Antisocial Security

Once upon a time, before I became a self-loathing corporate fuck, I was a cashier. I was one of those extra-special cashiers, the up-and-comers, that was allowed to work at the prestigious customer service counter and put my shiny, young face forward to help the tireless patrons of the Consumer Product Goods industry find their way. It is, after all, a giant, scary maze of software-aided, skillfully planned marketing which often seems harmless until deep thought and logic is applied, drawing you to conclusions that make your head spin. All that complicated technological manipulation left aside, some primitive persons in our electronic culture still prefer to pay for goods obtained in such locales with a check. Yes! A check! Amazing, no?

Checks, being the easily forgeable and meddlesome little pieces of demonic paper that they are, have a great deal of risk involved in accepting them. Thus, the grocery store chain in question (we’ll refer to it affectionately as “Bonker’s Foods”) chose to gather an entire library of information about any poor fool who wished to use them.

My unformed teenage mind never thought much about collecting all of this information until one gentleman applying for a check cashing card refused to give me his Social Security Number, claiming it was illegal and a violation of privacy. He was half-right.

According to a February 1999 report from the United States General Accounting Office (GAO,) “federal laws now require that SSNs be used in the administration of some programs, including the federal personal income tax program, the Supplemental Security Income, Medicaid, Food Stamp, and Child Support Enforcement programs, and state commercial driver licensing programs.” However, the report also notes that “no federal law ... imposes broad restrictions on businesses' and state and local governments' use of SSNs when that use is unrelated to a specific federal requirement.”

I didn’t have the quote with me at that time, but the gentleman didn’t really have a choice if he wanted to write a check, because Bonker’s Foods used the SSN as a unique record identifier for our check cashing system. I have since had some rather scary college instructors who put the fear of God in me with their compelling arguments against using SSN’s as unique identifiers.

Every record in a database has what’s called a “primary key.” Databases use these keys to link information together. Primary keys are necessarily unique and required in a database, and are not allowed to be duplicated between records. You can duplicate a “LastName” field with many “Smiths,” but you can’t duplicate the identifier that distinguishes this particular Smith from another. For instance, if instructor John Q. Turdhead has a primary key in the “Instructors” table of 74, and teaches Section 31 of English Composition (course #ENC1101,) we can link him to the class not by name, but by number: ENC1101,31,47. That’s all the computer needs to know that Turdhead is the unique instructor of that section. We can also link the unique identifier for each student (usually the SSN) to that class by entering records in another table that joins Students and Courses: ENC1101,31,999999999. And now we know that student 999999999 is in that class. Through relational logic, we can also find out how many 19-year olds, hispanics, or people over 6’0” are in the class.

The SSN is the only number which uniquely links together every person in the United States, and is guaranteed to provide no duplication whatsoever (unless, of course, some government clerk makes a clerical error.) As such, it is ideal for use by credit agencies, banks, schools as primary keys, and if these institutions need to, they can share their databases of information quickly and accurately by simply entering your nine numbers.

Issues arise with the widespread proliferation of SSN use by the private sector, because more availability creates a greater chance of misuse. Stolen SSN’s can be used in crimes ranging from credit card fraud to illegal immigration. In a Virginia case in 1992, Greidinger v. Davis, an appellate judge stated, “Armed with one's SSN, an unscrupulous individual could obtain a person's welfare benefits or Social Security benefits, order new checks at a new address on that person's checking account, obtain credit cards, or even obtain that person's paycheck."

Lexis-Nexis, a well-established research firm, recently offered a service to its 740,000 subscribers called P-TRAK, touted as a new product that "puts 300 million names right at your fingertips … a quick, convenient search [that] provides up to three addresses, as well as aliases, maiden names, and Social Security numbers."

It becomes clear once again in American business that the right to privacy remains second in priority to the acquisition of wealth. As it doesn’t look as though major reform of the laws governing SSN’s is on the horizon, you absolutely must take strides to divulge as little personal information as you possibly can to those who ask for it. For strategies about preserving your privacy in a number of different ways beyond just the SSN, I urge all cautious souls to look at the Electronic Privacy Information Center at http://www.epic.org/

Until then, good luck, and let’s just keep our fingers crossed that this SSN is not our undoing. Recently, however, I am increasingly of the opinion that everything is our undoing. But let’s just take it one subject at a time.




