Website Posts Partial SSNs of Politicians in Protest 257
John3 writes "The Foundation for Taxpayer & Consumer Rights has posted partial Social Security numbers for several California politicians to protest their vote against pending privacy legislation. According to a San Francisco Chronicle story, the SSNs were purchased on the Internet for $26." Now there's an effective way of showing the problems of the status quo.
Change their minds? (Score:5, Insightful)
Re:Change their minds? (Score:3, Insightful)
It might make politians think twice next time.
Re:Change their minds? (Score:5, Funny)
It would be nice if they'd think once.
Jason
ProfQuotes [profquotes.com]
Oh, but they do. (Score:3, Insightful)
And, no, it is not funny...
Re:Change their minds? (Score:4, Informative)
Actually it was done after the bill was killed. If the bill had passed, what they posted may have been illegal, as it stands they were showing the politicians what exactly they could have prevented.
Re:Change their minds? (Score:5, Informative)
Why only partial? (Score:5, Insightful)
Re:Why only partial? (Score:5, Insightful)
Re:Why only partial? (Score:3, Interesting)
Re:Why only partial? (Score:4, Funny)
John
Re:Why only partial? (Score:2, Interesting)
Re:Why only partial? (Score:2)
John
Re:Why only partial? (Score:4, Informative)
I know this seems like a very picky example, but I'm sure stuff like this actually happens.
Re:Why only partial? (Score:2)
No, absolutely not. The last 4 digits of a social security number is not a secure password. Any financial institution which uses it as such does so at their own risk.
There are way too many people who know my SSN for it to be used as a secure password. Hollywood Video and my physics professor are two examples. As for the last 4 digits of my SSN, let's put it this way. My email address is dipi6457 at rowan.edu.
Re:Why only partial? (Score:5, Insightful)
Incorrect, they do it at YOUR risk.
Re:Why only partial? (Score:2)
Re:Why only partial? (Score:2)
After identify theft, many people have a very hard time getting credit (long delays, etc).
After identity theft people have to verify their identity using something other than their SSN. That usually is as simple as visiting a notary public and/or having something sent to your physical address. Yes, it takes longer. But the only solution to this would be to make it take longer for everyone, regardless of whether or not they had their identity stolen!
Maybe you can buy a house without credit, or are ho
Why is SSN such a big deal? (Score:5, Interesting)
Not that you'd necessarily want people to be able to find out and disclose your number whenever they felt like it - there are still privacy considerations even with 'useless' information - but if disclosing the number exposes you to fraud then the fault is with the systems that rely on SSN to authenticate (rather than identify) an individual.
Every cheque you write has your bank account number on it. Disclosing the number doesn't automatically expose you fraud (unless you also supply headed notepaper and do other stupid things). If the banks can do it, why not social security?
Re:Why is SSN such a big deal? (Score:2)
I don't see the difference between what you're saying and what I'm saying.
Every cheque you write has your bank account number on it. Disclosing the number doesn't automatically expose you fraud (unless you also supply headed notepaper and do other stupid things).
Umm, have you ever heard of ACH? The number on the bottom of your check is just as dangerous as your social security number. Dangerous to the banks, that is. Unless you're doing something negligent, you're not responsible.
If the banks can d
Re:Why is SSN such a big deal? (Score:2)
Re:Why only partial? (Score:2)
I also agree that way to many people know my SSN, but that's because lot's of institutions require you to put it on every god dam
Re:Why only partial? (Score:2, Interesting)
Re:Why only partial? (Score:2)
Re:Why only partial? (Score:2)
Post whole -> What is the remaining incentive to change anything?
Tor
Re:Why only partial? (Score:4, Interesting)
Having known people who work for the SSA, I've heard stories of having to deal with processing a legitimate information request for a major figure, such as an actor or member of Congress, and having to explain every aspect of the actions taken the next day, because any processing of data using a flagged number triggers an internal review.
If you try and use that SSN for anything, you'll very quickly be getting a visit from some individuals with their sense of humor surgically removed, and you'll very likely not be seen for a while.
