[House Hearing, 106 Congress]
[From the U.S. Government Publishing Office]
H.R. 220, THE FREEDOM AND PRIVACY RESTORATION ACT
=======================================================================
HEARING
before the
SUBCOMMITTEE ON GOVERNMENT MANAGEMENT,
INFORMATION, AND TECHNOLOGY
of the
COMMITTEE ON GOVERNMENT REFORM
HOUSE OF REPRESENTATIVES
ONE HUNDRED SIXTH CONGRESS
SECOND SESSION
ON
H.R. 220
TO AMEND TITLE II OF THE SOCIAL SECURITY ACT AND THE INTERNAL REVENUE
CODE OF 1986 TO PROTECT THE INTEGRITY AND CONFIDENTIALITY OF SOCIAL
SECURITY ACCOUNT NUMBERS ISSUED UNDER SUCH TITLE, TO PROHIBIT THE
ESTABLISHMENT IN THE FEDERAL GOVERNMENT OF ANY UNIFORM NATIONAL
IDENTIFYING NUMBER, AND TO PROHIBIT FEDERAL AGENCIES FROM IMPOSING
STANDARDS FOR IDENTIFICATION OF INDIVIDUALS ON OTHER AGENCIES OR
PERSONS
__________
MAY 18, 2000
__________
Serial No. 106-206
__________
Printed for the use of the Committee on Government Reform
Available via the World Wide Web: http://www.gpo.gov/congress/house
http://www.house.gov/reform
U.S. GOVERNMENT PRINTING OFFICE
71-388 WASHINGTON : 2001
_______________________________________________________________________
For sale by the Superintendent of Documents, U.S. Government Printing
Office
Internet: bookstore.gpo.gov Phone: (202) 512-1800 Fax: (202) 512-2250
Mail: Stop SSOP, Washington, DC 20402-0001
COMMITTEE ON GOVERNMENT REFORM
DAN BURTON, Indiana, Chairman
BENJAMIN A. GILMAN, New York HENRY A. WAXMAN, California
CONSTANCE A. MORELLA, Maryland TOM LANTOS, California
CHRISTOPHER SHAYS, Connecticut ROBERT E. WISE, Jr., West Virginia
ILEANA ROS-LEHTINEN, Florida MAJOR R. OWENS, New York
JOHN M. McHUGH, New York EDOLPHUS TOWNS, New York
STEPHEN HORN, California PAUL E. KANJORSKI, Pennsylvania
JOHN L. MICA, Florida PATSY T. MINK, Hawaii
THOMAS M. DAVIS, Virginia CAROLYN B. MALONEY, New York
DAVID M. McINTOSH, Indiana ELEANOR HOLMES NORTON, Washington,
MARK E. SOUDER, Indiana DC
JOE SCARBOROUGH, Florida CHAKA FATTAH, Pennsylvania
STEVEN C. LaTOURETTE, Ohio ELIJAH E. CUMMINGS, Maryland
MARSHALL ``MARK'' SANFORD, South DENNIS J. KUCINICH, Ohio
Carolina ROD R. BLAGOJEVICH, Illinois
BOB BARR, Georgia DANNY K. DAVIS, Illinois
DAN MILLER, Florida JOHN F. TIERNEY, Massachusetts
ASA HUTCHINSON, Arkansas JIM TURNER, Texas
LEE TERRY, Nebraska THOMAS H. ALLEN, Maine
JUDY BIGGERT, Illinois HAROLD E. FORD, Jr., Tennessee
GREG WALDEN, Oregon JANICE D. SCHAKOWSKY, Illinois
DOUG OSE, California ------
PAUL RYAN, Wisconsin BERNARD SANDERS, Vermont
HELEN CHENOWETH-HAGE, Idaho (Independent)
DAVID VITTER, Louisiana
Kevin Binger, Staff Director
Daniel R. Moll, Deputy Staff Director
David A. Kass, Deputy Counsel and Parliamentarian
Lisa Smith Arafune, Chief Clerk
Phil Schiliro, Minority Staff Director
------
Subcommittee on Government Management, Information, and Technology
STEPHEN HORN, California, Chairman
JUDY BIGGERT, Illinois JIM TURNER, Texas
THOMAS M. DAVIS, Virginia PAUL E. KANJORSKI, Pennsylvania
GREG WALDEN, Oregon MAJOR R. OWENS, New York
DOUG OSE, California PATSY T. MINK, Hawaii
PAUL RYAN, Wisconsin CAROLYN B. MALONEY, New York
Ex Officio
DAN BURTON, Indiana HENRY A. WAXMAN, California
J. Russell George, Staff Director and Chief Counsel
Heather Bailey, Professional Staff Member
Bryan Sisk, Clerk
Trey Henderson, Minority Professional Staff Member
C O N T E N T S
----------
Page
Hearing held on May 18, 2000..................................... 1
Text of H.R. 220............................................. 3
Statement of:
Bovbjerg, Barbara, Associate Director of Education,
Workforce, and Income Security Issues, Health, Education,
and Human Services Division, U.S. General Accounting
Office; Fritz Streckewald, Associate Commissioner for
Program Benefits, the Social Security Administration;
Charlotte Twight, professor and privacy expert, Boise State
University; and Robert Ellis Smith, editor, the Privacy
Journal.................................................... 27
Paul, Hon. Ron, a Representative in Congress from the State
of Texas................................................... 12
Letters, statements, etc., submitted for the record by:
Bovbjerg, Barbara, Associate Director of Education,
Workforce, and Income Security Issues, Health, Education,
and Human Services Division, U.S. General Accounting
Office, prepared statement of.............................. 29
Horn, Hon. Stephen, a Representative in Congress from the
State of California, prepared statement of................. 10
Kleczka, Hon. Jerry, a Representative in Congress from the
State of Wisconsin, prepared statement of.................. 25
Paul, Hon. Ron, a Representative in Congress from the State
of Texas, prepared statement of............................ 15
Smith, Robert Ellis, editor, the Privacy Journal, prepared
statement of............................................... 61
Streckewald, Fritz, Associate Commissioner for Program
Benefits, the Social Security Administration:
Information concerning impact of elimination of
retirement earnings test............................... 78
Prepared statement of.................................... 40
Twight, Charlotte, professor and privacy expert, Boise State
University, prepared statement of.......................... 52
H.R. 220, THE FREEDOM AND PRIVACY RESTORATION ACT
----------
MAY 18, 2000
House of Representatives,
Subcommittee on Government Management, Information,
and Technology,
Committee on Government Reform,
Washington, DC.
The subcommittee met, pursuant to notice, at 2 p.m., in
room 2154, Rayburn House Office Building, Hon. Stephen Horn
(chairman of the subcommittee) presiding.
Present: Representatives Horn and Turner.
Staff present: J. Russell George, staff director and chief
counsel; Heather Bailey, professional staff member; Bonnie
Heald, director of communications; Bryan Sisk, clerk; Elizabeth
Seong and Michael Soon, interns; Michelle Ash and Trey
Henderson, minority counsels; and Jean Gosa, minority assistant
clerk.
Mr. Horn. A quorum being present, the hearing of the
Subcommittee on Government Management, Information, and
Technology will come to order.
This is the fourth in a series of subcommittee hearings on
the issue of privacy. Today, we will examine proposed
legislation that would prohibit Federal, State, and local
government agencies from using Social Security numbers as
identification numbers, except for Social Security and tax
purposes. H.R. 220, the Freedom and Privacy Restoration Act of
1999, sponsored by Representative Ron Paul from Texas, in
addition to limiting the use of Social Security numbers, the
bill would prohibit government agencies from asking individuals
for their Social Security number.
The proliferation of personal information on the Internet,
in combination with the broad use of the Social Security
number, has caused a growing concern over protecting citizens
against a rising tide of identity theft associated frauds. When
the Social Security number system began in 1936, its purpose
was to identify individuals who receive benefits from the
Social Security retirement system. Over the years, however, the
use of this number has expanded far beyond its original intent.
Today, the social number is used as a personal identification
number by State and local agencies, utility companies,
universities, and a proliferation of private businesses.
Credit bureaus use the number to maintain individual
consumer credit histories. State income tax officials use it to
identify tax filers. Numerous businesses that sell personal
information, offer financial services, and provide health care
also rely on the Social Security number. These companies use
the number to assess personal credit ratings, locate assets,
maintain health records, and ensure that individuals comply
with a variety of rules and regulations.
Clearly, there is a need to protect personal information.
There is an equally compelling need to ensure the integrity of
Federal programs. Today, the subcommittee will examine whether
H.R. 220 is an appropriate balance between those needs.
I will add that we will have a future hearing with
individuals that relate to this problem, such as universities
across the land, State governments, motor vehicle operations,
county registrars. I welcome our witnesses today and look
forward to their testimony.
[The text of H.R. 220 and the prepared statement of Hon.
Stephen Horn follow:]
[GRAPHIC] [TIFF OMITTED] T1388.001
[GRAPHIC] [TIFF OMITTED] T1388.002
[GRAPHIC] [TIFF OMITTED] T1388.003
[GRAPHIC] [TIFF OMITTED] T1388.004
[GRAPHIC] [TIFF OMITTED] T1388.005
[GRAPHIC] [TIFF OMITTED] T1388.006
[GRAPHIC] [TIFF OMITTED] T1388.007
[GRAPHIC] [TIFF OMITTED] T1388.008
[GRAPHIC] [TIFF OMITTED] T1388.009
Mr. Horn. The gentleman from Texas hasn't arrived yet, but
we will begin with the other gentleman from Texas.
We have with us the author of the bill, Hon. Ron Paul, a
Member of Congress from Texas.
STATEMENT OF HON. RON PAUL, A REPRESENTATIVE IN CONGRESS FROM
THE STATE OF TEXAS
Mr. Paul. Thank you, Mr. Chairman.
I really appreciate this opportunity and I want to thank
you for holding these hearings. The issue of privacy certainly
is getting the attention of many people in this country and
starting to get the attention of many Members of Congress.
I do have a written statement that I would like to submit.
Mr. Horn. Without objection, your prepared statement will
appear in the record.
I might say that the minute we introduce any witness here
their full statement goes in automatically.
Mr. Paul. And I would like to add there is one letter that
came from a constituent and I would like to submit that letter
as well.
Mr. Horn. Without objection, that letter will also appear
in the record.
Mr. Paul. The issue of privacy certainly has been catching
the attention of a lot of people. Last year I introduced this
legislation to try to deal with it because we do hear from a
lot of our voters who are saying that the Social Security
number is being used too often and improperly. In a technical
sense, they are right. They are right in the sense that in a
free society they are not supposed to be monitored by the
Government the way the Social Security number monitors us.
