Enhancing Social Security Number Privacy
Good morning, Mr. Chairman, Mr. Cardin, and Members of this Committee. Thank you for inviting me here today to discuss SSN misuse and H.R. 2971. As we were all paying our respects to President Ronald Reagan last week, I couldn’t help recalling that his signing of the Inspector General Act made our work possible.
It is because the SSN is so heavily relied upon as an identifier, it is a valuable commodity for lawbreakers. I will focus today on SSN misuse, homeland security and identity theft, and what more needs to be done to insure the integrity of the SSN. While financial crimes involving SSN misuse are more numerous than terrorism-related crimes, the potential threat to homeland security nevertheless justifies intense concern. Our primary mission is to protect the integrity of SSA programs and operations, and because of that we focus investigative efforts on cases affecting SSN integrity. We investigate and arrest suspects for fraud against Social Security programs and crimes involving SSN misuse.
In our homeland security and identity theft responsibility, we work closely with other Federal agencies participating in 63 joint terrorism task forces and 29 antiterrorism advisory councils. We recently met with the U.S. Department of Homeland Security to discuss methods in which we could work together to address the SSN’s critical role at critical infrastructure sites. We have begun staffing an SSN Integrity Protection Team that combines the talents of auditors, investigators and attorneys.
My office is working closely with this Subcommittee and the SSA to strengthen controls over enumeration, to ensure the integrity of identification documents and to make SSN fraud as difficult as possible. Together with you and with SSA, we have made important strides in reducing enumeration vulnerabilities. Still, we believe the SSA should implement the following changes: establish a reasonable threshold for the number of replacement SSN cards an individual may obtain during a year and over a lifetime to continue to address identified weaknesses within the information security environment; verify birth records before issuing SSNs to citizens under the age of 1; and to incorporate additional controls in the SSA’s Enumeration-at-Birth process.
We have conducted numerous audits and made extensive recommendations to the SSA to improve the SSN misuse problem in the earnings reporting area, and, most importantly, to improve controls over SSN misuse as it pertains to homeland security. We believe SSA and lawmakers should examine the feasibility of the following initiatives: to limit public SSN availability to the greatest extent practicable without unduly limiting commerce; to enact strong enforcement mechanisms and stiffer penalties for SSN misuse; cross-verify legitimate databases that use the SSA as a key data element; and review the implications of releasing information on deceased individuals.
We believe new legislation should prohibit the sale of SSNs, including one’s own, on the open markets; to limit the use of the SSN to appropriate and legitimate transactions; and to prohibit using SSNs as student or patient identification numbers or as part of car rental contracts or video rentals; and to enhance penalties for those few SSA employees who assist criminals in obtaining SSNs. We support legislation such as H.R. 2971, which severely limits the sale, purchase, and display of SSNs to the general public. We also believe legislation such as H.R. 1731, the Identity Theft Penalty Enhancement Act, is a significant step towards holding accountable individuals who misuse SSNs to commit egregious crimes. Over the past years we have made progress protecting SSN integrity. We stand ready to do more. I would now be happy to answer any questions you may have. Thank you.
Date: June 15, 2004
OIG Official: Patrick P. O'Carroll, Jr., Acting Inspector General
Committee/Subcommittee: U.S. House of Representatives Committee on Ways and Means, Subcommittee on Social Security