VA's goof shows need for new identity system
By JEFF WEBB
Published July 4, 2006
Okay, let's review this situation.
On May 3, a U.S. Department of Veterans Affairs employee's home was burglarized. Taken in the suburban Washington, D.C., heist was a laptop computer that contained the personal records, including Social Security numbers, of more than 26.5-million veterans.
On May 22, the VA got around to telling the public about its mammoth mistake, acknowledging that all veterans discharged after 1975 were at risk of having their personal information misused.
About a week later the VA admitted the stolen data also contained information of active duty military personnel.
During the week of June 12, millions of affected veterans, including me, received a letter from VA Secretary R. James Nicholson who actually asked the Internal Revenue Service to mail it because the VA apparently doesn't have my current address informing me that several "law enforcement agencies, including the FBI ... have launched full-scale investigations to find the perpetrators." He advised "there are many steps (I) can take to protect against possible identity theft," such as contacting credit bureaus. I must be "extra vigilant," Nicholson warned, in monitoring all my bank and credit card accounts, and wary of anyone who e-mails, telephones or writes to ask for any personal information or to verify my Social Security number.
(Gee, thanks! This is like being in the military again. Somebody else makes a mess and the rest of us get stuck cleaning it up.)
Then, on Thursday, we learned that an unidentified informer, who may have had his or her eyes on the $50,000 reward, dropped off the stolen laptop at an FBI office in Baltimore. A relieved Nicholson said the veterans' records apparently were not copied, but more tests would be needed to confirm that.
Forgive me, but skepticism precludes me from turning cartwheels at that alleged good news.
If the VA dodged a bullet it's only because the thieves who stole the laptop don't read newspapers or watch cable news. If these criminals had brains and some initiative, they could have either sold it to some smarter crooks, or started stealing the identities - and assets - of 26-million veterans.
Members of Congress who are investigating this incident with an eye toward tightening security at the VA say the laptop's recovery will not deter them from their mission.
That's good. It would be nice to think that, at a minimum, the VA will find a way to protect the personal information of veterans as well as it does, say, its own civilian employees.
But it would be even nicer if someone in our nation's Capitol would use this indefensible, embarrassing episode to begin a meaningful debate about why we need a way other than Social Security numbers to identify Americans.
Social Security numbers have become too powerful and too easy to get. What started off as a way for the government to keep track of the taxes you paid into Social Security (for almost 40 years cards actually carried the phrase "Not to be used for identification") has turned into a convenient way for some private institutions, such as banks and insurance companies, to verify that you are you. They, like the IRS that uses your SSN to track how much tax you owe, rely on it because it's easier and cheaper than it would be to set up and maintain their own identify verification systems.
But SSNs have become way too accessible to way too many people. Financial histories, medical records and applications for college and jobs are but a few examples of a system that is both outdated and out of control.
Think I'm being paranoid? I'll wager that a victim of identify theft (I'm not, no thanks to the VA) would agree it's time for a change.
Identity theft is increasing and so is the cost to recover from it. One report I came across while researching this subject said the average victim incurs $18,000 in fraudulent charges, and spends $800 and 175 hours over two years to set things right. The national cost of identify theft is in the billions, much of that borne by businesses that must write off fraudulent purchases.
So, why not find a new way to prove you are who you say you are? How about a new number, or even a card with a photo, that would be used solely to verify identity? That way we could tell all those private businesses and government agencies that think they have a right to know our Social Security number to get bent.
Opponents of national ID cards will wince at the thought, and I'm not sure that's the answer. But between the debates about illegal immigrants, homeland security and the changes coming in 2008 that require all states to conform to a federal guideline for drivers' licenses, the time is right to talk about it.
In the meantime, all you vets repeat after me the words of Alfred E. Neuman:
"What, me worry?"
Jeff Webb, editor of editorials for the Hernando Times, can be reached at firstname.lastname@example.org.