EPIC logo

Testimony and Statement for the Record of

Chris Jay Hoofnagle
Deputy Counsel, Electronic Privacy Information Center

Hearing on Use and Misuse of the Social Security Number

Subcommittee on Social Security of the Committee on Ways and Means
U.S. House of Representatives

July 10, 2003
B-316 Rayburn House Office Building


Chairman Shaw, Ranking Member Matsui, and Members of the Subcommittee, thank you for extending the opportunity to testify on use and misuse of Social Security Numbers.

My name is Chris Hoofnagle and I am deputy counsel with the Electronic Privacy Information Center (EPIC), a not-for-profit research organization based in Washington, D.C. Founded in 1994, EPIC has participated in cases involving the privacy of the Social Security Number (SSN) before federal courts and, most recently, before the Supreme Court of New Hampshire.1 EPIC has also taken a leading role in campaigns against the use of globally unique identifiers (GUIDs) involving the Intel Processor Serial Number and the Microsoft Corporation's Passport identification and authentication system. EPIC maintains an archive of information about the SSN online at http://www.epic.org/privacy/ssn/.

I appreciate the opportunity to testify today. In the testimony below, we will first review historical and recent attempts to regulate the use of the SSN. This section demonstrates that there is ample legislative and judicial support for limitations on the collection and use of the SSN.

The second section describes trends involving the SSN. These include:

Finally, in the last section we recommend that the Committee revisit 107 H.R. 2036, The Social Security Number Privacy and Identity Theft Protection Act of 2001. That bill, which enjoyed wide bipartisan support in the last Congress, should be reintroduced and passed by this Congress. Alternatively, we recommend that the Committee consider 108 H.R. 1931, the Personal Information Privacy Act of 2003. That bill would establish important protections for the SSN, including moving the SSN "below the line" on the credit report.

I. Historical Regulation of the Collection and Use of the SSN

The Social Security Number (SSN) was created in 1936 as a nine-digit account number assigned by the Secretary of Health and Human Services for the purpose of administering the Social Security laws. SSNs were first intended for use exclusively by the federal government as a means of tracking earnings to determine the amount of Social Security taxes to credit to each worker's account. Over time, however, SSNs were permitted to be used for purposes unrelated to the administration of the Social Security system. For example, in 1961 Congress authorized the Internal Revenue Service to use SSNs as taxpayer identification numbers.

A major government report on privacy in 1973 outlined many of the risks with the use and misuse of the Social Security Number. Although the term "identify theft" was not yet in use, Records Computers and the Rights of Citizens described the risks of a "Standard Universal Identifier," how the number was promoting invasive profiling, and that many of the uses were clearly inconsistent with the original purpose of the 1936 Act. The report recommended several limitations on the use of the SSN and specifically said that legislation should be adopted "prohibiting use of an SSN, or any number represented as an SSN for promotional or commercial purposes."2

In response to growing risks over the accumulation of massive amounts of personal information and the recommendations contained in the 1973 report, Congress passed the Privacy Act of 1974.3 Among other things, this Act makes it unlawful for a governmental agency to deny a right, benefit, or privilege merely because the individual refuses to disclose his SSN. This is a critical principle to keep in mind today because consumers in the commercial sphere often face the choice of giving up their privacy, their SSN, to obtain a service or product. The drafters of the 1974 law tried to prevent citizens from facing such unfair choices, particularly in the context of government services. But there is no reason that this principle could not apply equally to the private sector, and that was clearly the intent of the authors of the 1973 report.

Section 7 of the Privacy Act further provides that any agency requesting an individual to disclose his SSN must "inform that individual whether that disclosure is mandatory or voluntary, by what statutory authority such number is solicited, and what uses will be made of it." At the time of its enactment, Congress recognized the dangers of widespread use of SSNs as universal identifiers. In its report supporting the adoption of this provision, the Senate Committee stated that the widespread use of SSNs as universal identifiers in the public and private sectors is "one of the most serious manifestations of privacy concerns in the Nation." Short of prohibiting the use of the SSN outright, the provision in the Privacy Act attempts to limit the use of the number to only those purposes where there is clear legal authority to collect the SSN. It was hoped that citizens, fully informed where the disclosure was not required by law and facing no loss of opportunity in failing to provide the SSN, would be unlikely to provide an SSN and institutions would not pursue the SSN as a form of identification.

