sense, the bar is being 
placed in a ticklish position of potentially placing their 
clients' privacy at risk, possibly.
    Chairman Shaw. I think we ought to probably poll the 
different States to find out exactly the ways under the various 
State laws the use of Social Security numbers are mandated.
    Mr. Bacarisse. Sir, I think you would find that a fairly 
high number in different States and I think you would be quite 
surprised.
    Chairman Shaw. Well, we ought to check that out. Thank you.
    Mr. Bacarisse. Thank you, Mr. Chairman.
    Chairman Shaw. Thank you, Mr. Collins.
    Mr. Collins. One last question. Supposing--do you like that 
word? That is a good Southern word. Supposing we pass 
legislation to stop the use of it today, the Social Security 
number. What would you do with all of the existing data that is 
already out there for the purpose of misuse, all these 
websites? If I had one of those websites and I was intending to 
help somebody violate the law and commit a crime, I would just 
simply print them out, sell them on the black market.
    Mr. Bacarisse. That is a good question, Congressman. I 
think that as somebody said earlier, the genie is already out 
of the bottle and I do not know how you are going to get that 
cleaned up but at least from this point forward we might have 
some measure of protection which is greater than we do today.
    There is another website that was not shown today called 
Ancestry.com and they have over 65 million Social Security 
death records. I typed in the last name of Bacarisse and put 
State of Texas and there are all my dead relatives and their 
Social Security numbers and their last known address there.
    So, it is not only the living; it is the dead that can have 
their identities stolen.
    Mr. Collins. I think we have ourselves a real political 
problem, those of you for it and those of you against it. Thank 
you. It has been a very interesting hearing. I appreciate each 
one of you being here.
    [Whereupon, at 1:00 p.m., the hearing was adjourned.]
    [Questions submitted from Chairman Shaw to the panel, and 
their responses, follow:]

                       Harris County District Clerk
                                  Houston, Texas 77210-4651
                                                      July 18, 2001
The Hon. E. Clay Shaw, Jr., Chairman
Subcommittee on Social Security
B-316 Rayburn Office Building
Washington, D.C. 20515
    Dear Chairman Shaw,
    I was glad to testify before your Subcommittee on May 22 regarding 
the integrity of Social Security programs. Thank you for so carefully 
considering my recommendations and asking for more details.
    You had five sets of questions. Here they are, with my answers:
    1. You indicated that it would cost $8.07 to redact any Social 
Security numbers in a public document. You also indicated that you 
expect the overall financial impact to be similar to that of Maricopa 
County, AZ, whose Clerk of Court indicated he would have to hire an 
additional 25-30 staff and the cost could run $1 million per year. Is 
this additional cost based on redacting the number of pages your office 
certified last year, 930,000? Could you provide more detail as to why 
it would require that much additional staff?
    The cost figure reflects our redacting the documents--usually 5-15 
pages each--represented by those 930,000 pages and maintaining our 
current level of customer service. (Seldom does anyone wait more than 
an hour for a document from our office.)
    Also, please note that the $8.07 cost of redaction per document 
estimate is based on the work's being done by our lowest-paid clerk. 
Assuming those 930,000 pages are in documents averaging 10 pages, that 
would be 93,000 documents a year redacted at a cost of $8.07 each, or 
$750,510 a year in salaries alone. Benefits, equipment and space costs, 
etc. should be added to that.
    Note how closely that figure matches the $1 million a year 
estimate, which was arrived at using a different method. (I took 
Maricopa County's estimate of the number of personnel needed but used 
Harris County's salary and benefits numbers.)
    Also, Maricopa County has advised me that the staff it uses for 
redaction is paid $9-10 an hour (plus benefits), so its cost would be 
even higher than Harris County's. Maricopa County stresses that its 
estimate of additional staff is very conservative and was based on only 
the work done at the main office, with the branch offices doing about 
25 percent more.
    2. The legislation introduced from this Subcommittee does not 
require the redaction of the Social Security numbers from documents if 
they are not provided to the general public. In addition, the redaction 
is prospective. Would this reduce the total cost you believe would be 
incurred?
    No, it would not. We have ``open courts'' in this country, and that 
principle is vital. With few exceptions, ALL our documents may be 
provided to the general public. The estimate was based on the pages we 
already are providing the public.
    Through 1998, according to the Social Security Administration, 391 
million SSNs had been issued. Those SSNs are circulating now. Redacting 
only those Social Security numbers acquired after some future date 
would do little good, in my opinion.
    3. You stated in your testimony that State and local governments 
want to work collaboratively and cooperatively with us to safeguard all 
our citizens' privacy. How do you suggest we ``safeguard all our 
citizens' privacy''? What should we focus on?
    Each person must be made aware that he/she has a primary 
responsibility for safeguarding his/her own privacy. Everyone must be 
educated about when and to whom confidential information should be 
provided and how to protect it. Shredders should be as common as 
televisions. Identity thieves should be pursued more enthusiastically. 
We must educate the public that a huge reason merchants want so much 
information is that they suffer so much from bad checks--and increase 
the penalties on people who write bad checks and make more effort to 
catch and prosecute them.
    4. You mentioned that any laws must be effective and enforceable. 
What would be an enforceable law in your opinion? Is there any way, 
going into the future, that your operation could limit the use and 
access of SSNs in divorce and child support cases and still enforce the 
child support laws?
    The current laws probably are enforceable but not very effective. 
Given the millions and millions of Social Security numbers floating 
around and available worldwide, no law will be very effective until 
almost all individuals decide they are going to take responsibility for 
protecting themselves. That won't happen if the public is convinced 
that all it takes to protect privacy is for Congress to pass the right 
law. Again, the collection of Social Security numbers and many other 
personal identifiers is driven by the dishonesty of hot-check artists, 
people who default on loans, etc. A law could fund an educational 
campaign that points out how the actions of a relatively few dishonest 
and/or irresponsible people are threatening the privacy rights of all 
of us.
    I do not believe it would be possible to enforce child support, 
divisions of pension benefits, community property divisions, etc. 
without something like a Social Security number that by law is 
connected to virtually all wages, interest and dividends paid to anyone 
and all taxes, license fees, etc. paid by anyone. If we did not have 
Social Security numbers, we would have to invent them!
    5. You stated that each year Harris County sells about 930,000 
certified pages from family law cases. Can you explain for what 
purpose? How are the purchasers using the information from these pages? 
Can they sell this information to others?
    Former spouses must have certified copies of divorce decrees and 
other documents to obtain Social Security benefits, pension benefits, 
divisions in probate court, banks and home loans and some licenses 
(including a marriage license after you have been divorced). Also, two 
associations serving apartment owners and managers purchase lists of 
recent felony convictions. The lists show the Social Security numbers 
of some but not all the felons on those lists. Clearly, the purchasers 
can resell the information, but my staff does not know of anyone 
obtaining numbers simply to resell the numbers.
    I hope these responses are helpful. If you need more information, 
do not hesitate to contact me.
            Sincerely,
                                          Charles Bacarisse
                                                     District Clerk

                                


                                      Privacy Times
                                        Washington DC 20009
                                                      July 19, 2001
The Honorable E. Clay Shaw, Chairman
House Ways & Means Committee
Subcommittee On Social Security
U.S. House of Representatives
    Dear Mr. Shaw:
    Thank you for this opportunity to comment on the bill; 
unfortunately, other obligations and deadlines have significantly 
limited the amount of time I have available to work on this. But I hope 
I will be freer in the near future to help as your bill evolves.
    Question 1. In your testimony you listed 4 goals that Social 
Security number privacy legislation should achieve. As you know, 
members of this Subcommittee recently introduced H.R. 2036, bipartisan 
legislation restricting the sale and display of the Social Security 
number in the public and private sectors. I am interested in your 
thoughts as to the legislation.
    First, does it accomplish these goals? For example, does it go far 
enough in restricting the sale and display of Social Security numbers 
by Federal, State and local governments? If not, what do you recommend?
    Second, the legislation provides for a prohibition of an 
individual's Social Security number from appearing on their driver's 
license. Was this sufficient?
    Third, it removes the Social Security number from the credit header 
and placed it in the credit report. Your comment?
    Fourth, what standards should we set for all organizations that 
collect and maintain Social Security numbers?
    (1) HR 2036 substantially advances my stated goals of
           Ban the sale of SSNs by the private sector, 
        particularly as part of credit headers.
           Prohibit the sale and display of SSNs by Federal, 
        State and local governments.
           If not an outright ban on the use of SSNs as a 
        driver's license number, then mandate that DMVs can only use 
        the SSN if the driver opts in, as is currently practiced in the 
        District of Columbia.
    However, it does not address my 4th goal, which is the standard 
your bill should include for any organizations that collect and/or 
maintain SSNs. The standard is straight from the U.S. Privacy Act. A 
private right of action should apply to violations of this standard, 
and to any section of the bill.
           Place a duty on all organizations that collect and 
        maintain SSNs to ``establish appropriate administration, 
        technical and physical safeguards to insure the security and 
        confidentiality of records and to protect against any 
        anticipated threats or hazards to their security or integrity 
        which could result in substantial harm, embarrassment, 
        inconvenience, or unfairness to any individual on whom 
        information is maintained.'' (This standard is from the U.S. 
        Privacy Act of 1974)
    In addition to drivers licenses, all organizations, particularly 
universities, should be barred from displaying SSNs, like when they 
post students' grades, or on organizational ID cards, like student or 
employee ID.
    As recommended by the Privacy Protection Study Commission (PPSC), 
the legislation should create an independent privacy oversight office, 
as oversight and enforcement will be needed. Moreover, the legislation 
must formally require that any future legislative proposals for 
expanding uses of SSNs be brought before the Subcommittee and its 
counterpart in the Senate.
    Question 2. You mentioned that the sale of Social Security numbers 
and the coercion of individuals to needlessly give their numbers should 
be banned, with few exceptions. What exceptions do you think would be 
appropriate and why? How are Social Security numbers protected in these 
exception cases?
    (2) I don't favor exceptions, though it is possible that some 
entities could come up with exceptions to which few people would 
disagree. I will consider exceptions as they are proposed.
    Question 3. In other testimony before the Subcommittee, the use of 
Social Security numbers for child support cases was highlighted. How do 
you deal with an issue like this where the welfare of the child may 
depend on the ability to find the father, and that rests with knowledge 
of his Social Security number? Is this a legitimate reason for 
government to use the Social Security number?
    (3) The Child Support system has been exempted from virtually every 
privacy rule, yet they continue to complain they still do not have 
enough tools. I assume they will be exempted from most SSN 
restrictions. They should still be responsible for protecting the 
security of the number, and guard against unauthorized use. Given the 
many exceptions they enjoy, I think the real problem is the nature and 
design of the child support system and some of the people who operate 
it.
    Question 4. In your testimony, you mentioned corporations that 
provide privacy protections for consumers such as the wireless 
communications industry. What are they doing to provide such 
protections?
    (4) The wireless industry sees privacy as integral to the success 
of M-Commerce, and therefore has petitioned the Federal Communications 
Commission for a strong, opt-in privacy standard for the use of 
consumer location data. Another important new development is the 
single-use or disposable credit card number which is only good for one 
transaction and therefore becomes worthless. American Express, MBNA and 
Discover offer disposable credit card numbers to online customers. A 
company called PrivaSys to which I consult is creating a plastic credit 
card with disposable number functionality.
    Question 5. Last session, Congress passed the Gramm-Leach-Bliley 
Act. What, if any, shortfalls, does it have in protecting Social 
Security numbers? Once begun, do you think consumers will feel 
confident these new protections in the financial sector are adequate?
    (5) For starters, Gramm-Leach-Bliley failed to put a strong enough 
duty on banks to safeguard SSNs, and to create a private right of 
action against banks that violated that duty. The negative public 
response to the GLB customer notice already has shown that GLB is 
wholly inadequate to protect consumer privacy. However, it a perverse 
sort of way it has advanced privacy by helping to educate consumers how 
poorly their financial privacy is protected.
    Question 6. Mr. Bacarisse stated in his testimony that Harris 
County and its taxpayers would bear a financial burden if they had to 
hire additional staff to redact the Social Security number from 
documents that they receive in their office. Are you concerned about 
the cost that will be borne by the taxpayers?
    Do you have any suggestions for these governmental agencies in ways 
to handle the redaction of Social Security numbers?
    (6) It is not practical to require every court, State and/or local 
government to redact SSNs from every piece of paper that is publicly 
available. However, the legislation should basically override every 
rule that requires individuals' SSNs to provided as part of a record 
that will be publicly available. Second, create a process by which 
individuals can have their SSNs redacted from paper records, like 
people who have been through divorces, bankruptcies, etc. Third, if 
SSNs are stored electronically and are publicly available, then 
automated software programs could use ``find and replace'' functions to 
redact SSNs in a non-burdensome and low-cost way.
    Question 7. You stated that Social Security numbers were not widely 
used in the private sector prior in 1976. You stated that TRW (now 
Experian), a major credit bureau, did not use it as its main identifier 
for credit reports. Assuming that credit bureaus like TRW did not have 
difficulty identifying individuals in 1976, can you tell us why the 
Social Security number is so critical now?
    (7) Organizations claim the SSN is critical to identifying someone 
because so many of them are accustomed to using it. But the reality is 
that information technology allows many alternatives to SSNs, including 
PINs and passwords. A positive result of this legislation will be to 
wean organizations from their reliance on SSNs. This will not happen 
overnight, but will be an evolutionary process.
    Question 8. In their testimony, Mr. Dugan, Mr. Plesser and Ms. 
Leroy all mentioned the powerful consumer benefits to be derived from 
the use of an individual's Social Security number as a common unique 
identifier. What is your response?
    (8) The Dugan/Plesser arguments about ``powerful consumer 
benefits'' because of the SSN are largely specious. These same 
``benefits'' which they proclaim remain after this legislation puts the 
appropriate restrictions on their clients from exploiting SSNs without 
consumer consent. It's simply a matter of adapting systems so they 
don't rely on SSNs. In the financial world, it's already mandated that 
banks use SSNs, so that won't change current practice.
    Question 9. Would you agree with Mr. Plesser's testimony that the 
best means of preventing identity fraud is through use of personal 
identifying data like the Social Security number, often matched through 
individual reference services?
    (9) No, Mr. Plesser has it backwards. The credit reporting 
agencies' over-reliance on SSNs has facilitated fraud. Identity thieves 
know that as long as they have an innocent victim's SSN, the credit 
reporting agencies' systems will tolerate different first and last 
names, different addresses, even different States. Moreover, some of 
the IRSG group members do not provide one of the most fundamental anti-
fraud solutions: easy consumer access to their own data.
    I'd look forward to working with the subcommittee.
            Yours truly,
                                             Evan Hendricks
                                                   Editor/Publisher

