Requests to provide our Social Security numbers have become so common that many people just assume they have no choice but to hand it over. That's actually not true, but having that knowledge is only half the battle. The real challenge is convincing the people who automatically request such information that you really don't have to give it to them.
Consider my recent experience of trying to sign up for new phone service without providing that particular bit of personal information. By the end of my ordeal, I had to talk to a total of eight that's right, eight different Verizon representatives before they would process my order without my Social.
When I first called the toll-free number on Verizon's web site to set up a new land line, the operator cheerfully helped me pick out a package and took down my name and address. Then she asked for my Social Security number. "I prefer not to give that because of the possibility of identity theft," I said. She said that I had to.
I knew that wasn't true. Last year I wrote a story about why it's such a bad idea to hand out your Social Security number even though everyone from your utility company to your doctor insists on having it. If a person steals your credit card number, they can run up charges, but when you get your next bill you'll know, and chances are the credit card company won't make you pay. If, on the other hand, your Social Security number gets lifted, a person can open new accounts in your name and you likely won't know until months, maybe even years, later like when you go to apply for a mortgage. Try to not pay those bills, and companies won't be nearly as easy to deal with, since, from their point of view, you opened those accounts. Your employer needs your Social Security number to pay you and your bank needs it to comply with federal law, but very few other places actually need it. Your credit card company doesn't. Nor does your doctor, unless you're on Medicare or Medicaid. And the phone company? Most certainly not. But good luck trying to withhold it.
After my initial standoff, I asked to speak to the Verizon operator's supervisor. He, too, explained that I had to give my Social Security number. I offered to give another form of identification instead my driver's license number, perhaps. Then he leveled with me. He worked in a call center in Utah and not for Verizon directly. Their computer system wouldn't let them process orders without a Social Security number, but if I called Verizon directly maybe they could do something different. I called the new toll-free number he gave me, and, after getting bounced around between operators a bit, wound up with a person whom I'll call Sally.
Sally understood my concerns. But, she explained, Verizon needed my Social Security number to run a credit check. And I shouldn't be worried about my number falling into the wrong hands after they ran the credit check, they would encrypt it.
That didn't make me feel better, for two reasons.
First, companies and governments seem to have a really tough time of holding onto people's Social Security numbers. In the past couple of years, computers with sensitive personal data, including Social Security numbers, have been lost by or stolen from Home Depot, Citigroup, Gap, Hartford Financial Services, AT&T, Pfizer, the U.S. Department of Veterans Affairs, the government of Great Britain, and many more organizations, including my employer Time Warner. In March 2006, Verizon itself reported that the theft of two laptops had put a significant number of Verizon employees at risk of having their identities stolen, since the computers contained personal information such as Social Security numbers.
Second, on November 27, the Federal Trade Commission released a survey about how rampant identity theft is: in 2005, the last year for which there's data, 8.3 million Americans were victims almost 4% of all adults in this country. On top of that, the survey found that when thieves opened new accounts, they ran up bigger bills ($1,350 on average), and victims spent more time and money getting things resolved. Oftentimes, that resolution got ugly: 37% of victims reported problems beyond recouping out-of-pocket expenses, such as being harassed by debt collectors, being denied new credit, being unable to use existing credit cards, having their utilities cut off, and being subject to a criminal investigation or civil suit. When thieves opened new accounts, victims were more than twice as likely to have these sorts of problems.
So I told Sally that I still didn't feel comfortable giving Verizon my Social Security number. Couldn't I instead give my driver's license number? (A day earlier, when I set up my electricity service, Consolidated Edison had immediately taken that as a substitute.) Sally said yes, there was a way, but I'd have to provide not only my driver's license, but other documentation, as well. I asked what type of documentation and started wondering if this was worth it if I was going to have to dig up my birth certificate and tax returns but she said she didn't know. I would have to talk to someone in the Verizon Welcome Center, she said.
After getting bounced around between a few more operators, I finally landed with someone at the Welcome Center who could help me out. I'll call her Dianne. Dianne cut straight to the chase: Had I ever had an account with Verizon before? Why, yes, I had. She looked up my previous account, and said that I was verified. I could order new service without giving my Social Security number. It all seemed so easy... and then I had a troubling thought. "Dianne," I said, "Did I give my Social Security number the last time I signed up for service?" Indeed, I had. A younger, more naive version of myself had handed it over, probably without even thinking twice. I asked Dianne if she could see my Social Security number there in her system, and she said yes. "Does it begin X-X-X," I asked, using the real first three digits. Yes, Dianne said, that's it. So much for encryption. I was transferred to another operator to complete my order for phone service.
Later, I wondered what would have happened had I not had a previous account with Verizon. I called back the Welcome Center and asked the operator what documentation a person would have to provide to open a new account without giving a Social Security number. As it turns out, all Verizon needs is two pieces of identification. The first must be a photo ID, such as a driver's license, a state-issued ID or a passport. The second can be a birth certificate, a credit card bill, a bank statement, a pay stub, or even just a company or student ID. In other words, a person setting up phone service with Verizon really only needs to provide a driver's license and a company ID. You make photocopies, fax them over, then get your phone service.
The irony is that Verizon, like many companies, pretends to care deeply about the issue of identity theft. One of the many times I was on hold waiting for a Verizon operator to pick up during my hour-and-a-half ordeal, I did some Googling to entertain myself. In doing so, I came across a Verizon web site that advised consumers on various frauds and scams. Identity theft was one of them. This is the way Verizon frames the problem: "People will use a variety of methods to convince you to give up personal information such as Social Security number, credit card numbers, calling card numbers, bank account numbers, etc. Using this information, criminals can pose as you and commit a number of crimes. This will cost you a considerable amount of money and time as you try to restore your credit rating and damaged financial situation." And this is part of how they suggest you protect yourself: "In general, closely guard all of your personal information."
Unless, it seems, you are trying to guard it from the phone company.