It is certainly true that the use of the SSN has expanded significantly since the provision was adopted in 1974. This is particularly clear in the financial services sector. In an effort to learn and share financial information about Americans, companies trading in financial information are the largest private-sector users of SSNs, and it is these companies that are among the strongest opponents of SSN restrictions.

Outside the financial services sector, many companies require the SSN instead of assigning an alternative identifier. These requirements appear in a myriad of commercial interchanges, many of which absolutely do not require the SSN. For instance, Golden Tee, a popular golf video game, requires players to enter their SSN in order to engage in "tournament play."4 The company could assign its own identifier for players, but instead relies upon the SSN, which puts players at risk by requiring them to further circulate personal information.

It is critical to understand that the legal protection to limit the collection and use of the SSN is still present in the Privacy Act and can be found also in recent court decisions that recognize that there is a constitutional basis to limit the collection and use of the SSN. When a Federal Appeals court was asked to consider whether the state of Virginia could compel a voter to disclose an SSN that would subsequently be published in the public voting rolls, the Court noted the growing concern about the use and misuse of the SSN, particularly with regard to financial services.5 The Fourth Circuit said:

Since the passage of the Privacy Act, an individual's concern over his SSN's confidentiality and misuse has become significantly more compelling. For example, armed with one's SSN, an unscrupulous individual could obtain a person's welfare benefits or Social Security benefits, order new checks at a new address on that person's checking account, obtain credit cards, or even obtain the person's paycheck...Succinctly stated, the harm that can be inflicted from the disclosure of a SSN to an unscrupulous individual is alarming and potentially financially ruinous.6

The Court said that:

The statutes at issue compel a would-be voter in Virginia to consent to the possibility of a profound invasion of privacy when exercising the fundamental right to vote. As illustrated by the examples of the potential harm that the dissemination of an individual's SSN can inflict, Greidinger's decision not to provide his SSN is eminently reasonable. In other words, Greidinger's fundamental right to vote is substantially burdened to the extent the statutes at issue permit the public disclosure of his SSN.7

The Court concluded that to the extent the Virginia voting laws, "permit the public disclosure of Greidinger's SSN as a condition of his right to vote, it creates an intolerable burden on that right as protected by the First and Fourteenth Amendments."8

In a second case, testing whether a state could be required to disclose the SSNs of state employees under a state open record law where there was a strong presumption in favor of disclosure, the Ohio Supreme Court held that there were privacy limitations in the federal Constitution that weighed against disclosure of the SSN.9 The court concluded that:

We find today that the high potential for fraud and victimization caused by the unchecked release of city employee SSNs outweighs the minimal information about governmental processes gained through the release of the SSNs. Our holding is not intended to interfere with meritorious investigations conducted by the press, but instead is intended to preserve one of the fundamental principles of American constitutional law -- ours is a government of limited power. We conclude that the United States Constitution forbids disclosure under the circumstances of this case. Therefore, reconciling federal constitutional law with Ohio's Public Records Act, we conclude that [the provision] does not mandate that the city of Akron discloses the SSNs of all of its employees upon demand.10

In an important recent case from the U.S. Court of Appeals for the D.C. Circuit, a Court upheld the Federal Trade Commission's determination that SSNs are nonpublic personal information under the Gramm-Leach-Bliley Act.11 The Court rejected First and Fifth Amendment challenges to regulations that restricted the use of the SSN without giving the individual notice and opportunity to opt-out. Additionally, the Court upheld regulations that prohibited the reuse of SSNs that are furnished to credit reporting agencies.12

While it is true that many companies and government agencies today use the Social Security Number indiscriminately as a form of identification and authentication, it is also clear from the 1936 Act, the 1974 Privacy Act, and these three cases--Greidinger v. Davis, Beacon Journal v. City of Akron, and Trans Union v. FTC--that there is plenty of legislative and judicial support for limitations on the collection and use of the SSN. The question is therefore squarely presented whether the Congress will at this point in time follow in this tradition, respond to growing public concern, and establish the safeguards that are necessary to ensure that the problems associated with the use of the SSN do not increase.

