Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Does Your Employer Still Use SSNs? 193

Posted by Cliff
from the not-likely-to-change-any-time-soon dept.
An anonymous reader asks: "My company, a fairly large telco, still uses social security numbers for non-financial purposes; mostly for our IT ticketing system. I find it amazing that in these times, with how easy it is to use an SSN to obtain credit, that any company still does this. I've heard talk for almost eight years that the practice is going to be stopped but little progress has been made. How many companies out there still use SSNs so openly? Since it seems that nobody is in a hurry to solve this issue, what can be done to speed the process up?"
This discussion has been archived. No new comments can be posted.

Does Your Employer Still Use SSNs?

Comments Filter:
  • SSN (Score:5, Insightful)

    by CherniyVolk (513591) on Thursday October 12, 2006 @06:52PM (#16416059)

    In the beginning the Social Security Number was issued by the government and is unique to each living citizen. This much still holds true.

    But what was lost somewhere via the effects of Capitalism.... was that this number was supposed to be private to the individual assigned it. And, while there are laws protecting a citizens privacy. Companies were granted positions to effectively counter such laws. Only the government, state or law-enforcement officials may "demand" your Social Security Number. Visa can not demand you give it to them. Your landlord can not demand you give it to him. Private schools by law, can not demand you forfeit such information.

    But no law is telling Visa or anyone else to accept alternate information for their personal records. As a result, you have to give out your Social Security Number, becuase if you don't, you can't apply for an Apartment, you can't buy a car, you can't have a credit card, you can't open a bank account, you can't get a job..... yeah, we have a choice.

    *Some places do accept alternate information such as Drivers License Numbers.*
  • Re:SSN (Score:3, Insightful)

    by NormalVisual (565491) on Thursday October 12, 2006 @10:32PM (#16418553)
    being given checks by another bank, which were rejected by almost everyone because their starting number was too low

    Yup, and for the life of me I can't figure that one out. Every bank I've done business with has asked me what I wanted my starting check number to be, which makes the check number completely useless.
  • Re:SSN (Score:5, Insightful)

    by Eivind (15695) <eivindorama@gmail.com> on Friday October 13, 2006 @05:54AM (#16421109) Homepage
    How about instead stopping the idiocy of confusing identification with authenthication ?

    A SSN is a perfectly fine and perfectly way to establish that we're talking about the same person. Names, adresses, birthdates whatever all break down here. (there is more than one "John Smith", there could even be more than one with the same birthdate, furthermore it's perfectly possible that "Ann Smith" is the same person as "Ann Kulstad", she could've married.)

    For this purpose, making certain that two records really refer to the same person, SSN is fine. A unique key that refers to an individual.

    Now, where you guys went wrong where in confusing this with authenthication.

    The very fact that you use your SSN to *identify* which person you're talking about means that lots of different organisations and individuals *MUST* know your SSN. That ain't a problem. The problem is in assuming that whoever is aware of your SSN *IS* you, or is authorized to order credit-cards in your name, or whatever else.

    We've got SSNs in Norway too. They're not particularily secret. The tax-people have them. Your employer has it. Your bank has it. They all even *need* to have it, to *identify* you. Your employer, for example, pays taxes, and uses your SSN when communicating with the tax-people so that it's clear for which individual these taxes are.

    But here's the rub: Knowing the SSN is never *ever* considered authentication. You cannot order a credit-card in someones name just by knowing it. Nor access their bank-account, or infact do *anything* you couldn't just aswell have done without it. Except for ONE thing: If you know the SSN, you can use it to refer to an individual, in such a way that all involved will know for sure precisely *which* individual you're talking about.

    The account is owned by individual X, the taxes are paid by individual X, the drivers-licence was issued to individual X, and we all (the bank, the employer, the drivers-license-people, etc) agree that this is infact one and the same individual, despite the fact that one of us spelled his name wrong, he has married, he has moved, and there's 17 other people with that precise name in Norway.

    *THAT* is the point of a SSN.

    You cannot at the same time give your SSN to dozens of different organisations (which you need to do if using it as an identificator shall work) and at the SAME time pretend that it's a secret that only the individual himself would ever know.

    I dunno why USA persists in the stupidity.

Software production is assumed to be a line function, but it is run like a staff function. -- Paul Licker

Working...