                                


                    Financial Services Coordinating Council
                                             Washington, D.C. 20004
    1. The deterrence and prevention of fraud is an on-going effort of 
the financial services industry. Banks, insurance companies, and 
securities firms rely on information available from both public and 
private sources--with embedded social security numbers (SSN) to ensure 
correct identification--to check for inconsistencies that may suggest 
the occurrence of fraud or identity theft. Just as with any other crime 
in our society, best efforts will likely not be successful in 
eliminating every occurrence of a criminal activity. Elimination of 
financial fraud and abuse involving SSNs is our goal. While that is an 
ambitious goal, the financial services industry will use every tool 
available to us in order to limit such crimes as much as possible. The 
SSN is one of those tools, and it is one of the most valuable. [See my 
comments previously sent.] We are unable to comment on the specifics of 
this matter because we do not have enough facts concerning how this 
particular identity theft may have been perpetrated. However, financial 
institutions are required under section 501 of the Gramm-Leach-Bliley 
Act to implement policies and procedures that protect the security and 
confidentiality of customer information. Federal and state agencies 
have, or are in the process of, promulgating guidelines and regulations 
that financial institutions must follow to ensure that customer 
information is not misused by fraudsters. In this regard, the federal 
banking agencies recently issued advisory letters which specifically 
focused on the protection of customer information against identity 
theft. We believe that financial institutions are well along in the 
process of implementing systems and procedures that bolster their 
ability to prevent and detect identity theft perpetrated through the 
use of social security numbers or otherwise.
    2. Financial institutions do not sell social security numbers 
except indirectly as incidental to normal business transactions, such 
as the sale of portfolio and securitization. The Gramm-Leach-Bliley Act 
(GLBA) and the federal and state laws and regulations which have been 
adopted to implement the GLBA already provide very specific rules and 
limits on the ability of financial institutions to disclose nonpublic 
personal information (NPI)--including SSNs--as well as to redisclose 
and reuse SSNs. As a result, additional restrictions on financial 
institutions' disclosures of SSNs are unnecessary and would conflict 
with these existing laws.
    More specifically, GLBA Section 502(c) provides that a 
nonaffiliated third party which receives NPI from a financial 
institution may not disclose such information to another nonaffiliated 
third party unless such disclosure would be lawful if made directly by 
the financial institution. Accordingly, an unrelated third party which 
receives a social security number from a financial institution is 
subject to the same rules to which the financial institution is subject 
in connection with any redisclosure of the social security number. The 
federal banking regulators and the state insurance regulators elaborate 
on this limitation in their respective rules to implement the GLBA. 
They provide very specific guidance with respect to the use and 
disclosure of NPI, including social security numbers, both by financial 
institutions and by nonaffiliated third parties which receive NPI from 
financial institutions. (GLBA Banking Regulators' Rules 
Section______.11 and National Association of Insurance Commissioners 
(NAIC) Privacy of Consumer Financial and Health Information Regulation 
Section 12.)
    In our testimony we expressed the concern that a prohibition on the 
direct or indirect sale of social security numbers could have the 
unintended consequence of being construed to apply to usual and 
customary business activities such as the sale of assets among 
financial institutions or the sale of financial institutions. Such a 
prohibition necessarily would be of grave concern to financial 
institutions. No inference should be drawn from our testimony that 
financial institutions sell social security numbers as free-standing 
commodities.
    Finally, any restrictions on financial institutions' use or 
disclosure of social security numbers beyond those already imposed 
under the GLBA and related federal and state laws and regulations are 
likely to have further unintended consequences and to impair financial 
institutions' ability to combat fraud and identity theft and to provide 
customer service for the reasons set forth in our testimony.
    3. Financial institutions use a variety of public records, 
including bankruptcy records and records involving real estate liens. 
They also use criminal and fraud detection databases, such as the 
National Fraud Center database, which are developed using public 
records. Access to information in public records, including social 
security numbers, is important to financial institutions' efforts to 
uncover fraud and identity theft, to verify customers opening new 
accounts, to maintain internal security operations, and to make sound 
credit and other financial product determinations. It is also important 
for third parties such as credit bureaus to continue to have access to 
this information as well. Financial institutions rely upon these third 
parties to prevent and detect fraud and identity theft.
    We believe that legislation to address identity theft should be 
carefully targeted to that particular problem and should avoid 
restrictions on normal and beneficial uses of social security numbers 
which actually serve to protect consumers against fraud and identity 
theft and which improve customer service. The type of fraudulent 
activity with which the Subcommittee is concerned does not arise from 
the aforementioned uses of public records. We are concerned that broad 
restrictions on the use of social security numbers could have the 
opposite effect from that intended by the Subcommittee and could result 
in making it easier for individuals' identities to be stolen.
    4. For the reasons stated above in response to question # 3, we 
believe that legislative efforts should be carefully targeted to 
address the specific fraudulent activity which is of concern and should 
avoid normal and beneficial uses of social security numbers.
    5. We recognize that there are circumstances under which the use of 
social security numbers could be harmful. Identity theft associated 
with the misuse of social security numbers is a prime example. There 
are already some existing laws which address identity theft. Stealing 
someone's identity is punishable by civil and criminal penalties under 
18 U.S.C. ' 1028 and the GLBA makes it a federal crime to obtain 
customer information of a financial institution through fraudulent or 
deceptive means (so-called ``pretext calling). 15 U.S.C. Sec. Sec. 6821 
et seq. As noted above in our responses to questions #'s 3 and 4, we 
believe that legislation to restrict use of social security numbers 
should be carefully crafted to address the problems of identity theft 
not currently addressed in existing law.
    6. As stated in our response to question #2, we believe that the 
GLBA and the federal and state laws and regulations adopted to 
implement the GLBA already impose comprehensive restrictions on 
financial institutions' disclosure and reuse of social security 
numbers. These laws also address the circumstances under which a 
consumer must be given the opportunity to direct that his or her NPI, 
including a social security number, shall not be disclosed by a 
financial institution. Therefore, an additional requirement that 
financial institutions obtain consent prior to re-use or re-disclosure 
would not only give rise to a significant administrative problems and 
considerable expense, but would be in conflict with existing law 
governing financial institutions on the federal and state levels. Any 
restriction on access to social security numbers in public documents 
would give rise to the concerns addressed in our response to question 
#3.
    7. We believe that existing federal and state law and regulations 
adequately and appropriately govern financial institutions' use and 
disclosure of social security numbers as expressed above and as stated 
in our testimony.
            Sincerely,
                                              John C. Dugan
                                       Partner, Covington & Burling

                                