II. Recent SSN Trends

Just in the last eighteen months, there have been a number of important SSN developments. These developments, which range from large-scale incidents of identity theft to continued reliance on the SSN in the private sector, underscore the continued need for a national framework of protections for the SSN.

Identity Theft Complaints Increase

The FTC reported on January 22, 2003 a large increase in the number of fraud complaints and a doubling of the dollar loss attributable to fraudulent activities directed at US Consumers.13 The agency noted that the number of fraud complaints rose from 220,000 in 2001 to 380,000 in 2002 and the loss to consumers grew from $160 million in 2001 to $343 million in 2002. The report revealed that identity theft topped the list, accounting for 43% of the complaints lodged in the Consumer Sentinel database.

The SSN Continues to be the Key to Identity Theft

On January 10, 2002, a special Florida grand jury commissioned to investigate identity theft recommended stronger legal protections for personal data, including SSNs, held by business and State agencies.14 It called for laws that would prohibit the credit industry from selling personal data without consumer consent, and would stop State agencies from disseminating personal information under the open records law without individual consent, court order, or the articulation of a compelling need. The panel charged 33 individuals with criminal use of personal identifying information, fraud, grand theft, and money laundering. The grand jury estimated that the current $2.5 billion nationwide cost of identity theft is expected to grow to $8 billion by 2005. It cited health clubs and video rental stores requiring SSNs on applications and local governments asking for SSNs on routine transactions.

In August 2002, New York Attorney General Eliot Spitzer reported that law enforcement authorities had broken "a massive identity theft ring."15 The information involved included SSNs, credit card numbers, and bank account information stolen from the NY State Insurance Fund, Social Security Administration, Empire State College, WNYC radio, Hollywood video, Worldcom Wireless, and American Express. The indictment alleges that this personal information was stolen between 1998 and 2002, and used to purchase computer equipment, cell phones, and other merchandise.

In November 2002, it was discovered that a former computer help desk employee had obtained 30,000 credit reports directly from a credit reporting agency. The former employee sold the reports to others for between $30-60 each.16 The information was used for credit fraud.

In December 2002, personal health care information, including SSNs, of more than 500,000 military personnel, retirees and family members in 16 Midwestern and western States were stolen from a military contractor. Also stolen were some active-duty service members' claims processing information, which include their names, SSN, and list of medical procedures and diagnosis codes for medical care already performed.17 TriWest stated that it attempted to notify beneficiaries by sending them letters and by posting notices on its web site. The database was not encrypted and TriWest relied on the SSN as an identifier.

In February 2003, two former employees of health facilities and six others were charged with stealing patient SSNs that were used to open fraudulent credit card and phone accounts.18 The suspects stole $78,000 in goods and services. One of the facilities involved has now implemented a new patient information system that doesn't label patients by the SSN.

Because of these and other developments, the Wall Street Journal, in its 2003 "to not do list," advised individuals not to give out their SSN: "Don't give out your Social Security number unless you have to: With identity theft a growing problem, you should be extremely cautious about giving out that information. Many organizations ask for it, from volunteer groups to retail stores to Web sites, but not all of them require you to provide it."19

But as the cases listed above illustrate, many identity theft cases are "insider jobs," committed by employees who obtain access and misuse individuals' personal information stored in their employers' databanks. Researchers at Michigan State University recently studied over 1000 identity theft cases and found that victims in 50% of the cases specifically reported that the theft was committed by an employee of a company compiling personal information on individuals.20 There is very little that an individual can do to prevent insider jobs, or cases where the SSN is stolen from a database.

