The Way We Use Social Security Numbers Is Absurd
16th October 2015
In combination, a person’s full name, Social Security number and birthdate have become a skeleton key for identity verification and, thus, identity theft. Yet the nine-digit number was never intended to be anything of the kind. In fact, from 1946 to 1971, cards came printed with the disclaimer: “FOR SOCIAL SECURITY PURPOSES – NOT FOR IDENTIFICATION.” That was before the rise of the personal computer; the data-rich environment of public- and private-sector digital transactions, from online voter registration to shopping; and the accompanying cavalcade of data breaches, from Target to the Pentagon.
Politicians frequently talk about whether Social Security is solvent. (It is, until at least 2033, and it will probably be restructured to operate much longer and avoid unpopular cuts.) Some candidates talk about data security, with Democrat Jim Webb decrying Chinese cyber-attacks in the party’s first debate and Republican Mike Huckabee suggesting that we launch a cyberwar against China. (The nation will not admit nor deny its role in the hacks.) But few politicians have tackled the less prominent but still thorny question of whether the Social Security number, as used, has become one of the biggest liabilities in data security.