                        Individual Reference Services Group
                                                      July 19, 2001
    Subsequent to the IRSG testimony, the IRSG has agreed not to 
further pursue its appeal challenging the FTC's treatment of credit 
header information under the Gramm-Leach-Bliley Act. As a result, the 
IRSG is now facing a world of ``regulated credit headers.'' Therefore, 
the IRSG is in the process of evaluating its self-regulatory program, 
which was developed to respond to a pre-GLB world.
    The answers we are providing to you are based on the IRSG 
Principles as applied to date. To the extent that this self-regulatory 
approach changes, we will inform the subcommittee.
    1. You indicated in your testimony that the Individual Reference 
Service Group's (IRSG) principles focus on non-public information about 
an individual neither available to the general public nor obtained from 
a public record. Is it correct then to say that if the Social Security 
number you obtained from credit headers was obtained originally from 
public records, these principles would not apply?
    No, this is not accurate. All information obtained from a credit 
header would be deemed subject to the IRSG Principles.
    2. Not many people know of the IRSG industry and what it does. You 
indicated that your members are committed to educating the public about 
their database services. Shouldn't they know what information you 
maintain and their access and rights to the use of that information? 
What steps have IRSG members taken to educate the public?
    The IRSG has undertaken educational efforts to ensure that the 
public is aware of its self-regulatory Principles governing the 
dissemination and use of personal data. The IRSG Web site serves as the 
cornerstone of these education efforts. This site enables visitors to 
read the IRSG's self-regulatory Principles, and provides links to each 
of the member companies' privacy policies, which discuss the individual 
companies' information practices. The member companies' Web sites 
themselves also help educate the public about the commitment these 
companies have made to responsible information use. For example, 
ChoicePoint provides its users with IRSG FAQs. See <> Similarly, Acxiom educates the public 
by informing consumers at its Web site ``what every consumer should 
know'' about its privacy. See <en7779380
0,00.html>>. In addition, several member companies, such as LexisNexis, 
produce educational brochures, targeted at both employees and members 
of the public, that explain the IRSG self-regulatory Principles. See 
attached Exhibit 1. Finally, the FTC Web site maintains various 
information about the IRSG.
    3. You indicated in your testimony that you oppose legislation that 
would ban the purchase and sale of Social Security numbers by 
businesses that have legitimate business purposes to use the number. 
Could you elaborate on your objections? For example, what is a 
legitimate business purpose?
    Any legislation that would restrict the use of SSNs to match 
records or allow retrieval of location information for an individual by 
searchers who already know that SSN would seriously undermine the broad 
range of important and socially beneficial activities by government, 
businesses and non-profit users that rely upon the use (but not 
display) of a known SSN obtained from a commercial database. For 
example, it would undermine: efforts to detect fraud and combat 
identity theft; child support enforcement; efforts to locate pension 
fund beneficiaries; and non-profit health services' efforts to locate 
blood, bone marrow, and organ donors.
    Legitimate business purposes also include: the facilitation of 
credit checks or background checks of employees, prospective employees, 
and volunteers; the retrieval of information from, or by other 
businesses, commercial enterprises, governmental agencies or private 
non-profit organizations; and identifying or locating individuals or 
verifying their identities, as well as verifying the accuracy of 
information identifying individuals. These purposes should not include 
the provision of SSNs on the Internet to the general public.
    4. You testified about the uses of individual reference 
information. What role does the Social Security number play in 
obtaining this information? Is there no other way for your group to 
obtain the same information?
    SSNs are used in our industry as a glue to ensure the accuracy of 
information as well as to ensure that information is attributed to the 
correct individual. Although there are other ways to match information, 
our experience indicates that SSNs are the best tool for indexing and 
organizing data accurately.
    5. You stated that restricting the use of the Social Security 
number to indexing and verification would result in more rather than 
less identity theft. What studies do you have to support this?
    This statement is based upon our members' experiences in furnishing 
anti-theft products to their clients. Our members' databases are used 
by department stores, banks, insurance companies, utility companies and 
governmental entities to detect and stop identity theft. Without SSNs, 
our members' experience has been that it is more difficult to detect 
perpetrators of fraud who use another's identity to illegally obtain 
products, services, or money.
    6. You indicated that if a company receiving information from one 
of your members did not comply with the principles for resale, they 
risked losing access to the data. Have any companies been found to be 
in non-compliance so that their access to members' data has been cut 
off? How would that work? If I am found to be in non-compliance with 
one member, would all members of the IRSG be prohibited from supplying 
me data? How could I correct my non-compliance?
    The IRSG Principles were designed so that no IRSG suppliers would 
give information to companies in contravention to the Principles. That 
is, the signatories to these Principles require by contract that all 
companies buying non-public data from them for resale abide by the 
Principles then in effect. That has been the dominant practice. Any 
signatory company may be responsible under existing federal and state 
law on deceptive practices if the company fails to live up to these 
Principles. In addition, every IRSG member company is subject to an 
annual outside assurance review by qualified independent professionals. 
Information is provided only to IRSG member companies that successfully 
complete the annual assurance review.
    7. You indicated that each member undergoes independent assurance 
reviews. Are copies of the reviews provided to the Federal Trade 
Commission? If not, what do you provide the Federal Trade Commission 
regarding the results of these independent reviews?
    Each company is required to submit to the IRSG coordinator a copy 
of the letter it has received from an independent assessor certifying 
compliance with the Principles. We do not have back-up documentation of 
the assurance reviews, other than the letter indicating successful 
compliance. We have attached to this document examples of assurance 
letters. See attached Exhibit 2. We post, on an annual basis, a 
statement indicating successful completion of assurance reviews, and 
the names of the independent assessors that performed the assurances. 
See << www.irsg.org/html/irsg__assessment__letters__2000.htm>> for 2000 
assessment letters. In addition, the criteria used for the assessments 
are posted on the IRSG Web site and the fact that these criteria are 
publicly available is referenced in the assessment letter.
    8. You mentioned that companies that buy information from your 
members must sign a contract requiring them to abide by your 
principles. Who monitors compliance with the principles among your 
members' customers?
    The procedures vary from company to company, but compliance is 
monitored through the annual audit.
    9. You stated that if your members' customers don't comply with 
your principles, they risk losing access to the data they need. Isn't 
there a financial incentive for your members to overlook violations of 
the group's principles, since they would lose a customer and lose 
profits?
    IRSG member companies may be responsible under existing federal and 
state law on deceptive practices if the company fails to live up to the 
IRSG Principles then in effect. Both the FTC and state AGs have 
authority to prosecute such violations.
    10. Recently an article appeared in the Washington Post detailing 
how individuals would provide false information to on-line data brokers 
in order to obtain personal data. How do your member companies prevent 
somebody from purchasing personal data for illegal purposes? In other 
words, how do your member companies determine what is a legitimate 
request?
    Principle V of the IRSG Principles sets forth the criteria for 
distribution of non-public information. The nature of non-public 
information being requested and the intended uses of such information 
determine what access a subscriber has to information. Companies that 
offer non-public information without restriction of its contents only 
provide such information to qualified subscribers who satisfy the 
requisite conditions. Member companies undertake extensive screening 
processes to pre-qualify users of these products. Such measures include 
positive proof of identification, site visits by account 
representatives or independent verification of customers' name and 
affiliation. Companies also have guidelines for acceptable uses of 
information. Where a new use is contemplated, the new use is reviewed 
to determine whether this use comports with the Principles.
    11. Do you have any statistics that support your assertion that 
reference services reduce credit card identity fraud?
    No. We do, however, have anecdotal evidence from law enforcement 
and our members' customers that supports this assertion.
            Sincerely,
                                          Ronald L. Plesser

                                


                        Pension Benefit Information
                                  Tiburon, California 94920
                                                      July 24, 2001
Honorable E. Clay Shaw, Jr.
Chairman of the Subcommittee On Social Security
House of Representatives
Washington, DC 20515
RE: Testimony before Subcommittee On May 22, 2001--Identity Theft 
issues
    It was a privilege to testify before your Subcommittee and it is 
very gratifying to know that someone is listening. Thank you for this 
opportunity to respond to the questions you pose regarding privacy and 
Social Security Numbers.
    Question 1. Regarding the information we obtain from pension plans: 
When we receive information from a pension fund administrator or plan 
sponsor, our written policy is to only utilize the information for the 
purposes for which the data was collected. In other words, we pledge to 
do the job our client expects, and at no time do we re-disclose the 
information. We share no information outside of the client 
relationship.
    Response. We do keep the information we collect in our system, 
because over time, we receive numerous calls from participants who want 
to update their address for a second or third time. In effect, we 
become an ``update'' agent for people who were once lost, and want to 
stay ``found''. The information we store is available only to 
privileged users in the company with proper passwords, and every record 
entered or altered is encoded with the users name/date/time. Records 
cannot be printed from data entry screens.
    Question 2. Each day in our business we are keenly aware of the 
importance of an individual's Social Security Number. It is a very 
vital pointer to an individual, and it is unique in that it points to 
only one person. I believe strongly that there should be restrictions 
on the use of the SSN, and it should be predicated upon the intent of 
the user, and oversight might be an important key. By way of example, 
let me explain our relationship with the IRS. We presently utilize the 
IRS letter-forwarding service, for the difficult cases we encounter--
people that cannot be found any other way. We submit a letter to the 
IRS and pay a fee to have the IRS forward the letter to the person who 
owns the SSN that we submit for the search.
    Response. The IRS uses the utmost care in investigating the users 
of this service, and each user must pass the litmus test: the location 
of the individual must be for the benefit of the individual. We have 
been utilizing this IRS program for over 11 years, month in and month 
out. This opportunity to use the IRS resources to locate people is 
available to our company because we pass the test of legitimacy--a test 
administered by the IRS. I am suggesting that the personal data be 
restricted, and that users be bonded, submit documentation on 
procedures, subject themselves to outside audit if necessary, and bear 
the burden of proving the need to know. Legitimate business can pass 
these tests.
    Restrictions on usage of personal data, I believe, should be 
governed by the opportunity for personal benefit for the individual. In 
the case of restoring pension benefits to an individual, I believe that 
the personal benefit is real and tangible, because at one time the 
individual chose to enter the plan. By making a conscious choice to 
participate in the plan certainly underscores the benefits. This logic 
can be used with bank and brokerage accounts, insurance policies, and 
other such vehicles of personal benefit as well. For the record, may I 
also include class action lawsuits. We have been involved with 
searching for beneficiaries of class actions, and the benefits are 
obvious.
    Lately, many millions of dollars have been spent in creating and 
disseminating privacy notices to individuals. These have largely been 
thrown away and ignored, because the public does not generally perceive 
the banks and insurance companies as the agents of privacy breaches. 
Perhaps they contribute to the ``junk mail'' we all receive, but not 
identity theft. The legitimate exchange of data that was effectively 
stopped in its tracks by the FTC interpretation of Title V under the 
recent GLB Act was not the source of harm to the greater public. The 
real danger has been the proliferation of the heretofore unregulated 
internet, and its data collection and dissemination ethics. There have 
always been scam artists, pickpockets, and savvy schemers that could 
invade a person's private life, but now the internet has made their 
criminal endeavors a lot easier, and more removed from the light of 
day. Additionally, the manner in which credit is extended to the wrong 
individuals is shocking. Surely there must be some checks and balances 
before a person can receive a new credit card with a stolen identity? 
We all receive multiple offers each week for yet another . . . must 
have . . . credit card. I believe the credit grantors are not suffering 
enough pain to stop this cycle, and that once they tighten up the 
credit-granting process, at their own expense, theft identity will 
begin to diminish, and thieves will move on to more lucrative avenues. 
As long as a criminal can open up several credit accounts, wrestle into 
bank accounts, and juggle multiple identities, identity theft will 
continue and flourish, despite the new privacy laws.
    Whatever the punishment might be for misusing an individual's SSN, 
it has not been a deterrent to date, and I feel it has become even 
easier to commit such crimes, via the internet. Credit scam factories, 
versus individual small-time thieves present different problems, and I 
feel it is the responsibility of the criminal justice system to provide 
adequate investigation and punishment. Certainly restitution to the 
parties harmed must be enacted, and credit grantors must step up to the 
plate if they have allowed ``easy credit'' to criminals.
    Question 3. Regarding prior consent for using an SSN to look for a 
person, may I say that YES, this could be one way in which to operate 
our business. An employer could, at hiring date, or entry into the 
pension plan, require a release from each individual. And then file the 
release away somewhere, in case it is needed. And then, better be able 
to find it on the day the person comes up missing. (What about all the 
millions of people that have not signed a consent form at this time, 
and are missing now--or may turn up to be missing later?) Because of a 
crackdown on the criminal uses of SSNs, the burden of privacy will now 
move to employers and employee benefit programs. Not only will the 
employers/plan sponsors have the task of proper enrollment forms, 
vesting requirements, investment protocols, plan document construction, 
notification procedures, ERISA requirements, DOL reporting 
requirements--you see my point here? The benefits industry presently 
operates under so much legal pressure, that it will be construed as 
burdensome to put yet another set of documents under their purvey. And, 
like all other aspects of business, benefits departments are moving to 
a paperless environment. For a company like General Motors, this would 
involve more than 300,000 pieces of paper. How do you file them? Where 
do you keep them? Do they stay in Detroit, or do they go out to the 
various operating plants? What if they sell a division? Where do the 
forms go now? How do you find all the forms for the division being 
sold?
    Response. I think, as stated above, that it is IMPLIED in the 
relationship of plan sponsor/participant that an individual who enrolls 
in a pension plan would likewise want to receive the benefits covered 
under the plan. Why should they have to ``opt-in'' for a concept that 
is clearly understood? If an SSN must be utilized in the process of 
hiring a person, paying a person, withholding taxes from a person, 
filing tax documents, and providing health care and retirement 
benefits, then so be it. There are surely numerous justifications for 
utilizing an SSN. Note here that under the GLB, one of the exemptions 
is for ``employers'' use. When queried, the FTC informed me that this 
was for hiring individuals, and doing a background check as part of 
pre-employment investigations. Ask any man-on-the-street if he would 
rather have his employer use his SSN for an investigation into his 
personal credit history, or for returning vested pension benefits!
    Question 4. After approximately 13 years of locating individuals, 
there is no better resource than the SSN for searching purposes. Names 
are never constants. My own uncle legally changed his first name (after 
Grandma died) because he hated it. Women change from maiden name to 
married name, back to maiden name. Nicknames are used all the time, so 
Anthony becomes Tony to all who know him. Worse, birth dates are the 
most confusing pointers we see as far as information for searching. 
Pension plans often capture only mm/yy for actuarial purposes, and if 
the full mm/dd/yy is collected, it is not always entered correctly into 
the system. When we cannot find a match, is it the month that is wrong? 
Or is it the year? For John Johnson, one might find 1,000 men with that 
name, all born in March, 1945. To eliminate the use of SSN as an 
identifier performs a disservice to the pension plans as well. If you 
wanted to return $10,000 of pension benefits to someone, wouldn't it be 
prudent to make sure you have the right John Johnson? John Johnson with 
the right name and date of birth could be the absolute wrong person 
unless the SSN is utilized.
    Question 5. Regarding the restriction of commercial databases, I do 
not believe that the culprit is the commercial data base industry (or 
information services, to use another name). What they have is valuable, 
vital information, which must be treated with care. There are 
legitimate, beneficial purposes to have access to the information in 
these databases. Because criminals use information that is either 
obtained from or coincidentally resides in these databases does not 
warrant a complete shutdown of the process. I very vividly recall the 
testimony before the Committee from the two poor souls whose identity 
was stolen: they were first victims of theft. Someone had stolen a gym 
bag with a wallet in it, and another person snooped into a medical file 
and lifted information. The tragedy is that the two thieves were able 
to obtain credit with the stolen identities. How can this be? What 
about mother's maiden name? What about previous two addresses? What 
about the city of birth? These kinds of questions can easily be 
answered by the REAL person, and a would-be thief would have a tough 
time with the same questions. I am suggesting that credit is a 
privilege that requires authentication beyond the measures that are 
presently in place.
    Lastly, regarding a move away from Social Security Numbers, I truly 
believe that matching on other personal items will cause more confusion 
and lead to more problems, because of the reasons I presented earlier; 
names and birth dates are not unique. SSNs paired with names are 
unique, and provide the best data. The data needs protection and 
oversight.
    At PBI, my company, we want to do the best job we can in locating 
people who have pension benefits left with a former employer. We need 
accurate data from the pension plan, and likewise, accurate and 
reliable data to guide us in our search.
    Thank you for this chance to respond. I would eagerly welcome the 
opportunity to continue a dialogue on these troublesome issues, and the 
future legislation that can best serve and protect your constituents at 
the same time. Legitimate business to business relationships must be 
preserved for the greater benefit of all, and these same businesses 
should be included in the solution.
            Sincerely,
                                                Paula LeRoy
                                                          President

