Time: Thu Nov 14 11:11:02 1996
To:
From: Paul Andrew Mitchell [address in tool bar]
Subject: Privacy and SSN's
Cc:
Bcc: liberty lists
What to do when they ask for your Social Security Number
by
Chris Hibbert
Computer Professionals
for Social Responsibility
Many people are concerned about the number of organizations
asking for their Social Security Numbers. They worry about
invasions of privacy and the oppressive feeling of being treated
as just a number. Unfortunately, I can't offer any hope about
the dehumanizing effects of identifying you with your numbers. I
can try to help you keep your Social Security Number from being
used as a tool in the invasion of your privacy.
Surprisingly, government agencies are reasonably easy to deal
with; private organizations are much more troublesome. Federal
law restricts the agencies at all levels of government that can
demand your number and a fairly complete disclosure is required
even if its use is voluntary. There are no comparable Federal
laws restricting the uses non-government organizations can make
of it, or compelling them to tell you anything about their plans.
Some states have recently enacted regulations on collection of
SSNs by private entities. With private institutions, your main
recourse is refusing to do business with anyone whose terms you
don't like. They, in turn, are allowed to refuse to deal with
you on those terms.
Short History
Social Security numbers were introduced by the Social Security
Act of 1935. They were originally intended to be used only by the
social security program, and public assurances were given at the
time that use would be strictly limited. In 1943 Roosevelt
signed Executive Order 9397 which required federal agencies to
use the number when creating new record-keeping systems. In 1961
the IRS began to use it as a taxpayer ID number. The Privacy Act
of 1974 required authorization for government agencies to use
SSNs in their data bases and required disclosures (detailed
below) when government agencies request the number. Agencies
which were already using SSN as an identifier before January 1,
1975 were allowed to continue using it. The Tax Reform Act of
1976 gave authority to state or local tax, welfare, driver's
license, or motor vehicle registration authorities to use the
number in order to establish identities. The Privacy Protection
Study Commission of 1977 recommended that the Executive Order be
repealed after some agencies referred to it as their
authorization to use SSNs. I don't know whether it was repealed,
but no one seems to have cited EO 9397 as their authorization
recently.
What to do when they ask for your SSN: Page 1 of 9
Several states use the SSN as a driver's license number, while
others record it on applications and store it in their database.
Some states that routinely use it on the license will make up
another number if you insist. According to the terms of the
Privacy Act, any that have a space for it on the application
forms should have a disclosure notice. Many don't, and until
someone takes them to court, they aren't likely to change.
(Though New York recently agreed to start adding the notice on
the basis of a letter written by a reader of this blurb.)
The Privacy Act of 1974 (5 U.S.C. 552a) requires that any
federal, state, or local government agency that requests your
Social Security Number has to tell you four things:
1: Whether disclosure of your Social Security Number is
required or optional,
2: What law authorizes them to ask for your Social Security
Number,
3: How your Social Security Number will be used if you give it
to them, and
4: The consequences of failure to provide an SSN.
In addition, the Act says that only Federal law can make use of
the Social Security Number mandatory. So anytime you're dealing
with a government institution and you're asked for your Social
Security Number, just look for the Privacy Act Statement. If
there isn't one, complain and don't give your number. If the
statement is present, read it. If it says giving your Social
Security Number is voluntary, you'll have to decide for yourself
whether to fill in the number.
Private Organizations
The guidelines for dealing with non-governmental institutions are
much more tenuous. Most of the time private organizations that
request your Social Security Number can get by quite well without
your number, and if you can find the right person to negotiate
with, they'll willingly admit it. The problem is finding that
right person. The person behind the counter is often told no
more than "get the customers to fill out the form completely."
Most of the time, you can convince them to use some other number.
Usually the simplest way to refuse to give your Social Security
Number is simply to leave the appropriate space blank. One of
the times when this isn't a strong enough statement of your
desire to conceal your number is when dealing with institutions
which have direct contact with your employer. Most employers have
no policy against revealing your Social Security Number; they
apparently believe that it must be an unintentional slip when an
employee doesn't provide an SSN to everyone who asks.
What to do when they ask for your SSN: Page 2 of 9
Public utilities (gas, electric, phone, etc.) are considered to
be private organizations under the laws regulating SSNs. Most of
the time they ask for an SSN, and aren't prohibited from asking
for it, but they'll usually relent if you insist. Ask to speak
to a supervisor, insist that they document a corporate policy
requiring it, ask about alternatives, ask why they need it and
suggest alternatives.
