Social Security Numbers:
More Could be Done to Protect SSNs
GAO-06-586T: Published: Mar 30, 2006. Publicly Released: Mar 30, 2006.
Additional Materials:
- Highlights Page:
- Full Report:
- Accessible Text:
Contact:
(202) 512-7202
contact@gao.gov
Office of Public Affairs
(202) 512-4800
youngc1@gao.gov
In 1936, the Social Security Administration established the Social Security number (SSN) to track worker's earnings for Social Security benefit purposes. Since its creation, the SSN has evolved beyond its original purpose and has become the identifier of choice for public and private sector entities. Today, the SSN is a key piece of information often sought by identity thieves. Once the SSN is obtained fraudulently, it can then be used to create false identities for financial misuse or assuming another individual's identity. Congress and some states have recognized the importance of restricting the use and display of SSNs. GAO has issued a number of reports and testimonies about the various aspects of SSN use in both public and private sectors and what could be done to further protect individual's SSNs. Accordingly, this testimony focuses on describing (1) the use of SSNs by government agencies and certain private sector entities, (2) the federal laws that regulate the use and disclosure of SSNs, and (3) the gaps that remain in protecting the SSN and what more could be done.
SSN use is widespread by both the public and private sectors. Agencies at all levels of government frequently collect and use SSNs to administer their programs, verify applicants' eligibility for services and benefits, and perform research and evaluations of their programs. In addition, SSNs are available in a variety of public records. Certain private sector entities routinely obtain SSNs from various public and private sources, and use SSNs for various purposes, such as to build tools that verify an individual's identity or match existing records. In addition, private sector entities that engage in third party contracting sometimes share SSNs with their contractors for limited purposes. There is no one law that comprehensively regulates SSN use and protections. However, certain federal laws have been enacted to restrict the use and disclosure of consumers' personal information, including SSNs. In addition, certain states have begun to enact their own legislation restricting the use and display of SSNs by public and private sector entities, which has subsequently led other states to start enacting similar legislation. Finally, Congress is currently considering several proposals to restrict SSN use and display, similar to state legislation. Although some action has been taken at the federal and state level to protect SSNs, more could be done. In the course of this work, GAO found that there were gaps in the practices for protecting SSNs within government agencies and across industry sectors, such as a lack of uniformity at all levels of government to assure the security of the SSN; gaps in the federal law and oversight in different industries that share SSNs with their contractors; exposure of SSNs in public records and identification cards under the auspices of the government; and few restrictions on certain entities' abilities to obtain and use SSNs in the course of their business. To address some of these issues, GAO has made recommendations and proposed matters for congressional consideration. To date, OMB has implemented two of these recommendations and some agencies have begun to take steps to eliminate SSNs from their identification cards. Congress is still considering actions to take to address the issues that remain.
Feb 24, 2021
-
Pregnant Women in DOJ Custody:
U.S. Marshals Service and Bureau of Prisons Should Better Align Policies with National GuidelinesGAO-21-147: Published: Jan 25, 2021. Publicly Released: Feb 24, 2021.
Oct 26, 2020
-
Intellectual Property:
CBP Has Taken Steps to Combat Counterfeit Goods in Small Packages but Could Streamline EnforcementGAO-20-692: Published: Sep 24, 2020. Publicly Released: Oct 26, 2020.
Sep 30, 2020
-
Federal Criminal Restitution:
Department of Justice Has Ongoing Efforts to Improve Its Oversight of the Collection of Restitution and Tracking the Use of Forfeited AssetsGAO-20-676R: Published: Sep 30, 2020. Publicly Released: Sep 30, 2020.
Sep 10, 2020
-
Federal Tactical Teams:
Characteristics, Training, Deployments, and InventoryGAO-20-710: Published: Sep 10, 2020. Publicly Released: Sep 10, 2020.
Sep 8, 2020
-
VA Police:
Actions Needed to Improve Data Completeness and Accuracy on Use of Force Incidents at Medical CentersGAO-20-599: Published: Sep 8, 2020. Publicly Released: Sep 8, 2020.
Aug 13, 2020
-
Anti-Money Laundering:
FinCEN Should Enhance Procedures for Implementing and Evaluating Geographic Targeting OrdersGAO-20-546: Published: Jul 14, 2020. Publicly Released: Aug 13, 2020.
Jul 29, 2020
-
Federal Prison Industries:
Actions Needed to Evaluate Program EffectivenessGAO-20-505: Published: Jul 29, 2020. Publicly Released: Jul 29, 2020.
Jul 8, 2020
-
Gun Control:
DOJ Can Further Improve Guidance on Federal Firearm Background Check RecordsGAO-20-528: Published: Jul 8, 2020. Publicly Released: Jul 8, 2020.
Jun 22, 2020
-
Federal Prisons:
Additional Analysis Needed to Determine Whether to Issue Pepper Spray to Minimum Security PrisonsGAO-20-342: Published: Jun 22, 2020. Publicly Released: Jun 22, 2020.
May 26, 2020
-
Bureau of Prisons:
Improved Planning Would Help BOP Evaluate and Manage Its Portfolio of Drug Education and Treatment ProgramsGAO-20-423: Published: May 26, 2020. Publicly Released: May 26, 2020.
Looking for more? Browse all our products here