ark@rabbit.UUCP (Andrew Koenig) (05/02/84)
When we applied for a mortgage for the house we recently bought, we tried not putting our social security numbers on the application. Result? Two days later we got a call from the bank saying that they had to have our social security numbers because the credit bureau they use is keyed on SSN, and that if we didn't want to give it to them we could go elsewhere for a mortgage. I am convinced that what they did is illegal, but I don't see anything that I can possibly do about it.
fish@ihu1g.UUCP (Bob Fishell) (05/03/84)
(oo)
It's a losing battle. You don't have a name, you've got a SSN,
despite what it says on your SS card.
Last year, my bank informed me that I'd have to provide them with
my SSN lest they start withholding interest tax on my savings account.
OK, that's for tax purposes, but it does prove a point: you can't
get by without divulging it. My Blue Cross is also tied to my SSN,
and that doesn't have anything to do with taxes.
--
Bob Fishell
ihnp4!ihu1g!fishrtf@ihuxw.UUCP (sparrow) (05/03/84)
<blank line> At the risk of asking a stupid question here goes: Why is everyone so reluctant to provide their SSN on applications for credit cards, mortgages, savings accounts etc.? I recall one person saying something about invasion of privacy. I don't see how this is the case. Would someone please explain this controversial subject? sparrow
sdo@u1100a.UUCP (Scott Orshan) (05/03/84)
I don't see why people object to having a personal, unique identifier.
First of all, everybody says "I don't want to tell them MY SSN."
Remember - you weren't born with it - you asked the government to
give it to you. You already have a fairly unique identifier -
NAME-BIRTHDAY-BIRTHTIME probably won't have many conflicts.
As programmers, you all realize how much easier it is to key off
a number rather than the above aggregate.
Now, I'm not stupid. I realize what the complaining is about.
You're worried that if many databases use the same key, their
information can be combined, and provide someone with access
to far more information than is necessary. Do you all think
that there is a "Big Sister" somewhere who writes all the software
in the country and types everyone's names into databases?
No, people. It is YOU who are the software developers.
You are the ones who get asked to write a program combining
databases. If you think it is unethical, complain about it,
and quit if necessary. If you write a database access system,
put controls on it. Someone's going to try to match the
keys anyway, and combine databases. This usually leads to
problems. It might as well be done right. Let's just
control who does it. Don't say - "But the government does it"
as if the government were a big box. There are people on
this net who work for the government - THEY are this government
that everyone complains about. They may even read this stuff.
I see many advantages to having unique identifiers. For one
thing, we are unique people. I don't mind if everyone I deal
with knows I am me. It would solve a lot of problems.
How many times do you get duplicate mailings because you're
on a mailing list twice with your name spelled differently.
There are people who deliberately do this to determine where
their junk mail came from.
Look how much money cities save by matching their payroll
lists against their welfare lists. The Federal Govt. is
matching its employee lists against the lists of people
who haven't paid their federal school loans. I don't
see this as a bad thing.
Let's not try to hide who we are. Let's try to control the
information collected about us.
Scott Orshan
Bell Communications Research
201-981-3064
{ihnp4,allegra,pyuxww}!u1100a!sdoward@hao.UUCP (05/04/84)
[] > Do you all think > that there is a "Big Sister" somewhere who writes all the software > in the country and types everyone's names into databases? > No, people. It is YOU who are the software developers. > You are the ones who get asked to write a program combining > databases. If you think it is unethical, complain about it, > and quit if necessary. If you write a database access system, > put controls on it. This is like saying: it's YOU who build bombs - if you don't want bombs built, just don't build them, or make them so they won't hurt anyone. Well, whether I want them built or not, and whether I want intrusive databases built or not, they are going to get built. ANd there's nothing I (or you) can do about it. Lets face it: the few laws that are enacted to protect us are ignored. The folks running the many levels of government know who they are working for. And it ain't me. -- Michael Ward, NCAR/SCD UUCP: {hplabs,nbires,brl-bmd,seismo,menlo70,stcvax}!hao!ward BELL: 303-497-1252 USPS: POB 3000, Boulder, CO 80307
rcb@fortune.UUCP (Robert Binstock) (05/04/84)
Thank you, Scott Orshan! You make an enormous amount of sense. A breath of fresh air! Anyone who skipped his posting, please read it! Bob Binstock
sdo@u1100a.UUCP (Scott Orshan) (05/04/84)
"Thank you ..."