                                


                U.S. Public Interest Research Group
                                       Washington, DC 20003
                                                      July 20, 2001
The Honorable Clay Shaw
Chairman, Subcommittee on Social Security
U.S. House of Representatives
Washington, DC 20515
RE: Additional questions to witnesses on HR 2036
    Dear Mr. Chairman,
    Thank you for the opportunity to testify on Social Security Number 
misuse. Please note that I concur in full with any more detailed 
comments of my colleagues, Marc Rotenberg of EPIC and Evan Hendricks of 
Privacy Times. I do not repeat your questions below, but answer them in 
the order requested in your letter to me:
    Question 1. In their testimony, Mr. Dugan, Mr. Plesser and Ms. 
Leroy all mentioned the powerful consumer benefits to be derived from 
the use of an individual's Social Security number as a common unique 
identifier. What is your response?
    I disagree with the statement by witnesses Dugan, Plesser and Leroy 
that powerful consumer benefits accrue from using SSNs as supposedly 
unique identifiers. In fact, the sloppy use of SSNs by financial 
institutions and consumer reporting agencies (along with the ease of 
obtaining these numbers) has paradoxically led both to credit denials 
due to mistakes in credit reports (where SSNs do not provide enough of 
a match for consumers to keep their credit reports accurate) and also 
to the growing problem of identity theft (where the ease of 
availability of SSNs makes it easy for thieves to obtain credit in 
others' names). As I point out below in my answer to Question 6, 
numerous flawed practices by both credit repositories and creditors 
lead to identity theft and inaccuracies in credit reports.
    Question 2. You strongly support enactment of overarching privacy 
legislation applicable to all business. You also recommend the 
extension of a strong anti-coercion credit header loophole. As you are 
aware, we recently introduced H.R. 2036, a comprehensive bill aimed at 
restricting access by the general public to the Social Security number 
in both the public and private sectors. I would appreciate your views 
as to what parts of the legislation you support and where you think we 
need to modify the legislation?
    While U.S. privacy legislation has responded to needs as risks have 
been identified, the growing convergence of industry sectors suggests 
that one law applicable to all transactions, if strong enough, may be a 
useful solution. Until we can pass such an over-arching law, which is a 
politically complex endeavor, we should continue to attempt to pass 
positive laws that are achievable in the current political context. I 
believe that your bill, HR 2036, has many positive attributes. Of the 
current SSN protection proposals, it has two extremely laudable 
provisions that are not matched in any other SSN bills: its strong 
anti-coercion provision and its credit header loophole provision (of 
course, Rep. Kleckza, an original co-sponsor of HR 2036, does have a 
separate, broader credit header bill that includes further 
restrictions, but these measures are outside the subcommittee's 
jurisdiction).
    HR 2036 could be improved by narrowing its exceptions, as EPIC 
points out in detail in its responses. I concur with EPIC. In addition, 
the bill could be dramatically strengthened and improved by adding a 
private right of action for data subjects.
    Question 3. You stated in your testimony that you support 
technology forcing time limits on private uses of Social Security 
numbers so that firms are forced to develop more accurate alternatives 
that do enable secondary use of Social Security numbers and potential 
theft. Can you expound on this?
    My point in recommending technology-forcing time limits is simple. 
If the committee, in its wisdom, retains exceptions to the general ban 
on the use of SSNs in the private sector, for example, it should not 
make those exceptions permanent. The only way to wean industry from its 
over-reliance on the SSN is to set sunsets on its uses (or, what I 
called in my testimony, ``technology-forcing time limits''). By 
``technology-forcing,'' I am not suggesting that the committee need 
develop any technical language or technical solutions. All the 
committee needs to do is set a reasonably-short sunset or deadline on 
further uses of SSNs, if it is reluctant to, for example, immediately 
ban private uses on passage. Industries would then be forced to finally 
develop their own technologies to solve the problem of working without 
SSNs.
    Question 4. You stated in your testimony that you oppose the use of 
Social Security numbers as student identification or health record 
identifier. You suggested these uses should be phased-out with the 
enactment of trigger-based, sunset regulation prohibiting the use of 
Social Security numbers in the private sector. Can you elaborate on 
this?
    Your goal should be to put the SSN genie back in the bottle. Again, 
if you face political pressure to grant exceptions to your general rule 
that the use of SSNs as health, college or other identifiers is allowed 
in your final bill, you should force industry to develop more accurate 
identifiers that do not invade privacy or violate the original uses of 
the SSN. Motor vehicle departments have demonstrated that alternatives 
to SSNs can be developed easily. There is no reason not to expect 
schools and hospitals to do the same. The use of the SSN in health-
related situations is especially problematic, since the misuse of the 
SSN acts as a key for significant privacy invasions.
    Question 5. You stated that you have used pretexts to prove how 
easy it is to get personal information. Can you elaborate on what 
pretexts you used and what information you got?
    My use of pretexts has been on the Internet, on behalf of 
reporters, with the permission of the data subject. We have routinely 
visited information broker sites and used the pretext that the data 
subject ``owed me money'' to convince the broker that we met its so-
called ``standards'' to obtain SSNs. We then used the SSN to obtain 
credit in the data subject's name and commit identity theft. Of course, 
high school dropouts can also do this, as other witnesses pointed out 
at the hearing, suggesting strongly that SSNs need to be taken out of 
circulation. The ease of obtaining SSNs, of course, is only part of the 
problem. As I point out in my answer to Question 6, poor practices by 
creditors and credit bureau repositories then abet the problem.
    Question 6. Would you agree with Mr. Plesser's testimony that the 
best means of preventing identity fraud is through use of personal 
identifying data like the Social Security number, often matched through 
individual reference services?
    I disagree with Mr. Plesser that individual reference services 
using SSNs will somehow prevent identity theft. The three national 
credit reporting bureaus (founders and members of the IRSG, at least 
until recently) have used SSNs for years as an identifier: the result 
has been more errors and more identity theft. See PIRG's full platform 
to prevent identity theft at http://www.pirg.org/calpirg/consumer/
privacy/idtheft2000/. Taking SSNs out of credit headers and out of 
circulation, as the District Court's decision upholding the Gramm-
Leach-Bliley rules does in IRSG and Trans Union vs. FTC (District of 
the District of Columbia, 30 April 01) is the better way to prevent 
identity theft.
    Thank you again for the opportunity to testify before the 
committee. We look forward to working with you on final passage of your 
important legislation to protect Social Security Numbers.
            Sincerely yours,
                                             Ed Mierzwinski
                                          Consumer Program Director

    [Submissions for the record follow:]