Re:Why only partial? (Score:3, Insightful)
Re:Why only partial? (Score:3, Interesting)
I think that if I were Bill Gates, I'd be justifiably more concerned about the potential of abuse of my SSA data than I personally am. I certainly am concerned about it, but I'm not subject to the same ki
Re:So does that mean (Score:5, Funny)
2. Slam face into tree repeatedly until looking like Gates
3. Buy stupid glasses
4. Identity theft
5. Profit!
Re:So does that mean (Score:3, Funny)
i say... (Score:4, Insightful)
Glorious (Score:4, Insightful)
Heheh... what a great poke-in-the-eye to the legislators, and a great demonstration of what the issue was really about.
No full SSN's were given out, so no harm was really done here... just some angry lawmakers... Let's hope they have the introspection to learn from this jab.
Bravo.
Re:Glorious (Score:5, Interesting)
The problem is that civil servants (such as these politicians) often believe that they are our superiors. So most of them are incapable of realizing that privacy laws are for everyone. Instead they will look at creating a law or applying an existing law in such a way as to protect just themselves. That was exactly the reaction of the civil servants involved in the garbage search incident in Oregon.
Government above the law (Score:2)
Their feeling seems to be that one we elect them they have no responsibility to the people that elected them -- just to the lobbyists that continue to pay them.
Remember Orrin Hatch only cares about his buddies in the music industry.
Trading Card (Score:5, Insightful)
I love it when political groups pull off silly stunts to make a point. Politics grows more and more entertaining and less helpful everyday.
Re:Trading Card (Score:2)
Transparency vs secrecy (Score:5, Insightful)
Both are impossible (Score:2)
The answer is, as always, in the middle.
Re:Transparency vs secrecy (Score:4, Insightful)
A transparent government is necessary for the people to control it. How else do we evaluate how our "employees" are doing?
The privacy of individuals is critical to dissent.
It does not have to be the same.
It's sad that people are throwing away their freedoms.
Valid Point, but.. (Score:4, Insightful)
John
Re:Valid Point, but.. (Score:5, Insightful)
I respectfully disagree. This is a perfectly valid way to express dissatisfaction with the decision of these lawmakers.
"Really assemblyman? This privacy measure isn't needed? Will your position be the same when it's YOUR information instead of ours?"
I agree 100% with these guys.
Re:Valid Point, but.. (Score:3, Interesting)
Had they asked nicely before the vote (which I assume they did, they are lobbyists after all) they would have been ignored. If they had released this information they would have been accused of attemption to extort the assemblymen.
You don't persuade a bu
Re:Valid Point, but.. (Score:2)
What do you mean? Something like elected representative to the State Assembly?
Why petty? When you aren't big or rich enough, the Net may be a good way to get one's attention -- assuming your are /.ted or better yet locally publicised, like getting a reference at the regional and local news channels and papers.
Re:Valid Point, but.. (Score:3, Insightful)
They assembly people are elected and sworn to uphold the public good.
They failed to do so.
The entire point of a representative democrocy is that the whole of the population need not be routinely engaged in governmental matters. Your assumption suggests we do, in fact, need to because our "representatives" will not act appropriately (or with even slight common sense) otherwise.
Again, they failed in doing their jobs.
I see NO point why they shouldn't pay the price for the igno
Whoop deedoo (Score:5, Insightful)
Re:Whoop deedoo (Score:2)
Re:Whoop deedoo (Score:5, Interesting)
Re:Whoop deedoo (Score:2)
I'm almost positive my Driver's License doesn't have my SSN tied to it. In fact I would presume that to be illegal. The SSN is supposed to be used only for social security. Granted, private industry has abused this and tied to all sorts of things for conveinence, but when the -STATE- government starts demanding it for licensing purposes I'll get worried.
I honestly can't rember if I had to give my SSN when I got my driver's license. I'm almost positive that I've nev
Re:Whoop deedoo (Score:2)
Re:Whoop deedoo (Score:2)
SB1386 tie in (Score:5, Interesting)
What I find amusing about this situation is that these are the same leglislators (scuse the spelling) that unanimously voted for SB1386 [strongauth.com] when their bank/credit info was compromised, yet don't want to take that last step now to protect everyone's privacy.
The more time I spend in CA the more I realize our state legislators are like ill trained puppies: They're cute to look at, but occassionally you need to whack them with a magazine to keep them from crapping on the carpet.