When we established the Social Security number in 1935 or
1936, it was never intended to be a national identifier. In
1970, the Congress passed a bill called the Bank Secrecy Act.
That sounds like maybe it would preserve secrecy, but it did
exactly the opposite. It made sure the banks knew more about us
and the Government got hold of more information.
Congress responded in 1974 by passing the Privacy Act, and
it too sounded good and has a very good sentence in there that
says the taxpayer and voters will be protected and the Social
Security number cannot be used as a national identifier. But
unfortunately, in the same piece of legislation, it said that
Congress can enact anything they want and mandate the use of
the Social Security number.
So Congress since that time has ignored the good statement
and picked up on the other statement that said that they do
have the authority, according to the Privacy Act of 1974. And
Congress has not been bashful. There are 40 different programs
now that use the Social Security number as the identifier.
And in 1996, there was a giant leap forward to even
expanding this more so because the Immigration Act was written
with a mandate for the Transportation Department to develop a
national identification card through our drivers' licenses.
Fortunately, with some effort, we have been able to rescind
that authority.
But also in 1996, the Health Insurance and Portability Act
established a need and authority to set up a national data bank
and to have a national medical identifier. And today, with the
Government being so involved in medicine, it was argued that
this would make it more efficient for Government to monitor and
manage medical care because the Government is dealing with the
HMOs and this will make it more efficient.
And there is some plausibility to that particular argument,
but it also invites the risk, just as happened so often. What
looks like a good program always has a down side. The down side
is that the Government is going to have all our medical
records. And as a physician, I certainly think that is a very
dangerous thing because our Government doesn't have a real good
record for protecting our privacy. They should be protecting
our privacy and there is a lot more time spent invading our
privacy.
We do hear stories and they are not limited to one
administration where the IRS has been abusive and has been used
to invade our privacy. We have also heard about FBI files being
abused. So the American people are very, very frightened by all
this.
My theory on why we heard so much from our constituents
this year on the census wasn't that the census was that more
onerous--I think the questions were probably similar to what
has been going on for the last 20 or 30 years because they have
always asked a lot of questions--but I think the American
people now are much more nervous about giving information to
the Government. And that is why I think they were complaining
so much and worried about it.
And even within the census, they have introduced an idea
that they were going to expand on the monitoring approach by
having a test in there they actually ask as a test 21,000
people for their Social Security numbers to see what they can
learn and how well the people would respond.
So if we don't pay more attention to this, soon the census
will be monitored and our numbers will be used to report our
numbers and our names to the census. Already today just about
everything we do needs a Social Security number. If we're
looking for a job, birth certificate, death certificate, bank
accounts, medical care--the list goes on and on--drivers'
licenses. In most States, you can't even get a fishing license
without a Social Security number.
This invites trouble. And one of the worst down sides to
this is that by having a universal identification number, it is
a good way to bring all our information together of every
individual. If we don't do it, we are in trouble with the
Government.
And once the information is brought together, the job of
identification theft becomes relatively easy. All you have to
do is get the Social Security number. And because of Government
mandates, we have set it up for them.
My bill deals with this. You can't use your Social Security
number for anything other than Social Security. And take away
the mandates. Don't tell the States--well, in order for you to
get your highway funds, you will put the Social Security number
on your drivers' licenses--we wouldn't be able to do that,
either.
So this is a broad approach, a serious approach, there is a
lot of support for it, but I also understand very clearly the
arguments against it because they talk about Government being
less effective. They believe they can cut down on fraud if they
use the Social Security number. But the real purpose of
Government in a free society is not to make the Government
efficient. The purpose of Government in a free society should
be to preserve our freedoms.
To me, privacy is equivalent to if not synonymous with
freedom. So if we are carelessly willing to sacrifice so much
of our privacy and so much of our freedom for the argument that
Government may be more efficient, I think is a dangerous
direction to be going in.
So this is the reason I bring this to you. I appreciate
very much your willingness to listen and look at it because I
don't think this issue is going to go away. And I think the
nice part about it from my viewpoint--from a civil libertarian
viewpoint--is that it isn't a right-wing conservative issue and
it is not a left-wing liberal issue. It is a civil libertarian
issue which brings in a lot of people from both sides.
And although we get a lot of support and understanding on
the need for this, there is also the great hesitation to
endorse this because they are frightened about what it might do
in handicapping the efficiency of Government.
And I will be glad to yield for questions.
[The prepared statement of Hon. Ron Paul follows:]
[GRAPHIC] [TIFF OMITTED] T1388.010
[GRAPHIC] [TIFF OMITTED] T1388.011
[GRAPHIC] [TIFF OMITTED] T1388.012
[GRAPHIC] [TIFF OMITTED] T1388.013
Mr. Horn. Let me ask you about Medicare.
When we drafted the Medicare bill--and I was on that team
in the Senate staff in 1965--we followed essentially how Social
Security had done it and we modelled the Medicare part on it.
Now, would you permit the use of the Social Security number
for medical files in Medicare, since it is needed to make sure
there are real people getting benefits and not somebody that
has a number--and there is no question there is a lot of misuse
of the number in terms of people looking at the dead and all
the rest. If it hasn't been changed in Baltimore, I guess they
get away with it. But we will get some testimony on that later.
But how do you feel about including Medicare with a Social
Security number.
Mr. Paul. My first thoughts are psychologically, in my
mind, without thinking it through in detail legally--I think of
Medicare and Social Security being pretty close together. I
think if that were the only problem, I don't think I would be
here with this piece of legislation. But I think if we were to
use it for Medicare, it could be very, very strictly limited to
that with the idea that that is part of the Social Security
system, because I think of it as the same. I think of it as the
same.
But I think when you get into the other medical programs,
whether it is the managed care system the Government has so
much to do with or the Medicaid system and on and on, then I
would not be nearly that generous. I would say that you should
have another identifier because there will always be the
efficiency argument, whether it is an educational program or a
medical program. But strictly limited to Medicare for the
protection of the individuals I think is very important.
Mr. Horn. In the testimony we expect to hear on the next
panel, it will be pointed out that if there isn't a common
identifier when Government agencies attempt to locate that it
creates a problem. For example, dead-beat dads, people with
similar names may be mistakenly identified and there is a real
problem where the people aren't submitting their alimony
ordered by the court, they move across county lines in
California or they move across State lines.
How would you address that problem if your bill became law?
Mr. Paul. I think States faced this problem prior to the
time we had Social Security because I don't think of dead-beat
dads as a separate issue. I think that is a problem of someone
not paying their bills and meeting up to their financial
responsibilities. So I would say that is a State issue. And if
you are dealing with a cross-State problem, then those two
States have to get together and work it out.
But prior to even the 1960's, we didn't have that because
it was only in the 1960's when we started really using it. And
even in the 1970's when we dealt with all the financial
accounts--we didn't even have the Social Security numbers on
our tax returns until 1961.
So I would say that that is not the job of the Federal
Government or the Congress to facilitate this collection. This
is a very serious problem, but prior to the Social Security
number, it was handled as adequately as it is today, I am sure.
Mr. Horn. Well, I remember one study we had a few years ago
on Pell grants. Those are the ones that generally help the
State schools and colleges. One person was eligible on Pell
grants in terms of the information he showed at the student
financial aid office, but actually he was a millionaire, and
that was found through interconnection of his Social Security
number with that in the tax record.
Does that bother you?
Mr. Paul. It bothers me that fraud was committed, but I do
not think that we eliminate the prosecution of fraud by
preserving freedom for the large majority of people. We
shouldn't sacrifice the privacy of 99 people because you might
catch one person that is going to commit fraud. I don't think
we sacrifice our ability to pursue fraud because there would be
ways of finding out if this person lied. But at the same time,
you don't want to penalize and assume somebody is guilty of
something and put a tremendous burden on them to follow so many
of these privacy laws and let the Government accumulate this
information.
I think the supposed benefit is not worth the sacrifice of
personal liberty.
Mr. Horn. My last question, and then I'll turn it over to
my colleague, Mr. Turner, your colleague from Texas.
The written testimony of some of the second panel witnesses
suggests adding a penalty section.
What is your view of that idea?
Mr. Paul. A penalty?
Mr. Horn. If you misuse the Social Security number, should
there be a penalty?
Mr. Paul. I certainly think there should be a penalty on
the U.S. Government when they misuse the Social Security
number. But we should just prohibit by law the abuse of the
Social Security number and then there would be--I think they
use it because they have been granted the authority to use it
and we encourage it. As we set up a new program, we are always
anxious. The Social Security number is great. So we literally
have it from cradle to grave now.
Are you thinking about a businessman misusing the Social
Security number?
Mr. Horn. Your bill, if it was put on the law books, do you
think there ought to be a penalty section to make sure that the
people obey that particular bill?
Mr. Paul. And you are referring to Government people?
Mr. Horn. I am referring to anybody who uses the Social
Security number, because I am assuming that is what you are
banning in your bill.
Mr. Paul. I hadn't thought about that, and maybe I am
overly optimistic that if we pass a law and say ``Thou shalt
not use the Social Security number,'' I would expect that we
wouldn't use the Social Security number. I would think that if
it were abused and the Social Security number was being forced
on a State or Congress kept passing these laws, I guess the
only penalty would be eventually at the polls. The American
people would have to invoke the penalty.
Right now, I think we are getting close to that point where
the American people are getting nervous about the invasion of
their privacy and it is an issue that they would like to hear
more about from us.
Mr. Horn. So you don't feel that a penalty section is
needed?
Mr. Paul. Well, at the moment, I don't. But I would have to
admit I haven't thought it through completely and I would
certainly be open to suggestions on that, if I could see the
need for it.
Mr. Horn. Well, I thank you and I now yield to the
gentleman from Texas, the ranking member here, Mr. Turner for
an opening statement as well as questioning the witness.
Mr. Turner. Thank you, Mr. Chairman.
Welcome, Mr. Paul, a fellow Texan. It is always good to
have Texans before our committee.
There is another bill that Mr. Kleczka has that would ban
the use of the Social Security number in both the public and
private sector. I know you addressed that in your opening
remarks, but expand on that a little bit. Why, if you fear the
use of the Social Security number by Government agencies
contributes to the invasion of our privacy, why wouldn't you
just tell the private sector they shouldn't use it as well?
Mr. Paul. Well, I deal with that but a little more
indirectly because if the private sector uses that number
mainly because we have made it convenient for them to use it
and we have mandated it too often when it comes to financial
records--I mean, we tell the banks what to do--and anytime we
do anything we put the pressure on them to use that number.
Then they accumulate the information and they are tempted to
sell it and do whatever.