And, thank you, Robert Binstock for your thanks.
Just to add a refreshing note to my previous article about the
fear of personal information being passed around freely -
After I went home, I read this in last Sunday's N.Y. Times:
Title: "F.B.I. Shelves Plan to Expand Its Computer Files"
"The Federal Bureau of Investigation has shelved a proposal
that would have expanded its national computerized files to
include information about people who are considered suspicious
but not wanted for crimes.
...
Kier T. Boyd, a senior official in the F.B.I.'s technical
services division, said in a recent interview that the bureau
hoped to sign a contract by the end of September to carry out
the study [of the National Crime Information Center, and which
services it should be providing in the year 2000] and that
he expected it would require 18 months to two years to complete.
"We want to take a look at the social and privacy impacts of
the N.C.I.C.," Mr. Boyd said.
The study will also examine the adequacy of the system's
security arrangements and the complex question of how it can
guarantee the accuracy of the information it transmits.
...
... While William H. Webster, Director of the Bureau, has not
said publicly whether he wants the project to go forward, he
has indicated that he has serious reservations about it.
[ "it" is the original shelved proposal, not the NCIC study ]
In testimony before the Senate Judiciary Subcommittee on
Security and Terrorism on March 14, for example, Mr. Webster
said he did not believe "that the mere capability is a
justification in itself for putting names and facts into a
massive computer file.""
Seeing that made me happy
Scott Orshan
Bell Communications Research
{ihnp4,allegra,pyuxww}!u1100a!sdorpw3@fortune.UUCP (05/05/84)
#R:rabbit:-276900:fortune:39400010:000:2196
fortune!rpw3 May 4 21:27:00 1984
Unfortunately, Scott, SSN's fail miserably at being GOOD personal
identification numbers (PINs), even though they are a de-facto PIN
in many places. (E.g., my employer uses them for I.D badge numbers.)
1. They are NOT unique. They are "nearly" unique, but being a little
non-unique is like being a little pregnant. I have talked to people
who have discovered they "share" an SSN with someone else. (The names
and addresses and all the other disambiguation material was different
enough that the credit people never gave them any trouble, but see
below.) Certain social groups (such as migrant workers) have higher
rates of non-uniqueness than others. Shall we make the SSN yet another
tool of repression?
2. The SSN has NO (repeat, NO) error-checking. There are NO check digits.
There is NO way to tell if a given number is real or imaginary, without
going to the local office of the SSA where the number supposedly was
originally handed out (if said office still exists). If some one "guesses"
your number (or randomly invents one), tough. (Even telephone cards are
better than this!) I met a guy on a plane a couple of years back who was
having lots of trouble with the IRS because someone had invented an SSN
(to "report" some lucrative consulting income) that just happened to be the
same as his. They never caught the other guy, but the 1099's eventually
stopped showing up at the IRS, so they quit hassling the person they could
find (after several years), since he wasn't moonlighting.
3. Everybody doesn't have one. Unless you are employed (what about the ill?)
(... the non-working spouse?) (... the under-aged child?) or have interest
or investment income (what about the poor?) you may never get one.
4. Some people have more than one. They lose them, or "lose" them, or forget
them, or just don't care. It's easy to get another one. Why bother? ;-}
Enough. If the U.S. wants to go down the PIN route, it should at least pick
a decent number.
Rob Warnock
UUCP: {ihnp4,ucbvax!amd70,hpda,harpo,sri-unix,allegra}!fortune!rpw3
DDD: (415)595-8444
USPS: Fortune Systems Corp, 101 Twin Dolphin Drive, Redwood City, CA 94065dave@utcsrgv.UUCP (Dave Sherman) (05/07/84)
Just to contrast what Rob Warnock said about SSNs, the Canadian SIN
(social insurance number) does have a check digit. The last number
is constructed through an unbelievable algorithm which I saw published
in a magazine article years ago. (Then again, with 1/10 the population
and the same (9) number of digits, I guess we can afford a check digit...)
Anyone out there know the algorith for the SIN check digit?
Dave Sherman
Toronto
--
dave at Toronto (CSnet)
{allegra,cornell,decvax,ihnp4,linus,utzoo}!utcsrgv!davecrs@lanl-a.UUCP (05/07/84)
For a description of what a "nice job" certain government agencies do in the area of looking out for the best interests of the public, read "The Cult of the Atom" by Daniel Ford. Charlie