-E2Re:SB1386 tie in (Score:5, Informative)
Under SB 1386 (which goes into effect on July 1), any entity covered by the law has a duty to notify California residents âoein the most expedient time possible and without unreasonable delayâ when it is known, or reasonably believed, that âoepersonal informationâ stored on the entityâ(TM)s computer systems has been disclosed to unauthorized persons as a result of a security breach. An entity is only exempt from the notification requirement when: (a) the âoepersonal informationâ disclosed was already publicly available through the federal, state, or local governments; (b) the âoepersonal informationâ was stored in an encrypted form; or (c) the unauthorized person would be unable to link the California residentâ(TM)s name with other sensitive data (e.g., Social Security number, credit card number, etc.). Entities that fail to comply with SB 1386 can be sued by individuals whose personal information was disclosed for damages suffered due to the disclosure (i.e., damages resulting from identity theft).
But, SB 1386 does not cover information legitimately sold, such as the SSN information acquired by the lobbying group. (I'm assuming that they weren't receiving stolen information.)
John
Re:With A Magazine? (Score:2)
can anyone... (Score:2)
Re:can anyone... (Score:2)
Re:can anyone... (Score:5, Insightful)
Which of course, is a stupid thing to do, since the SS# is NOT GUARANTEED TO BE UNIQUE. In other words, the financial industry would rather pay millions to hire lobbyists and lawyers, than pay the millions to fix lazy programming and procedures, UNLESS threated with dire legal consequences (for example, Y2K liabilities.)
Not to mention they all sell your personal info, trade it amongst themselves, and view any legislation that would crimp that practice as a threat to one of their core businesses. Mind you, this industry really only exists in the US - this country is one of the few places in the world where you can open a bank account and apply for a credit card/loan without ever showing your face in person.
This is the same kind of thinking that lets credit fraud happen - they rather just change your card number and cover the charge (shafting the merchant who got defrauded in the process) than actually tracking down the bastard who stole your card/identity. As far as the banks are concerned, it's a cost of doing business. The banks/credit bureaus are not interested in prosecuting the criminals who steal identities because it doesn't hurt them the slightest bit - they pass all the costs to the merchants. And if you get screwed in the process? Well too bad for you.
Now, why is it that medical data is now better protected than your other personal info? We need a version of HIPPA(sp?) for the financial industry, TODAY.
Reminds me of that time.... (Score:2, Interesting)
That didnt end up well for the officials then, sort of a double standard.
SSN Hacking (Score:4, Informative)
Not exactly... (Score:2)
Re:SSN Hacking (Score:2)
I think that info is faulty
Re:SSN Hacking (Score:2, Informative)
Depends on when you were assigned your card:
"Prior to 1972, cards were issued in local Social Security offices around the country, and the area number represented the state in which the card was issued. Since 1972, when the SSA began assigning numbers and issuing cards centrally from Baltimore, the area number is assigned based on the zip code in the mailing address provid
Still don't get it. (Score:2, Insightful)
The tactics do not show how out of control lobbying is a bad thing (even if it is), they show that those in dissent don't have a clue about what information they are allowing to be broadcast.
I just finished my dinner, so this must be "just desserts!"
"vote our conscience" hahahaha (Score:5, Insightful)
"We should be free to vote our conscience and not be threatened or harassed if we choose to vote contrary to people who are lobbying for special legislation," said Assemblyman Ed Chavez, D-La Puente, one of the lawmakers whose partial number was published.
What a crock. I wonder how much money he takes from special interest and lobby groups that pay him to "vote his conscience."
Politicians = soul merchants
Re:"vote our conscience" hahahaha (Score:2)
Re:"vote our conscience" hahahaha (Score:2, Insightful)
politicians should stop complaining (Score:4, Insightful)
If you dont like having your SSN number spread around the internet then perhaps you should pass legislation to protect everyone (of course instead will end up with legislation that only protects politions and those who have a lot more than $26 to line there pockets).
Release more than just the first 4 numbers. (Score:4, Insightful)
All that can be deduced from that info is an approximate region of birth and possibly age.
Perhaps these guys should release one extra number per week until they get the privacy laws corrected.
LK
Re:Release more than just the first 4 numbers. (Score:2)
A better combination might have been the first two digits of the first three, one of the digits of the middle two, and two of the digits of the last four. (with placement)
That combination will not uniquely identify anyone any more than the first five digits would, but would be enough that the holder would bereasonably sure it was his or her own number.
