"FTC Issues Report on Social Security Numbers and Identity Theft

Agency Makes Five Recommendations to Reduce Role of SSNs in Identity Theft

The Federal Trade Commission issued a report today recommending five measures to help prevent Social Security numbers from being used for identity theft. Principal among the report's recommendations is that Congress consider taking action to strengthen the procedures that private-sector organizations use to authenticate their customers' identities.

"Identity theft continues to be a major problem in this country, with victims numbering in the millions each year and out-of-pocket losses (primarily to businesses) in the billions of dollars," the report states.

The FTC report states that adopting nationwide standards for how businesses and other organizations verify the identity of new and existing customers would make it harder for identity thieves to use SSNs and other stolen information to consummate their fraud.

"The first step in minimizing the role of SSNs in identity theft is to limit the demand for SSNs by making it more difficult for thieves to use them to open new accounts, access existing accounts, or obtain other benefits or services," the FTC states in the report. Currently, the only private-sector organizations subject to nationwide authentication standards are financial institutions regulated by the federal banking agencies. The FTC's report recommends that Congress consider establishing similar standards to cover all private-sector entities that maintain consumer accounts. Such standards would require organizations to adopt reasonable procedures for authenticating customers, but also would allow them to adopt a program that is compatible with their size and the nature of their business, the report states.

The FTC report also recommends that steps be taken to reduce the unnecessary display and transmission of SSNs, but noted that such restrictions must be approached carefully. A number of important functions in the U.S. economy depend on use of and access to SSNs, and the report concluded that overly restrictive attempts to limit the availability of SSNs could unintentionally curtail those functions. Finally, the report recommends steps to improve data security, increase outreach to consumers and businesses on the protection of SSNs, and enhance coordination and information-sharing among organizations that routinely use SSNs.

The Commission vote to issue the report was 4-0. The report was developed pursuant to a recommendation of the President's Identity Theft Task Force, which was established in May 2006 to develop a coordinated plan to prevent identity theft, prosecute identity thieves, and help victims recover from the crime.

The report is based on extensive fact-finding by the FTC and other federal agencies, including public comments and a workshop the FTC conducted on December 10-11, 2007. The workshop provided a forum for public-sector, private-sector, and consumer representatives to discuss the various uses of SSNs by the private sector, the necessity of those uses, alternatives available, the challenges faced by the private sector in moving away from using SSNs, and how SSNs are obtained and used by identity thieves.

The report issued by the FTC today focuses on the use of SSNs in the private sector. The Task Force agencies have undertaken a series of measures to curtail the use of SSNs by federal agencies as well. Information on those efforts can be found in the President's Identity Theft Task Force Report, http://www.idtheft.gov/reports/IDTReport2008.pdf, issued in September 2008, which summarizes the steps taken to implement the Task Force recommendations.

The Federal Trade Commission works for consumers to prevent fraudulent, deceptive, and unfair business practices and to provide information to help spot, stop, and avoid them. To file a complaint in English or Spanish, visit the FTC's online Complaint Assistant or call 1-877-FTC-HELP (1-877-382-4357). The FTC enters complaints into Consumer Sentinel, a secure, online database available to more than 1,500 civil and criminal law enforcement agencies in the U.S. and abroad. The FTC's Web site provides free information on a variety of consumer topics."