[Senate Report 115-62]
[From the U.S. Government Publishing Office]
Calendar No. 79
115th Congress } { Report
SENATE
1st Session } { 115-62
_______________________________________________________________________
SOCIAL SECURITY FRAUD PREVENTION
ACT OF 2017
__________
R E P O R T
of the
COMMITTEE ON HOMELAND SECURITY AND
GOVERNMENTAL AFFAIRS
UNITED STATES SENATE
to accompany
S. 218
TO RESTRICT THE INCLUSION OF SOCIAL SECURITY ACCOUNT
NUMBERS ON DOCUMENTS SENT BY MAIL BY THE FEDERAL GOVERNMENT, AND FOR
OTHER PURPOSES
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
May 15, 2017.--Ordered to be printed
______
U.S. GOVERNMENT PUBLISHING OFFICE
69-010 WASHINGTON : 2017
COMMITTEE ON HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS
RON JOHNSON, Wisconsin, Chairman
JOHN McCAIN, Arizona CLAIRE McCASKILL, Missouri
ROB PORTMAN, Ohio THOMAS R. CARPER, Delaware
RAND PAUL, Kentucky JON TESTER, Montana
JAMES LANKFORD, Oklahoma HEIDI HEITKAMP, North Dakota
MICHAEL B. ENZI, Wyoming GARY C. PETERS, Michigan
JOHN HOEVEN, North Dakota MAGGIE HASSAN, New Hampshire
STEVE DAINES, Montana KAMALA D. HARRIS, California
Christopher R. Hixon, Staff Director
Gabrielle D'Adamo Singer, Chief Counsel
Patrick J. Bailey, Chief Counsel for Governmental Affairs
Daniel J. Spino, Research Assistant
Margaret E. Daum, Minority Staff Director
Stacia M. Cardille, Minority Chief Counsel
Charles A. Moskowitz, Minority Senior Legislative Counsel
Laura W. Kilbride, Chief Clerk
Calendar No. 79
115th Congress } { Report
SENATE
1st Session } { 115-62
======================================================================
SOCIAL SECURITY FRAUD PREVENTION ACT OF 2017
_______
May 15, 2017.--Ordered to be printed
_______
Mr. Johnson, from the Committee on Homeland Security and Governmental
Affairs, submitted the following
R E P O R T
[To accompany S. 218]
[Including cost estimate of the Congressional Budget Office]
The Committee on Homeland Security and Governmental
Affairs, to which was referred the bill (S. 218) to restrict
the inclusion of social security account numbers on documents
sent by mail by the Federal Government, and for other purposes,
having considered the same, reports favorably thereon with
amendments and recommends that the bill, as amended, do pass.
CONTENTS
Page
I. Purpose and Summary..............................................1
II. Background and Need for the Legislation..........................1
III. Legislative History..............................................2
IV. Section-by-Section Analysis......................................3
V. Evaluation of Regulatory Impact..................................3
VI. Congressional Budget Office Cost Estimate........................3
VII. Changes in Existing Law Made by the Bill, as Reported............4
I. PURPOSE AND SUMMARY
S. 218, the Social Security Fraud Prevention Act of 2017,
would prohibit the Federal Government from including an
individual's Social Security Number (SSN) in any agency
documents that would go through the mail, unless the head of
the agency determined that the inclusion of the SSN is
necessary.
II. BACKGROUND AND THE NEED FOR LEGISLATION
Identity theft has been a growing concern for many
Americans. The Federal Trade Commission had over 889,000
identity theft complaints filed in 2015 and 2016.\1\ A large
contributing factor to identity theft is the unauthorized
acquisition and fraudulent use of SSNs. SSNs are required for a
myriad of verification processes, besides just accessing one's
Social Security benefits. Individuals interested in receiving
certain government services, or applying for private sector
services, such as a credit card, will need to provide their SSN
in order to complete the application process.\2\ The Social
Security Administration (SSA) strongly encourages individuals
to keep their SSN confidential and avoid giving it out
unnecessarily due to the problems and misfortunes it can lead
to.\3\ As a result of this, many citizens refuse to write their
SSN down and memorize it to ensure it doesn't get abused by
someone else.
---------------------------------------------------------------------------
\1\Federal Trade Commission, Consumer Sentinel Network Data Book
for January-December 2016 at 79 (March 2017), available at https://
www.ftc.gov/system/files/documents/reports/consumer-sentinel-network-
data-book-january-december-2016/csn_cy-2016_data_book.pdf.
\2\Social Security Administration, Your Social Security Number and
Card, at 2 (January 2016, available at https://www.ssa.gov/pubs/EN-05-
10002.pdf.
\3\Id., at 11.
---------------------------------------------------------------------------
Many Federal agencies require SSNs as a way to confirm the
identity of individuals that are requesting services, benefits,
or paying taxes. Using a SSN is an efficient way to confirm an
individual's identity. However, with no Government-wide
protocol outlining the use of SSNs, the procedures and security
of its use varies from agency to agency. In 2007, the Office of
Management and Budget released a memorandum to Federal agencies
ordering them to review their use of SSNs to increase
protection and eliminate any unnecessary use.\4\ The Government
Accountability Office later issued a report finding that
vulnerabilities are present across the Government.\5\
---------------------------------------------------------------------------
\4\Memorandum from Clay Johnson III, Deputy Director for
Management, Office of Management and Budget, to Heads of Executive
Dep'ts and Agencies, Safeguarding Against and Responding to the Breach
of Personally Identifiable Information (May 22, 2007).
