 | |
| |
TechnologyDaily Mobile
The Privacy In Social Security Regulation
When Congress returns to its lame-duck, post-election session, lawmakers will face a lingering dispute about the privacy of Social Security numbers. Although the battle almost was lost in the last-minute shuffle of other, more high-profile disputes between GOP lawmakers and President Clinton, potent differences of opinion remain, and they are likely to presage hard-fought fights about information privacy in the next Congress and beyond.
At issue is exactly how far legislation designed to restrict the use and dissemination of Social Security numbers — considered by many to be the gateway to identity theft — should go. In attempting to craft a law that would limit the online display of Social Security numbers, Sen. Judd Gregg, R-NH, included exemptions in legislation he crafted designed to allow banks, credit bureaus, database companies, and child-support and child-protection organizations to continue use such numbers. Gregg succeeded in attaching his language to the bill produced by the Commerce, Justice, State and Judiciary Appropriations Subcommittee, which he chairs.
Groups that support the language argue that Social Security numbers are essential to their own operations and also are valuable in combating fraud and even identity theft. But to privacy advocates, the White House and even several Republican lawmakers, those provisions amount to major loopholes in a law that they say would make it even easier for shady information brokers to trade Social Security numbers that can then be misused.
A fight of the past ... and for the future
The emergence of identity theft as a stumbling block in the appropriations endgame demonstrates the passion of privacy issues on Capitol Hill. Despite the complexity of the issue — which was the subject of a two-day conference at the Federal Trade Commission and a one-day conference at the Social Security Administration last month — it is not likely to ebb.
At both the FTC and Social Security Administration conferences last week, victims of identity theft recounted harrowing experiences with fraudsters who assumed their identity and tallied thousands of dollars in credit-card debt and other bills. In one case, Robert Greer of New Hampshire found himself with a criminal record when his impersonator failed to appeal in court after receiving a speeding ticket.
"Normally, you are innocent until proven guilty," Deborah North, another victim of identity theft, said during the FTC conference. "In this case, it was the opposite." She said it was difficult to persuade creditors that she was not to blame for charges against her account.
Critics of Gregg's language support rival measures, including S. 2328, introduced by Sen. Dianne Feinstein, D-CA, at the behest of Vice President Al Gore, or H.R. 4857, introduced by House Ways and Means Social Security Subcommittee Chairman Clay Shaw, R-FL. With White House privacy counsel Peter Swire acting as point man, privacy advocates have joined consumer groups, civil libertarians and the bipartisan Congressional Privacy Caucus in fighting the Social Security number provision included in the spending bill.
Their pressure prompted Clinton to threaten a veto. "The bill fails to address in any meaningful way the real privacy concerns about Social Security numbers raised by the administration," Clinton wrote. "Regrettably, it does not include needed protection against the inappropriate sale and display of individual citizens' Social Security numbers. Moreover, the bill creates loopholes that seriously undermine the goal of the legislation to protect privacy."
Both the House and Senate passed the measure before departing last week. The president has not yet vetoed it.
Culling information from credit headers
While all parties agree that identity theft is a serious problem and favor some common solutions — tougher laws against fraud, better and more coordinated enforcement, and aggressive education efforts by agencies like the FTC — privacy advocates and industry groups differ on their approach to the touchy question of Social Security numbers.
While supporting Gregg's provisions that ban the display of Social Security numbers to private individuals, business groups argue that the sale of Social Security to banks helps them verify the identity of applicants for credit and hence prevent identity theft. But privacy groups disagree.
Beth Givens, director of the San Diego-based Privacy Rights Clearinghouse, which has been one of the most active organizations counseling victims, blames the increase in identity fraud on the proliferation of Social Security number in the so-called "credit header" information from credit reports. Databases with credit-header information contain names, addresses, phone numbers and Social Security numbers but lack the detailed credit histories that are available in the body of the credit reports. But unlike the main credit histories, credit-header information has not — until now — been subject to the Fair Credit Reporting Act (FCRA), which imposes obligations upon credit bureaus when they list incorrect information in their credit reports.
The FTC wants to limit the availability of credit-header information under proposed regulations implementing last year's Gramm-Leach-Bliley Financial Services Modernization Act, S. 900. But the Direct Marketing Association has sued to overturn those provisions, arguing that the new law was not intended to change FCRA.
Givens said the Gregg provision — unlike the Shaw and Feinstein measures — would not address the proliferation of so-called "information broker" Web sites such as fastbreakbail.com or docusearch.com that sell Social Security numbers and has been highly critical of the proposal. Referring to the fact that Gregg's measure is dubbed "Amy Boyer's Law" after a New Hampshire woman was murdered when a stalker allegedly found her by purchasing her Social Security number on the Internet, Givens said that "it is not going to stop murders in the future."
Consumer groups say that even without identity theft, the resale of credit-header information should not occur without customer consent. Ed Mierzwinski, director of the consumer program U.S. Public Interest Research Group (USPIRG), calls the practice "probably the most unfair secondary use of personal information."
"They collect all this information from the bank, and all the demographic information," Mierzwinski said. "Although credit reports are sold under the FCRA, credit headers are sold outside of the law." And he said that "many people feel that information brokers' source of databases is credit headers."
Charges without evidence
Gregg spokesman Ed Amorosi disputed those characterizations and said the exemptions in the provision "were the result of thoughtful consideration of the impact that a complete ban on the use of Social Security numbers would have on our nation's economy."
"Amy Boyer's Law clearly prohibits any sale or display of Social Security numbers to the public," Amorosi said. "Legitimate business practices that may be permitted under the bill do not include practices that allow the display or sale to the public."
Supporters of the Gregg bill say the allegations about information from credit headers being used to commit fraud are wrong. "We are not aware of identity theft resulting from credit headers," said attorney Ron Plesser, who represents the Individual Reference Service Group (IRSG), a group of companies such as Lexis-Nexis that provide databases that include access to credit header information for strictly limited groups of customers.
Plesser added that because the IRGS's self-regulatory principles took effect in 1997, the companies have not included Social Security numbers in services that it has made available to the public. Rather, he said, such information is available only to select law-enforcement officials and credit-fraud investigators, and their use is tracked and companies can be held accountable for releasing such numbers to the general public.
William Fason, a private investigator licensed in Houston, goes even further, arguing that separate studies about identity theft by USPIRG, the FTC, the Federal Reserve Board, the Privacy Rights Clearinghouse and Congress' General Accounting Office have failed to document cases in which identity theft can be traced to credit-header information.
"No federal agency or non-governmental group has released a study documenting the claim that 'the sale or purchase of Social Security account numbers is a significant factor' in identity fraud or that it 'often facilitates the commission of criminal activities,'" Fason said in a recent paper citing the justification in Shaw's bill for closing the availability of credit-header information. "It would be reckless to effect the kind of fundamental changes in public records and private-sector business practices envisioned by H.R. 4857 without thorough consideration of the problem of identity fraud."
 | - by Drew Clark |
NEW FEATURE
-Advertisement-
-Advertisement-
-Advertisement-