I think the fact that we do get them to accumulate all this
information makes it much easier for identity theft. But I
don't think the answer to our problem is dealing with another
set of regulations on business people. Like last year when we
passed the banking legislation, we said that what we needed to
do was make sure that some of this information isn't
transferred within a certain corporation or closely in-line
corporation. But what that actually did was mandated more forms
to be filled out, which means there is more information
accumulated under the Social Security number.
I think the abuse in the private sector comes as a
secondary consequence. If we weren't using it so much, there
would be no reason for them to do it. But I don't see the
answer coming by just putting another constraint or another
form to be filled out by the private sector. I don't see that's
where the problem is.
Mr. Turner. So you think the private sector would just
slowly quit using the Social Security number? There are
obviously multitudes of records that have all of us identified
by our Social Security number.
Mr. Paul. If we didn't tie it all together, I think they
would lose their enthusiasm for using it. I don't see a
convenient way of saying--we could say it, but could you
imagine telling every individual that they are not allowed to
use it? That means that we would have more snooping to make
sure that nobody ever asked somebody for their Social Security
number.
But I think the abuse in this area should be dealt with on
a property rights issue, fraud issue, local issue, but not by
leaving the system in place and coming up with more of a rule.
And this is our temptation here, instead of looking at the
basic problem, we are more tempted to come in and set up more
rules and regulations on the private sector and not dealing
with the source of the problem, which was our carelessness in
allowing the universal identifier to be developed.
Although it is not admitted that it is here and we have had
a couple of victories like ``Know Your Customer''--that is
something I don't think too many of us supported and they
withdrew it. That was more banking regulations. As well, there
was the National I.D. Card Authority. We got that removed.
So we have minor victories, but I don't think overall we
have reversed the trend. The need for, the desire for, and the
so-called benefits of a universal identifier are very, very
strong. I think that is where the problem is and not with the
private sector participating in the use of a Social Security
number when they probably don't even need to.
Sometimes you wonder why so many businesses are always
asking you for these Social Security numbers, even when it's
not the law. But people have been so conditioned to do it. So
we have the Government mandating the encouragement, everybody
accepts the Social Security number, and then we have businesses
sort of jumping on.
So I think the solution is back to making sure that we do
not establish the principle of a national identifier. That is
what my bill deals with.
Mr. Turner. Have you been able to address the cost of the
abandonment of the use of the Social Security number by the
Federal Government agencies?
Mr. Paul. No, not directly. But I know the cost of not
doing it is very, very high in terms of privacy and individual
liberty, and that is the cost I am looking at because there is
such an intrusion as a cost-in that we facilitate
identification theft--so that cost is tremendous. How much the
cost would be if we continue with our same type of Federal
education programs and medical programs--if they had different
numbers, I am not sure there would be a tremendous increase in
cost on that. They would just have to come up with a different
number.
Mr. Turner. I guess there would also be some cost to State
governments, maybe even local governments that have come to
rely on the Social Security number.
Mr. Paul. They would have to quit relying on it.
In the State of Texas, you know that it is only recent that
we have had to give our Social Security number. It isn't on our
driver's license, but that is the direction that we were and
probably still are moving in, that every State will have a
universal driver's license with Social Security numbers. But we
are now required to give it even though it doesn't appear. So
there is the connection. The intertwining of being able to
monitor and know everything about everybody is the universal
identifier, which is the Social Security number.
I don't want any pressure--in fact, my bill deals with
this. We as a Congress cannot put pressure on the State to use
the Social Security number. Maybe your question is saying that
the State wants to. I think if we take away the incentive, the
pressure, and the mandates, they are less likely to.
Mr. Turner. We had a hearing just the other day in this
committee on a proposal by Representative Hutchinson to have a
study commission on the issue of privacy. I know we have
several bills that are moving through the Congress, some
regulations that have been proposed trying to protect our
privacy.
Do you feel that we can point to some specific abuses that
relate to the use of the Social Security number where our
privacy has been invaded? Do we have some specific examples on
a wider scale that might point out the scope of the problem
that you perceive to exist?
Mr. Paul. I don't think that would be difficult to find.
Certainly the notion that we have a medical data bank, and
assuming that there would never be a violation is almost too
much to believe. And we do know specifically that our
Government too often has abused records like FBI records and
IRS records and they were never to be used in the political
sense. Yet I think both administrations have been guilty of
abuse in using these records in a political sense.
I think people really are fearful of the Government having
their medical records. And we make no in-roads at all--we have
made in-roads on the National I.D. Card, but we have made no
progress at all in slowing up the National Medical Data Bank
with the Social Security number as the identifier.
I can't show you an example of how the Government has
abused that, but gut instinct tells us it is not a very good
idea and the American people don't want it. That I am sure of.
Mr. Turner. Of course, the medical records are by and large
in the private sector. Would there perhaps be some way to
center in on specific areas that are particularly sensitive,
like medical records and perhaps do something in that area
rather than just across the board?
Mr. Paul. But that really confuses the movement toward the
universal health care because we are moving in that direction
because so much is managed health care and HMOs. Once Medicare
starts paying for HMOs, they have to monitor it and they have
to make sure that patients don't abuse it, doctors don't abuse
it, hospitals don't abuse it. There is always the temptation to
abuse the system, so the argument will be that we have to be
able to monitor it.
They use the idea that we need this information because it
is good to study health. We get statistics and we can learn
more about medicine. There will be all these wonderful things
that they are going to do. So the odds of us developing a
medical care system that is being developed and be able to
maintain medical records, as I did for 30 years--my medical
records were in the office in a filing cabinet and that was it.
But now, when you get into the managed care system and the HMO,
they can march in and look at your medical records and find out
whether you have been abusing medical care. They will just go
through your file.
For efficiency sake, they want these files changed. If
somebody moves to New York, they don't want it the old-
fashioned way where you mail the records or the patient carries
them, they want HHS to have access to this and just transfer
these medical files. That is what is coming unless we are able
to stop this.
Even my bill doesn't deal with that overall problem as much
as it slows it up in that it wouldn't have the universal
identifier. I would like to address the medical care system in
this country, but that is not what this does. It just says that
if you are going to move in the direction of a single payer,
universal health care system in this country--which we are
moving rapidly toward--that they cannot use the Social Security
number so that they can do the matching up.
When people want to know about individuals and they have a
Social Security number, they can look up and find every piece
of property owned, what your bank account is, and what kind of
disease you have, it will undermine the practice of medicine
like you have never seen it. I have talked to other physicians
and the natural tendency is to not keep good medical records.
If somebody comes in and has controversial things to talk
about, the good doctor is not going to write it down because it
is not going to be private. We are moving in that direction.
And the other physicians in Congress have admitted that to me
already, that they have the same concerns.
Mr. Turner. Thank you, Mr. Chairman.
Mr. Horn. I just have one comment on this, and that is
numberitis. There is a very interesting editorial in the
Newark, NJ Star Ledger. The columnist and editorial board
notes: ``We are challenged to remember e-mail addresses, office
extension numbers, fax numbers, paging I.D.'s, PIN numbers, Web
site addresses. The other day I telephoned a greenhouse
manufacturer to buy some supplies. The service representative
wanted to know my customer identification number. I told the
woman I hadn't a clue. Then she asked for a serial number, but
I wasn't about to trot out to the greenhouse and copy it down.
Finally, she settled for my zip code and, bingo, I was able to
place my order. We must be given the third degree every time we
want to purchase something. Do we really have to?''
Then it goes on, ``In simpler times, all I had to know was
my Social Security number and a couple of phone numbers. Now my
head is so loaded with codes and personal identification
numbers that it is understandable why my memory bank crashes
from time to time. I am not a techie or a geek. Programming
isn't my strong suit. I have given up, for instance, the
notions that I will ever learn how to program a video recorder.
Besides, I have neither the time nor the inclination to sit
down and program numerical codes into, say, a palm pilot.''
So there are a lot of aspects of this and we appreciate you
coming here. Since my colleague, Mr. Turner, mentioned
Representative Kleczka's statement here, if you would like it
put in the record here at this point----
Mr. Turner. Yes, Mr. Chairman, Mr. Kleczka requested that
we include his statement in the record.
Mr. Horn. Without objection, his prepared statement will
appear in the record.
[The prepared statement of Hon. Jerry Kleczka follows:]
[GRAPHIC] [TIFF OMITTED] T1388.014
Mr. Horn. It is rather interesting. He has a bill in also
and his bill is H.R. 1450, which is the Personal Information
Privacy Act [PIPA]--we are getting just like the executive
bureaucracy here.
He said H.R. 1450 would allow credit headers to include
only names and addresses. The credit headers could include an
individual's telephone number only if it is already listed in
the phone book. Currently, information such as Social Security
numbers and mother's maiden names are available on credit
headers, which are not protected by the Fair Credit Reporting
Act. Under the FCRA, a person can purchase a credit report only
if they are making a firm offer of credit or insurance or if
they have the consumer's consent. Credit headers, which contain
the aforementioned sensitive information have no such
protections and may be purchased by anyone.
It is a very interesting bill, also. Have you had a chance
to look at that?
Mr. Paul. Not in great detail, but we have talked about it
and we testified in another committee on that. Jerry and I have
worked closely together because we have written a letter to the
clerk about why our Social Security numbers are on our voting
cards. So we can't even vote without Social Security number,
but most of us have not paid much attention to it.
They claim that they give us a chance to have it on or not,
which isn't exactly true. So maybe next go around everybody is
going to have to fill out a form on whether we want our Social
Security number on our voting card or not. Maybe if we don't
have a Social Security number we won't get to vote.
Mr. Horn. And they will probably ask us to put the Social
Security number on the form we fill out, right?
Mr. Paul. That's right.
Mr. Horn. Thank you so much for coming. You are going to
stimulate quite a discussion nationwide on this, I think. But I
think it is a worthwhile endeavor.
We will now go then to panel two. If Barbara Bovbjerg, Hon.
Fritz Streckewald, Charlotte Twight, and Robert Smith will come
forward, we will swear you in. If you have staff behind you
that will be possibly testifying, please have them stand up and
the clerk will take their names and we will have them affirm
the oath.
[Witnesses sworn.]
Mr. Horn. We have six people. The clerk will get the names
of those behind Dr. Twight.
We will start down the line with Ms. Bovbjerg, Associate
Director of Education, Workforce, and Income Security Issues
for the Health, Education, and Human Services Division of the
U.S. General Accounting Office, which is part of the
legislative branch and does a wonderful job in terms of both
programmatic analysis and fiscal analysis. We are glad to see
you.