Statement of David K. Byers, Conference of State Court Administrators, 
                          Arlington, Virginia
    Mr. Chairman and Members of the Subcommittee,
    The Conference of State Court Administrators (COSCA) is pleased to 
submit this statement for the record as the subcommittee examines the 
issue of protecting privacy and preventing the misuse of Social 
Security numbers (SSNs).
SUMMARY
    Mr. Chairman, social security numbers are pervasive in state court 
documents and procedures. The testimony that follows gives the 
subcommittee numerous examples of how we use SSNs in day-to-day court 
proceedings. For example, we use SSNs to identify parties to a case, 
i.e. to determine whether John Smith 1 is different from John Smith 2. 
We also use SSNs to collect fines and restitution. In addition, many 
SSNs appear in the public record in many types of court cases 
including, but not limited to, bankruptcy, divorce and child support 
determination cases. My testimony also details the federal requirements 
imposed on us to collect SSNs for various reasons, for example, to 
track deadbeat parents.
    Mr. Chairman and members of the subcommittee, we are greatly 
concerned about any effort by this Congress to require us to redact or 
expunge social security numbers that appear in public records. We feel 
that this type of requirement would impose an unfunded mandate on state 
courts in this country. The cost to fulfill this requirement would be 
high because many SSNs appear in paper documents as well as other hard-
to-redact microfilm/microfiche.
    At a minimum, we would ask you to wait to take action on this 
matter until you examine the results of an ongoing GAO study on this 
issue in which we have participated.
ABOUT COSCA
    Before I begin my remarks, I would like to provide some background 
on our group and our membership. I submit this testimony as the current 
President of the Conference of State Court Administrators (COSCA). 
COSCA was organized in 1953 and is dedicated to the improvement of 
state court systems. Its membership consists of the principal court 
administrative officer in each of the fifty states, the District of 
Columbia, the Commonwealth of Puerto Rico, the Commonwealth of the 
Northern Mariana Islands, and the Territories of American Samoa, Guam, 
and the Virgin Islands. A state court administrator implements policy 
and programs for a statewide judicial system. COSCA is a nonprofit 
corporation endeavoring to increase the efficiency and fairness of the 
nation's state court systems. As you know, state courts handle 97% of 
all judicial proceedings in the country. The purposes of COSCA are:
           To encourage the formulation of fundamental 
        policies, principles, and standards for state court 
        administration;
           To facilitate cooperation, consultation, and 
        exchange of information by and among national, state, and local 
        offices and organizations directly concerned with court 
        administration;
           To foster the utilization of the principles and 
        techniques of modern management in the field of judicial 
        administration; and
           To improve administrative practices and procedures 
        and to increase the efficiency and effectiveness of all courts.
STATE COURTS' INTEREST IN COLLECTING AND USING SOCIAL SECURITY NUMBERS
    Why is this question of concern to state courts? Why do state 
courts need to require parties to provide their social security numbers 
in the course of state court litigation?
    Identification of parties. A growing number of court systems are 
using case management information systems in which an individual's 
name, address, and telephone number are entered once, regardless of the 
number of cases in which the person is a party. The advantage of these 
systems is to be able to update an address or telephone number for all 
cases in which the person is a party by a single computer entry. Social 
security numbers provide a unique identifier by which court personnel 
can determine whether the current ``John Smith'' is the same person as 
a previous ``John Smith'' who appeared in an earlier case.
    Courts have often used social security numbers to identify criminal 
defendants as well as parties to civil cases. In the future, persons 
accused of crime will be identified by automated fingerprint 
identification systems (AFIS) which scan fingerprints and classify them 
electronically. The primary future need for social security numbers as 
a means to identify individuals will therefore be in civil, not 
criminal, litigation.
    Collection of fees, fines and restitution by courts. Social 
security numbers are the universal personal identifier for credit 
references, tax collection, and commercial transactions.
    When courts give a criminal defendant an opportunity to pay an 
assessment resulting from a criminal infraction in periodic payments, 
the court needs to be able to function as a collection agency. Having 
the convicted person's social security number is necessary for use of 
state tax intercept programs (in which a debt to the state is deducted 
from a taxpayer's state income tax refund) and other collection 
activities. Some states use additional means to enforce criminal fines 
and restitution orders, such as denial of motor vehicle registration; 
social security numbers are often used for these purposes as well.
    Creation of jury pools and payment of jurors. Social security 
numbers are a necessary part of the process by which multiple lists 
(for instance, registered voters and registered drivers) are merged by 
computer programs to eliminate duplicate records for individual 
citizens in the creation of master source lists from which citizens are 
selected at random for jury duty. Duplicate records double an 
individual's chance of being called for jury duty and reduce the 
representativeness of jury panels. Some courts use social security 
numbers to pay jurors as well.
    Making payments to vendors. Social security numbers are used as 
vendor identification numbers to keep track of individuals providing 
services to courts and to report their income to state and federal 
taxing authorities.
    Facilitating the collection of judgments by creditors and 
government agencies. Courts are not the only entities that need to 
collect judgements. Judgment creditors need social security numbers to 
locate a judgment debtor's assets and levy upon them. Courts often 
require that the judgment debtor make this information available 
without requiring separate discovery proceedings that lengthen the 
collection process and increase its costs. Federal law now requires 
state courts to place the parties' social security numbers in the 
records relating to divorce decrees, child support orders, and 
paternity determinations or acknowledgements in order to facilitate the 
collection of child support. On October 1, 1999, that requirement was 
extended to include the social security numbers of all children to whom 
support is required to be paid.
    Notification to the Social Security Administration of the names of 
incarcerated and absconded persons. The Social Security Administration 
cuts off all payments to persons incarcerated in federal, state or 
local prison or jails, and to persons who are currently fugitives from 
justice. The savings to the federal budget from this provision are 
substantial. To implement this process, SSA needs to identify persons 
who have been sentenced to jail or prison and persons for whom warrants 
have been issued. The agency has traditionally obtained this 
information from state and local correctional agencies. See 42 USC 
Sec. 402(x)(3) requiring Federal and State agencies to provide names 
and social security numbers of confined persons to the Social Security 
Administration. The state courts of Maryland are involved in an 
experimental program to provide such information directly from court 
records. The Maryland program has two additional future advantages for 
state courts. First, the program offers the possibility of obtaining 
better addresses for many court records; social security and other 
welfare agencies have the very best address records because of 
beneficiaries' obvious interest in maintaining their currency. Second, 
cutting off benefits may provide a useful incentive for persons 
receiving benefits to clear up outstanding warrants without requiring 
the expenditure of law enforcement resources to serve them.
    Transmitting information to other agencies. In addition to the 
Social Security Administration, many states provide information from 
court records to other state agencies. A frequently occurring example 
is the Motor Vehicle Department, to which courts send records of 
traffic violations for enforcement of administrative driver's license 
revocation processes. These transfers of information often rely upon 
social security numbers to ensure that new citations are entered into 
the correct driver record.
RECENT LEGISLATION
    Last year's legislation, H.R. 4857, the Social Security Number 
Privacy and Identity Theft Prevention Act of 2000, contained the 
following provision:
SEC. 102. PROHIBITION OF PUBLIC ACCESS TO SOCIAL SECURITY ACCOUNT 
        NUMBERS POSSESSED BY GOVERNMENTAL AGENCIES
          ``(xi) No executive, legislative, or judicial agency or 
        instrumentality of the Federal Government or of a State or a 
        political subdivision thereof or trustee appointed in a case 
        under title 11, United States Code (or person acting as an 
        agent of such an agency or instrumentality or trustee), may 
        display to the general public any individual's social security 
        account number, or any derivative of such number.''
    This section has serious implications for state courts in a variety 
of contexts.
    The Welfare Reform Law requires courts to enter social security 
numbers on court orders granting divorces or child support or 
determining paternity. State laws contain similar requirements in other 
types of cases in some states. What steps must a court take to restrict 
access to these documents, which are matters of public record in most 
states?
    Social Security numbers appear in many financial documents, such as 
tax returns, which are required to be filed in court (e.g., for child 
support determinations) or are appended to official court documents, 
such as motions for summary judgments. What steps must a court take to 
restrict access to these documents, which are also matters of public 
record in most states?
    Courts will have substantial increased labor costs in staff time to 
redact or strike the appearance of SSNs in paper records or in 
microfilm/microfiche if the above requirement is imposed.
    Also, in an effort to make courts and court records more open, many 
courts are now beginning to make available many public records on the 
internet either as text/character documents or by scanning and placing 
them online through imaging software (PDF files). While the removal of 
SSN in text/character documents may be relatively easy, other scanned 
records, such as PDF files, will be harder to change necessitating more 
staff and an increase in labor costs.
COSCA RECOMMENDATIONS
    We have recommended that state courts adopt the following policies, 
unless state law directs them otherwise:
    Official court files. State courts should not attempt to expunge or 
redact social security numbers that appear in documents that are public 
records. As was mentioned earlier, federal law requires state courts to 
place the parties' social security numbers in the records relating to 
divorce decrees, child support orders, and paternity determinations or 
acknowledgement in order to facilitate the collection of child support. 
The purpose of placing that data on judgments is not just to provide it 
to child support enforcement agencies; it is also to provide it to the 
parties themselves for their own private enforcement efforts. Any other 
interpretation puts the courts in an untenable position--having an 
affirmative obligation to provide judgments in one form to parties and 
child support enforcement agencies and in another form to all other 
persons.
    This same reasoning applies to income tax returns or other 
documents containing social security numbers filed in court. It would 
be unreasonable to expect courts to search every document filed for the 
existence of social security numbers. Further, court staff has no 
business altering documents filed in a case; the social security number 
may have evidentiary value in the case--at the very least to confirm 
the identity of the purported income tax filer.
    Case management information databases. Data in automated 
information systems raises more privacy concerns than information in 
paper files. Automated data can be gathered quickly and in bulk, can be 
manipulated easily, and can be correlated easily with other personal 
data in electronic form. Data in an automated database can also be 
protected more easily from unauthorized access than data in paper 
files. It is feasible to restrict access to individual fields in a 
database altogether or to limit access to specific persons or to 
specific categories of persons. Consequently, state courts should take 
steps to restrict access to social security numbers appearing in court 
databases. They should not be available to public inquirers. Access to 
them should be restricted to court staff and to other specifically 
authorized persons (such as child support enforcement agencies) for 
whose use the information has been gathered.
    Staff response to queries from the public. When court automated 
records include social security numbers for purposes of identifying 
parties, court staff should be trained not to provide those numbers to 
persons who inquire at the public counter or by telephone. However, 
staff may confirm that the party to a case is the person with a 
particular social security number when the inquirer already has the 
social security number and provides it to the court staff member.
    In short, staff may not read out a social security number but may 
listen to a social security number and confirm that the party in the 
court's records is the person with that number. This is the same 
distinction applied to automated data base searches. This distinction 
is one commonly followed in federal and state courts.
GAO REPORT
    Mr. Chairman, as you know, the U.S. General Accounting Office (GAO) 
is undertaking a study regarding the use of SSN and SSN derivatives as 
personal identifiers by all levels of Federal, State and local 
governments. The study will include recommendations regarding the most 
effective means of minimizing such use beyond its original purpose.
    On May 11, 2001, the Board of Directors of COSCA met with analysts 
of the GAO regarding this study. During our meeting, we discussed the 
ways in which we use SSNs in our court records and the various 
requirements imposed upon us on the collection of SSN data as we have 
just outlined. We are not the only ones that GAO has interviewed to 
gather their information. They have also visited local government 
entities, such as counties, to investigate how they use SSNs in their 
day-to-day activities.
    At minimum, Mr. Chairman, we would ask that you examine the results 
of this study before you consider any legislation on this issue.
    Thank you for allowing us to offer our views on this important 
matter.