The SSN is Still Being Used as a Student Identifier

Although privacy protections are important to students, student development, and to principles of academic freedom, schools have not always been sensitive to student informational privacy issues. A handful of states, including Arizona,21 New York,22 Rhode Island,23 and Wisconsin24 have enacted laws to regulate college and university use of the SSN. Nevertheless, in a survey of 1,300 institutions polled by the American Association of Collegiate Registrars and Admissions Offers, half reported that they use the SSN as the primary student identifier. 25

In August 2002, it was revealed that a Princeton admissions officer used the SSNs of applicants to his school to view the Yale University's web site for admissions. The unauthorized entry allowed Princeton to learn whether Yale had accepted students who had applied to both schools. Cracking the system was easy: Anyone who knew an applicant's birth date and SSN could log on.26

In March 2003, federal prosecutors charged a University of Texas student with breaking into a school database and stealing more than 55,000 student, faculty, and staff names and SSNs. The student was charged with violating the Computer Fraud and Abuse Act of 1986 and the Identity Theft and Assumption Deterrence Act of 1998. This occurrence led to a new Texas law protecting against identity theft.27

Also in March 2003, it was reported that the California State University's $662 million computer system contains a security flaw that gives users access to student and employee SSNs and other confidential data. The problem was known for years, and university officials had told state auditors they were not going to fix the vulnerability, citing cost and time concerns.28

In May 2003, a 17-year-old student of a Chino, CA high school allegedly cracked the school's computer system, changing his and a classmate's grades and also tapping into confidential student information, including the SSN.29 Apparently, 1,744 students had their SSNs in the database.

For model approaches to the transition to an alternative student identifier, I would look to the leadership of Virginia Rezmierski, Professor at the Gerald R. Ford School of Public Policy at the University of Michigan.30 Additionally, officials at the University of Illinois have established a procedure to reduce reliance on the SSN.31 The University of Pennsylvania is addressing the issue as well. That institution appointed Lauren Steinfeld, a former privacy expert at the Office of Management and Budget, to address SSN issues.

The SSN Has Become a Default Health Identifier

Many medical providers are using the SSN as a patient identifier. As David Miller noted in testimony before the National Committee on Vital Health Statistics:

"It should be noted that the 1993 WEDI [Workgroup for Electronic Data Interchange] Report, Appendix 4, Unique Identifiers for the Health Care Industry, Addendum 4 indicated 71% of the payers responding to the survey based the individual identifier on the Member's Social Security Number. However 89% requested the insured's Social Security Number for application of insurance. Clearly the Social Security Number is the current de facto identifier..."32

But individuals and companies are resisting such use of the SSN. Acting on employees' suggestions, I.B.M. has requested that health companies stop using the SSN on insurance cards. According to IBM, fifteen insurers, which cover about 30,000 of the company's 500,000 employees worldwide have either not responded or indicated that they will not comply with the request.33

SSN Required for Access to Products, Services

Major companies, including Blockbuster, Sam's Club and Costco continue to demand the SSN and other unnecessary information on their applications for access to products and services.34

SSN Litigation Has Yielded Mixed Results for Privacy Protection

In February 2002, the New Hampshire Supreme Court ruled for the first time that New Hampshire State residents can sue companies that sell their personal data or SSN, or obtain their work address through the use of pretextual phone calls. 35The Court found that the sale of such data was actionable if it subjected a person to foreseeable harm. It also ruled that people have a reasonable expectation of privacy in their SSNs, even though SSNs must be disclosed in certain circumstances. The ruling clears the way for a trial against Docusearch, the information broker who sold the SSN, home and work address of Amy Boyer to the man who stalked and murdered her.