So if my number were 123-45-6789, disclosing 12
I found Kevin Mitnik's SSN (Score:4, Funny)
xxx-xx-1337
And of course, Bill Gates (again, only partially)
666-xx-xxxx
SS doesn't always mean your birth location ... (Score:2, Informative)
You are correct (Score:3, Informative)
the worst number ever (Score:2)
first we are given a number rather than our names, like dogs with tags
then we are tracked, and can't make a buck without it
then it is easy to forge, and everybody misuses it
then it's required for all sorts of services it should have nothing to do with - like why the hell do I need one to get medical insurance
and finally, worst of all, it is attached to one of the largest, most fraudlent ponzi, pyramid, investment aleged retirement schemes in the history of human existence.
we would really do better gett
Re:the worst number ever (Score:2)
Ask your parents, I bet they chose your name before getting your SSN. As for dog tags, they usually bear doggy's name on it.
then it's required for all sorts of services it should have nothing to do with - like why the hell do I need one to get medical insurance
Thank your fellow countrymen for lobbying against a national ID card : after all, don't you use your driver's license to write checks too ? Driving cars and writing checks don
Only the first 3 digits (Score:3, Insightful)
That way they'd have a pretty good idea that you have the info.
Semi O/T Rant... (Score:4, Interesting)
A SSN is a number granted to an individual by the government for the purposes of identifying that person to the government. It shouldn't be a means of identifying someone to a credit card company, bank or other institution (my university used SSN as our student ID numbers). If one of these institutions wants to identify me by a number, they can assign me their own damn number.
What we need is legislation preventing private institutions from assigning extra significance to any government issued piece of identification. Just because SSN is a handy primary key for their db tables doesn't mean that they should be allowed to use it.
</rant>
Re:Semi O/T Rant... (Score:2)
Re:Semi O/T Rant... (Score:2)
You almost got it right. You should have said, "By law, the SSN can not be used for any other purpose by the government." There is absolutely no legislation specifying or controlling what non-governmental orgarnizations do with SSNs. That's why this is such a big mess today.
Re:Semi O/T Rant... (Score:3, Informative)
By the way, your bank does need your SSN because it needs to send tax information to the Feds. But your doctor, dentist, or insurance company certainly do not.
Re:Semi O/T Rant... (Score:2, Informative)
http://www.epic.org/privacy/ssn/testimony_0500. h tm l
It is up to the US Congress to recognize and restrict the use of the SSN as a Global Identifier, but the financial industry has a vested interest as their data is all keyed to it.
As far as I am concerned, I think posting public servant's SSN's is extreme, but they have ignored the issue for almost 30 years. Maybe a little civil disobedience i
Funniest Thing To Me (Score:3, Interesting)
Like most here, I think this is an effective demonstration of the ease with which personal information can be obtained, whether on the Interweb or elsewhere. The mere fact that these legislators are reacting so badly to release of fairly benign personal information is probably an indicator that they made a mistake in their voting. If they truly believed in their position they would have looked at this release and shrugged, or even been amused.
Foundation for Taxpayer & Consumer Rights (Score:3, Insightful)
Good to know they think of others as nothing but consumers and taxpayers. Imagine actually thinking of someone else as a PERSON... THE HORROR!
SSN: Public or Confidential Information? (Score:5, Interesting)
The problem arose when the mapping between a person's name (or identity) and the SSN was considered confidential information, and a number of government and non government organizations started treating the knowledge of a person's SSN as an authentication mechanism.
Many companies treat the fact that you know (the last 4 digits of) a social security number combined with some additional information like the last name and street address as proof that you are indeed who the record states you are.
This is absurd. Either each individual should be assigned a secret id, which when used in conjunction with the SSN proves one's identity, or some other mechanism to verify identity should be developed. As long as the SSN continues to be (ab)used as a supposedly public index into a database, as well as a piece of confidential information, privacy will remain a farce.
Re:SSN: Public or Confidential Information? (Score:4, Insightful)
Why doesn't the IRS/money people make their own number, dividing up the risk of the almost inevitable possibility of its theft. This would dramatically reduce the risk of falling victim to social security fraud.
Some resources:
SSN/Privacy FAQ's [cpsr.org] (cpsr.org)
General Privacy info
Presume negligence (Score:5, Interesting)
This allows the use of SSNs as an identifier, but not as an authentication token. Lawyers have a hard problem with that distinction, but they understand negligence.