                                


          National Conference of State Legislatures
                                     Washington, D.C. 20001
                                                       May 21, 2001
    Dear Chairman Shaw:
    It is with regret that I must inform you that I will be unable to 
testify before you and the Subcommittee on Social Security on 
Protecting Privacy and Preventing Misuse of Social Security Numbers. 
The Connecticut House of Representatives will be in session with 
scheduled votes throughout the day. As Deputy Minority Leader, I must 
be present. The National Conference of State Legislatures (NCSL) has 
represented the states' interest in all aspects of social security, 
including the issue of use of social security numbers. I currently 
serve on the NCSL Executive Committee Task Force on Social Security. If 
there are additional hearings on this important issue, I would be 
pleased to participate and hope that you will include me or another 
state legislator on behalf of the National Conference of State 
Legislatures (NCSL).
    The National Conference of State Legislatures (NCSL) supports 
efforts by the federal government to protect personal identifying 
information, particularly efforts to protect individuals from identity 
theft, fraud and misuse of personal information. We applaud your 
efforts to address privacy protection and prevent the misuse of social 
security numbers. It is critical that the states and federal government 
work collaboratively and cooperatively together on this issue.
    As you are well aware, state legislatures and agencies have been 
examining this issue and changing how we use social security numbers 
and how they are protected. However, NCSL must oppose efforts that 
would likely impose administratively burdensome and costly unfunded 
mandates on the states, as well as preempt state government activities. 
It is our hope that as we work together, responsive solutions can be 
crafted that will examine the costs to state and local governments as 
well as the transition time needed to accomplish our shared goals.
    State governments, like Connecticut have examined their policies in 
this area and agree that the federal government should do so as well. 
Two years ago, I testified before the House Judiciary Committee urging 
Congress to rescind its 1996 mandate that states require social 
security numbers on the face of state driver's licenses. NCSL opposed 
this mandate as an unfunded mandate and preemption of state authority. 
States prior to passage of the act had already moved away from using 
social security numbers as an identifier on the Driver's License or had 
begun to offer individuals the option to use another number. While we 
were successful in eliminating this federal requirement, it illustrates 
that the federal government has been inconsistent in its position on 
the usage of social security numbers. This indecision has increased 
costs to state and local governments, especially costs to reprogram 
computers.
    Before mandating changes on the state, the federal government 
should examine its own role in the proliferation of social security 
number usage. For example, Child Support Enforcement law requires 
states to use social security numbers in databases, to match financial 
aid and employment records and, even require social security numbers on 
applications for state drivers licenses.
    NCSL wholeheartedly agrees that government must act to protect 
personal identifiers, including the Social Security account number 
(SSN), which has come to be the primary identifier of individuals in 
the United States. Yet, NCSL is concerned that without a thorough 
review of how various sectors of government use the SSN in day-to-day 
operations it will be difficult to determine how best to protect 
individuals from improper use of the SSN. States have used the SSN as a 
unique identifier for some time, especially after some federal programs 
required their usage. State entities internally use SSNs in a variety 
of ways. SSNs are used to administer health and human services benefits 
for low-income families as well as employee benefits and retiree 
benefits. SSNs are used internally for public health programs, criminal 
justice systems, and state universities. SSNs are essential to tax 
administration and procurement systems. The costs of changing these 
databases to disallow the use of SSNs can be enormous.
    We appreciate that you and your staff have clarified that the 
intent of any legislative effort on your part is to restrict display 
and sale of SSNs. We remain concerned however, that without a more 
comprehensive definition of what constitutes display, lawful and 
necessary use by state governments, political subdivisions and 
instrumentalities will be restricted. States also use SSNs as a 
crosscheck for fraud reduction. Due to constituent demand and recent 
Supreme Court decisions, states have moved to restrict and in many 
cases prohibit the sale of personal identifying information including 
the SSNs.
    It is essential that federal policymakers get an accurate 
accounting of governmental and nongovernmental usage of social security 
numbers. NCSL staff has met with the U.S. Government Accounting Office 
(GAO) to provide information requested so that you will have the 
background necessary to draft comprehensive legislation that will 
adequately address the scope, effect and cost of the legislative 
changes you propose on all levels of government and on the private 
sector.
    In Connecticut, we have examined our usage of social security 
numbers and made many changes to our laws and practices. This is not 
unusual. In many cases, state privacy statutes are stronger than 
protections provided under federal law. NCSL is especially concerned 
about efforts to preempt state authority to ensure privacy which merely 
mask attempts to weaken strong state privacy statutes. NCSL maintains 
that federal privacy efforts should strengthen existing protections not 
undermine them. Recent Connecticut privacy initiatives included:
           Repealed a requirement that municipal tax collectors 
        collect every taxpayer's SSN. Removed a provision that was to 
        have taken effect on December 1, 2000, requiring the Department 
        of Motor Vehicles to give local tax assessors vehicle owners' 
        SSNs (PA 98-261).
           Removed the SSN from the information that people who 
        register to vote or respond to the voter canvass can 
        voluntarily provide to registrars of voters, prohibited any 
        voter registration official from disclosing to another 
        government agency, as well as the public, the SSN of a voter 
        who provided it under prior law, and removed a requirement that 
        registrars of voters or the secretary of the state include 
        registered voters' SSNs on the lists they must give to the jury 
        administrator (PA 99-268).
           Made identification theft a class D felony for 
        anyone to intentionally get another person's personal 
        identifying information and use it for an unlawful purpose, 
        including to get or attempt to get credit, goods, services, or 
        medical information. The act defines ``personal identifying 
        information'' as motor vehicle operator's license, Social 
        Security Number, employee identification, demand deposit, 
        savings account, or credit card numbers or someone's mother's 
        maiden name (PA 99-99).
           Made sure that Registrars of Voters, and the 
        Secretary of the State, cannot disclose SSNs to the public, nor 
        can they use it as the voter identification number on the 
        registry list (CGS Sec. 9-35).
           And changed policies related to certain town 
        officials who collect Social Security numbers (SSNs) in 
        connection with their duties. The town clerk, as the town's 
        registrar of vital statistics, records the SSN on marriage and 
        death certificates, which are open records. But as a matter of 
        practice, the clerk (1) covers the SSN when someone asks to 
        inspect the record or (2) refers to the town's record index 
        which shows only the names, dates, and events. The father's SSN 
        can be included on the birth certificate of a child born out of 
        wedlock but disclosure is restricted.
    If federal law changes state government usage of SSNs, it is 
critical that the law defines what constitutes ``use'', ``public 
display'', ``public access'' and ``derivatives of'' Social Security 
Account Numbers. Without a clearer understanding of these concepts we 
are concerned that implementation of the legislation will be mired with 
legislative, administrative and judicial pitfalls. We are very 
concerned about the cost and administrative impact of prohibitions on 
the display of SSNs and derivatives for the purposes of identification 
of employees. State government and its political subdivisions, agencies 
and instrumentalities are large employers with multiple security and 
related concerns that may require the use and display of SSNs by 
employees, including student employees at higher education 
institutions. Without a more thorough definition of what constitutes 
prohibited display; government will be left with little direction in 
this area. We understand that one of the intentions of the provision is 
to prohibit the display of the SSN on badges worn by employees for both 
identification and security purposes. The costs to government to remove 
the SSN number from identification cards issued to employees is likely 
to be very high, while the bill remains silent on how these costs are 
to be offset.
    It is critical that we ensure adequate transition time for policy 
changes. We understand that a multitude of activities would be 
prohibited including the use of SSNs to post grades at institutions of 
higher learning, even when other identifying information is not 
provided. Given the breadth of this provision we are concerned that two 
years may not be sufficient time for all sectors of government to cease 
prohibited display. Further, we believe full implementation of this 
provision will be very cost prohibitive on all levels of government. We 
are also concerned that the cost and administrative burden associated 
with the removal of SSN from Commercial Driver's Licenses remains high. 
We suspect that state may need more time to remove SSNs from these 
licenses.
    Additionally, it is important that the federal government pay 
attention to the importance of SSNs in preventing fraud. We are 
concerned that removal of SSNs from checks/warrants issued by 
government may provide increased opportunities for fraud and theft, 
particularly upon those who share common sur- and proper names.
    Finally, states can not be liable for the actions of third party 
administrators or processors. States and political subdivisions should 
not be held liable for the actions of third party administrators and 
processors should these contractors engage in activities prohibited by 
the legislation. We would appreciate additional detail in this area.
    Again, we thank you for soliciting our input on this important 
measure. We look forward to working with you on this legislation. 
Should you or your staff have questions about our concerns or require 
additional information, please contact Sheri Steisel, Federal Affairs 
Counsel and staff to our Human Services Committee or Gerri Madrid, 
staff to our Federal Budget and Taxation Committee at NCSL at (202) 
624-5400.
            Sincerely,
                              Representative Brian Flaherty
                                            Deputy Minority Leader,
                               Connecticut House of Representatives

                                


