Your Social Security Number is under attack and your personal records are more exposed than you'd like to think. At least that seems to be the observation in a frightening study released today that says among other things that 85% of large counties and 41% of small counties in the US make records that may contain SSNs generally available in bulk or online. On top of that, many record keepers do not or cannot restrict the types of entities that can obtain public records and may not know how records are being used. Finish that observation off with the notion that some businesses are sending records with SSNs offshore, primarily to India and the Philippines, even though not much is known about how such data are protected overseas.
The dour Web-based study was conducted by the Government Accountability Office and looked at 247 counties across the US responsible for recording documents-including the 97 largest counties by population and a random sample of 150 of the remaining counties. Records could include birth, death, and marriage records; criminal and civil court case files; and records that reflect property ownership, such as property liens. Some records contain personal identifying information, such as SSNs, dates of birth, and credit card or bank account numbers.
AK, CT, HI, RI, and VT were not included in the study because the GAO said individual counties don't collect personal data in those states.
So if you have ever wondered how identity theft can be the number one consumer fraud problem seven years running, costing consumers more than $1.2 billion in 2007 alone, and showing no signs of letting up, perhaps we need only look to the results of studies such as this.
Some of the other disturbing findings include:
The GAO study did say some things were being done to control the use of SSNs. Several bills are pending in Congress that would limit the display or sale of SSNs to the public or to private entities.
For example, S. 238 generally prohibits the display or purchase of SSNs without the express consent of the SSN holder; contains an exception for certain public records. H.R. 948 would make it unlawful for any person to sell or purchase SSNs in a manner violating regulations to be promulgated by SSA. Then H.R. 3046 would restrict the sale and display of SSNs to the general public by government entities; however it does not specifically address SSNs in public records but does require the Social Security Administration to develop uniform truncation standards. Finally S. 2915 would prohibits display of SSNs to the general public on the Internet by state and local governments unless truncation standards to be set by SSA in accordance with certain guidelines are met; considers certain unencrypted transmittals of SSNs through the Internet to be a public display.
The GAO said some federal, state, and local governments have recently taken steps to safeguard SSNs in public records. The GAO said more than a third of counties have already redacted or truncated SSNs or are currently removing SSNs from their records; some in response to state laws and others of their own accord. Some states, such as New Jersey and Ohio, prohibit SSNs from appearing in any publicly recorded document. Others limit the requirement to specific types of records; for example, Kansas and Utah prohibit SSNs from being shown in voter registration records, the GAO said.
However, recent actions by states and counties to limit the display of SSNs in records made available to the public through redaction or truncation are positive steps, but, because millions of records with SSNs have already been obtained in bulk or online, these actions will protect SSNs only in future transfers, the GAO said.
Ironically or perhaps preemptively in light of the GAO report, the President's Identity Task Force today said federal agencies have worked to eliminate unnecessary uses of SSNs in their programs. For example, the Social Security Administration has removed SSNs almost entirely from its internal human resources forms. The Department of Defense has issued a plan to reduce its internal use of SSNs, including their removal from military ID cards. The Internal Revenue Service has been redacting taxpayer SSNs to the last four digits on all federal tax lien documents filed in public records and issued to taxpayers.
Layer 8 in a box
Check out these other hot stories:
Feds gain little victories in protracted identity theft war
Lunar spacecraft compete for $2 million NASA prize
Are we being chiseled further at the gas pump?
Is the tech industry immune to current financial mess?
FTC wilts mega "male enhancement" spam operation
Advertisement: |
The Leader in Network Knowledge
Post new comment