Posted on 06/25/2002 12:33:55 AM PDT by 4America
U.S. attorneys in Oregon and that state's regional Social Security Administration announced the sentencing of Juventino Lira-Carmona, a Mexican national who had assumed the identity of a deceased American and used the decedent's Social Security number (SSN) to gain employment and illegally remain in the United States.
According to a press release from the U.S. Attorney's Office, Lira-Carmona was arrested after filing a false application for a U.S. passport. Officials reported that he was placed on probation for one year and remanded immediately into the custody of agents of the Immigration and Naturalization Service (INS) for removal to Mexico. Whether Lira-Carmona was in fact deported by the INS is anyone's guess.
Identity theft is on the rise, said Howard Beales, director of the Bureau of Consumer Protection for the Federal Trade Commission (FTC), in testimony before the Senate Judiciary Committee in March. For calendar year 2001, the FTC's Identity Theft Data Clearinghouse database received more than 86,000 complaints from victims of ID theft, Beales told the panel. According to the General Accounting Office (GAO), SSNs often are the "identifier" of choice among identity thieves.
Yet even as the FTC and consumer advocates seek to strengthen privacy protections, say security specialists, it appears that federal, state and local governments may be the weakest link in improper SSN disclosures. "In the course of using SSNs to administer their programs, and as employers, agencies sometimes display these SSNs on documents, such as program-eligibility cards or employee badges, that can be seen by others who may have no need for the SSN," the GAO reported in May.
The SSN has become one of the clearest examples of government "mission creep." When created in 1936, the SSN was presented as a unique identifier whose sole purpose would be to track the earnings of workers eligible to receive Social Security benefits. But, as explained by the GAO, on Nov. 25, 1943, President Franklin D. Roosevelt issued Executive Order 9397expanding the use of the SSN for all federal agencies "to use identification systems for individuals, rather than set up a new identification system."
The Privacy Rights Clearinghouse (PRC), a San Diego-based nonprofit that teaches consumers how to protect their personal privacy, advises citizens to release their SSNs only when absolutely necessary — as is required on tax forms, employment records and banking, stock and property transactions. "The SSN is the key to your credit and banking accounts and is the prime target of criminals," the PRC warns.
The PRC's Website advises: "If a business requests your SSN, ask if it has an alternative number which can be used instead. Speak to a manager or supervisor if your request is not heeded. Ask to see the company's policy on SSNs. If necessary, take your business elsewhere."
That is widely regarded as sagacity in the private sector. But similar care during a government interaction is likely to provoke a cold stare and a chilly reaction. "If the SSN is requested by a government agency, look for the Privacy Act notice," the site continues. "This will tell you if your SSN is required, what will be done with it and what happens if you refuse to provide it."
The purpose of the Privacy Act, the GAO reported in May, is to balance the government's need to maintain information about individuals with the rights of individuals to be protected against unwarranted invasions of their privacy by federal agencies. Under the act, individuals can bring a civil action against a federal agency requesting the SSN if they believe that the agency has not complied with the Section 7 requirements and if this failure to comply results in an adverse effect on the individual.
Nevertheless, the GAO auditors found that although nearly all government entities surveyed collect and use SSNs for a variety of reasons, many reported they do not consistently provide individuals with information required by the Privacy Act. Furthermore, the GAO officials found, "Although agencies that use SSNs to provide benefits and services are taking steps to safeguard the numbers from improper disclosure, our survey identified potential weaknesses in the security of information systems at all levels of government." The weaknesses discovered indicate that SSNs may be at risk of improper disclosure by bureaucrats who see their primary responsibility as preserving the integrity of their records and data rather than protecting the privacy of the people to whom the data relate.
For example, the Department of Criminal Justice in a state with a workforce of 40,000 employees displays SSNs on all of its employee-identification cards. The GAO auditors reported that employees had to tape over these numbers on their badges so that prison inmates and others could not view their personal information.
Rep. E. Clay Shaw (R-Fla.), chairman of the House Ways and Means subcommittee on Social Security, responded to the report by indicating that the problem has the potential to worsen. "Most alarming is that government agencies are increasingly putting SSNs on the Internet. We cannot allow this to happen," he said in a written statement.
Shaw introduced legislation, the Social Security Number Privacy and Identity Theft Protection Act (HR 2036), "to try to restrict the display of SSNs by federal, state and local governments and implement other critically important SSN safeguards." Staff sources tell Insight this proposal could come to the House floor later this year. So the race is on between protections to thwart unwarranted invasions of the constitutional "right to privacy" and government entities bent on paperwork reduction by making as much data as possible electronically available on the Internet.
Meanwhile average citizens, such as those state criminal-justice workers discussed above, are on their own about how best to shield their private information from brazen offenses such as one a Department of Justice (DOJ) Webpage dubbed a "notorious case of identity theft." A convicted felon, the DOJ says, "not only incurred more than $100,000 of credit-card debt, obtained a federal home loan and bought homes, motorcycles and handguns in the victim's name, but called his victim to taunt him — saying that he could continue to pose as the victim for as long as he wanted because identity theft was not a federal crime at that time — before filing for bankruptcy, also in the victim's name."
Adding to the insult, according to the DOJ, "While the victim and his wife spent more than four years and more than $15,000 of their own money to restore their credit and reputation, the criminal served a brief sentence for making a false statement to procure a firearm, but made no restitution to his victim for any of the harm he had caused. This case, and others like it, prompted Congress in 1998 to create a new federal offense of identity theft."
Now the National Consumers League (NCL), a membership-based consumer organization, has teamed with the Bank of America to launch a new campaign to help educate consumers about identity theft. And individuals aren't the only ones to suffer from such fraud. In a rare private-sector admission, the Bank of America candidly acknowledged that it had fallen victim to ID fraud earlier this year when consumers received an e-mail from someone pretending to be from the bank. The e-mail directed Bank of America customers to a Website masquerading as Bank of America's. Once there, the unsuspecting customers were instructed to provide their personal financial information until Bank of America learned about the scam and alerted law-enforcement authorities, who shut down the fraudulent Website.
According to the NCL, its new "Invasion of the ID Snatchers" Webpages (www.nclnet.org) will present common scenarios to illustrate how thieves steal personal information and what they can do with it, tips for consumers on how to avoid ID theft and information about how to report the crime. It also will provide tips for businesses on how to secure the personal information they collect from consumers.
In a written statement, Susan Grant, NCL's vice president for public policy, echoed the DOJ's recognition of a scary new reality. "Depending on the information they steal, ID thieves can take over your accounts, open new ones in your name, get utility service, apply for government benefits, file for bankruptcy, even get married in your name," she said.
Private-sector vigilance may have to set the example for cash-strapped state and local governments that seem increasingly to view the private information of citizens as a state-owned commodity. An example is badly needed. "When comparing the sharing practices of courts, state licensing agencies and county recorders to program agencies that collect and use SSNs, a higher percentage of county recorders reported sharing information containing SSNs with credit bureaus, researchers, debt-collection agencies, private investigators and marketing companies," the GAO reported. Moreover, it added, the local governments that share data often do not restrict receiver use or disclosure of the data.
Sen. Charles Grassley (R-Iowa), ranking member of the Senate Judiciary subcommittee on Crime and Drugs, has joined with Sens. Dianne Feinstein (D-Calif.), Jon Kyl (R-Ariz.) and Jeff Sessions (R-Ala.) in introducing legislation to increase penalties for individuals who commit crimes while using a stolen identity. Grassley puts the onus for SSN vulnerability on the entity that started it. "As the creator of Social Security numbers, the federal government also has to be the protector of Social Security numbers," he says.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.