SSI Strategic Accountability

Identity, the true problem with Social Security Numbers.

by Roy D. Follendore III

May 24, 2006

As a long time cryptographer and Professor of the field, I understand something about the problems of identity that reporters in news organizations fail to publicly recognize. There is an underlying root of reason why the recent theft of over 26 million veterans and spouse social security identifiers and birth dates has been so disturbing. It isn't just because the data that was take from the Veterans Administration should not have been taken home by an employee. It also isn't just because there was up to a two week delay in reporting the theft to the veterans who have served their country. The tragedy is that the sphere of anonymity of military service has been breached and veterans and their families are at personal risk. In a country as porous as America, the truth is that there could not be a better opportunity for the terrorists of Bin Laden or Iraqi insurgents to target individual soldiers.

I teach that within the general notion of information security, access always equals access, so that what this theft means is that even if the FBI gets the original drive that contains this data back from the thieves, officials can never really know if the data itself was copied and distributed. No matter how much officials play down the importance of this event we veterans must all now live with a higher degree of uncertainty in our lives. But the fact is that this situation is just the tip of the iceberg.

Our Federal and State Governments have and continue to remain negligent in the manner in which they have been internally handling our identity information. Because there is no true independent verification and validation of what governments actually do with our personal information and they are often not following their own regulations. Sensitive information like this should have been encrypted to protect Veterans from this kind of negligence and intrusion by Federal employees. It obviously wasn't and it won't be until independent means for the certification of the privacy of citizens has been achieved. At the moment we are no where near that capability.

Right now your hallway fire alarm has a 'break glass' protection that signifies when someone has unilaterally acquired access of a fire alarm system. Even that level of protection does not exist with respect to your identity information. With respect to human identity Government pretty much does what is expedient for Government, claiming in a cloak of secrecy that what they choose to do is always in the citizens best interest. This problem extends to the root of identification design.

Right now the basis of who we are as individuals within our nation is our Social Security Identifier. It allows us to obtain our certified birth certificate. It is used to specify who we are to the United States and State Governments so that we can pay our taxes. It is used to obtain our drivers licenses. Most Americans do not realize that there was once a time when it was not a big deal if strangers knew your social security number. The law that originated the original concept of the social security identifier number existed for a single purpose, to collect social security contributions. In spite of the original laws to the contrary, we have allowed the SSI system to be abducted and abused. The SSI is being abused for any number of other reasons besides the law and most of these reasons have to do with governmental expedience.

The Social Security Identifier or SSI was originally designed to be a public tool that uniquely represents the contributors to Social Security system. To put this in a different way, the Social Security Identifier was never designed for the purpose of creating a secret identification system. It was never intended to be a "secret code." Functionally the SSI is not even a proper design for identity. It does not and can not properly specify who we are as individuals. This is why it becomes so difficult and takes years to recover your identity when someone steals and uses your SSI. The structure of the SSI was designed to provide some information about such things as the broad geographic area where the card was issued but it does not carry enough definitive information to provide any explicit information about the user. It really does not validate the important range of the things that define who it is that we are suppose to be.

A proper identity number would also be able to represent a temporary pseudorandom association between the individual citizen and his or her relationship within the community. A part of a valid identity number would also be to securely associated with the SSI with temporary. This should be a cryptographic code that can be mathematically verified and validated on the spot, and this is something that can not be done with the SSI. An identity code would actually be a significant unique number that can not be easily remembered like the SSI and unlike the SSI it would be changed periodically. This makes common sense. Just as our face which our friends use to identify us changes over time, so should our identity number. This identity coding process would also be verified and validated each time that it is used or periodically changed. Those who would then use the identity code would also be verified and validated through their own identity code. Such an identity code would not be the base identity, but rather a cryptographically protected amalgamation of the totality of our changing identities over time. Our identity number should be changed just as the face is actually a complex amalgamation of physical and emotional attributes about who we are.

The legislative dilemma is that most informed Americans seem to feel that unless we citizens are provided with a stronger Constitutional basis to actively participate in, control and manage the protection of their identities, then we should not delegate the basis of who we are to any Government that uses, unverifiable, expedient, unregulated, secret and unaccountable internal transactions. I have personally found both in and out of government service that uncontrolable, unaccountable government secrecy always eventually fails us all, and it is therefore very important that we manage the boundaries of our identities. The reality is that problem for all of those millions of veterans and spouses, whose SSI identifiers have been stolen actually begins on the fringes of society. In this dark 'conservative' age, where verification of identity could become so potentially important in proving who 'true' citizens are so that they are not be silently shipped to a foreign country for potential interrogation under torture, I agree with that.

This situation that we find ourselves in today is that regardless of whether we individually approve of a national identification card, we actually already have one. It is just a bad one. The true problem that we must face is that this failure to reach a consensus on this fact is causing huge problems for the advancement of our society. This is a part of what is putting us all individually at risk. The fact is that the identification system that we are using has been failing us for some time. Identity theft is not just an individual's problem, it is a national emergency, a major problem for average Americans. As a free people we desperately need better ways to individually, openly and truly participate in the protection of who we are and who others believe we are.

.