| |
 |
FREE Identity
Theft Prevention Checklist
Click Here |
Who Has the Right to Access Your Information?
It can be difficult to determine WHO has the right to access your information. This is especially true in situations where you are requested to divulge information such as Social Security Numbers (for employment or rentals). Who has the right to demand that information and do you have the right to refuse?
You may also be concerned with who is accessing your information within businesses or government agencies. Understanding the need for your information can help you judge whether providing it is in your best interest.
Your Social Security Number is Your Biggest Threat
While information such as your name, date of birth, mother’s maiden name, address etc. are easily traced it is your SSN that is the biggest threat. If thieves know your SSN they can access your banking information, utilities and other personal information as well as establish new credit in your name.
Although originally the SSN was only to be used for Social Security programs it is now commonly used for filing purposes including bank accounts, employee, student and medical records. This makes your SSN a free pass gaining access to your personal information.
Who Should Require Your SSN?
There are some government agencies (tax, welfare, Medicare and motor vehicles) who can lawfully require your SSN. Other agencies may request your SSN in a manner that implies you must give it.
You can determine whether the agency has a right to your SSN by reading the disclosure statement that is mandatory on government forms requesting the number. The disclosure statement will tell you if the SSN is required or optional. It also states which agency is requiring the number and what it will be used for. Government agencies have strict laws about the use and storage of SSN’s – private agencies or businesses do not.
You cannot be denied services from government agencies if you refuse to give your SSN unless they are legally required to obtain it or had a law in effect before January 1, 1975 requiring a SSN.
Employers must obtain your SSN to report earnings and payroll taxes. While they are required by law to have your SSN you might ask for them to protect your number if it is used for filing, listed on ID badges or otherwise made public.
Other businesses or agencies, including private medical insurance and schools, may request your SSN. If they are federally funded schools or are reporting to the IRS they may have a legal right to the information. If the reason for the request is not listed on the form you can leave the space provided for your SSN blank and ask for an explanation of why they are requesting it.
While a business may have no legal right to the information they can refuse service if you choose not to disclose it. State laws differ but businesses should not willfully display SSN’s, however, carelessness or inadequate protection of SSN’s may not violate these laws.
Financial information that is of interest to the IRS requires your SSN to be listed. Banking, stocks, employment and other financial statements all must include the number.
Credit card companies may request your SSN but are not legally required to have it. Since the number is used to validate who you are you may be able to provide proof with other forms of identification. Be prepared to have a difficult time finding a creditor who will provide credit if you refuse to submit your SSN.
Since potential creditors (including landlords) may wish to see your credit report you will likely be required to give them your SSN to obtain the report. You may ask if they will accept a current report without the SSN and confirm your identity with other forms of ID.
Federal records, including driver’s license, divorce papers, child support and death certificates all require SSN’s. Birth certificates usually require the SSN’s of both of the parents unless there is good cause for not requiring it.
If you receive email that appears to be from a service provider or government agency that requests your SSN do not reply. This information will not be requested through unsolicited emails and is being sent from a fraudulent source.
You can find out more about the legal requirements for using your SSN at:
http://www.privacy.ca.gov/recommendations/ssnrecommendations.pdf
What is Being Done to Protect Your Privacy?
While government agencies are submitted to legal requirements that protect your personal information, other businesses are not. This makes it vitally important to take steps protecting your information yourself and knowing who has it and what they are doing with it.
State laws do have requirements for the disposal of personal records but the manner of disposal can vary depending on the nature of the information and the resources available to the business. If you do business which requires you to keep personal information on record you must check with local law regarding the disposal of these records.
Fair Information Practice Principles
While the law is still catching up to the needs of individual privacy protection, Europe, Canada and the USA have created a guideline of processes for collecting and using personal information. This guide is called the ‘Fair Information Practice Principles’. It outlines the safeguards necessary to ensure the use of personal information is fair and to protect privacy.
The core principles outlined in the Fair Information Practice Principles are: Notice/Awareness; Choice/Consent; Access/Participation; Integrity/Security; and Enforcement/Redress.
Here is a brief outline of these principles:
Notice/Awareness
Notice and awareness requires businesses requesting personal information to disclose their information practices before collecting information. The following principles listed would be included in the notice.
Choice/Consent
Choice and consent give the individual the ability to allow or restrict the use of personal information beyond the transaction being initiated. Opt-in or opt-out choices include how much personal information is included and what it may be used for.
Access/Participation
Access and participation requires the individual to be able to access, correct or verify their personal information on record. The means of accessing and making corrections must be timely and inexpensive.
Integrity/Security
Integrity and security refer to the business’ steps to maintain accurate records, secure the information and destroy records in an appropriate manner.
Enforcement/Redress
Enforcement and redress must be established either by self-regulation or legislation.
The full report of Fair Information Practice Principles can be found at:
http://www.ftc.gov/reports/privacy3/fairinfo.htm.
While steps are being made to create enforcement it is up to the individual to be aware of the use and protection provided by each business and agency they provide personal information to.
|