STATEMENTS OF BARBARA BOVBJERG, ASSOCIATE DIRECTOR OF
EDUCATION, WORKFORCE, AND INCOME SECURITY ISSUES, HEALTH,
EDUCATION, AND HUMAN SERVICES DIVISION, U.S. GENERAL ACCOUNTING
OFFICE; FRITZ STRECKEWALD, ASSOCIATE COMMISSIONER FOR PROGRAM
BENEFITS, THE SOCIAL SECURITY ADMINISTRATION; CHARLOTTE TWIGHT,
PROFESSOR AND PRIVACY EXPERT, BOISE STATE UNIVERSITY; AND
ROBERT ELLIS SMITH, EDITOR, THE PRIVACY JOURNAL
Ms. Bovbjerg. Thank you. I am happy to be here.
Mr. Chairman and members of the subcommittee, I am really
pleased to be here today to discuss uses of the Social Security
number.
Mr. Horn. I should say one more thing.
We all have the written statement. We would like you to
summarize it in 5 minutes. If you need 10, we will get to that,
but go ahead.
Ms. Bovbjerg. I will make it in 5 minutes.
Almost 277 million Americans have been assigned a SSN, and
because each is unique to the individual, the SSN is frequently
used for a variety of purposes. Privacy concerns, coupled with
mounting instances of identity theft have raised public
sensitivity to this issue.
I would like to focus my remarks on three aspects of the
topic: the Federal role in the use of the SSN, State and
private sector use, and finally the possible impact of
restricting the number's use. My testimony is based on a report
we prepared in 1998.
First, the Federal role.
No single Federal law regulates the overall use of the SSN,
but several require its use to help enforce the law, determine
benefit eligibility, or both. For example, the Internal Revenue
Code requires that the SSN serve as the taxpayer identification
number. This means that taxpayers must report their SSN when
they pay taxes, and their SSNs must also be known to their
employers and financial institutions from whom they receive
income.
Federal law also requires individuals to provide their SSN
when they apply for means-tested benefits such as supplemental
security income, Medicaid, food stamps. The numbers are used
not only for recordkeeping but also to verify income that
individuals report.
For example, the Social Security Administration matches
records with other entities such as the Department of Veterans'
Affairs to identify SSI applicants who may also be receiving
other benefits, and does so by using the SSN as the unique
identifier. Federal law also requires States to use SSNs in
their child support enforcement programs, in issuing commercial
drivers' licenses, and on a variety of documents such as
marriage licenses and death certificates.
Federal law generally does not restrict SSN use, except in
a few instances. The Privacy Act of 1974 restricts Federal
agencies in collecting and disclosing personal information,
such as SSNs without the individual's consent. The Driver's
Protection Policy Act restricts State governments from
disseminating the SSN with drivers' license databases.
I would like to turn now to how SSNs are used outside the
Federal Government.
In our work, we focused on those users who reach the
largest number of people: State governments and, for the
private sector, businesses that offer health services,
financial services, or personal information.
State officials say they use SSNs in both administering
programs and in enforcing the law. For example, State tax
administrators routinely use the SSN as a primary identifier in
their tax systems and to cross-check taxpayer income. State
driver licensing agencies most typically use SSNs to check an
individual's driving record in other States. Law enforcement
agencies use SSNs to check criminal records.
In the private sector, the health care industry generally
uses SSNs as back-up identifiers. Other numbers serve as
primary identifiers for patient medical records. But SSNs are
needed to trace patients' medical care across providers or to
integrate patient records when providers merge.
Credit bureaus also use SSNs. Such organizations build
databases of consumer payments and credit transactions. Credit
bureaus use the SSN as a principal identifier for retrieving
credit histories on demand. Most of their customers--insurance
companies, collection agencies, credit grantors--provide a SSN
when requesting a credit history and can deny credit to
individuals who refuse to provide them.
In contrast to these administrative uses, businesses that
sell personal information collect SSNs for the sole purpose of
selling them in a linkage with other information. Generally,
these databases use SSNs to facilitate records searches when
they are sold to customers like debt collectors, employers,
anyone who may want to carry out some form of background check
on an individual.
Finally, I would like to summarize the possible effects of
restricting use of the SSN. Users told us that without the SSN
as a unique identifier, data exchanges would be at risk. Tax
enforcement would be hampered by not being able to verify
income reported. Stewardship of public benefit programs would
weaken. States could not readily identify drivers concealing
out-of-State traffic violations. Consumer credit histories
could not be quickly updated and accurately retrieved.
In conclusion, wide use of the SSN is permissible, but its
presence in databases creates privacy concerns and fosters the
growing problem of identity theft. In considering restrictions
on the use of the SSN, these privacy and confidentiality
concerns must be weighed against the Government's need for
timely and accurate information to prevent fraud and abuse and
against the public preference for services, like easy credit,
that are enhanced by the use of the SSN.
Mr. Chairman, that concludes my statement. I am available
for questions.
[The prepared statement of Ms. Bovbjerg follows:]
[GRAPHIC] [TIFF OMITTED] T1388.015
[GRAPHIC] [TIFF OMITTED] T1388.016
[GRAPHIC] [TIFF OMITTED] T1388.017
[GRAPHIC] [TIFF OMITTED] T1388.018
[GRAPHIC] [TIFF OMITTED] T1388.019
[GRAPHIC] [TIFF OMITTED] T1388.020
[GRAPHIC] [TIFF OMITTED] T1388.021
[GRAPHIC] [TIFF OMITTED] T1388.022
[GRAPHIC] [TIFF OMITTED] T1388.023
Mr. Horn. Thank you very much.
We now have our second witness, Hon. Fritz Streckewald,
Associate Commissioner for Program Benefits in the Social
Security Administration, which most know is an independent
agency that reports directly to the President.
Mr. Streckewald. Thank you, Mr. Chairman and members of the
subcommittee, for inviting the Social Security Administration
to testify on H.R. 220, the Freedom and Privacy Restoration Act
of 1999, a bill designed to limit the use of the Social
Security number [SSN].
I will submit my full statement for the record and
summarize my remarks.
At the outset, let me emphasize that SSA has always taken
its responsibility to protect the privacy of personal
information in agency files very seriously. For almost 65
years, SSA has honored its commitment to the American people to
maintain the confidentiality of the records in our possession.
We have longstanding and effective practices to maintain
individuals' privacy.
Initially, the only purpose of the SSN was to keep an
accurate record of the earnings covered under Social Security
and to pay benefits based on those earnings. The Social
Security card is a document SSA provides to show what SSN is
assigned to a particular individual.
In spite of the narrowly drawn purpose of the SSN, use of
the SSN as a convenient means of identifying people in records
systems has grown over the years in steps often taken for good
reasons, such as, in the public sector to help enforce laws,
protect the public treasury, and collect funds from delinquent
non-custodial parents.
My statement for the record summarizes how legislation
enacted over the years has expanded this use. While there are
concerns that expanded use of a SSN as an identifier can
compromise personal privacy, there are those that believe that
the public interest and economic benefits are well served by
these uses of a SSN.
For instance, all Federal benefit-paying agencies rely on
data matches to verify not only that the applicant is eligible
for benefits, but also to ensure that the benefit paid is
correct. The SSN is the key that facilitates the ability to
perform the matches. We actively participate in data matches to
ensure the accuracy of Federal and State benefit payments, to
verify whether applicants are eligible for benefits, to
undertake debt collection activities, and to safeguard program
integrity.
For example, our data matches with Federal, State, and
local prisons save the Social Security in the supplement
security income programs about $212 million annually and our
national matches of death records save about $240 million
annually. In addition, we verify SSN for employers to ensure
correct posting of wages and for other Federal benefit-paying
programs to help reduce their program costs.
The data matching process is highly efficient, especially
for programmatic benefits, which allows SSA to more quickly
determine continuing eligibility and to ensure correct payment
amount. SSA's estimated savings total about $700 million
annually from computer matches for the Social Security and SSI
programs and savings for other Federal, State, and local
programs total about $1.5 billion annually.
Mr. Chairman, SSA is very concerned that H.R. 220 would
severely limit our ability to perform data matches and would
restrict data exchanges which benefit the public. SSA and other
Federal, State, and local governments use these data exchanges
to ensure accurate payment of benefits and to verify
eligibility. Limitations or foreclosures of such data exchanges
would undermine SSA program integrity initiatives, cost about
$2.2 billion in lost savings to Federal, State, and local
government programs, and erode public confidence in SSA's
stewardship of the SSA programs.
Even though there are attempts to provide an exception for
Social Security use of the SSN, the language in the bill is not
clear as to whether SSNs could be used as the Social Security
claims number for benefits. It is also not clear as to whether
the exception would apply to the use of the SSN for SSI
purposes.
I understand that SSA's Inspector General, in a statement
he is providing for the record at this hearing, has many of the
same concerns about H.R. 220 that we have. We share
Representative Paul's concerns about the expanded use of the
SSN in every phase of society. However, at the same time, we
have an obligation to ensure that benefits are paid only to
eligible individuals and that the correct benefit is paid.
In conclusion, Mr. Chairman, by using data matching, SSA
and other benefit-paying agencies validate that the correct
amount is paid only for an eligible beneficiary. The expense of
trying to obtain information from other agencies without a
unique identifier would be prohibitive as well as labor
intensive. In addition, we must carefully weigh the balance
between protection of individual privacy rights and the
integrity of the Social Security programs.
We look forward to working with you to find the right
balance and I would be glad to answer any questions you may
have.
[The prepared statement of Mr. Streckewald follows:]
[GRAPHIC] [TIFF OMITTED] T1388.024
[GRAPHIC] [TIFF OMITTED] T1388.025
[GRAPHIC] [TIFF OMITTED] T1388.026
[GRAPHIC] [TIFF OMITTED] T1388.027
[GRAPHIC] [TIFF OMITTED] T1388.028
[GRAPHIC] [TIFF OMITTED] T1388.029
[GRAPHIC] [TIFF OMITTED] T1388.030
[GRAPHIC] [TIFF OMITTED] T1388.031
[GRAPHIC] [TIFF OMITTED] T1388.032
Mr. Horn. Thank you for that statement.
Now we lean to a scholar in the field on this subject, and
that is Dr. Charlotte Twight, the professor and privacy expert,
Boise State University.
Welcome.
Ms. Twight. Thank you.
Good afternoon, Chairman Horn and members of the
subcommittee. Thank you very much for inviting me to testify
today.
In addition to my written statement, I also request that a
copy of my article entitled, ``Watching You: Systematic Federal
Surveillance of Ordinary Americans,'' distributed last November
to each Member of the House by Congressman Ron Paul, be
included in the hearing record.