Lenders and Borrowers
(those who send reports to the IRS)
Banks and credit card issuers and various others are required by
the IRS to report the SSNs of account holders to whom they pay
interest or when they charge interest and report it to the IRS.
If you don't tell them your number you will probably either be
refused an account or be charged a penalty such as withholding of
taxes on your interest.
Many Banks, Brokerages, and other financial institutions have
started implementing automated systems to let you check your
balance. All too often, they are using SSNs as the PIN that lets
you get access to your personal account information. If your
bank does this to you, write them a letter pointing out how
common it is for the people with whom you have financial business
to know your SSN. Ask them to change your PIN, and if you feel
like doing a good deed, ask them to stop using the SSN as a
default identifier for their other customers. Some customers
will believe that there's some security in it, and be
insufficiently protective of their account numbers.
When buying (and possibly refinancing) a house, most banks will
now ask for your Social Security Number on the Deed of Trust.
This is because the Federal National Mortgage Association
recently started requiring it. The fine print in their
regulation admits that some consumers won't want to give their
number, and allows banks to leave it out when pressed. [It first
recommends getting it on the loan note, but then admits that it's
already on various other forms that are a required part of the
package, so they already know it. The Deed is a public document,
so there are good reasons to refuse to put it there, even though
all parties to the agreement already have access to your number.]
Insurers, Hospitals, Doctors
No laws require medical service providers to use your Social
Security Number as an ID number (except for Medicare, Medicaid,
etc.) They often use it because it's convenient or because your
employer uses it to identify employees to its groups health plan.
In the latter case, you have to get your employer to change their
policies. Often, the people who work in personnel assume that
the employer or insurance company requires use of the SSN when
that's not really the case. When a previous employer asked for
my SSN for an insurance form, I asked them to try to find out if
they had to use it. After a week they reported that the
insurance company had gone along with my request and told me what
What to do when they ask for your SSN: Page 3 of 9
number to use. Blood banks also ask for the number but are
willing to do without if pressed on the issue. After I asked
politely and persistently, the blood bank I go to agreed that
they didn't have any use for the number. They've now expunged my
SSN from their database, and they seem to have taught their
receptionists not to request the number.
Most insurance companies share access to old claims through the
Medical Information Bureau. If your insurance company uses your
SSN, other insurance companies will have a much easier time
finding out about your medical history. You can get a copy of
the file which MIB keeps on you by writing to Medical Information
Bureau, P.O. Box 105, Essex Station, Boston, MA 02112. Their
phone number is (617) 426-3660.
If an insurance agent asks for your Social Security Number in
order to "check your credit", point out that the contract is
invalid if your check bounces or your payment is late. They
don't need to know what your credit is like, just whether you've
paid them.
Children
The Family Support Act of 1988 (42 U.S.C. 1305, 607, and 602)
apparently requires states to require parents to give their
Social Security Numbers in order to get a birth certificate
issued for a newborn. The law allows the requirement to be
waived for "good cause", but there's no indication of what may
qualify.
The IRS requires taxpayers to report SSNs for dependents over one
year of age, but the requirement can be avoided if you're
prepared to document the existence of the child by other means if
challenged. The law on this can be found at 26 U.S.C. 6109.
Universities and Colleges
Universities that accept federal funds are subject to the Family
Educational Rights and Privacy Act of 1974 (the "Buckley
Amendment"), which prohibits them from giving out personal
information on students without permission. There is an
exception for directory information, which is limited to names,
addresses, and phone numbers, and another exception for release
of information to the parents of minors. There is no exception
for Social Security Numbers, so covered Universities aren't
allowed to reveal students' numbers without their permission. In
addition, state universities are bound by the requirements of the
Privacy Act, which requires them to provide the disclosures
mentioned above. If they make uses of the SSN which aren't
covered by the disclosure they are in violation.
Why SSNs are a bad choice for UIDs in data bases
Database designers continue to introduce the Social Security
Number as the key when putting together a new database or when
What to do when they ask for your SSN: Page 4 of 9
re-organizing an old one. Some of the qualities that are (often)
useful in a key and that people think they are getting from the
SSN are Uniqueness, Universality, Security, and Identification.
When designing a database, it is instructive to consider which of
these qualities are actually important in your application; many
designers assume unwisely that they are all useful for every
application, when in fact each is occasionally a drawback. The
SSN provides none of them, so designs predicated on the
assumption that it does provide them will fail in a variety of
ways.
Uniqueness
Many people assume that Social Security Numbers are unique. They
were intended by the Social Security Administration to be unique,
but they didn't take sufficient precautions to ensure that it
would be so. There have been several instances when two
different SSA offices issued the same number to different people.