In September 2002, the Fourth Circuit held that individuals cannot recover damages under the Privacy Act without a showing of actual harm.36 This ruling is in conflict with the law in several other circuits, and the Supreme Court has granted certiorari in the case. In Doe v. Chao, the Department of Labor used individuals' SSNs to identify their compensation claims. As a result, the SSNs were cited in public records and are now widely available. Although the plaintiff was embarrassed and placed at risk as a result of the disclosure, the Fourth Circuit held that one needs other manifestations of emotional distress in order to prove that harm occurred. We believe that the Fourth Circuit improperly interpreted the damages section of the Privacy Act, and we plan to file an amicus brief with the Supreme Court in support of the plaintiff.

In June 2003, a federal judge in Detroit ruled that the Privacy Act creates a private right of action for violating procedural rules relating to SSNs, but only as they apply to federal agencies, not states or municipalities.37 Judge Anna Taylor dismissed a suit seeking Privacy Act damages from the City of Detroit after its contractor mailed tax forms to residents with their SSNs printed on the mailing label. The Judge stated that plaintiff Daniel Schmitt failed to show that he was adversely affected or that Detroit acted willfully or intentionally because like the IRS, most local and State tax authorities request SSN for taxpayer identification purposes. The City vowed to keep SSNs off labels and attach a disclosure statement to the tax forms about SSNs, as required by the Privacy Act.38

SSNs Are Being Used for Political Protest

California-based Foundation for Taxpayer and Consumer Rights posted partial SSNs of state legislators who voted in opposition of privacy legislation.39 The group purchased the SSNs online for $26, demonstrating that access to sensitive information is convenient and inexpensive.

In June 2003, the Attorney General of Washington State decided not to defend a law designed to prohibit a web site that posts the names, addresses and home-phone numbers of police in Western Washington. As a result, Bill Sheehan III of Mill Creek is free to continue publishing his web site, www.justicefiles.org, which includes names and salaries of many Western Washington police officers and in some cases their SSNs, birth dates, home addresses and phone numbers. Sheehan claims that publishing such information is the best way to hold law-enforcement officers accountable to the public.40

States Innovating Solutions

California's Senate Bill 1386 went into effect on July 1, 2003.41 That legislation requires companies that maintain SSNs and other personal information to notify individuals when they experience a security breach. The bill came in response to an April 2002 incident in which the records of over 200,000 state employees were accessed by a computer cracker. The California legislation exceeds federal protections, as there is no national requirement for notice to individuals when personal information is accessed without authorization.

More specifically, the legislation creates a notice requirement where there has been an unauthorized acquisition of an individual's name along with a Social Security Number, a driver's license number, or an account number and corresponding access code. The notice requirement is also triggered when there is a reasonable belief that a security breach occurred. Notice must be given "in the most expedient time," but may be delayed where it would impede a criminal investigation.

Although this state law does not directly regulate collection or use of the SSN, it is likely to provide more privacy for Californians. The legislation places new responsibilities on those who collect the SSN, as a result, businesses are more likely to avoid collecting the SSN.

III. Recommendations

107 H.R. 2036, The Social Security Number Privacy and Identity Theft Protection Act of 2001, was a good proposal. This Congress should revisit and pass this important bill.

We recommend that the Committee visit the Social Security Number Privacy and Identity Theft Protection Act of 2001, 107 H.R. 2036, as a guide to limiting the use of the SSN. The measure was sponsored by Representative Clay Shaw (R-FL). In the 107th Congress, the bill enjoyed bi-partisan sponsorship of over 70 Members. The measure contained a comprehensive set of rights to protect individuals from identity theft.

Title I of the bill would have established important protections against public-sector sale or display of SSNs. These provisions will prohibit the display of the SSN on checks and government-issued employment cards. The bill would have prohibited disclosure of the SSN to inmates, and appearance of the SSN in public records. Increasingly, public records are a source for the collection of personal identifiers that then can be reused for any purpose.

The bill would have also prohibited "coercive disclosure" of the SSN-the practice of denying a product or service when an individual refuses to give a SSN. Additionally, Section 203 of that bill would have placed the SSN "below the line" on credit reports. This is an important and much needed protection that would stem trafficking in SSNs.