    Statement of Bruce Hulme, National Council of Investigation and 
                        Security Services, Inc.
    Good morning Mr. Chairman and members of the Committee. My name is 
Bruce H. Hulme and I am appearing today on behalf of the National 
Council of Investigation and Security Services and as Legislative 
Chairman of the Associated Licensed Detectives of New York State. I am 
a past president, chairman and currently serve as a Board member of 
both organizations. I have been a licensed private investigator in New 
York for thirty-seven years and am president of Special Investigations, 
Inc.
    We would like to include reference to HR 2036, the Social Security 
Number Misuse Prevention Act of 2001, that is cosponsored by many 
members of this committee. As a profession that has been trying for 
years to help victims through the identity theft maze, we applaud the 
efforts of Congress to finally put laws on the books that will bring 
victims some relief. While a percentage of identity thieves no doubt 
gather their victim's identities from the Internet, our experience is 
that most such thefts result from the purloining of documents, files, 
charge slips, credit cards, and wallets from restaurants, stores, trash 
bins and private property. The remedies proposed by some of this 
legislation seem appropriate, but Congress should not expect that 
closing Internet information access is going to stop this crime.
    Most of HR 2036 seems to be on the right track and we support 
Sections 102 and 301 as well as parts of Section 201 prohibiting the 
display of the social security number to the general public. We believe 
there should be substantial criminal and monetary penalties for misuse 
of the social security number that causes or intends to cause harm to 
an individual. But we are very concerned about several Sections which, 
in fact, will hinder relief for victims of identity theft and many 
other crimes and cause unintended consequences.
    A number of years ago, the Federal Trade Commission entered into a 
consent agreement whereby the identifying information that precedes a 
credit report, which is called ``header'' information, was deemed not 
part of the credit report and therefore not covered by the Fair Credit 
Reporting Act as a Consumer Report. The ``header'' report does not 
contain any financial information. This non-financial ``header'' 
information has been an invaluable resource for investigators to locate 
witnesses, heirs, debtors, and to employ in all manner of fraud and 
theft investigations. The language in Section 203 would codify the 
termination of credit header availability for any legitimate purpose 
beyond the controversial FTC interpretation of Gramm-Leach-Bliley. In 
combination with Section 201 it will make it impossible for any 
civilian investigator to obtain or report information necessary to 
identify suspects and exonerate the innocent without first obtaining 
the written permission of a suspect as required by the FCRA. We 
therefore ask that Section 201 be amended to include exemptions for 
business to business use such as is reflected in Section 3 of S 848 
currently before the Senate Judiciary Committee. We also ask that 
Section 203 be amended to reflect credit header information remain 
available for the same purposes as reflected in Section 4 of the 
Drivers Privacy Protection Act.
    Private investigators, for a fee, hire or reward, as a regular part 
of their routine, ascertain, collect, assemble, evaluate and provide 
their clients documents and reports containing personally identifiable 
information. Such information often includes the social security 
numbers of individuals. We also ask that Section 201 be amended to 
reflect that the exceptions include providers of reports prepared in 
connection with litigation, in anticipation of litigation, due 
diligence, investigation of insurance claims, civil and criminal fraud, 
criminal defense, identity fraud, stalking or any other violations of 
law. Restriction on sale and purchase of the social security number 
should not apply to confidential investigations of suspected crime or 
other legitimate business purposes. In fact, many entities such as the 
National Association of Security Dealers, Insurance Index Bureau and 
self-regulatory organizations and others that are not part of Federal 
or State government would be excluded from using the social security 
number to identify consumers for legitimate investigative purposes.
    In 1997, I appeared before the Federal Trade Commission Workshop on 
behalf of the National Council of Investigation and Security Services 
to present the private investigation industry's position on consumer 
information privacy. That presentation helped create the record that 
formed the FTC's analysis of computer database services. Members of the 
Individual Reference Services Group testified along with others and 
industry practices were implemented regarding the disclosure of 
information that they gather and disseminate to third parties such as 
private investigators, insurance companies, security firms, attorneys, 
public interests groups and law enforcement agencies. Private 
investigators were found to be qualified users for permissible purposes 
of the data provided by IRSG member firms such as LEXIS-NEXIS, 
ChoicePoint-Database Technologies, Inc., Equifax, Experian and Trans 
Union.
    There are appropriate uses for such information which are not only 
critical for private investigators but for attorneys, journalists, 
medical researchers, insurance companies, self-regulatory bodies, as 
well as government and law enforcement in fraud prevention, and child 
support enforcement. Other uses include uniting separated families, 
locating heirs to estates, locating pension fund beneficiaries, 
locating organ and bone marrow donors, significant journalistic 
endeavors, apprehending criminals, aiding citizens in obtaining access 
to public record information and in assisting the very individuals that 
this legislation seeks to protect.
    Licensed private investigators and security service companies in my 
state are licensed by the New York Department of State. ``The duties of 
a private investigator as set forth in that state's General Business 
Law Section 71(1) encompass various activities aimed at uncovering and/
or prevention of the commission of crimes and/or torts by others, and 
the business of private investigation is, therefore, quasi law 
enforcement in nature. Licensed private investigators are, therefore, 
held to the highest standards of honesty, integrity and rectitude in 
their business dealings.''
    Most other states have legal jurisdiction over private 
investigative and security firms. They undergo fingerprint criminal 
background checks, are regulated, are tested and for the most part 
receive training and often continuing education. We believe that state 
regulated licensed private investigators and security firms should be 
allowed continued access to header information. Many of the reports 
that private investigators prepare which contain the social security 
numbers that this committee seeks to protect, are privileged attorney 
work product. We abhor scam and fraud doers. And we object to the rogue 
information brokers who advertise to the general public on the Internet 
that they will provide information on anybody, to anybody, for a price 
no matter who the customer. Publication of personally identifiable 
information including the social security number to the general public 
can only continue to lead to improper use, theft, fraud and even 
potential physical harm.

    There are a number of bills before Congress that would ban the use 
of the social security number for any but its intended purpose. Many of 
these bills do not take into consideration the effect of removing the 
social security number as an identifier. We believe a good example of a 
viable type of solution lies in Section 3 of S 848. This legislation 
prohibits the wrongful use and publication of a consumer's social 
security number, while appearing to recognize the legitimate and 
necessary uses of the number. We respectfully request that section 203 
of HR 2036 be amended as follows:

SEC. 203. CONFIDENTIAL TREATMENT OF CREDIT HEADER INFORMATION.

    (a) In General.--Section 603 of the Fair Credit Reporting Act (15 
U.S.C. 1681a is amended by adding at the end the following new 
subsection:

    (q) Confidential Treatment of Credit Header Information.--
Information regarding the social security account number of the 
consumer, or any derivative thereof, may not be furnished to any person 
by a consumer reporting agency other than in a full consumer report 
furnished in accordance with section 604 and other requirements of this 
title except for use in connection with any civil, criminal, 
administrative, or arbitral proceeding in any Federal, State, or local 
court or agency or before any self-regulatory body, including the 
service of process, investigation in anticipation of litigation, to 
locate pension beneficiaries, bone marrow donors, missing persons, due 
diligence and the execution or enforcement of judgments and orders, or 
pursuant to an order of a Federal, State, or local court.

    We fully appreciate the incredible burdens faced by victims of 
identity theft. Many of us have had to face these victims. When all 
other avenues of redress have fallen upon deaf ears and often as a last 
resort, identity fraud victims have turned to private investigators to 
redeem their name and restore their good reputation. In fact, many 
licensed investigators have assisted these victims for little or no 
remuneration.

    The New York State Senate Majority Task Force on the Invasion of 
Privacy in March 2000 made several recommendations that concern 
identity theft:

           Provide for an expedited process whereby identity 
        theft victims can petition a court or administrative body to 
        make a finding and issue an order in cases where evidence of 
        identity theft can be clearly demonstrated, thereby 
        facilitating efforts to restore the victim's credit history;
           Develop initiatives to curtail abusive practices of 
        collection agencies, particularly when actions are directed at 
        identity theft victims;
           Increase civil penalties for credit reporting 
        agencies' willful noncompliance with the resolution of identity 
        theft matters;
           Establish an Identity Theft/Consumer Fraud 
        Assistance Board to provide assistance to identity theft 
        victims and a fund for victim assistance and investigations.

    The National Council of Investigation and Security Services and the 
Associated Licensed Detectives of New York State take the position that 
anyone who uses personally identifiable information or financial 
information for illegal purposes be subject to criminal sanctions and 
heavy fines. We favor the implementation of assessing enhanced 
penalties for aggravated cases, actual damages for willful violations, 
and additional damages allowed by the court for commercial purposes, 
disgorgement of profits, attorney's fees and costs, and additional 
sanctions upon the receiver of information that is obtained for 
unlawful purposes.

    Taking away the tools from the civilian crime fighters and 
investigators serving the justice system is not the way to go about 
resolving identity theft. Congress needs to ensure that exemptions are 
provided for licensed private investigators on legitimate business. We 
would also like to see the FTC set up a liaison with our profession 
which would allow us to provide evidence on those who commit fraud and 
who tarnish our reputation.

    In December 1997, the Federal Trade Commission submitted a report 
to Congress entitled ``Individual Reference Services'' wherein the list 
of comments submitted pursuant to Federal Register Notice comprised 
hundreds of letters that were received from private investigators 
outlining their need for continued access to credit header records 
giving case-by-case examples where such information was essential. When 
I appeared before the FTC, I submitted hundreds of additional letters 
from private investigators citing examples where credit header 
information was the critical factor in their obtaining a successful 
result for their clients.

    The Council believes that licensed private investigators, and for 
that matter licensed security firms, should continue to be allowed 
access to credit header information. The Drivers Privacy Protection Act 
of 1994, enacted after Congressional hearings during which the Council 
testified, permitted a licensed private investigative agency or 
licensed security service access to personally identifiable information 
for lawful purposes. As stated earlier, we would like this committee to 
consider similar provisions in the present legislation being discussed 
today.

    We have recently surveyed our membership about how they have been 
able to assist victims of identity theft. The following examples 
demonstrate some of the benefits of permitting licensed private 
investigators to access essential information from ``credit headers.'' 
Section 203 of HR 2036 would deny us this critical tool. These 
anecdotes should give this Committee some idea of the types of cases 
that require this information:

    In New York, a public utility hired our member to conduct a pre-
employment background investigation for a high level position. A credit 
report, obtained under the FCRA contained two different social security 
numbers. Running a credit header check on the second number revealed a 
different name and addresses and the investigator discovered his true 
identity. The applicant had adopted the identity of one of his former 
college professors to keep his own less desirable background secret.

    In Atlanta, Georgia, an auto dealership asked our investigator to 
help an applicant who claimed his identity had been stolen. An imposter 
had stolen this man's social security number and date of birth as well 
as the identity of four other people. His criminal record included nine 
felonies in Georgia and other multi-state offenses. The applicant 
couldn't understand why he had been turned down for several jobs until 
one potential employer leveled with him and he realized his identity 
had been stolen. Numerous law enforcement agencies told him they 
couldn't help him. Our investigator arranged for the applicant to be 
fingerprinted and the Georgia Bureau of Investigation issued him a 
certificate stating he was not the same person as the imposter. He then 
carried the certificate to the three major credit bureaus to clear his 
name in their files. The investigator says had he not helped the victim 
through this maze, he would surely have been arrested in Georgia or 
Florida where warrants had been issued.

    In San Francisco, an investigator reports working a case for a 
successful business owner who started getting statements in the mail 
saying he owed tens of thousands of dollars on computers and other 
purchases, none of which he knew anything about. He found someone had 
hijacked his identity, opened credit card and store accounts in his 
name and had even opened a web page mirroring his web page and had an 
email address similar to his. The San Francisco Police said they would 
take a report, but would not investigate and suggested he go to the 
Secret Service. The Secret Service said they would not handle the case 
until at least $100,000 is lost. Current losses are approaching 
$80,000. The victim had a suspicion it was an ex-employee who lived in 
Salt Lake City and called the investigator. The agency used credit 
header information to learn that the ex-employee has three names, three 
or four social security numbers, and three different dates of birth on 
file. The investigators still don't know if he is involved, but they 
continue looking for linkages. They also located an address to which 
computers were shipped and are currently running down as much 
information as they can on the owners and occupants of that address.

    As we said before, licensed private investigators are an important 
integral part of the civil and criminal justice systems. The job of the 
criminal defense investigator is to gather evidence to assure a fair 
trial for persons rightly or wrongly accused of crime. One of the 
primary and most cost-effective tools available to locate witnesses is 
the credit header. As a matter of fairness, even ex-law enforcement 
members admit that restricting access to credit headers will tip the 
scales in favor of law enforcement and augurs against the defendant's 
ability to receive a fair trial. Law enforcement agencies have NCIC and 
many other means at their disposal, and are always exempted from 
legislation restricting access to the same information sources that HR 
2036 would deny licensed private investigators. But after July 1, 2001, 
the criminal defendant's investigator will have no such tools and 
usually very little money to spend on locating key witnesses.

    At a time when our justice system is being criticized for errors 
proven by DNA evidence, we find it hard to believe that Congress 
intended to take away a defendant's primary means of locating 
witnesses. Yet that is exactly what the FTC interpretation of Gramm-
Leach-Bliley has done. And the present language of HR 2036 would codify 
the FTC interpretation.

