Comment Re:a little metadata (Score 3, Insightful) 494
looks like the data (ssn) needs a little metadata (issuing authority, distinguished name) in order to make it work.
Or, as I've questioned previously on here, WTF are the credit rating agencies in the US using non-unique identifiers (and identifiers that shouldn't be used outside a social security scenario) when (usually the exact same) credit agencies in other countries can manage using other (available) data? (Name, DOB, (Previous and current) Address?)
For example in the UK, the equivalent to the SSN is the National Insurance (NI) number - this is never used by the CRAs - only by HMRC (tax office.)
Anyway, sure, they still get false positives using these details (the most common seems to be when they use the name only), but not quite on this sort of scale.