Alternatively, we recommend that the Committee consider 108 H.R. 1931, the Personal Information Privacy Act of 2003. That bill was introduced by Representative Kleczka (D-WI) in May and referred to the Committee on Ways and Means. H.R. 1931 would establish important protections for the SSN, including moving the SSN "below the line" on the credit report. The bill would also limit the use of "transaction and experience" information, and require opt-in consent before credit or insurance prescreening letters are sent. Such letters are a major source of the identity theft problem. Under the bill, aggrieved individuals have a private right of action against violators.

IV. Conclusion

Without a framework of restrictions on the collection and use of the SSN and other personal identifiers, identity theft will continue to increase, endangering individuals' privacy and perhaps the security of the nation. The best legislative strategy is one that discourages the collection and dissemination of the SSN and that encourages organizations to develop alternative systems of record identification and verification. It is particularly important that such legislation not force consumers to make unfair or unreasonable choices that essentially require trading the privacy interest in the SSN for some benefit or opportunity.

It is important to emphasize the unique status of the SSN in the world of privacy. There is no other form of individual identification that plays a more significant role in record-linkage and no other form of personal identification that poses a greater risk to personal privacy. Given the unique status of the SSN, its entirely inappropriate use as a national identifier for which it is also inherently unsuitable, and the clear history in federal statute and case law supporting restrictions, it is fully appropriate for Congress to pass legislation.

I am grateful for the opportunity to testify this afternoon and would be pleased to answer your questions.

 


