[Congressional Record Volume 147, Number 20 (Tuesday, February 13, 2001)]
[Extensions of Remarks]
[Pages E172-E173]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]




                             IDENTITY THEFT

                                 ______
                                 

                             HON. RON PAUL

                                of texas

                    in the house of representatives

                       Tuesday, February 13, 2001

  Mr. PAUL. Mr. Speaker, I highly recommend the attached article ``Know 
Your Customer'' by Christoper Whalen, which recently appeared in 
Barron's, to my colleagues. This article examines the horrors faced by 
victims of America's fastest-growing crime: identity theft. As the 
article points out, millions of Americans have suffered deep financial 
losses and the destruction of their credit history because of identity 
theft. Victims of identity theft often discover that the process of 
reestablishing one's good reputation resembles something out of a Kafka 
novel. identity fraud also effects numerous businesses which provide 
credit to unscrupulous individuals based on a stolen credit history. 
Just last year, American businesses and consumers lost 25 billion 
dollars to identity thieves!
  Mr. Whalen properly identifies the Social Security number and its use 
as a universal identifier as the root cause of identity theft. 
Unfortunately, thanks to Congress, today no American can get a job, 
open a bank account, or even go fishing without showing their Social 
Security number. Following the lead of the federal government, many 
private industries now use the Social Security number as an identifier. 
After all, if a bank needs to see their customers' Social Security 
number to comply with IRS regulations, why shouldn't the bank use the 
Social Security number as a general customer identifier?
  In order to end this government-facilitated identity theft, I have 
introduced the Identity Theft Prevention Act (H.R. 220). This act 
requires the Social Security Administration to issue new, randomly-
generated Social Security numbers to all citizens within five years of 
enactment. The Social Security Administration would be legally 
forbidden to give out the new number for any purpose not related to 
Social Security administration. Numbers issued prior to implementation 
of this legislation would have no legal value as an identifier--
although the Social Security Administration could continue to use the 
old numbers to cross reference an individual's records to ensure smooth 
administration of the Social Security system.
  This act also forbids the federal government from creating national 
ID cards or establishing any identifiers for the purpose of 
investigating, monitoring, overseeing, or regulating private 
transactions between American citizens, as well as repealing those 
sections of the Health Insurance Portability and Accountability Act of 
1996 that require the Department of Health and Human Services to 
establish a uniform standard health identifier. By putting an end to 
government-mandated uniform IDs, the Identity Theft Prevention Act will 
prevent millions of Americans from having their liberty, property and 
privacy violated by private-and-public sector criminals.
  I urge my colleagues to read the attached article and act to repeal 
government policies which facilitate identity theft by cosponsoring the 
Identity Theft Prevention Act.

                    [From Barrons, January 15, 2001]

                           Know Your Customer


        Lenders increasingly are paying for ignoring that maxim

                        (By Christopher Whalen)

       High-yield paper is out of favor with Wall Street as an 
     economic slowdown raises concerns about credit quality. One 
     in five issuers have paper trading at distressed levels. 
     Consumer lenders are under particular pressure due to worries 
     about a looming recession. But investors in companies that 
     make consumer loans should worry about more than a slowing 
     economy.
       Consumer lenders write off an average of 6% of loans each 
     year. That's a bad enough record, but investors ought to 
     realize that the industry's own sloppy screening practices 
     contribute significantly to the losses.
       Identity theft is the fastest-growing crime in America and 
     costs companies $25 billion last year. Much of the cause lies 
     with one factor completely avoidable by lenders; the use of 
     Social Security numbers as identifiers.
       One of my in-laws--I will call her Jean to protect what 
     remains of her privacy--was the victim of identity theft in 
     1999. Jean is a teacher who lives in Westchester County, New 
     York, and drives a Volvo. She and her husband have perfect 
     credit. About a year ago, Jean called in a panic, saying that 
     her bank had frozen the family checking account because 
     someone had a judgment against her. Being the banker in the 
     family, I agreed to act for Jean. What I discovered during 
     more than a year of investigation was a personal outrage and 
     an investor's nightmare.
       Every investor who buys securities back by consumer loans 
     or the equity of companies that are significantly involved in 
     the consumer-loan business should think twice before 
     investing in such paper.
       One of the world's biggest nonbank financial firms--wee'll 
     call it Megacorp--provided credit to a criminal who used 
     Jean's Social
       After the perpetrator defaulted on the loan payments, 
     Megacorp obtained a judgment against the alias. Using the 
     Social Security number, Megacorp's agents found Jean's family 
     checking account at a big New York commercial bank. Even 
     though the name and address were clearly wrong, Jean's bank 
     enforced a garnishment order from Megacorp and froze $5,000 
     in the account.
       I contacted the police and Secret Service, who were 
     familiar with the Bronx address used to commit the fraud 
     against Megacorp. I then called and wrote to the lawyer for 
     Megacorp, a lowbrow law firm and collection agency that 
     handles hundreds of such claims per month. I explained that 
     Jean was the victim of identity theft and that Megacorp 
     wrongly garnished her bank account.
       Lawyers for Megacorp refused to back off and responded with 
     a torrent of verbal abuse, accusing Jean of committing other 
     misdemeanors. The law firm used a similar tone in telephone 
     calls to Jean's mother. We responded by filing with the court 
     a strongly worded show cause motion, as well as a motion 
     seeking sanctions. Megacorp's attorneys subsequently began to 
     back-pedal and eventually withdrew the garnishment. The cost 
     of this exercise was roughly $1,500 in legal fees, plus the 
     time to draft documents and letters, and two visits to the 
     Bronx Civil Court, a venue too near Yankee Stadium for 
     comfort.
       I contacted Megacorp and the three major credit reporting 
     agencies, Experian, TransUnion and Equifax. I asked how a 
     criminal using a dubious Bronx mailing address and a false, 
     oddly spelled name could