    We believe that the identity theft laws recently enacted will help 
law enforcement to prosecute perpetrators once apprehended. But 
Congress should be aware that public law enforcement resources are 
stretched and crimes of this nature are still not a high priority. The 
losses, though devastating to the victims, are usually beneath the 
dollar threshold that many departments follow. And the mental toll on 
the victims is unquantifiable. The private sector will have to continue 
to augment public law enforcement. And it should be noted that the 
hapless victims of this crime often have very limited resources.

    To the extent HR 2036 will prohibit rogue information brokers from 
displaying and selling the social security number and deter identity 
theft, we commend it. But Congress should proceed very carefully before 
eliminating the very tools used to apprehend the stealers of the 
identities of others or the perpetrators of other criminal acts.

    Thank you for the opportunity to address these important issues.

                                


Statement of Cynthia L. Moore, National Council on Teacher Retirement, 
                          Arlington, Virginia

    I appreciate the opportunity to submit a statement for the record 
in connection with the hearing on protecting privacy and preventing the 
misuse of Social Security numbers. I will confine my comments to the 
uses of Social Security numbers by state and local government 
retirement systems as they carry out a critical personnel function for 
states and localities: the efficient administration and sound funding 
of the retirement programs that serve state and local government 
employees. I encourage the Subcommittee members to consider these 
comments as they debate H.R. 2036, the Social Security Privacy and 
Identity Theft Prevention Act of 2001, sponsored by Chairman Shaw.

    The National Council on Teacher Retirement is made up of 75 state 
and local government retirement systems that include teachers and other 
public employees. Together, the retirement systems serve over 
11,000,000 state and local government employees. They hold assets in 
excess of $2 trillion to pay pension, disability, and other benefits to 
employees and their beneficiaries. Assets not needed to pay immediate 
benefits are invested to produce earnings. These earnings reduce the 
amount of funding that both individual employees and taxpayers must pay 
to support the benefits.

    State and local government retirement systems feel strongly that 
individuals must be protected from the fraudulent and other wrongful 
use of their Social Security numbers. The means to reach that goal 
requires a delicate balance, however. As I will describe in this 
statement, the retirement systems use Social Security numbers to assist 
them in performing the role of administering retirement and other 
benefits and we ask that these uses be preserved.

    State and local government retirement systems use Social Security 
numbers in many ways. I will provide some examples.

Transactions between Retirement System and Plan Participant

           As the primary retirement account number for a plan 
        participant;
           As a means to match a specific individual with a 
        corresponding benefit;
           As an identifier on checks, annual statements, and 
        correspondence;
           As a tracking number for participant records;
           As an identifier for health insurance benefits;
           As a means to ensure that death benefits are paid to 
        the participant's intended beneficiary;
           As an identifier for federal tax reporting purposes; 
        and
           As a means to ensure the identity of a particular 
        participant in the case of several participants with identical 
        names.
Transactions between Retirement System and Plan Participant's Employer

    The uses listed above ensure that an individual receives the 
benefits to which he/she is entitled. Equally important are the uses of 
Social Security numbers involving the plan participant's employer. In 
the case of a teacher retirement system, the employer of an individual 
teacher is the school district. It must provide the retirement system 
with information about the teacher's years of service credit and 
salary. The school district may also remit contributions it makes on 
behalf of the teacher. Social Security numbers are used to ``tag'' 
information and contributions to the applicable teacher. Such use 
ensures that the information is properly reported and correct amounts 
of contributions are received. Without such identification, inaccurate 
data about service credit and salary might be provided to the 
retirement system. Moreover, if inadequate contributions are made, the 
retirement system will not have the funds sufficient to pay promised 
benefits. Conversely, if excess contributions are mistakenly made, 
taxpayers have paid more than necessary to support the retirement 
program.

Transactions to Uncover Fraudulent Use of Retirement System Benefits

    A retirement system's paramount purpose is to act for the exclusive 
benefit of the plan participants. To carry out this aim, the system 
safeguards the funds available to pay benefits, not only as they come 
into the system, but also as they are paid out. A common way to verify 
that benefits are correctly paid is through comparison of retirement 
system records with Social Security data. For example, a system matches 
plan participants, using Social Security numbers, against the Social 
Security Administration's list of deceased persons. If any match is 
revealed, the retirement system may be unknowingly paying a benefit 
that is being cashed, in the case of a check, or withdrawn, in the case 
of a direct deposit, by an unauthorized individual. By using Social 
Security numbers, the system can stop any fraudulent receipt of 
benefits thereby ensuring that adequate funding is available to pay 
lawful benefits.

    The foregoing uses relate to the essential personnel functions of 
state and local governments. They ensure that participants receive the 
benefits to which they are entitled. They verify that employers are 
paying the correct amount of contributions and sharing the information 
needed to ensure timely and accurate payment of benefits. Moreover, 
uncovering fraudulent activity protects the funds in the retirement 
system and preserves them to be used for lawful purposes. None of these 
uses address the problems that H.R. 2036 seeks to remedy, such as the 
sale of Social Security numbers and the public display of them. Mr. 
Chairman, I respectfully ask you and the members of the Subcommittee to 
recognize and preserve these uses of Social Security numbers by the 
retirement systems. The uses are legitimate ways to achieve the 
efficient administration and sound funding of the retirement programs 
that serve state and local government employees.

    Thank you again for the opportunity to provide comments on this 
important issue. Should you or your staff have any questions, please 
contact me at 703-243-1667.

                                


 Statement of the Hon. Ron Paul, a Representative in Congress from the 
                             State of Texas
    I wish to thank the subcommittee on Social Security of the Ways and 
Means Committee for holding this hearing on the misuse of the Social 
Security number. The transformation of the Social Security number into 
a de facto uniform identifier is a subject of increasing concern to the 
American people. This is, in large part, because the use of the Social 
Security number as a standard identifier facilitates the crime of 
identity theft. Today, all an unscrupulous person needs to do is obtain 
someone's Social Security number in order to access that person's bank 
accounts, credit cards, and other financial assets. Many Americans have 
lost their life savings and have had their credit destroyed as a result 
of identity theft.

    The responsibility for the misuse of the Social Security number and 
the corresponding vulnerability of the American people to identity 
crimes lies squarely with the Congress. Since the creation of the 
Social Security number, Congress has authorized over 40 uses of the 
Social Security number. Thanks to Congress, today no American can get a 
job, open a bank account, get a professional license, or even get a 
drivers' license without presenting their Social Security number. So 
widespread has the use of the Social Security number become that a 
member of my staff had to produce a Social Security number in order to 
get a fishing license!

    Because it was Congress which transformed the Social Security 
number into a national identifier, Congress has a moral responsibility 
to address this problem. In order to protect the American people from 
government-mandated uniform identifiers which facilitate identity 
crimes, I have introduced the Identity Theft Prevention Act (HR 220). 
The major provision of the Identity Theft Prevention Act halts the 
practice of using the Social Security number as an identifier by 
requiring the Social Security Administration to issue all Americans new 
Social Security numbers within five years after the enactment of the 
bill. These new numbers will be the sole legal property of the 
recipient and the Social Security Administration shall be forbidden to 
divulge the numbers for any purposes not related to the Social Security 
program. Social Security numbers issued before implementation of this 
bill shall no longer be considered valid federal identifiers. Of 
course, the Social Security Administration shall be able to use an 
individual's original Social Security number to ensure efficient 
transition of the Social Security system.

    This act also forbids the federal government from creating national 
ID cards or establishing any identifiers for the purpose of 
investigating, monitoring, overseeing, or regulating private 
transactions between American citizens, as well as repealing those 
sections of the Health Insurance Portability and Accountability Act of 
1996 that require the Department of Health and Human Services to 
establish a uniform standard health identifier. By putting an end to 
government-mandated uniform IDs, the Identity Theft Prevention Act will 
prevent millions of Americans from having their liberty, property and 
privacy violated by private-and-public sector criminals.

    In addition to forbidding the federal government from creating 
national identifiers, this legislation forbids the federal government 
from blackmailing states into adopting uniform standard identifiers by 
withholding federal funds. One of the most onerous practices of 
Congress is the use of federal funds illegitimately taken from the 
American people to bribe states into obeying federal dictates.

    Many of our colleagues will claim that the federal government needs 
these powers to protect against fraud or some other criminal 
activities. However, monitoring the transactions of every American in 
order to catch those few who are involved in some sort of illegal 
activity turns one of the great bulwarks of our liberty, the 
presumption of innocence, on its head. The federal government has no 
right to treat all Americans as criminals by spying on their 
relationship with their doctors, employers, or bankers. In fact, 
criminal law enforcement is reserved to the state and local governments 
by the Constitution's Tenth Amendment.

    Other members of Congress will claim that the federal government 
needs the power to monitor Americans in order to allow the government 
to operate more efficiently. I would remind my colleagues that in a 
constitutional republic the people are never asked to sacrifice their 
liberties to make the job of government officials a little bit easier. 
We are here to protect the freedom of the American people, not to make 
privacy invasion more efficient.

    Mr. Chairman, while I do not question the sincerity of those 
members who suggest that Congress can ensure citizens' rights are 
protected through legislation restricting access to personal 
information, the only effective privacy protection is to forbid the 
federal government from mandating national identifiers. Legislative 
``privacy protections'' are inadequate to protect the liberty of 
Americans for several reasons. First, it is simply common sense that 
repealing those federal laws that promote identity theft is more 
effective in protecting the public than expanding the power of the 
federal police force. Federal punishment of identity thieves provides 
old comfort to those who have suffered financial losses and the 
destruction of their good reputation as a result of identity theft.

    Federal laws are not only ineffective in stopping private 
criminals, they have not even stopped unscrupulous government officials 
from accessing personal information. Did laws purporting to restrict 
the use of personal information stop the well-publicized violation of 
privacy by IRS officials or the FBI abuses by the Clinton and Nixon 
administrations?

    The primary reason why any action short of the repeal of laws 
authorizing privacy violation is insufficient is because the federal 
government lacks constitutional authority to force citizens to adopt a 
universal identifier for health care, employment, or any other reason. 
Any federal action that oversteps constitutional limitations violates 
liberty because it ratifies the principle that the federal government, 
not the Constitution, is the ultimate judge of its own jurisdiction 
over the people. The only effective protection of the rights of 
citizens is for Congress to follow Thomas Jefferson's advice and ``bind 
(the federal government) down with the chains of the Constitution.''

    Mr. Chairman, those members who are unpersuaded by the moral and 
constitutional reasons for embracing the Identity Theft Prevention Act 
should consider the overwhelming opposition of the American people 
toward national identifiers. The overwhelming public opposition to the 
various ``Know-Your-Customer'' schemes, the attempt to turn drivers' 
licenses into National ID cards, HHS's misnamed ``medical privacy'' 
proposal, as well as the numerous complaints over the ever-growing uses 
of the Social Security number show that American people want Congress 
to stop invading their privacy. Congress risks provoking a voter 
backlash if we fail to halt the growth of the surveillance state.

    In conclusion, Mr. Chairman, I once again thank you and the other 
members of the subcommittee for holding a hearing on this important 
issue. I hope this hearing would lead to serious Congressional action 
to end to the federal government's unconstitutional use of national 
identifiers which facilitate identity theft by passing HR 220, the 
Identify Theft Prevention Act.