Your Social Insecurity Number
The SSN's Use Has Extended Far Beyond Its Original Purpose
FEBRUARY 01, 2003 by GARRY WANG
Garry Wang is a writer living in Canada.
Some advocates of a national ID card profess to be concerned about the personal security of individuals. They lament the ease with which current ID requirements may be sidestepped by those who would violate an individual’s privacy in order to perpetrate such crimes as credit-card fraud or identity theft. While this is a legitimate concern, the paradox is that in the name of protecting individual privacy, the establishment of a national ID card would likely make it harder than ever for Americans to protect their private lives from prying eyes.
Too often advocates of a national ID card don’t ask why the current identification requirements exist in the first place, and what it is about these requirements that has rendered the individual so vulnerable to violations of privacy. Yet the actual history of the Social Security number(SSN) in the United States shows how the mandatory uses of a government-mandated identifier—even one originally intended only to organize the bookkeeping of a single government program—can extend far beyond originally stated intentions.
The Social Security Act was passed in 1935 as a Depression-era measure to provide economic “security” for the aged. It did not mandate a specific means by which taxpayers and their income would be tracked. But it did authorize Social Security taxes to be “collected and paid in such manner, at such times, and under such conditions, not inconsistent with this title . . . as may be prescribed by the Commissioner of Internal Revenue, with the approval of the Secretary of the Treasury.”1
In the beginning, only participants in the program were obliged to obtain an SSN (and at that time, not all Americans were required to participate). The only transactions tagged with the number pertained to money that was actually being “paid into” the program, which would presumably have some relationship to how much could later be “taken out” in monthly payments on retirement (as if there were some kind of secure depository, or “lock box,” in which the funds would accrue until the depositor could collect them, a view of the situation that few Americans any longer believe).
Over the years, however, the mandatory use of the SSN proliferated on two overlapping tracks. More and more people were required to obtain one, whether or not they participated in the program; and more and more transactions had to be tagged with the SSNs of the transactors—even when the transactions had nothing to do with Social Security accounting.
Concerns about abuse of the number existed from the beginning. For many years, the Social Security card bore a printed warning (never codified in law, however) that the card was “not for identification.” But despite sporadic admonitions from the government itself that the SSN was not to be fashioned into a universal identifier, its purview expanded almost without limit. Eventually it would be used to track not only government employment, payments, and functions, but for an ever-growing range of private matters as well.
In 1936 the Treasury prescribed that each individual in the Social Security program be assigned an account number, what came to be known as the Social Security number. Between November 1936 and June 1937, Americans submitted some 30 million applications for SSNs.
By 1943, the government was already using the SSN as an identifier for purposes other than Social Security record-keeping. Under executive order 9397, not only were all agencies of the federal government authorized to use the SSN for their own accounting, they were also required to do so should any kind of identification protocol be needed. The order declared that “it is desirable in the interest of economy and orderly administration that the Federal Government move towards the use of a single unduplicated numerical identification system of accounts and avoid the unnecessary establishment of additional systems,” and it cited the “convenience” of using the already widespread Social Security number.2
In 1961, the Civil Service Commission adopted the SSN as an identifier for all federal employees. In the same year, the Internal Revenue Service (IRS) required taxpayers to furnish an identifying number for tax reporting. A year later the IRS issued a regulation mandating that this identifying number, for individual taxpayers, be the Social Security number. A decade after that, the IRS regulation was codified in law. In 1966, the Veterans Administration began using the SSN for its record-keeping. In 1967, the government began using the SSN to identify members of the armed services.
In 1972, the Social Security Administration was required to issue SSNs to all legal aliens as they entered the country. In the same year the Administration was authorized to distribute SSNs to children as they started school. In 1981, the Department of Defense Authorization Act required SSNs from all individuals registering for the selective service. The Food and Agricultural Resources Act of 1990 mandated that the “officers” of stores redeeming food stamps supply their SSNs.
Sometimes the government requires taxpayers and benefit recipients to divulge not only their own Social Security numbers, but also those of persons not even paying taxes or receiving benefits. The Tax Reform Act of 1986 determined that the SSNs of all dependents age 5 or over must be reported on an individual tax return if the taxpayer wants to take the usual deductions. A few years later, Congress reduced the age threshold from 5 to 2. These days, even newborns are expected to get SSNs before leaving the hospital.
By the 1960s the government had determined that it was necessary to use the SSN not only to identify the beneficiaries of programs, taxpayers, government employees, aliens, and schoolchildren, but also to identify various transactions that could possibly be subject to taxation. Of course, all of these transactions had been “identified” already, by financial institutions for the benefit of themselves and their customers. The new purpose had little to do with safeguarding the security and privacy of either (and in fact obviously invaded that privacy); the sole purpose was to enable a third party—government—to keep a record of what people were doing with their own money prior to any declaration of it as taxable income. And it is precisely this progressive linking of every financial transaction to a single “identifying” number that has rendered individuals so vulnerable to the fraud and theft that some advocates of national ID profess to be alarmed by.
