Marked by Social Security
Students at Utah State University are at risk for identity theft.
To combat the risk, the administration is considering implementing a new policy regarding the use of Social Security numbers as student identification numbers.
The proposed policy gives three guidelines:
•Social Security numbers, or any portion thereof, should never be disseminated publicly, and the highest level of security should be implemented to protect their unauthorized disclosure.
•Social Security numbers should not be used as convenient internal identifiers, such as requiring students to put their Social Security numbers on tests and assignments.
•The disclosure of Social Security numbers may not be required for any reason, except in connection with employment or receiving financial aid.
Social Security numbers are used for identification purposes in many aspects of university administration, including registration records.
University Counsel Craig Simper said changes are being considered in answer to student concerns about the safety of their identity.
“We’ve got potentially a serious threat of identity theft,” Simper said.
This occurs when a thief takes a person’s critical personal information and uses it to open credit card and checking accounts, buy cars and take out loans. The victim is then responsible for the charges made using his information.
Jean Lown, professor of consumer sciences, said identity crime is “just exploding.”
Lown said she was appalled when she arrived at USU and realized Social Security numbers were used as identification for faculty, students and staff.
“It is so inappropriate to use Social Security numbers for faculty and student identification numbers. [It] was never meant to be a universal identification number,” Lown said. “The Social Security number is one of the key pieces of information a thief needs to perpetrate [identity crimes].”
Simper said although federal law states Social Security numbers should be used only for employment and financial purposes, the federal government itself is the worst violator of that guideline.
“In years past, it was common to use the Social Security number for any type of identification purpose,” he said. “It was convenient.”
Lown said the trouble now is once someone has a name and a Social Security number, he only needs one other piece of information and he’s on the road to stealing an identity. If a thief uses that information illegally, it can take years to earn back a good credit standing.
“The problem has been in the public eye for at least a decade,” she said. “Utah State is way behind the curve on this whole issue.”
According to a July 6, 2002 issue of The New York Times, concern for the safety of personal information has heightened since April, when the director of admissions at Princeton University improperly accessed Yale University’s Web site, which listed the names and Social Security numbers of students.
The danger of identity theft hits close to home.
According to a faculty news letter, www.utah.edu/fyi/newsletter, a hacker gained access to the names and Social Security numbers of 23,300 students and faculty from an encrypted file at the University of Utah in 1998. The university kept the file as an online directory. University administration advised concerned students to join the Fraud Alert Program, through which fraud victims undergo additional security checks when a credit request is made.
Simper said USU administration is thinking up ways to make voluntary changes before the government issues a mandate requiring the halt of inappropriate Social Security number use.
“I’d sooner handle the problem ourselves rather than have a mandate with a strict deadline,” he said. “We’re trying to fix our systems so they don’t rely on Social Security numbers.”
Making drastic changes in computer systems can be costly, especially in the face of budget cuts, and the new software could take upwards of five years to get, Simper said.
In the meantime, students should be mindful if anyone asks for their Social Security numbers, especially in connection with their names, he said.
Aaron Driggs, a junior in business information systems, said he realized USU misused Social Security numbers as soon as he arrived at the university. One of his professors asked the class members to write their names and Social Security numbers on lab sign-up sheets posted around the auditorium.
“There’s 350 names and Social Security numbers written for anyone to see,” he said.
Driggs spoke about his concerns last year to the Voice of the Customer committee, which is an organization that gives students an opportunity to voice their concerns and find solutions.
Simper said the policy changes being considered now were brought about partly because of Driggs’ request.
Driggs said the proposed changes are “a step in the right direction.”
“I think [the change] will take awhile, but it will happen,” he said. “[The university administration] realizes that if they don’t address it, it may come down to legal action. Identity theft is one of the fastest-growing crimes in the country. It’s real, and it happens all the time.”
He has spoken to dozens of students with the same apprehensions, Driggs said.
“My main frustration was that there were a lot of students upset, but they didn’t know how to get their voices heard,” he said. “It’s gratifying to know there’s something being done.”
Simper said the university is making every effort to protect Social Security numbers on file.
“There is no grave danger right now, because we are extremely careful,” Simper said.
-heidithue@cc.usu.edu