	<< Back to Main Page December 2000 Antisocial Security Antisocial Security Once upon a time, before I became a self-loathing corporate fuck, I was a cashier. I was one of those extra-special cashiers, the up-and-comers, that was allowed to work at the prestigious customer service counter and put my shiny, young face forward to help the tireless patrons of the Consumer Product Goods industry find their way. It is, after all, a giant, scary maze of software-aided, skillfully planned marketing which often seems harmless until deep thought and logic is applied, drawing you to conclusions that make your head spin. All that complicated technological manipulation left aside, some primitive persons in our electronic culture still prefer to pay for goods obtained in such locales with a check. Yes! A check! Amazing, no? Checks, being the easily forgeable and meddlesome little pieces of demonic paper that they are, have a great deal of risk involved in accepting them. Thus, the grocery store chain in question (we’ll refer to it affectionately as “Bonker’s Foods”) chose to gather an entire library of information about any poor fool who wished to use them. My unformed teenage mind never thought much about collecting all of this information until one gentleman applying for a check cashing card refused to give me his Social Security Number, claiming it was illegal and a violation of privacy. He was half-right. According to a February 1999 report from the United States General Accounting Office (GAO,) “federal laws now require that SSNs be used in the administration of some programs, including the federal personal income tax program, the Supplemental Security Income, Medicaid, Food Stamp, and Child Support Enforcement programs, and state commercial driver licensing programs.” However, the report also notes that “no federal law ... imposes broad restrictions on businesses' and state and local governments' use of SSNs when that use is unrelated to a specific federal requirement.” I didn’t have the quote with me at that time, but the gentleman didn’t really have a choice if he wanted to write a check, because Bonker’s Foods used the SSN as a unique record identifier for our check cashing system. I have since had some rather scary college instructors who put the fear of God in me with their compelling arguments against using SSN’s as unique identifiers. Every record in a database has what’s called a “primary key.” Databases use these keys to link information together. Primary keys are necessarily unique and required in a database, and are not allowed to be duplicated between records. You can duplicate a “LastName” field with many “Smiths,” but you can’t duplicate the identifier that distinguishes this particular Smith from another. For instance, if instructor John Q. Turdhead has a primary key in the “Instructors” table of 74, and teaches Section 31 of English Composition (course #ENC1101,) we can link him to the class not by name, but by number: ENC1101,31,47. That’s all the computer needs to know that Turdhead is the unique instructor of that section. We can also link the unique identifier for each student (usually the SSN) to that class by entering records in another table that joins Students and Courses: ENC1101,31,999999999. And now we know that student 999999999 is in that class. Through relational logic, we can also find out how many 19-year olds, hispanics, or people over 6’0” are in the class. The SSN is the only number which uniquely links together every person in the United States, and is guaranteed to provide no duplication whatsoever (unless, of course, some government clerk makes a clerical error.) As such, it is ideal for use by credit agencies, banks, schools as primary keys, and if these institutions need to, they can share their databases of information quickly and accurately by simply entering your nine numbers. Issues arise with the widespread proliferation of SSN use by the private sector, because more availability creates a greater chance of misuse. Stolen SSN’s can be used in crimes ranging from credit card fraud to illegal immigration. In a Virginia case in 1992, Greidinger v. Davis, an appellate judge stated, “Armed with one's SSN, an unscrupulous individual could obtain a person's welfare benefits or Social Security benefits, order new checks at a new address on that person's checking account, obtain credit cards, or even obtain that person's paycheck." Lexis-Nexis, a well-established research firm, recently offered a service to its 740,000 subscribers called P-TRAK, touted as a new product that "puts 300 million names right at your fingertips … a quick, convenient search [that] provides up to three addresses, as well as aliases, maiden names, and Social Security numbers." It becomes clear once again in American business that the right to privacy remains second in priority to the acquisition of wealth. As it doesn’t look as though major reform of the laws governing SSN’s is on the horizon, you absolutely must take strides to divulge as little personal information as you possibly can to those who ask for it. For strategies about preserving your privacy in a number of different ways beyond just the SSN, I urge all cautious souls to look at the Electronic Privacy Information Center at http://www.epic.org/ Until then, good luck, and let’s just keep our fingers crossed that this SSN is not our undoing. Recently, however, I am increasingly of the opinion that everything is our undoing. But let’s just take it one subject at a time. << Back to Main Page