Mr. Horn. Without objection, the referenced article will
appear in the record.
Ms. Twight. Thank you.
I strongly support the spirit and the purpose of H.R. 220.
My research suggests that without new measures such as H.R. 220
that significantly roll back the Federal quest for centralized
information about American citizens, programs currently
underway will inexorably tighten Federal monitoring and
therefore control of American citizens.
Today the Social Security number [SSN], has become the key
to detailed Government portraiture of our private lives.
federally mandated SSN-linked databases now incorporate
detailed information on every individual's employment, medical
history, educational experiences, and finances, right down to
each check that every person writes. Even the Secretary of
Health and Human Services now describes American SSNs as a de
facto individual or personal identifier.
SSNs were not supposed to be used in this fashion. They
were supposed to be mere account numbers denoting an
individual's old-age insurance account within the Social
Security program. But expansion of SSN use came quickly.
President Franklin D. Roosevelt began in 1943 by requiring all
Federal departments and agencies that wanted to create records
identifying individuals to utilize exclusively the Social
Security account numbers.
But the full impact of Roosevelt's order was not felt until
the 1960's when gradual computerization made SSN-based record
systems increasingly appealing. The IRS began using SSNs as
taxpayer identification numbers in 1962. The SSN became the
Medicare identifier in the 1960's. And thereafter SSN use
spread unabated.
As William Minor, writing the Columbia Journal of Law and
Social Programs, described it: ``By the 1970's, the SSN
floodgates had opened fully. Congress in 1972 amended the
Social Security Act to require the use of SSNs for identifying
legally admitted aliens and anyone applying for Federal
benefits. In the following years, additional legislation
required the SSN for the identification of those eligible to
receive Medicaid, AFDC benefits, food stamps, school lunch
programs, and Federal loans.''
Moreover, the 1970's Bank Secrecy Act required all
financial institutions to identify customers by SSNs and
preserve detailed records of their customers' personal checks
and other financial transactions.
The Privacy Act of 1974 did not stop the flood.
Incrementalist policies continued to advance SSN use, as
illustrated by the gradual introduction of requirements for
Social Security numbers for young children. For approximately
50 years of the Social Security program, one did not acquire a
Social Security number until beginning one's first job, usually
around age 16. Today, as you know, every child must acquire a
SSN at birth or shortly thereafter. That process culminated in
1996 when Congress passed a requirement that a SSN must be
presented for anyone of any age claimed on Federal tax forms as
a dependent.
In addition, as part of the 1996 Welfare Reform Act, the
Federal Government mandated creation of a SSN-based Directory
of New Hires at both the national and State level, covering
every working individual in America who enters the work force
or changes jobs. Privacy concerns raised by these developments
are further magnified by recent Federal commitment to establish
a national electronic database tracking each person's personal
medical history and new Federal powers to track every child's
educational experiences through a variety of Federal entities.
My research indicates that unless H.R. 220 or similar
legislation is passed, the coordinated Government effort now
underway to require even greater use of SSNs will further
centralize Federal monitoring of all American citizens. This
effort includes Federal mandates governing State drivers'
licenses and birth certificates, Federal work authorization
databases, Federal development of a unique health identifier
for each American, Federal implementation of expanded education
databases, and finally Federal development and issuance of new
tamper-resistant Social Security cards, perhaps with biometric
identifiers, viewed by many as a precursor of the long-feared
national identity card.
Moreover, with the SSN now at the heart of a vast array of
Government databases, linkage of those separate databases
occurs routinely despite periodic statutory lip-service to
individual privacy.
Against this backdrop, H.R. 220, in my view, is an
important step in the right direction. It would repeal many of
the privacy-eroding uses of SSNs that I have described this
afternoon. I have made several specific suggestions in my
written statement aimed at closing some loopholes that may
exist in the bill's present language.
In my view, we are at a crossroads. Today, many people are
so accustomed to massive Government monitoring of their lives
that all too often they ask, why should people worry about
Government monitoring if they haven't done anything wrong? That
current and prospective levels of Federal monitoring of
American citizens are incompatible with the ideas of freedom
upon which this country was founded never crosses their minds.
Pervasive Government extraction of personal data, stored
and linked via compulsory use of SSNs, is today's reality. The
threat to privacy is clear. And in the absence of privacy,
political and economic freedom cannot long endure. The
restrictions contained in H.R. 220 represent our first real
chance to counteract the erosion of privacy that has taken
place through the burgeoning use of SSNs.
In supporting H.R. 220, however, let us not forget that the
ultimate solution to the existing Government threat to personal
privacy is restricting the power of Government to interfere in
people's lives. The quest for information about private
citizens, after all, is a byproduct of the vast substantive
powers now wielded by the Federal Government. Dr. Richard Sobel
of Harvard Law School has stated that centralized information
is centralized power. I would add that the converse is also
true: with today's technology, centralized power is centralized
information. With its fine existing provisions and the
modifications I have suggested in my written statement, H.R.
220 perhaps can be a first step in reducing both centralized
information and centralized power.
Thank you very much.
[The prepared statement of Ms. Twight follows:]
[GRAPHIC] [TIFF OMITTED] T1388.033
[GRAPHIC] [TIFF OMITTED] T1388.034
[GRAPHIC] [TIFF OMITTED] T1388.035
[GRAPHIC] [TIFF OMITTED] T1388.036
[GRAPHIC] [TIFF OMITTED] T1388.037
[GRAPHIC] [TIFF OMITTED] T1388.038
Mr. Horn. Thank you very much. That is very helpful and we
will have further dialog on some of that you have mentioned.
Mr. Smith--Robert Ellis Smith--is editor of the Privacy
Journal. We are glad to have you here.
Mr. Smith. Thank you, sir.
We have really worked ourselves into an illogical
situation, I think, in our country where we are relying on the
Social Security number as an authenticator of a person's true
identity, yet it is no longer a private number. Either we have
to rely less on that number as an authenticator, or we have to
find a way to make it a confidential bit of information. Doing
the latter is going to be highly unlikely and very difficult.
Congress contributed a lot to this dilemma; so I think it
has a burden to come up with a solution. This bill, H.R. 220,
is really commendable for its brevity and its simplicity.
I would like to do two things in my testimony: show that
the bill will not be disruptive to governmental agencies and
outline some of the objections that people have to being
enumerated. Mostly people have said that they object to Social
Security use because of ``privacy,'' but I think the concerns
are deeper than that.
First, universal identification, whether it is de facto as
we are close to having now or whether it is required by law,
simply gives too much discretion to those who are in authority
to demand that one's papers be in order. That is the kind of
domestic passport that we have disparaged in South Africa and
eastern Europe.
Second, being known as a number, not a name, is
dehumanizing and we pay a big price for that. When people feel
that they are dehumanized, it makes brutality, violence, and
criminality a lot easier to do. The best place to look is in a
prison, which is a dehumanizing environment because a person is
not known by the name of his or her choice.
We should also look to prisons for another lesson, too.
That is an environment where everybody is positively identified
by number and name, yet they are certainly environments of
criminality, fraud, and other behaviors for other reasons that
we are all aware of.
Look also to the military, where everybody is positively
identified by name and by number. I am sure the incident of
criminality, fraud, and the like is roughly equivalent to what
it is in the non-military world.
Next, many Americans have a fundamental religious objection
to being enumerated that goes back deep in our history. I have
just completed a book about the history of privacy in the
United States and found that this goes back to colonial times
and contributed to many of the early objections to census-
taking.
Next we should realize that assigning surnames and
assigning numbers to people has really been a means of social
control throughout the history of not only this Nation but
other countries as well. In fact, the introduction of surnames
was a governmental invention, not a family invention.
I believe that the need to carry a Government I.D., which
is what we are moving toward, would really remove the
spontaneity of American life, the intellectual risk-taking, the
informality that other cultures have come to envy in the United
States. Since the 1990's, there have been very compelling,
pragmatic reasons to why we have to protect Social Security
numbers, and that is the epidemic of identity theft. And I use
that term intentionally. It has become an epidemic. The spigot
for Social Security number availability on the Internet and
through so-called information brokers has been the ``header
information'' phenomenon that you described.
Representative Paul's bill and Representative Kleczka's
bill, taken together, would really chop the phenomenon of
identity theft roughly in half. And that is the reduction in
fraud that we should realize. We think of abandoning Social
Security numbers as an invitation to increase fraudulent
activity. In fact, it will have the opposite effect, I believe,
and cut down on identity fraud.
Mr. Turner asked for victims. There are probably thousands
of victims now of identity theft, including the former chairman
of the Joint Chiefs of Staff and the present president of the
Associated Press, both of whom were subject to identity fraud
solely because a stranger got a hold of their Social Security
numbers, something that would not have happened without this
header information phenomenon that you outlined.
I would like to talk about some of the alternatives to
Social Security numbers. There are lots of organizations that
do quite well without using either Social Security numbers or
any numbers whatsoever.
Back in the 1970's, IBM discontinued using a Social
Security number as an employee identification number. They do
use it for payroll purposes. Now, by law, higher education
institutions in both Wisconsin and Arizona are prohibited from
using the Social Security number as a student identification
number. Stanford University, for instance, has used a unique
number for many years without the Social Security number.
And the largest collector of information in the whole
world, the Church of Jesus Christ of Latter Day Saints, does
not use the Social Security number at all. It was once
suggested to me that we should look to genealogists to try to
figure out ways to keep track of people accurately without
Social Security numbers because for most of that database there
are no Social Security numbers.
Congress can help a lot by pushing the Government to look
toward biometric identifying devices. This is essentially the
matching of a physical aspect of a person to prove his or her
identity positively. It would do away with the need for
numerical identification, do away with a lot of personal
information, intrusive forms--no more mother's maiden name,
none of that--and I think it would be a much more less
intrusive way of establishing identity, if it is done
correctly.
And we shouldn't worry that Americans can't tolerate more
than one identity number. Canadians for many years have had
both the health identifying number and a social insurance
number.
A couple of suggestions for the bill--and I am about to
conclude--one is that State tax authorities ought to be
authorized to use the Social Security number. That is a
compatible purpose with the purpose for which it was originally
submitted as a Federal taxpayer identification.
Second, I would hope that this bill would make clear that
nothing can compel a family to require that a child 16 years or
younger must be enumerated. There are lots of coercive
requirements in the Government to make this necessary. Now we
have in the United States something that all of us thought
would never happen: an enumeration requirement from birth. The
Internal Revenue Service requires that in order to get a credit
or deduction for a dependent, one must produce a Social
Security number, even if that is an infant. And if the family
happens to be on public assistance, there is a requirement that
they have a Social Security number from birth so that many
nurses in maternity wards now say they don't care about the
name of the child, they simply want a Social Security number so
that they can complete their paperwork.
