The headline is not hyperbolic (although I truly wish it were.) Every day two branches of the U.S. government—the executive and the legislative—are needlessly putting our identities and financial lives at risk.
How? By mismanaging the way they handle our Social Security numbers.
As you know, a Social Security number (SSN from here on out) is like a skeleton key able to unlock a kingdom of untold riches for identity thieves. It is the central piece of data needed to hijack our credit, steal our health insurance, and generally wreak havoc in our lives.
And yet the government is remarkably careless in how it treats this precious piece of data.
Here are four examples
1. Medicare
Anyone with a Medicare card knows that their Social Security number is printed right on the damn thing. And any security expert will tell you that the failure to decouple the Social Security Number from the Medicare Identification Number is both dangerous and illogical.
It is nothing short of ironic that the government would needlessly jeopardize the financial security of the most vulnerable segment of our population through a program that was created to protect them.
“Displaying such information on Medicare cards unnecessarily places millions of individuals at-risk for identity theft,” a government investigator found in 2008.
Five years later, nothing has been done to solve the problem.
2. Tax Documents
The letter might as well come with a notice on the outside that says: “Attention identity thieves.” Every year in late January literally millions of people receive letters marked “Important Tax Information Enclosed” and inside is a statement of how much we earned in the previous year, coupled with our Social Security number.
Think that might be appealing to a crook?
3. The Military
In 2008, the Department of Defense ordered all branches of the military to stop using SSNs to identify soldiers and veterans. The process has been a considerable challenge and the mission is far from accomplished, partly because the practice was so ingrained in military culture. Across the U.S. and the globe, soldiers regularly used their SSNs to check out basketballs from on-base gyms and track their laundry.
The original deadline set by the DoD to remove Social Security numbers from new and renewed Military ID cards was the end of 2009.
It missed that one by a country mile, continuing the practice until June 2011. While SSNs no longer appear on the face of the card, the Department only started last year removing SSN embedded barcodes that are printed on the back of ID cards and is not yet done.
4. Children’s SSN
A child’s SSN is worth more to a thief than an adult’s because it can take years (perhaps even more than a decade) for the crime to be discovered. The lag time between crime and detection allows untold stealth damage to occur.
So What Is To Be Done?
The solutions are relatively simple, but they will require for the most part bipartisan support, so don’t hold your breath.
Medicare: The people who run Medicare argue that it costs too much to fix this problem, which on its face just sounds silly.
Congress could mandate the fix and various proposals have been floated, but it will require Democrats and Republicans working together. Feel free to insert your own joke here.
Military: I’m at a loss. If during the Battle of the Bulge, Patton’s 3rd Army could fight a battle, pivot and march a hundred miles, fight another battle (in the midst of a blizzard) and win both in just two short weeks, then removing bar codes from ID cards should be a walk in the park.
As long as SSNs are present in any form on any ID card, or are used for any military purpose, service members and their families are exposed to the dangers of identity theft, which is one more danger than they should have to worry about.
Fixing this happen should be as simple as a directive from the Department of Defense.
Taxes: President Obama has proposed allowing employers to strip SSNs from the W-2 forms they provide employees and the IRS, and having them replace them with an alternative unique identifying number for each employee.
The IRS has its own proposal, to replace the SSN with a “truncated taxpayer identification number,” which the rest of the world calls “the last four digits of your Social.”
The IRS proposal is arguably less effective, since so much information is out there already and so many algorithms exist to take partial numbers and combine them with other data about us.
The President’s plan for an entirely separate number may offer greater protection, but the reality is that unbridled partisanship puts its passage in doubt.
Children: A partial (albeit reactive) remedy is to make it easier for children to get new SSNs if their originals were compromised by identity thieves. The Social Security Administration is considering the change, and it’s about time. The agency’s vision is far too narrow, however. It proposes allowing Social Security number changes by children ages 13 and under. As the Federal Trade Commission pointed out, identity theft affects children ages 14 to 17 too, “and the repercussions are just as severe as when it occurs to a younger child.”
I understand that Republicans and Democrats are having problems working together these days. But these are relatively simple problems to fix and would make us all safer from identity thieves, not to mention saving billions of dollars drained from consumers and businesses each year.
Originally published on Forbes.com