Saturday, September 06, 2008

Want Most of Sarah Palins SS #? It's on the Internet!

The recent sale of Iowan's confidential information (see last posting) raises serious questions about the commodification ( also called commercialization) of America's personal data. We addressed this problem in two books and in all of our talks and training seminars. WE HAVE A SEROUS PROBLEM because you are for sale! (Well all the confidential data about you anyway). Here is the latest proof that things are out of control.

Posted: Friday, September 5 at 05:00 am CT by Bob Sullivan

Part of vice presidential candidate and Alaska Gov. Sarah Palin's Social Security number apparently was published on the Web earlier this week, stirring up privacy concerns. The data – labeled as the first five digits of the candidate’s SSN – is widely available from background services like ChoicePoint or LexisNexis. In fact, such partial SSNs routinely appear on reports anyone could obtain on their neighbor or their nanny.

A report of the Palin SSN leak Tuesday on the Web site evoked memories of a scandal in 2006 that erupted after Democratic staffers obtained Republican Senate candidate Michael Steele’s credit report. But the incident involving Palin bears few similarities.

The first five digits of Palin's SSN appeared in a document posted on Politico, which described the paper as an "opposition document" compiled in 2006 on behalf of Tony Knowles, her Democratic opponent in Alaska's gubernatorial race that year.

The highly detailed 63-page document contains mostly newspaper clippings designed to call attention to Palin's positions on controversial topics like abortion. But in a section marked "Palin Background," a chart containing Palin's name, birthday and part of her SSN appeared. Various previous addresses also were listed. Palin’s campaign could not be reached to confirm the accuracy of the information.

Politico has since obscured all nine digits of Palin's Social Security number.

The site did not identify the source of the document, except to state in an accompanying story that it was not obtained from the Obama campaign. It did not immediately respond to inquiries from about the document.

Publication of the first five digits of Palin’s Social Security number does put Palin at a modest risk for identity theft, though someone would still have to guess the other four digits. (PS from Steffen Schmidt: This is the biggest understatement I have ever seen in my life! There is software that can very quickly "guess" those last 4 numbers. Moreover, most credit card, cell phone, sattelite or cable and other contract actually use the last 4 digits to verify that you are a customer so anyone at any of these companies will know your last 4 numbers to verify!)

But those five digits would be easy for anyone to obtain. Services like ChoicePoint and LexisNexis provide partial Social Security numbers to customers who order background reports. ChoicePoint's policy, for example, is to obscure only the last four digits of SSNs, said company spokesman Chuck Jones.

Taken together with Palin's past addresses, that portion of the opposition document appears to be lifted directly from a commercially available background report.

The document also lists other personal information, such as the size of Palin's mortgages and the vehicle identification numbers for all 26 cars the Palin family has registered since 1994.

There's nothing illegal about obtaining such reports. Many companies use them to "background" potential employees, and journalists regularly use them as reporting tools.

That doesn't mean it's a good idea to sell any part of someone's personal information, but that's a debate that ranges well beyond this campaign.

Since many companies use the last four digits of a Social Security number as a password, revealing the first five SSN digits is generally considered less risky. In fact, the first three can be guessed with relative ease, as they are based on geographical birthplace.

Release of Palin's partial SSN reminded some observers of the Steele credit report incident. In 2005, two members of New York’s Democratic Sen. Charles Schumer staff obtained a credit report for Steele, who was then Maryland’s lieutenant governor. Steele at the time was considered a likely GOP candidate for U.S. Senate in Maryland, and Schumer led the Democrats' effort to win a majority in the Senate. Steele eventually ran in 2006 and lost.

Obtaining a credit report without someone's permission is a violation of the Fair Credit Reporting Act. The staffers were fired.

We have written about this in both of our ID Theft books. Too little hard action by Congress and law enforcement!

The Palin background document and its partial SSN, while to some unsavory, should not be compared with the theft of a political opponent's credit report. But it is another opportunity to consider the uncomfortable ease with which people's personal information can be obtained without their permission, and the need to regulate the databases that track us.

Rob Douglas, who runs, said Congress has shirked its duties to reign in the collection and sale of personal information. As a result, criminals wouldn't have too much trouble getting the rest of Palin's SSN, he said.

"Social Security numbers are floating around all over the place. And for 10 years Congress has been dinking around on Capitol Hill, discussing what to do about it," he said.

Labels: , , , , , ,


Post a Comment

<< Home

  • All Material is Copyright © 2009 Michael McCoy and SEAS, L.L.C
  • Deter. Detect. Defend. Avoid ID Theft -