1 Estate of Helen Remsburg v. Docusearch, Inc., et al, C-00-211-B (N.H. 2002). In Remsburg, the "Amy Boyer" case, Liam Youens was able to locate and eventually murder Amy Boyer through hiring private investigators who tracked her by her date of birth, Social Security Number, and by pretexting. EPIC maintains information about the Amy Boyer case online at http://www.epic.org/privacy/boyer/.
2 Department of Health, Education, and Welfare, Records, Computers, and the Rights of Citizens 108-35 (MIT 1973) (Social Security Number as a Standard Universal Identifier and Recommendations Regarding Use of Social Security Number).
3 5 U.S.C. § 552a.
4 Official ITS Rules, at http://www.itsgames.com/ITS/its_rules.htm.
5 Greidinger v. Davis, 988 F.2d 1344 (4th Cir. 1993).
6 Id.
7 Id.
8 Id.
9 Beacon Journal v. City of Akron, 70 Ohio St. 3d 605 (Ohio 1994).
10 Id.
11 Trans Union L.L.C. v. Fed. Trade Comm'n, No. 01-5202, 295 F.3d 42 (D.C. Cir. 2002), at http://pacer.cadc.uscourts.gov/common/opinions/200207/01-5202a.txt.
12 Id. In another recent case, the D.C. Circuit rejected a First Amendment challenge to the use of credit reports for marketing purposes. Trans Union v. FTC, 245 F.3d 809 (D.C. Cir. 2001), cert. denied, 536 U.S. 915 (2002).
13 Fraud Charges Jump in 2002 on Consumer Complaints, ID Thefts, Electronic Commerce & Law Report, Vol 8(4), Jan. 29, 2003, 88.
14 Identity Theft in Florida, Sixteenth Statewide Grand Jury Report, SC 01-1095, Supreme Court of Florida, Jan. 10, 2002, at http://www.idtheftcenter.org/attach/FL_idtheft_gj.pdf;see also Florida ID Theft Panel Backs More Safeguards for Government and Corporate Data, Privacy Times, Vol 22(3), Jan. 30, 2002, 3-4.
15 New York Authorities Say They've Cracked 'Massive' Identity Theft Ring, Four Indicted, Electronic Commerce & Law Report, Vol 7(31), Aug. 7, 2002, p. 794.
16 Huge ID-theft ring broken; 30,000 consumers at risk, Seattle Times, Nov. 26, 2002.
17 Patient Data, 500, 000 SSNs Stolen From DOD System, Privacy Times, Vol 23(1), Jan. 2, 2003, 2.
18 Margaret Zack, Eight charged with stealing patient IDs for credit cards, Star Tribune, Feb. 21, 2003, p. 1B.
19 A To-Don't List For the New Year, Hot to Fix Your Life in 2003, Wall Street Journal, Dec. 31, 2002.
20 Study forthcoming; results provided in email from Judith M. Collins, Ph.D., Associate Professor, Leadership and Management Program in Security School of Criminal Justice, Michigan State University to EPIC (Apr. 22, 2003, 18:13:35 EST) (on file with EPIC).
21 Ariz. Rev. Stat. § 15-1823.
22 N.Y. Educ. Code § 52-b.
23 § 42-72.5-2(6); § 16-38-5.1.
24 Wisc. Stat. Ann. § 118.169.
25 Kristen Gerencher, Social Security numbers up for grabs Companies, government lax in preventing identity theft, CBS MarketWatch, May 7, 2002, at http://cbs.marketwatch.com/news/story.asp?guid=%7B9A569387%2DE7FD%2D44AB%2D8F5F%2D112D25915DA5%7D&siteid=mktw
26 John Schwartz, Privacy vs. Security on Campus, The New York Times, Aug. 4, 2002, p. 3.
27 Univ. of Texas SSN, Privacy Times, Vol 23(6), Mar. 17, 2003, 11.
28 Terri Hardy, CSU computer flaw allows access to confidential data, The San Diego Union Tribune, Mar. 22, 2003, p. A-13.
29 Kristina Sauerweine, Youth Hacked Into Database, Los Angeles Times, May 21, 2003, p. 5.
30 See also Privacy and the Handling of Student Information in the Electronic Networked Environments of Colleges and Universities, EDUCAUSE White Paper, Apr. 1997, at http://www.educause.edu/ir/library/pdf/pub3102.pdf.
31 Carol Livingstone, Mike Corn & Lisa Huson, University of Illinois Social Security Number Policy Implementation, Jan. 10, 2001, at http://www.ssn.uillinois.edu/assets/applets/UIUC_SSN_Presentation_1_10_2002.pdf; Andrea L. Foster, U. of Illinois May Be a Model in Protecting Privacy, Chronicle of Higher Education, Aug. 2, 2002.
32 Testimony of David S. Miller, Director, Health System Services, UHC, on the Unique Patient Identification Number at the National Committee on Vital Health Statistics hearing in Chicago, Jul. 21, 1998, at http://www.cchconline.org/privacy/uhc.php3.
33 Marc Ferris, IBM asks providers to drop SSNs, New York Times, Feb. 23, 2003, p. 3.
34 A dubious privilege, Chicago Tribune, Feb. 23, 2003, p. 2.
35 Helen Remsburg, Admin of the Estate of Amy Boyer v. DocuSearch, Inc., et al 2002 U.S. Dist. LEXIS 7952, NH Supreme Court No. 2002-255, Feb. 18 2002; N.H. Supreme Court Backs Privacy for SSNs, Personal Data, Privacy Times, Vol 23(4), Feb. 18, 2003, 3-4.
36 Doe v. Chao, 306 F.3d 170 (4th Cir. 2002).
37 Schmitt v. City of Detroit, et al. 2003 U.S. Dist. LEXIS 10246, (E.D. Mich. 2003).
38 Privacy Act Permits Suits Over SSNs, but Not Against Cities, Privacy Times, Vol 23(13), Jul. 1, 2003, 6.
39 Christian Berthelsen, Extreme lobbying upsets Assembly, Lawmakers mad at response to killing privacy bill, San Francisco Chronicle, Jun. 19, 2003, at http://www.sfgate.com/cgi-bin/article.cgi?file=/c/a/2003/06/19/MN127207.DTL.
40 State won't defend law to shut down Web site that publishes police data, Seattle Times, Jun. 24, 2003, p. B3.
41 http://www.leginfo.ca.gov/cgi-bin/postquery?bill_number=sb_1386&sess=PREV&house=B&author=peace