They have also given a previously issued number to someone with
the same name as the original recipient, thinking it was the same
person asking again. There are a few numbers that were used by
thousands of people because they were on sample cards shipped in
wallets by their manufacturers. (One is given below.)
The passage of the Immigration reform law in 1986 caused an
increase in the duplicate use of SSNs. Since the SSN is now
required for employment, illegal immigrants must find a valid
name/SSN pair in order to fool the INS, and IRS long enough to
collect a paycheck. Using the SSN when you can't cross-check
your database with the SSA means you can count on getting some
false numbers mixed in with the good ones.
Universality
Not everyone has a Social Security Number. Foreigners are the
primary exception, but many children don't get SSNs until they're
in school. They were only designed to be able to cover people
who were eligible for Social Security.
Identification
Few people ever ask to see an SSN card; they believe whatever
you say. The ability to recite the number provides little
evidence that you're associated with the number in anyone else's
database.
Security
The card is not at all forgery-resistant, even if anyone did ever
ask for it. The numbers don't have any redundancy (no check-
digits) so any 9-digit number in the range of numbers that have
been issued is a valid number. It's relatively easy to copy the
number incorrectly, and there's no way to tell that you've done
so.
In most cases, there is no cross-checking that a number is valid.
Credit card and checking account numbers are checked against a
What to do when they ask for your SSN: Page 5 of 9
database almost every time they are used. If you write down
someone's phone number incorrectly, you find out the first time
you try to use it.
Why you should resist requests for your SSN
When you give out your number, you are providing access to
information about yourself. You're providing access to
information about you that you don't know about. That you don't
have the ability or the legal right to correct or rebut. You
provide access to information that is irrelevant to most
transactions but that will occasionally trigger prejudice. Worst
of all, since you provided the key, (and did so "voluntarily")
all the info discovered under your number will be presumed to be
true, about you, and relevant.
A major problem with the use of SSNs as identifiers is that it
makes it hard to control access to personal information. Even
assuming you want someone to be able to find out some things
about you, there's no reason to believe that you want to make all
records concerning yourself available. When multiple record
systems are all keyed by the same identifier, and all are
intended to be easily accessible to some users, it becomes
difficult to allow someone access to some of the information
about a person while restricting them to specific topics.
Unfortunately, far too many organizations assume that anyone who
presents your SSN must be you. When more than one person uses
the same number, it clouds up the records. If someone intended
to hide their activities, it's likely that it'll look bad on
whichever record it shows up on. When it happens accidentally,
it can be unexpected, embarrassing, or worse. How do you prove
that you weren't the one using your number when the record was
made?
What you can do to protect your number
If despite your having written "refused" in the box for Social
Security Number, it still shows up on the forms someone sends
back to you (or worse, on the ID card they issue), your recourse
is to write letters or make phone calls. Start politely,
explaining your position and expecting them to understand and
cooperate. If that doesn't work, there are several more things
to try:
1: Talk to people higher up in the organization. This often
works simply because the organization has a standard way of
dealing with requests not to use the SSN, and the first
person you deal with just hasn't been around long enough to
know what it is.
2: Enlist the aid of your employer. You have to decide whether
talking to someone in personnel, and possibly trying to
change corporate policy is going to get back to your
supervisor and affect your job.
What to do when they ask for your SSN: Page 6 of 9
3: Threaten to complain to a consumer affairs bureau. Most
newspapers can get a quick response. Ask for their "Action
Line" or equivalent. If you're dealing with a local
government agency, look in the state or local government
section of the phone book under "consumer affairs." If it's
a federal agency, your Member of Congress may be able to
help.
4: Insist that they document a corporate policy requiring the
number. When someone can't find a written policy or doesn't
want to push hard enough to get it, they'll often realize
that they don't know what the policy is, and they've just
been following tradition.
5: Ask what they need it for and suggest alternatives. If
you're talking to someone who has some independence, and
they'd like to help, they will sometimes admit that they
know the reason the company wants it, and you can satisfy
that requirement a different way.
6: Tell them you'll take your business elsewhere (and follow
through if they don't cooperate.)
7: If it's a case where you've gotten service already, but
someone insists that you have to provide your number in
order to have a continuing relationship, you can choose to
ignore the request in hopes that they'll forget or find
another solution before you get tired of the interruption.
If someone absolutely insists on getting your Social Security
Number, you may want to give a fake number. There is no legal
penalty as long as you're not doing it to get something from a
government agency or to commit fraud. There are a few good
choices for "anonymous" numbers. Making one up at random is a
bad idea, as it may coincide with someone's real number and cause
them some amount of grief. It's better to use a number like 078-
05-1120, which was printed on "sample" cards inserted in
thousands of new wallets sold in the 40's and 50's. It's been
used so widely that both the IRS and SSA recognize it immediately
as bogus, while most clerks haven't heard of it.