Many people, like myself, simply have to do without the
deduction because I am not about to decide for my children that
they should be enumerated before they can do that on their own.
And I don't think that ought to be necessary. I think we ought
to have a prohibition against requiring children under the age
of 16 from being enumerated.
Thank you.
[The prepared statement of Mr. Smith follows:]
[GRAPHIC] [TIFF OMITTED] T1388.039
[GRAPHIC] [TIFF OMITTED] T1388.040
[GRAPHIC] [TIFF OMITTED] T1388.041
[GRAPHIC] [TIFF OMITTED] T1388.042
[GRAPHIC] [TIFF OMITTED] T1388.043
Mr. Horn. Thank you.
We will now proceed to some of the questions we have. Mr.
Turner and I will divide it 10 minutes on a side each.
Let me start with the representative from the General
Accounting Office.
You mentioned that most of the States give people the
option of having another identifier on the drivers' licenses.
How effective has that been in giving citizens added protection
against fraud?
Ms. Bovbjerg. If I said most, I want to correct that
because I am not sure that that is true. Some States do give
people the option of having another number. And this is sort of
an emerging position on the part of the States. We haven't
assessed how extensive it is.
I think it is everyone's hope that not having it on your
driver's license does help protect you from cashing a check and
having someone take that number.
Mr. Horn. Has the separate identifier made it tougher for
the Division of Motor Vehicles to keep track of the drivers?
Ms. Bovbjerg. That is among the many things we don't know
about this.
Most States keep the Social Security number in some way,
either on the license or they have linked it to this separate
identity number for data matching with other States.
Mr. Horn. What is your judgment as to different
alternatives of numbers that aren't the Social Security number?
Is it just each person in an agency, or an agency and its
personnel to start their own numbering system? What does GAO
see as the relevant alternatives?
Ms. Bovbjerg. When I think about a system where each
Federal program has a different system of numbering, one of the
things I am concerned about is how you carry out your program
stewardship responsibilities as the Federal Government. As the
Social Security Administration stated earlier, there are a
number of programs where data exchanges with other agencies
help verify program eligibility or the level of benefit
eligibility that people have. Without that, you are relying on
self-reported information. Surely the overpayment cost would
rise in such a situation.
Mr. Horn. But say--and this is a true situation--in my
district there is a house in which 20 different people live and
they all have the same name. How do you separate that out? And
should you? And does it matter?
Ms. Bovbjerg. I think that it matters for certain types of
uses. It matters to me, for example. My name didn't used to be
so complicated. My name used to be Davis. And it mattered to me
that I had a lot of difficulty cashing a check because I was
constantly confused with all these Barbara Davises bouncing
checks. So it might matter to an individual.
But that might differ among individuals as to how
inconvenient that is. It matters a great deal to certain
Federal programs that you have a unique identifier for an
individual so that you can assign--in Social Security's case--
their earnings to their account. In the IRS case, so you know
they are paying their taxes and you are not looking at tax
avoidance on the part of the wrong person.
There are a number of other Federal programs--I think we
mentioned Pell grants earlier and student loans are another
example.
Mr. Horn. This is an actual case. In the Eisenhower
administration they were putting together a delegation to go to
the International Labor Agency in Geneva. We found that people
had exactly the same name, born in the same city in the State
of New York, and had gone to school at the same time, and the
interesting thing was that one was a communist and one wasn't.
And yet that person who wasn't was going to be bounced because
of this communist file, etc. And it wasn't somebody duplicating
files or anything, it is just sheer chance.
So how do we solve that if we don't have something like a
Social Security number that might help us differentiate between
these people?
Ms. Bovbjerg. One of the things we have thought about--and
we were thinking particularly of the private sector and less of
the Federal Government-- is that it would make their jobs
harder if they couldn't use a unique identifier. But it does
not make their jobs impossible. Now I am getting into a
technological area that I can't go very far into, but then
could we relational databases where you can look at a number of
fields and, by combining them, create a unique identifier. But
I am not sure that that is a comfort if the concern is
protecting privacy and keeping personal information from being
disseminated widely.
I think that in the private sector an inability to use the
Social Security number will make things harder. It won't be as
convenient for businesses. But they won't go out of business.
There will be a way to figure out how to identify one Barbara
Davis from another.
Mr. Horn. Would any of you like to comment on these
questions and the answers? Does Social Security have a view on
this?
Mr. Streckewald. We are in agreement that without a unique
identifier--as far as we know the Social Security number is the
only unique identifier that is widely used--it is very easy to
confuse John L. Smith of Lincoln Avenue with John L. Smith of
Lincoln Boulevard. And for a lot of purposes--not only that you
don't want Mr. Smith's credit on your credit account if you're
not him--but also to make sure that we pay the right people. We
agree that it would be very difficult.
The relational databases she is mentioning are feasible,
but I think in the end they tend to do the same thing. You have
to connect them so that you know who you're dealing with.
Mr. Horn. Any thoughts on this, Dr. Twight?
Ms. Twight. One thought that I have is that when we are
trying to weigh these things out, we are always going to have
difficulty because the increased administrative costs
associated with doing something other than having the Social
Security number used as the all-purpose identification--those
administrative costs are tangible and measurable.
The costs on the other side, in terms of loss of personal
privacy, freedoms--those sorts of things, loss of personal
autonomy--are by definition intangible and hard to measure. So
I think that is an important thing to keep in mind when we are
trying to balance these things out.
Mr. Horn. Mr. Smith.
Mr. Smith. Historically, the Social Security Administration
has had to deal with people who are using duplicate Social
Security numbers and there are many people using more than one
Social Security numbers. There are tie breakers, in the case of
this home in California. There are--as the witness from GAO
said--now techniques that we have that incorporate other
aspects of a person's identity that we can use.
Nothing in Representative Paul's bill, first of all,
prohibits the Social Security Administration from continuing to
use that number. Nothing prohibits any Federal agency from
using a unique identifier. What is prohibited is that they
can't use the same one. I think that is doable.
Mr. Horn. How about having a modern type of reader for
one's hands or fingerprints or whatever, but something so that
when you go into a light there that apparently differentiates
people. Presumably, then, the only people who might have it is
your bank or something else. But it wouldn't be something that
other people are likely to have without--it's hard to change
your fingerprint.
Mr. Smith. Exactly. And that is biometrics. And one of the
values of it is that it tells only who you are. It tells
nothing more about you. It doesn't tell how many kids you have
or what you like to do at home. If implemented properly, it
could be a less intrusive technique for establishing identity.
What we don't know at this point is the reliability rate.
Most of them are no more than 60 to 70 percent as reliable as a
fingerprint. Second, the real danger is that we will be tempted
to use a DNA sample as the identifier, and that is an aspect
that tells more about you than your identity. It will take in
diseases and predilections for certain problems in the work
place which could be extremely discriminating to people.
If it is implemented properly, I think biometrics is the
less intrusive way to establish identity.
Mr. Horn. Any other reaction to that? Is biometrics----
Mr. Streckewald. Mr. Chairman, for Social Security
purposes, the Social Security number works very well. As long
as we continually look to tighten our enumeration process, we
feel that for Social Security purposes, for posting wages, for
doing data matches with other Federal, State, and local
governments that the Social Security number works fine. We are
in the process of implementing recommendatins contained in a
recent Inspector General report. And at this point, there is no
need for biometrics.
The Social Security number was not meant to be an
identifier. It only says that there is a number that relates to
this person. It doesn't prove identity. Say that this person in
front of you is necessarily that person. We use it for
recordkeeping.
Mr. Horn. And you don't see any biometric that you could
use?
Mr. Streckewald. We haven't fully explored that yet.
Mr. Horn. Does GAO know about other Government agencies
exploring that?
Ms. Bovbjerg. I don't. That would be something I could get
back to you on.
Mr. Horn. If you would, I would appreciate it because I
know I have looked at some of that equipment in various places
and it could be used by Customs, Immigration, and so forth.
Ms. Bovbjerg. I know that HHS has looked at the possibility
of Biometric Identifiers for purposes of the unique health
identifier. That is one of the things listed in the report they
came out with a while back. And I think that there are some
questions and difficulties in terms of how much of a threat to
personal privacy that will actually represent. I am not as
sanguine about it as some of my colleagues here at the table.
Mr. Horn. Thank you for that comment.
I now yield 11 minutes to my colleague from Texas, the
ranking member, Mr. Turner.
Mr. Turner. Thank you, Mr. Chairman.
I need some help on how you can calculate the cost of a
piece of legislation like this. Obviously, if you're going to
force the Federal agencies to abandon the use of the Social
Security number, they are going to replace it with some other
number. And I suppose that if you are against using an
identifier, you might be against using any number. But I guess
the problem I see is trying to figure out how you would
accomplish this and at what cost would it incur.
Do any of you have any suggestions? Has GAO looked at this
to see if there is any way you can estimate the cost of a bill
like this?
Ms. Bovbjerg. Well, often we will ask CBO to do it.
But in this case I presumed that the bill prevents the
Federal Government from coming up with any kind of replacement
for a unique identifier. In considering the cost of the bill, I
was actually thinking less about administrative costs than
about the overpayment cost or the inability to collect on debt
owed the Federal Government. And I think Dr. Streckewald has
some figures on what Social Security and other agencies get
from the current data matches they do. The cost could be
something in that order of magnitude.
Mr. Turner. What information do you have, Dr. Streckewald?
Mr. Streckewald. Mr. Streckewald--thanks, though.
[Laughter.]
Yes, that is how we have looked at this. We have no idea
what it would cost to manually match notices. But we do know
what we save from data matches.
Social Security is both the recipient and the source of
numerous data matches. We save about $350 million a year from
Title II data matches that we sent out daily to other agencies
to verify income sources that Title II beneficiaries have. And
we save about $350 million there.
We save another $325 million from the SSI Program doing the
same thing, sending out data and getting it verified. We have
been heard and there have been estimates within the agency that
about $1.5 billion a year are saved by the State, local, and
Federal Governments that send us information to verify and we
verify the Social Security amount.
So there is a lot of money involved, $2.2 billion total
just in the matches.
We are also concerned about our ability to collect debt.
There are three tools that we use that we think this bill may
jeopardize: the tax refund offset, which we use to offset
refunds if people get to pay back their overpayments; the
treasury offset program, which is broader than just going to
tax refunds; and then referring or reporting to credit bureaus
delinquent debt.
In 1999, we collected $84.4 million using these techniques
and we aren't sure if they would be available to us in the
passage of this bill.