[[Page E173]]

     obtain credit using the Social Security number and non-
     existent credit history of a middle-class woman who lives in 
     Westchester. On examining Jean's credit reports, I discovered 
     that it was Megacorp, after extending credit to the Bronx 
     delinquent, that reported the false name and new address to 
     Experian linked to Jean's Social Security number. The alias 
     and new address were automatically added to Jean's credit 
     history without any verification whatsoever.
       By making the false report to Experian, Megacorp apparently 
     created a window of opportunity, enabling the Bronx 
     lawbreaker to open accounts with Home Depot, Exxon, and AT&T 
     Wireless, eventually involving over $10,000 in bad debt. I 
     contacted these vendors to correct their misimpression that 
     Jean was their customer.
       Significantly, neither Megacorp nor Experian nor any of the 
     other credit reporting agencies attempted to contact Jean to 
     verify the significant change in name and address reported by 
     Megacorp.
       I confronted representatives of Experian and the other 
     credit agencies about the false information place in Jean's 
     credit report, yet they disclaimed any responsibility for the 
     validity of the information. Representatives of Experian say 
     they aren't responsible for the accuracy of the data provided 
     by financial institutions and that they don't even review the 
     information. ``The banks do that,'' they asserted.
       Experian's representatives were courteous, however, and 
     amended the reports after we provided copies of the relevant 
     court documents.
       Megacorp continued to send Jean demand letters from various 
     collection agencies for months after my first telephone and 
     written responses. I kept on asking: How could anyone of even 
     minimal competence look at the credit reports from Experian 
     and other agencies and approve credit to the fictions Bronx 
     resident?
       Answer: The credit report tied to Jean's Social Security 
     number wasn't reviewed. One Megacorp representative told me 
     unofficially that the Social Security number was simply 
     checked for defaults, judgments, etc., and when it came up 
     clean--the number, not the name and not the application--the 
     credit was approved.
       The Secret Service agent in White Plains, New York, who 
     took the report on Jean's experience confirmed that he sees 
     dozens of such cases every month in which Social Security 
     numbers are used to commit fraud. The perpetrators are rarely 
     caught.
       Lenders and the providers of credit information have 
     created a system that is inadequate to its purpose if a valid 
     Social Security number and a couple of other pieces of 
     information are sufficient to defeat most credit controls. 
     Lenders may complain that it would be too costly to manually 
     screen applicants and verify identities, but how much more 
     costly would it be if they had to bear the costs they now 
     push off onto Jean and other victims of fraud?
       Financial author Martin Mayer rightly says that there are 
     no economies of scale in banking, but the loan approval 
     operation of too many consumer lenders suggests there are 
     dis-economies of scale. It seems that the bigger a bank gets, 
     the sloppier it gets. To maximize revenue growth and control 
     costs, consumer lenders use statistical screening tools and 
     computer models to make credit decisions. In other words, 
     they use the law of large numbers and simply roll the dice. 
     If a criminal finds a Social Security number with a clean 
     history, he's off to the races.
       Eliminating the use of Social Security numbers as 
     identifiers by law seems like a logical solution. Texas Rep. 
     Ron Paul has introduced legislation to prohibit the 
     commercial use of Social Security numbers as identifiers, but 
     Congress needs to more thoroughly examine the issue.
       Even if Social Security did not exist, the financial system 
     would invent another system of universal identification. 
     Congress should place the blame where it belongs, on the 
     lenders and credit bureaus. It should require credit bureaus 
     to obtain written affirmation from consumers prior to 
     accepting a change in the name, address or other details on a 
     credit history. Lenders should be held liable for reporting 
     false information to credit bureaus, especially in cases 
     where false reports lead to acts of financial fraud.
       Additionally, Congress needs to afford consumers greater 
     protection from asset seizures based solely on Social 
     Security numbers.
       We are, after all, innocent until proven guilty. A bank or 
     Megacorp that treats us otherwise has committed a gross 
     injustice. And it--not we--should pay.