There are several prefixes that have never been assigned, and
which therefore don't conflict with anyone's real number. They
include the following patterns:
1. Any field all zeroes (no field of zeroes is ever assigned)
2. First digit "8" (no area numbers in the 800 series have been
assigned)
3. First two digits 73-79 (no area numbers in the 700 series
have been assigned except 700-729 which were assigned to
railroad workers until 1964)
What to do when they ask for your SSN: Page 7 of 9
Giving a number with one of these patterns rather than your own
number isn't very useful if there's anything serious at stake
since they're likely to be noticed . Numbers beginning with 9
have never been assigned to individuals, but some have been
assigned to organizations and for other special purposes. The
Social Security Administration recommends that people showing
Social Security cards in advertisements use numbers in the range
987-65-4320 through 987-65-4329.
If you're designing a database, and want to use numbers other
than Social Security Numbers, you'd be better off generating
numbers that are shorter than 9 digits, so they won't be confused
with SSNs. If you have an existing database using SSNs, and want
to allow people to use a different identifier, it's better to
generate longer or shorter numbers or ones with letters included
rather than depending on these unused patterns.
The Social Security Administration recommends that you request a
copy of your file from them every few years to make sure that
your records are correct (your income and "contributions" are
being recorded for you, and no one else's are.) As a result of a
recent court case, the SSA has agreed to accept corrections of
errors when there isn't any contradictory evidence, SSA has
records for the year before or after the error, and the claimed
earnings are consistent with earlier and later wages. (San Jose
Mercury News, 5/14, 1992 page 6-A) Call the Social Security
Administration at (800) 772-1213 and ask for Form 7004, (Request
for Earnings and Benefit Estimate Statement.)
U.S. Passports
The application for US Passports (DSP-11 12/87) requests an
Social Security Number, but gives no Privacy Act notice. There
is a reference to "Federal Tax Law" and a misquotation of Section
6039E of the 1986 IRC, claiming that the section requires that
you provide your name, mailing address, date of birth, and Social
Security Number. The referenced section only requires TIN (SSN),
and it requires that it be sent to the IRS and not to the
Passport office. It appears that when you apply for a passport,
you can refuse to reveal your Social Security Number to the
passport office, and instead mail a notice to the IRS, giving
only your Social Security Number (other identifying info
optional) and notifying them that you are applying for a
passport. [I can provide copies of the letter that was used
successfully by one contributor. I'd be interested in hearing
how the State department and the Post Office (which is willing to
process the forms for you) react.]
Results from Some Recent Legal Cases (3/24/93)
CPSR joined two legal cases in 1992 which concerned Social
Security Numbers and privacy. One of them challenged the IRS
practice of printing Social Security Numbers on mailing labels
when they send out tax forms and related correspondence. The
What to do when they ask for your SSN: Page 8 of 9
other challenged Virginia's requirement of a Social Security
Number in order to register to vote.
Dr. Peter Zilahy Ingerman filed suit against the IRS in Federal
District Court in 1991, and CPSR filed a friend of the court
brief in August '91. The case was decided in favor of the IRS.
The Virginia case was filed by a resident of the state who
refused to supply a Social Security Number when registering to
vote. When the registrar refused to accept his registration, he
filed suit. He is also challenging the state of Virginia on two
other bases: the registration form lacked a Privacy Act notice,
and the voter lists the state publishes include Social Security
Numbers. The Federal court of appeals ruled that the state of
Virginia may not allow the disclosure of Social Security numbers
as a condition of registering to vote. The court said that the
Virginia requirement places an "intolerable burden" on the right
to vote. The case is officially referred to as Greidinger v.
Davis, No. 92-1571, Fourth Circuit Court of Appeals, March 22,
1993.
If you have suggestions for improving this document please send
them to me at:
Chris Hibbert
hibbert@memex.com or Memex, Inc.
550 California Ave, Suite 210
Palo Alto, CA 94306
This posting is available via anonymous ftp from rtfm.mit.edu in
the file /pub/usenet/news.answers/ssn-privacy. It's also
available from mail-server@pit-manager.mit.edu by sending a mail
message containing the line "send usenet/news.answers/ssn-
privacy" (without the quote marks) as the sole contents of the
body. Send a message containing "help" to get general
information about the mail server.
What to do when they ask for your SSN: Page 9 of 9
Return to Table of Contents for
Supreme Law School: E-mail