Posted on 03/27/2002 11:27:08 PM PST by JohnHuang2
A General Accounting Office report has claimed that privacy experts "have no problems" with the collection and use of Social Security numbers by state motor vehicle agencies, though experts who spoke with WorldNetDaily disagreed with the agency's assertion.
The GAO, Congress' watchdog agency, made the claim in a report released in February entitled, "Child Support Enforcement: Most States Collect SSNs and Use Them To Enforce Child Support."
It said that 47 out of 53 motor vehicle agencies [MVAs] "collect SSNs from all applicants for driver's licenses," but that federal officials have "taken limited or no steps to promote such collection of SSNs in states not currently doing so."
"While many of the state officials and privacy experts we spoke with recognized the increased dissemination of SSNs throughout society as a serious concern, few felt that this concern extended to the policy of motor vehicle agencies collecting SSNs for child support enforcement," said the report.
Regulations requiring states to collect SSNs from drivers were enacted in August 1997 and are administered by the Office of Child Support Enforcement, or OCSE, a division of the Administration for Children and Families, which is part of the Department of Health and Human Services. The GAO said states have two opportunities to collect the numbers – at license issuance and renewal.
The OCSE is also in charge of disbursing federal funds to states for their child support enforcement programs. Last year, OCSE, according to its records, disbursed $429 million to states. This year, the figure is $450 million, increasing to $461 million in FY 2003.
For states to qualify for the funding, under the terms of the 1997 law, they must enact child support enforcement laws that include collection of SSNs from drivers.
According to the GAO, six states are not collecting SSNs from drivers. Legislatures in five of the states – Georgia, Kansas, Maryland, Minnesota and Oregon – have yet to introduce laws requiring the collection of SSNs by motor vehicle agencies. The sixth state – Michigan – has passed a law, but its MVA is not yet collecting numbers.
The GAO said it had some concerns that many state computer systems were inadequate to protect databases containing drivers' SSNs from unauthorized access.
"Although state officials and privacy experts we spoke with expressed few privacy concerns regarding the policy that motor vehicle agencies collect SSNs for child support enforcement, possible weaknesses in the policies and procedures that some MVAs use to safeguard SSNs indicate the potential for compromising privacy," the GAO report said.
The agency said federal and state laws "greatly limit the extent to which MVAs can provide SSNs to other entities, including those in the private sector."
But, the report continued, "limiting who can legally receive SSNs is not enough to ensure privacy. SSNs also must be protected from unauthorized access and misuse."
The agency said its investigation "revealed potential deficiencies in protecting SSNs from such abuse." Though most state MVA officials said SSNs stored on their agencies' computers were safe, "officials in 40 states also reported that their computer security programs lacked at least one of five basic components of information security" – risk assessments, agencywide security plans, audits, access monitoring and policies for password selection and use.
Privacy experts surveyed by WND discounted the agency's assertion that the use of SSNs for child support enforcement or for other purposes was not a problem.
Charlotte Twight, a professor of economics at Boise State University, says the government is increasing its use of SSNs.
"Government officials have pursued a very deliberate, incremental strategy in order to increase the use of the SSN," she told WorldNetDaily. "We've just recently seen the push to get more and more information tied to the driver's license," which could ultimately lead to a national ID card.
Lawmakers "stuck a provision to do just that into an immigration bill in 1996," said Twight, who has just authored a new book, "Dependent on D.C.: The Rise of Federal Control Over the Lives of Ordinary Americans," a CATO Institute work that was published by St. Martin's Press. "It was repealed, but they keep pushing."
"When you think of something like child support enforcement, that's an appealing rationale. But that doesn't mean it's a desirable thing to do. We already had laws to go after deadbeat parents for back child support," she said, adding, "The use of SSNs is not infallible."
Scott McDonald, editor of the Scan This News electronic newsletter – a publication that tracks privacy concerns and the government's increasing use of biometrics – called the report a "government propaganda piece," and said he questions why the GAO failed to list the "privacy experts" it says it contacted for its report.
