NYT Op-Ed (Interesting Read): Identity Stolen? Take a Number (re SSNs)
By ELLEN ULLMAN
San Francisco
WITHOUT authorization, an employee of the Department of Veterans Affairs took home a laptop computer with the names, birth dates and Social Security numbers of 17.5 million veterans and active-duty military personnel — or was is it 26.5 million? At the time the department was not even clear. In May, the laptop was stolen.
Then, about a month later, Veterans Affairs said it would provide a year of free credit monitoring for the people whose data was involved. Well, thanks a lot. This is the equivalent of your house sitter sending you a postcard saying, “Your front door fell off a few weeks ago, but don’t worry: the police said they’d cruise by once a week to make sure everything is okay.â€
There is a much better way to handle lost or stolen Social Security numbers: issue new ones. When you lose your Visa card, you get a new card with a new number, and any new charges with the old number are blocked. Why can’t we do the same with Social Security numbers?
A computer generates a unique number, and it is associated with your name. Then — no matter how stupidly we handle that number, giving it out to scammers, and no matter how shamelessly that number is mismanaged by government agencies — almost no matter what, that number remains with you, even unto death.
There is no good reason for this to be so. From a computing point of view, it is ludicrous. The Social Security number is just a unique number. Computers are very good at generating unique numbers; computers are also very good at associating a name with a number, and then, without a care, associating that name with some other number.
If it seems too daunting to change government computers so they can link old Social Security numbers to replacement numbers, here is a proposal for the federal government: Sponsor a contest among colleges to see which one’s technical team can best patch up existing systems to handle reassignment of Social Security numbers (replacing government systems entirely would be an impossible task, a multibillion-dollar sinkhole).
Hire some of the best computer-security experts to see that no one plants viruses or trap doors. Give each member of the winning team a federal-tax-exempt award of $500,000. If that sounds expensive, consider that the Department of Veterans Affairs has already spent $18 million just on warning letters to the people whose data was stolen, letters explaining the credit-monitoring service to them, and a call center to fortify those unfortunates for the nightmare of identify theft that potentially lies ahead.
Within a year of the contest’s beginning, I predict, the technical solution for Social Security number reassignment will be found. Should this sound unreasonable, please remember that many thought the world would come to an end in 2000 because of the so-called Millennium Bug. But programmers all around the world rolled up their sleeves, changed systems to handle four instead of two digit years, and Armageddon was delayed.
The technology can be changed. What is missing is the political will. Some valiant member of Congress must stand up and demand a law mandating the cybernetic protection of Social Security records and the reassignment of compromised numbers. If it’s true, as the federal government insists, that data-monitoring programs can find terrorists’ phone calls somewhere among the billions of connections made by law-abiding Americans, surely it should be no trouble for an Internal Revenue Service computer to flag a situation in which a person who has always worked in Albany and is still working in Albany, for example, is suddenly working simultaneously in Denver.
Credit-card companies catch these sorts of anomalies all the time; it’s in their financial interest to do so. But the government has what amounts to a financial disincentive: it collects taxes on all uses of the same Social Security number, valid or not. No one in the government is seriously penalized when Social Security numbers are stolen and misused; only the number-holders suffer.
That is why legislation is needed. I guarantee you that the member of Congress who proposes this legislation will have a solid voter base of at least 17.5 million people.
Ellen Ullman, a former software engineer, is the author, most recently, of “The Bug: A Novel.â€
This entry was posted on Monday, July 17th, 2006 at 2:33 PM and filed under Articles. Follow comments here with the RSS 2.0 feed. Skip to the end and leave a response. Trackbacks are closed.