Comment removed (Score:5, Interesting)
Re:SSN makes you life easier. (Score:4, Interesting)
Re:SSN makes you life easier. (Score:4, Insightful)
Why are Americans so much more paranoid than other people? Have your government really screwed over that many times?
How can you Europeans be so laid back about this, when you've got examples of ethnic cleansing in Germany, Kosovo, Turkey, Macedonia, among others. [columbia.edu]. Don't get me wrong...Americans also have our own checkered past (Slavery, Japanese interment camps, near genocide of Native-Americans, etc.) but at least we're worried about our own ugly past repeating itself.
Re:SSN makes you life easier. (Score:2, Insightful)
Although the government has been trying (and sometimes succeeded) in widening the use of the "social-fiscal number" in Holland, there are laws against using it for purposes other than those explicitly allowed.
I don't know about Denmark, but I have the feeling that the danish poster doesn't really now much about Europe.
Re:SSN makes you life easier. (Score:2, Interesting)
I'm danish too, and I have heard several stories about misuse of CPR numbers. It's actually too easy to misuse, since a lot of people believe that you are who you say you are, if you can give out your CPR. No picture ID required. Terrible, I know, but I have experienced this many times.
So it's not just the Americans that have a reason to be paranoid.
Re:SSN makes you life easier. (Score:3, Insightful)
It's not the government screwing you over, it's your fellow criminal who is interested in identity theft [consumer.gov].
If your single ID is used for everything from credit card applications, bank statements, medical records, then a person who finds your ID can access all of them.
Think it's a joke? A good friend of mine's mailbox was broken into many times, when he lived in an apartment, where they stole credit card pre-approved applications and redirected them to a different address. If th
Re:SSN makes you life easier. (Score:5, Insightful)
Want to get a credit card? You need to show up at the bank with a picture ID.
Re:SSN makes you life easier. (Score:2, Insightful)
Identity theft (Score:2, Insightful)
Americans should be paranoid. Most aren't. That is the problem.
Re:SSN makes you life easier. (Score:5, Insightful)
You think of government as a way of helping people. We think of government as a way of taking away people's rights. Obviously we want some rights to be restricted - like the right to kill someone and take his stuff - so we suffer ourselves to be goverened. But we all firmly believe that smaller governments are intrinsically better than large ones.
It's also a factor that, in a strange way, most Europeans are more jaded about politics than Americans. Oh, we think our politicians are corrupt liars too, but we have hope that they can change. It seems like most Europeans have just accepted that their representatives are crooks and have given up on actual democracy. Well, we're nearing that point, so perhaps we're not so different after all.
All it seems to have done is get "special" laws... (Score:3, Insightful)
Definitely ironic. But was it right? Or effective? (Score:3, Insightful)
On the other hand, I have to ask was this right. Doesn't this undercut the position that people have privacy rights, and no matter how much we may not want to respect them, we will. I am, in a sense, reminded of Voltaire's statement: "I disagree with your believe, but I will defed to your death the right to hold it."
I also question the effectiveness of this tactic. Pulling and showing confidential information in a private setting or in the context of a public hearing (for example pulling together a detailed dosier, handing it to a legislators, and saying, "Do you think I should have this information? Well, we don't either, that is why we want this law passed.") to specific legislators. Frankly, this is about as helpful and effective as my making the basktball team pee blue in high school.
To me, this once again demonstrates that we geeks in general don't know how to work the system. We disparage thhose that do know how to use it - much as we were diparaged as "geeks" in High School by the jocks - and then wonder why we fail. We could stand to learn a little bit about how to influence the world.
Hmm (Score:2)
"Now there's an effective way..." (Score:2)
Michael: Are you being sarcastic, dude?
Cowboy Neal: I don't even know anymore.
-
Big Deal (Score:2, Informative)
"We just posted the partial addresses of all lawmakers in protest"
George Bush Washington DC
Howard Dean Vermont
Just post the whole thing. How is this news? I agree with their stance but they should either be forceful or do nothing at all.
Two more posts is all that is needed (Score:2)
To really tick them off, we need irritated Californian number 2 to buy the same SSNs and post the next three digits.
Then we need irritated Californian number 3 to buy the same SSNs and post the last two digits.
That way all the digits get posted but not a single person has posted the full set.
Posting the full set on the internet apparently is a crime in California.
Better yet, have persons two and three be out-of-staters, anybody in Maryland up for it?
What? No Simpsons Quote Yet? (Score:2, Funny)