The possibility that U.S. lawmakers might restrict thewidespread use of Social Security numbers in commerce because ofconsumer privacy issues is prompting concern in the financialservices industry.
Such a move would rob businesses of a reliable and widely usedidentity-verification method while doing little to bolster consumerprivacy, said Randy Lively Jr., CEO of the American FinancialServices Association in Washington.
Lively was one of several industry representatives who testified ata hearing last week on the use of Social Security numbers incommerce. Lively spoke before a subcommittee of the House Committeeon Energy and Commerce.
“The Social Security number is the only unique identifier in ourcountry that enables a credit grantor, or a credit bureau, or abank, or an insurance company, or an investment firm to be surethat the consumer they are doing business with” is legitimate, hesaid. Any attempt to change that use could disrupt the nation’seconomy, Lively argued.
While concerns about the misuse of Social Security numbers andtheir link to identity theft are valid, Lively said lawmakers needto understand of the consequences of barring their use forcommercial purposes. “What would be put in place if that numberwere to go away and a new identifier was put in place? And wouldn’tthat identifier be susceptible to the same kind of fraud?” Livelyasked.
The hearing comes at a time of heightened consumer andcongressional attention to what has been a stream of high-profiledata breaches that have exposed the confidential information ofmillions of Americans and raised fears of widespread identitytheft.
“The concern is that use of [Social Security numbers in commerce]is contributing to the problem of ID theft,” said Marc Rotenberg,executive director of the Electronic Privacy Information Center(EPIC), a privacy advocacy group in Washington. Although a SocialSecurity number is not the only source of identity information, “wesee it associated with a growing privacy risk,” he said.
Rotenberg, who testified at the hearing, said that EPIC supportscurrent efforts by federal lawmakers to restrict the use of thenumbers in commerce. One such effort is being led by Rep. EdwardMarkey (D-Mass.), who is sponsoring a bill to require the FederalTrade Commission to put rules in place limiting the purchase andsale of Social Security numbers except in certain situations.Another bill, sponsored by Rep. Clay Shaw (R.-Fla.), seeks toprohibit most government and private-sector sale and public displayof the numbers.
A statement submitted on behalf of the Financial ServicesCoordinating Council (FSCC) of the Securities Industry Associationwarned of “potentially negative effects” if such measures areadopted. Overly broad legislation will raise credit costs, increasefraud and identity theft rates and result in “fundamental andcostly changes to internal business operating systems,” the FSCCsaid.
“While the FSCC recognizes that there have been misuses of [SocialSecurity numbers], we strongly urge that any legislation intendedto address this problem be carefully targeted to specificallyidentified abuses, such as measures to stop identity theft,” thegroup said.
It noted that laws such as the Gramm-Leach-Bliley Act and otherproposed bills already require companies to take adequate measuresto protect sensitive information.
In testimony from the FTC, Commissioner Jon Leibowitz said thereare other things that the government and industry can do to reduceidentity theft, such as implementing better processes forprotecting data and developing better fraud-detectiontechnologies.
The FTC itself will continue to move against companies that fail todemonstrate due diligence in protecting sensitive data, he said ina written statement. “Since 2001, the Commission has brought 13cases challenging businesses that have failed to take reasonablesteps to protect sensitive consumer information in their files,” hesaid. Those cases include a US$10 million civil penalty and $5million in consumer redress that data broker ChoicePoint Inc. hadto pay for allowing identity thieves to gain access to consumerrecords, he said.