Mr. Turner. Mr. Smith, wouldn't there be some way to
continue to use the Social Security number because so many
businesses are using it, and so many Government agencies are
using it--but in areas where we want to be sure we protect
access to the data that is identified by the Social Security
number, we add some additional number as a part of the Social
Security number--would that be helpful rather than simply
abandoning the use of the Social Security number?
Mr. Smith. I don't think this bill does abandon the use of
it. It seems to me it coerces Federal agencies to use different
identifying numbers.
A couple of ways, if you find the costs are too much--
simply giving an option, the way the Privacy Act does, that an
individual may not be declined benefits because of a refusal to
give a Social Security number. Perhaps for 10 percent of your
database you are going to have people with other nine-digit
numbers assigned at random. I don't think that is unduly
costly.
Another way, possibly, is to fix the language in the
current bill that says you can't use a derivative of a Social
Security number. Just using the last four digits with other
randomly assigned numbers, Federal agencies can use it as a
tie-breaker and can establish identity without sacrificing
privacy. Agencies ought to look into that, too. That is another
very real possibility.
Among the savings in cost will be a reduction in identity
theft by 50 percent. That is mostly a private sector cost, but
it's growing more and more. And you will save money from a lot
of false matches. The Veterans' Administration finds a lot of
false matches when they run a match based on a Social Security
number. People quite often misstate one digit and that gives
you a false match. And that is a very costly process to unravel
that. So you will save that money as well.
Mr. Turner. The first suggestion you made was basically to
give an individual the option of whether they use the Social
Security number.
Mr. Smith. Yes.
Mr. Turner. I can understand from an individual's
perspective that that gives that person the option of trying,
in that way, to preserve their privacy. But it seems like we
ought to be dealing with this issue on a little broader basis.
If it is important to protect the privacy of one person, it
seems that it ought to be important to protect the privacy of
all. So just to say that you are going to give people the
option--which I would think would create a lot of confusion
within the various agencies for people who say they don't want
their Social Security number used--that you would be better off
approaching this problem and being sure you are trying to
institute and create ways to protect the privacy of everyone.
Mr. Smith. You would protect the privacy of everyone if the
option is available and it says in the law that you need not
present the Social Security number if you wish not to. That
would establish for a lot of people the right to say no, which
is essentially what they want. So it is not tailor-made just
for a tiny few individuals. It is really how the Privacy Act
provision on Social Security numbers was intended to work.
I recommend this only as an alternative. If it turns out
that this is going to be an extremely costly endeavor--I don't
think it is going to be a costly endeavor.
For instance, the State of Maryland manages all their motor
vehicle records with no Social Security number at all. They use
some of these modern techniques that I speak of.
Now, to convert to some of these other techniques--one of
these is Soundex--there is going to be a cost, but I think the
Federal Government is going to face that eventually. They are
going to have to convert to those other identifiers because we
can no longer rely on a system that relies on a Social Security
number to authenticate your true identity and yet makes that
number a public number. That just doesn't make sense.
Mr. Turner. Thank you.
Thank you, Mr. Chairman.
Mr. Horn. I just have a few questions to pursue, and here
is one of them.
How does the Government account for people who refuse the
Social Security number with regard to retirement benefits and
Government services? What do we do on that?
Mr. Streckewald. Social Security requires that you give us
your Social Security number in order to receive benefits.
Mr. Horn. Do you know if private pension systems use that?
Mr. Streckewald. I don't.
Mr. Horn. Did GAO look at that?
Ms. Bovbjerg. I believe that private pension systems would
have to use it because of the tax affiliation. Private pensions
are one of our largest tax expenditures.
Mr. Horn. Are you aware to what degree, say, IRS has
problems with the members that don't have any Social Security
number? Is that a problem with IRS?
Ms. Bovbjerg. It would be a problem not to have one, but I
don't know what the extent of that problem is.
Mr. Horn. And then those that serve in the military, of
course, does their dog tag include the Social Security number?
Or do they just have their own?
I see nodding heads that they use their Social Security
number.
Explain to me a little bit, Mr. Smith, the Soundex personal
identification searcher. How does that work?
Mr. Smith. Well, the way I understand it, it incorporates
other factors in a person's name, address, birth date, even
occupation, and makes it into essentially a digital formula. It
can also be altered over time because one's address may change
with time. It is, what I would call, a covert number. I never
see it. It is simply a formula that identifies me. Whenever I
present myself at an agency, they use the same algorithm to
identify me.
The beauty of it is that when you have an applicant in
front of you with name and perhaps birth date and address, you
can retrieve the 10 or 12 closest matches and then either the
computer or the individual can choose precisely the match you
are looking for. You can't do that with a Social Security
number. If a person is one digit off, you aren't going to get a
match.
So I think these modern techniques are more reliable in
getting matches.
Mr. Horn. When we are talking about maybe rolling back the
use of the Social Security number, is there any rational way
you can think of to peel it back? And if so, where would you
start, besides the Government?
Mr. Smith. I would say it may be used only for Social
Security purposes, its original intent, and tax purposes. One
of the logics is chronological. Those were the first two. They
were both established by law, not by Executive order or
bureaucratic happenstance. They are closely allied purposes.
They also now have become extremely ingrained and to stop those
would be extremely disruptive. It would not be as disruptive to
discontinue some of the other uses that have taken hold since
the 1960's.
Mr. Horn. Any other thoughts on that and how we peel it
back and which ones don't really need the number or could
figure out another way to have a number of their own origin?
Have you taken a look at that, Dr. Twight?
Ms. Twight. I agree with what Mr. Smith said.
Mr. Smith. I think you identified the difficult question
and that is Medicare. I am not prepared to answer that one.
That is a tough one.
Mr. Horn. Especially when we think there is $30 billion of
fraud there.
Mr. Smith. Well, it is so closely allied with the Social
Security system as well.
Mr. Horn. Exactly. There are interchanges there with
Medicare and Social Security still?
Mr. Streckewald. Yes, as far as I know.
Mr. Horn. Because they are under HHS and you're
independent, you're still talking to each other?
Mr. Streckewald. We sure are. We actually have some data
matches with them, too.
Mr. Horn. What does GAO think about the peel back movement?
Where would you start?
Ms. Bovbjerg. Well, when you were asking this, I was
thinking--and I can tell you the exact name of the law in a
minute--the Drivers' Privacy Protection Act seemed to have the
potential to make some difference. That was just upheld by the
Supreme Court a couple of months ago. It prohibits States from
disclosing Social Security numbers for purposes like surveys,
marketing, solicitation. They can no longer sell them as part
of their motor vehicle drivers' license database without the
express consent of the individual.
And it is too early to know whether that makes a
difference, but it is data sets like that or birth certificates
and things like that where the private sector sellers of
personal information get the information that they sell.
Mr. Horn. Well, that's helpful and we will be asking other
panels as to where they think they can peel this thing back a
little bit and just not have everybody find out everybody
else's Social Security number because it is getting to be
pretty open.
In your survey, did a number of Federal agencies say they
were using any individual identifiers or were thinking about it
or what?
Ms. Bovbjerg. When we did our survey, we actually talked to
States and private sector users. We didn't talk to Federal
users in the same way. We talked more about what the laws
require and what the restrictions were. So we didn't ask that
question. Now that you're having this hearing, we wish that we
had.
Mr. Horn. What about the States? We can look at them as a
prototype of us. We are just a little bigger up here.
Ms. Bovbjerg. The States said that they would have trouble
not using the Social Security number. A particular place is
State taxes because they link their information to Federal tax
information, Federal income information to try to do
verification. They mentioned law enforcement as being an issue
for them. I think in motor vehicles they would like to continue
to use the number. They are still required to use the number
for the commercial driver's license. But I think that was less
of a concern to them than the law enforcement and tax
enforcement areas.
Mr. Horn. Has any scholar ever done a book on what the
Government was like before 1936 in terms of identifying people?
Ms. Twight. Not that I am aware of.
Mr. Horn. It seems to me that would be a pretty interesting
Ph.D. dissertation.
Mr. Smith. Prior to 1935, very few people had a contact
with the Federal Government so there weren't that many
databases.
Mr. Horn. And that is one good reason why they didn't have
it. It was a simpler world.
People cite technology as one of the vital factors in
identifying theft and fraud. I am the author of the Debt
Collection Act of 1996 and I have a letter here now from the
general counsel of the Department of Treasury as to what the
effect of Mr. Paul's bill would have on a lot of things such as
debt collection. And that would bother me because there are a
lot of people who are just chiselling the taxpayers. That is
what got me started in that little endeavor.
A guy got a loan from the Farmer's Home Loan crowd and has
this great ranch up in Sonoma County and then he defaults and
they give him another loan to live in Santa Barbara, which is a
rather pricey place, and there we are. We don't think the
taxpayers' money should go that way.
Mr. Smith. I would like to point out that characters like
that also know to use different Social Security numbers; so we
shouldn't rely on that number to catch crooks.
Mr. Horn. Before the technological revolution, personal
information like Social Security would take an investigator
weeks to obtain because none of the information was
centralized. This is no longer the case. Information is in one
central location or just a few keystrokes away.
Do you feel that is a realistic summation of the problem?
That is just too easy now to find out so easily about people?
Mr. Smith. Yes, definitely. The data systems are built and
then privacy is an afterthought. Security is an afterthought,
too.
Mr. Horn. Do you think it would be more effective to boost
internal security on the distribution of the national
identifier by Federal, State, and local agencies? Or what would
you do to sort of limit that?
Mr. Smith. When you have six to a dozen States that display
it on the face of the license, I think the damage is done. You
cannot put the Social Security number back into a confidential
box, I am afraid. That is why a new identifier might have that
potential. It could be truly a confidential bit of information
that only the bearer would know.
Mr. Horn. Does anybody else have a comment on that
approach?
Dr. Twight.
Ms. Twight. I have a general comment. I wanted to share
just two sentences from legal scholar, Paul Schwartz, who was
writing in the Hastings Law Journal, ``Personal information can
be shared to develop a basis for trust, but the mandatory
disclosure of personal information can have a destructive
effect on human independence.''
And he went on, ``Totalitarian regimes have already
demonstrated the fragility of the human capacity for autonomy.
The effectiveness of these regimes in rendering adults as
helpless as children is in large part a product of the
uncertainty they instill regarding their use of personal
information.''
And then in the very next paragraph, he talks about how
that has occurred in America to some degree, how people in
America no longer know how their information is going to be
used. And with these universal identifiers that we see
represented now in the form of the Social Security number--it
creates a lot of pressure for conformity that perhaps would not
otherwise exist.
Mr. Horn. Any other comments?