"I contacted the report's authors attempting to find out exactly who the 'experts' were they spoke with," McDonald said in a Tuesday e-mail update. "Initially, I was told that the names of the 'privacy experts' would be e-mailed to me. However, a week later I was contacted by phone and told I must first file a Freedom of Information Act Request before the names could be released.
"I am in the process of making this request," he said.
McDonald also pointed out that "nowhere does the report comment on the hundreds and possibly thousands of Christian individuals with strong religious objections to the SSN demand. …" And he said the report doesn't mention "the fact that the initial Social Security number requirement as adopted in 1996 applied only to 'commercial' driver licenses, and that the word 'commercial' was surreptitiously deleted by Congress the following year."
Other privacy experts said they were indeed concerned about the use of SSNs for any sort of identification purpose.
"Social Security numbers should be used solely for purposes of administering the Social Security program," said Katherine Albrecht, head of CASPIAN – Consumers Against Supermarket Privacy Invasion and Numbering, an electronic privacy group.
"Of course, Americans were promised at the outset of that program that the numbers would never be used for identification purposes," she told WorldNetDaily. "Beware the slippery slope."
The Electronic Frontier Foundation is also opposed to the collection of SSNs by state driver's licensing bureaus.
"Social Security numbers should not be used as a requirement for a state driver's license. Historically, Social Security numbers were never intended to be used as universal identifiers," said Shari Steele, a staff attorney for the group, in a letter to the Department of Transportation.
"Over the past 50 years, we have seen more and more pieces of information linked by Social Security numbers. These databases, once collected, do not remain private; history shows that more and more uses would be made of the information collected," Steele wrote. "Furthermore, the Social Security number system has proven to be extremely insecure and is riddled with duplicate numbers, false numbers and other incorrect information."
Robert Ellis Smith, a lawyer and publisher of Privacy Journal, a monthly newsletter reporting on new technology and its impact on privacy, said he "can't think of any" privacy experts who would favor a motor vehicle agency's collection of SSNs.
"That's astounding," he said, adding that SSNs "are far overused, which contributes to the epidemic of identity theft."
Smith, who is planning an April 12-14 conference of privacy activists in his home state of Rhode Island, told WorldNetDaily, "It's proper to use an SSN for any tax-generated transaction."
"It may be appropriate that child support enforcement is one of those and you could collect them for that, but not collect them for motor vehicle purposes and then use it for child support enforcement," he said. "That violates a basic principle of privacy, that you shouldn't take information for one purpose then use it for separate purposes."
Smith said SSN fraud committed by motor vehicle agency workers and others with authorized access "could be stopped with more and careful auditing" of employees.
Other groups say SSNs are not completely infallible.
"Many people assume that Social Security numbers are unique. They were intended by the Social Security Administration to be unique, but the SSA didn't take sufficient precautions to ensure that it would be so," said a policy paper written by Chris Hibbert for Computer Professionals for Social Responsibility, a public-interest alliance of computer scientists concerned about the impact of computer technology on society.
The SSA "has several times given a previously issued number to someone with the same name and birth date as the original recipient, thinking it was the same person asking again," Hibbert wrote. And, he said, "there are a few numbers that were used by thousands of people because they were on sample cards shipped in wallets by their manufacturers."
Privacy advocates also say that even with better security for state MVA computer systems it is hard to account for the "human factor."
An Oct. 1, 2000, report in the Orange County Register underscored that concern. It said California Department of Motor Vehicle employees were "selling fraudulent driver's licenses to undocumented immigrants, convicts and identity thieves."
The paper's investigation found "that more than 100,000 fraudulent duplicate licenses are issued annually to criminals by the" DMV.
"Most of the problems are caused by a lax security system that allows criminals to easily walk in and pose as someone else, using nothing more than the person's driver's license number to fill out the paperwork," the paper said. "From there, false Social Security numbers are used to fool clerks, who then issue a duplicate license in another person's name to the criminal. The department does not check the authenticity of Social Security numbers."
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.