The funds first targeted for SSN-tagging were those, like Social Security itself, that were controlled by government. In 1964, purchasers of H-series savings bonds were required to supply SSNs. In 1970, the Bank Records and Foreign Transactions Act mandated that all banks, credit unions, and dealers in securities collect the SSNs of their customers, and that all transactions involving more than $10,000 be reported individually to the IRS along with the customer’s SSN. In 1973, buyers of E-series savings bonds were also required to supply their SSNs. The Social Security Amendments of 1983 stipulated that nobody could open an interest-bearing account without giving his SSN.
The result of these almost yearly extensions of the purview of the Social Security number is that it is now nearly impossible to do anything with one’s money without supplying that number, unless one simply holds cash.
Social Security Board Regulation No. 1, June 15, 1937, provided that no Board employee may disclose anybody’s SSN before “any tribunal, directly or indirectly,” even under subpoena.3 Yet many years later, in 1990, Congress found it necessary to put a provision in the Food and Agricultural Resources Act requiring that any SSNs acquired as a result of any law passed on October 1, 1990, or later remain confidential. Obviously, legislators regarded the 1990 law as necessary precisely because of how carelessly the SSN had been handled between 1937 and 1990. Regulation No. 1 governed only a single governmental entity, the Social Security Board. Subsequent laws and regulations, as well as growth in the market for personal information and technological developments, had rendered that injunction progressively irrelevant.
Every once in a while various government officials acknowledge the dangers to personal privacy and security that have been engendered by the government’s own proliferating mandates with respect to the Social Security number.
In 1971, for example, the Social Security Administration proposed that the government take a “cautious and conservative” approach toward the SSN and do nothing to promote its deployment as a universal identifier. Yet the same report also proposed using the SSN to log students in the public schools. More expressions of concern followed, as well as halfhearted efforts to address these concerns. In 1973 the Department of Health, Education, and Welfare warned that the SSN was unsuitable as a universal identifier. The Privacy Act of 1974 stated that no state or local government may refuse a benefit solely because a person declines to provide his SSN. But a year later, the Social Services Amendments specified that applicants for Aid to Families with Dependent Children (AFDC) must provide SSNs as a condition of eligibility. The 1974 Act also sought to “protect personal information gathered by the federal government, but not information collected by private businesses like banks, credit-card companies, employers, and health-care providers.”
But as privacy expert Robert Ellis Smith has pointed out, since 1974 “agencies at all levels of government have justified their demands for Social Security numbers by pointing to general authorizations in laws predating the Privacy Act that simply allow the agencies to conduct some function or to collect information to conduct their functions. That is not at all what members of Congress had in mind in the fall of 1974, but the practices are only occasionally challenged successfully.”4
And although the Tax Reform Act of 1976 asserted that misuse of a Social Security number constituted a violation of the Social Security Act, that same legislation also gave states carte blanche to demand the SSN for the administration of taxes, public assistance, driver’s licenses, and motor-vehicle registration. In 1977, the Carter administration proposed that the Social Security card be one of the authorizing documents provided to employers to confirm that an applicant is allowed to work in the United States, adding that the card ought not be used as a national-identity document.
Despite such weak, occasional, and contradictory legislative efforts to put the evil contents back in Pandora’s box, today any American who does not take special care to protect his privacy is vulnerable to a little determined investigation. It has become ever easier to learn a person’s Social Security number and to use that information in conjunction with other basic information about a person to delve even further into that person’s financial background.
A law stipulating that a governmental or private entity may not divulge the Social Security number under certain broadly and vaguely defined circumstances becomes increasingly difficult to enforce as more and more organizations and persons gain legal justification to demand it. And once a person’s SSN is “out there”—including on the upper-right-hand corner of credit-card reports that anyone who claims to have a legitimate purpose may easily obtain—it becomes increasingly difficult to preserve any expectation of confidentiality. If gaining access to or releasing a person’s Social Security number is sometimes a crime, at least nominally, it more often is not. And even when it is nominally a crime, the crime may be impossible to prosecute.
Yet the SSN is regarded as evidence of identity! As Robert Ellis Smith notes, even as the Social Security number “was becoming more and more a public piece of information . . . people in places of authority were treating it as an authenticator of a person’s identity, as if it were a secret known only to the individual.”5
If anything is clear from the history of the Social Security number, it is that assurances about the scope and uses of any proposed national ID card are not to be trusted. Such political promises are as easy to break as they are to make—especially when it comes to making our personal data more easily available to data-ravenous public and private parties. If the trend inaugurated in the United States in the 1930s continues to accelerate, those of us who care about our privacy may soon have more reason than ever to be careful about what we tell and to whom.
- Text of the Social Security Act of 1935 is at the website of the Social Security Administration, www.ssa.gov/history/35act.html.
- The order is archived online at the Law Links website at http://resource.lawlinks.com/content/legal_research/executive_orders/1940-1960/executive_order_9397.htm.
- See www.ssa.gov/history/reg1.html.
- Robert Ellis Smith, A National ID Card: A License to Live (Providence, R.I.: Privacy Journal, 2002), p. 9. The Social Security Administration’s chronology of its assignments and pronouncements regarding the SSN and the privacy rights of citizens may be found at www.ssa.gov/history/ssn/ssnchron.html.
- Robert Ellis Smith, Social Security Numbers: Uses and Abuses (Providence, R.I.: Privacy Journal, 2001), p. 6.