Mr. Streckewald. Mr. Chairman, I would like to respond to
Mr. Smith's comment about systems being built without security
in mind.
As you consider this bill, you need to also consider that
Congress has seen fit to pass several laws that address this
issue. The Computer Matching and Privacy Protection Act has a
number of safeguards built into data matches, the type of
things that are in question here. We have to specify the
purpose of the match in a memorandum of understanding. We have
to verify the information we derive from the match prior to
acting on it. So we cannot lower someone's check just because
the data match tells us that without verifying it.
We have to give the person an opportunity to contest the
information. We have to have security procedures in place to
protect the data, and we have to strictly limit redisclosure.
Social Security takes that even further. We personally go
onsite and visit every agency that we share data with or from
whom we get data to make sure that they have the security
procedures in place and are capable of following this law.
Mr. Smith. I would like to comment that that proves my
point. Computer matching began in 1976 and 1977 and the bill
came much later than that, in 1988. I was there at the
creation. So first came matching and after came the security
precautions.
Ms. Bovbjerg. I just have a couple of thoughts. One is that
we have kind of been assuming that people's Social Security
numbers are used entirely without their involvement. And it has
been our observation that people freely give out their Social
Security number. I don't think people think about it very much
anymore. It is difficult to keep such a thing confidential when
people at various retail outlets ask for it and people give it
to them.
The other thing I wanted to respond to is the idea of a new
number that would be kept confidential. First, we would have to
do a better job than we have done with people and how they
safeguard their Social Security number. But my mind reeled as I
thought of the prospect of how the Federal Government would
actually accomplish this in any reasonable period of time--277
million people being re-enumerated. So there would be an
administrative cost I would be concerned about.
Mr. Horn. But nobody has given us any. Does GAO want to
make some guesses as to what the cost would be one way or the
other?
Ms. Bovbjerg. We never guess at GAO. [Laughter.]
But I can tell you that anytime you do anything at the
Social Security Administration that affects all cardholders, it
costs a huge amount. We talked a year or so ago about the
counterfeit-proof card and what it would cost to create such a
thing. And the range was something like $4 billion to $10
billion. And that is because anytime you do anything for 277
million people, it ends up costing a lot.
So my guess is that it would cost a lot.
Mr. Horn. Now that we have locked in Presidents from
putting their little hands in the Social Security trust funds,
maybe they will have more money for administrative analysis.
But right now, we have to appropriate that for administration?
And you can't use what is in the trust fund? Am I right on
that?
Mr. Streckewald. Yes. If the new card were to go beyond the
purposes of what the Social Security card is currently used
for, we could not use the trust funds to pay for the cost.
Mr. Horn. Are there any other points you would like to make
before we adjourn this hearing?
Dr. Twight.
Ms. Twight. I wanted to comment on the point that was just
made about private people's willingness to divulge their Social
Security numbers for seemingly the most trivial of business
transactions.
I recently had an experience at the Bon Marche in Boise, ID
where I forgot my charge card and they just asked me for my
Social Security number and I refused to give it.
But in any event, it seems that today so many people are
willing to just divulge that Social Security number. My theory
is that this gradual process by which the Social Security
number has been used for everything--you have little kids
growing up who have had the Social Security number since birth
and so on--that people have become sort of desensitized to what
that represents.
So I think that makes it even a larger problem than we
might otherwise think.
Mr. Horn. Mr. Smith.
Mr. Smith. I would like to defend people, if I may, with
two examples.
I gave my Social Security number as a young person entering
law school. Six years later, it shows up on the label of my
alumni mailing to me so that it was open to the whole world. I
didn't know the consequences of that when I provided my Social
Security number. I provided it to an authority figure and
figured that it was required.
I opened a bank account and was asked for a Social Security
number because the Department of Treasury requires it. My bank
was sold to another company that now wants to use it as the
access code to get my account information over the telephone
and use it as the last four digits of the PIN number.
I didn't provide it for that purpose. So I think people
ought to be defended. They give out the Social Security number
to authority figures without knowing the consequences of how it
might be used later for secondary purposes.
Mr. Horn. I think you are absolutely right. I have had so
many people tell me that. And I know in a couple of cases when
I have said, ``It's none of your damn business,'' they looked
at me like I was a crook. So be it, and they didn't get the
sale.
Mr. Streckewald. Mr. Chairman, this bill could impact
Social Security, even though we are actually exempted from some
of the restrictions on it. We think it would interfere very
much with our pledge to the American people to deliver
services.
For years, our informal motto at SSA has been to pay the
right check to the right person at the right time. This bill
could interfere with all three of those.
Paying the right check, of course, is dependent upon
knowing other sources of income. Without the data matches we
have, either we would have to rely upon manual error prone
processes or we would not be able to do them at all. So the
right check would be in question.
Paying the right person is the same idea. The Social
Security number is a unique identifier. We know which John
Smith we are dealing with, so the use of Social Security
numbers allows us to know that we get the right check to the
right person.
And then the final piece, the right time, is referring to
timely service so that people don't have to wait for their
check. They don't have to wait for changes in the amount of
their checks. Manual processes take a lot longer than automated
computer matches, although we have no way of knowing right now
exactly how much longer. It may create an additional burden on
the American people to come and give us, on a regular basis,
the information that we currently receive from these matches.
These are just some of our concerns about this bill.
Mr. Horn. Now, I am sure you are following the legislation
we have already worked on in the last couple of months, and
that is to relieve you of having to worry about this person
having extra income to work and just wiping that out.
Will that help you in the sense that it doesn't matter who
they are--and I think we have wasted a lot of administrative
time, probably, in Social Security to try to get some poor soul
that has $500 a month in a check and she is working in a local
hardware store at minimum wage.
Won't that help you when we knock that out?
Mr. Streckewald. I am not sure if I understand your
question.
Are you referring to----
Mr. Horn. We are talking about the employment thing I am
talking about. I was curious how many thousands of people you
have worrying about that, because we are going to relieve you
of that.
Mr. Streckewald. I see. You are talking about the
elimination of the retirement earnings test.
Mr. Horn. That's right.
Mr. Streckewald. That will definitely relieve people of
reporting their earnings to us who are past the retirement age.
You are right, there.
Mr. Horn. So we are looking at about 900,000 beneficiaries
that might be affected by that. How many employees could you
let go because they are no longer figuring that, or harassing
people, or whatever?
Mr. Streckewald. We haven't done that analysis yet, but I
would be glad to submit something to you if we have anything.
Mr. Horn. I really would like to have that analysis and put
that in the record, without objection, at this point because we
are wondering at that. There are a lot of things you have to do
and that is not going to be one of them anymore. I think
everybody is going to be happier and they will have more money
and it wasn't helping that much anyhow. But we have to argue
and they go through our district offices because they have seen
a deduction from their check and wonder what that is all about
and they have to worry about writing out a check themselves
when they don't have the money.
So I would hope that is relieving you of a lot of work.
Mr. Streckewald. We will look into it.
Mr. Horn. Thank you very much. I would like the response
put at this point in the record.
[The information referred to follows:]
[GRAPHIC] [TIFF OMITTED] T1388.044
Mr. Horn. Thank you. You have all been very good witnesses
and we have learned a lot.
This is simply the first hearing to take a look at this
situation. And I understand that the Ways and Means Committee
that does have authorization on Social Security is also doing
that. So maybe something good will come out of it.
We thank you for coming here and sharing.
And I will say to anyone else here that might want to file
a statement, if you could file it in the next 2 weeks, we would
be glad to put it in the record because I know a lot of groups
at the State level, motor vehicles, the universities, and all
the rest would like to get their views in on it, and we welcome
them.
With that, we thank you and we thank the staff here:
Russell George, the staff director and chief counsel; Heather
Bailey to my left and your right, the professional staff member
who put this one together; Bonnie Heald, director of
communications is here; Bryan Sisk, clerk; Elizabeth Seong,
intern; Michael Soon, intern; Trey Henderson, the counsel for
the minority; along with Jean Gosa, the minority clerk. And we
thank Mr. Mel Jones today for being the court reporter.
With that, we are adjourned. Thank you.
[Whereupon, at 3:41 p.m., the subcommittee was adjourned.]
[Additional information submitted for the hearing record
follows:]
[GRAPHIC] [TIFF OMITTED] T1388.045
[GRAPHIC] [TIFF OMITTED] T1388.046
[GRAPHIC] [TIFF OMITTED] T1388.047
[GRAPHIC] [TIFF OMITTED] T1388.048
[GRAPHIC] [TIFF OMITTED] T1388.049
[GRAPHIC] [TIFF OMITTED] T1388.050
[GRAPHIC] [TIFF OMITTED] T1388.051
[GRAPHIC] [TIFF OMITTED] T1388.052
[GRAPHIC] [TIFF OMITTED] T1388.053
[GRAPHIC] [TIFF OMITTED] T1388.054
[GRAPHIC] [TIFF OMITTED] T1388.055
[GRAPHIC] [TIFF OMITTED] T1388.056
[GRAPHIC] [TIFF OMITTED] T1388.057
[GRAPHIC] [TIFF OMITTED] T1388.058
[GRAPHIC] [TIFF OMITTED] T1388.059
[GRAPHIC] [TIFF OMITTED] T1388.060
[GRAPHIC] [TIFF OMITTED] T1388.061
[GRAPHIC] [TIFF OMITTED] T1388.062
[GRAPHIC] [TIFF OMITTED] T1388.063
[GRAPHIC] [TIFF OMITTED] T1388.064
[GRAPHIC] [TIFF OMITTED] T1388.065
[GRAPHIC] [TIFF OMITTED] T1388.066
[GRAPHIC] [TIFF OMITTED] T1388.067
[GRAPHIC] [TIFF OMITTED] T1388.068
[GRAPHIC] [TIFF OMITTED] T1388.069
[GRAPHIC] [TIFF OMITTED] T1388.070
[GRAPHIC] [TIFF OMITTED] T1388.071
[GRAPHIC] [TIFF OMITTED] T1388.072
[GRAPHIC] [TIFF OMITTED] T1388.073
[GRAPHIC] [TIFF OMITTED] T1388.074
[GRAPHIC] [TIFF OMITTED] T1388.075
[GRAPHIC] [TIFF OMITTED] T1388.076
[GRAPHIC] [TIFF OMITTED] T1388.077
[GRAPHIC] [TIFF OMITTED] T1388.078
[GRAPHIC] [TIFF OMITTED] T1388.079
[GRAPHIC] [TIFF OMITTED] T1388.080
[GRAPHIC] [TIFF OMITTED] T1388.081
[GRAPHIC] [TIFF OMITTED] T1388.082
