Citation Edit

Federal Trade Commission, Security In Numbers: Social Security Numbers and Identity Theft: A Federal Trade Commission Report Providing Recommendations on Social Security Number Use in the Private Sector (Dec. 2008) (full-text).

Overview Edit

On December 17, 2008, the FTC issued this Report, which recommended five measures to help prevent Social Security numbers from being used for identity theft. Principal among the report's recommendations is that Congress consider taking action to strengthen the procedures that private-sector organizations use to authenticate their customers' identities.

The Report states that adopting nationwide standards for how businesses and other organizations verify the identity of new and existing customers would make it harder for identity thieves to use SSNs and other stolen information to consummate their fraud.

Currently, the only private-sector organizations subject to nationwide authentication standards are financial institutions regulated by the federal banking agencies. The Report recommends that Congress consider establishing similar standards to cover all private-sector entities that maintain consumer accounts. Such standards would require organizations to adopt reasonable procedures for authenticating customers, but also would allow them to adopt a program that is compatible with their size and the nature of their business.

The Report also recommends that steps be taken to reduce the unnecessary display and transmission of SSNs, but noted that such restrictions must be approached carefully. A number of important functions in the U.S. economy depend on use of and access to SSNs, and the report concluded that overly restrictive attempts to limit the availability of SSNs could unintentionally curtail those functions. Finally, the Report recommends steps to improve data security, increase outreach to consumers and businesses on the protection of SSNs, and enhance coordination and information-sharing among organizations that routinely use SSNs.