\5\Gov't Accountability Office, GAO-07-1023T, Social Security
Numbers: Use is Widespread and Protection could be Improved (June 21,
2007), http://www.gao.gov/new.items/d071023t.pdf.
---------------------------------------------------------------------------
Having SSNs on Federal correspondence amplifies the
possibility of SSNs being compromised. An easy way for the
Federal Government to mitigate this preventable risk is to
reduce the use of full SSNs on documents sent through the mail.
S. 218 restricts Federal agencies from including SSNs in
correspondence sent through the mail unless it is deemed
necessary by the head of the agency. If this is the case, the
agency is required to partially redact the SSN whenever
possible and consider other ways to mitigate the risk of
identity theft for the individual receiving the mail.
III. LEGISLATIVE HISTORY
Senator Cory Gardner introduced S. 218, the Social Security
Fraud Prevention Act of 2017, on January 24, 2017. The bill was
referred to the Homeland Security and Governmental Affairs
Committee.
The Committee considered S. 218 at a business meeting on
March 15, 2017. During the business meeting, an amendment was
offered by Senator Daines to make clear that agencies are to
take additional mitigation measures whenever it is necessary to
send a piece of mail with a SSN.
Both the Daines amendment and the bill as amended were
ordered reported favorably en bloc by voice vote. Senators
Johnson, Portman, Lankford, Daines, McCaskill, Carper, Tester,
Heitkamp, Peters, Hassan, and Harris were present for the vote.
IV. SECTION-BY-SECTION ANALYSIS OF THE BILL, AS REPORTED
Section 1: Short title
The short title of the bill is the ``Social Security Fraud
Prevention Act of 2017.''
Section 2: Restriction of SSNs on documents sent by mail
Subsection (a) states that no federal agency or department
can send out mail that includes a SSN, unless the head of that
department or agency deems the presence of the SSN on the
document necessary.
Subsection (b) mandates that each agency issue regulations
within one year to specify how the agency is to determine when
inclusion of a SSN in a document sent through the mail is
necessary. The regulations issued by the agency must include a
direction for the agency to: (1) partially redact the SSN
whenever possible; (2) ensure SSNs are not visible on the
outside of any piece of mail; and (3) take additional methods
to mitigate the risk of SSNs sent through the mail when doing
so is necessary.
Subsection (c) provides that the requirements of the bill
will take affect one year from its enactment.
V. EVALUATION OF REGULATORY IMPACT
Pursuant to the requirements of paragraph 11(b) of rule
XXVI of the Standing Rules of the Senate, the Committee has
considered the regulatory impact of this bill and determined
that the bill will have no regulatory impact within the meaning
of the rules. The Committee agrees with the Congressional
Budget Office's statement that the bill contains no
intergovernmental or private-sector mandates as defined in the
Unfunded Mandates Reform Act (UMRA) and would impose no costs
on state, local, or tribal governments.
VI. CONGRESSIONAL BUDGET OFFICE COST ESTIMATE
March 23, 2017.
Hon. Ron Johnson,
Chairman, Committee on Homeland Security and Governmental Affairs, U.S.
Senate, Washington, DC.
Dear Mr. Chairman: The Congressional Budget Office has
prepared the enclosed cost estimate for S. 218, the Social
Security Fraud Prevention Act of 2017.
If you wish further details on this estimate, we will be
pleased to provide them. The CBO staff contact is Matthew
Pickford.
Sincerely,
Keith Hall.
Enclosure.
S. 218--Social Security Fraud Prevention Act of 2017
S. 218 would prohibit federal agencies from including
social security account numbers on any documents sent by mail
unless the agency determines that inclusion of the number is
necessary. There are many federal laws and regulations that
address the protection of sensitive information including the
Federal Information Security Management Act, the Privacy Act of
1974, and a 2007 memorandum from the Office of Management and
Budget on safeguarding and responding to the disclosure of
personally identifiable information. Because of those laws and
rules, CBO expects that most agencies are working to limit the
amount of personally identifiable information that they collect
and disseminate. As a consequence, CBO estimates that
implementing S. 218 would have no significant cost over the
next five years.
Enacting the legislation could affect direct spending by
agencies not funded through annual appropriations; therefore,
pay-as-you-go procedures apply. CBO estimates, however, that
any net increase in spending by those agencies would be
negligible. Enacting S. 218 would not affect revenues.
CBO estimates that enacting S. 218 would not increase net
direct spending or on-budget deficits in any of the four
consecutive 10-year periods beginning in 2028.
S. 218 contains no intergovernmental or private-sector
mandates as defined in the Unfunded Mandates Reform Act and
would impose no costs on state, local, or tribal governments.
On February 24, 2017, CBO transmitted a cost estimate for
H.R. 624, the Social Security Fraud Prevention Act of 2017, as
ordered reported by the House Committee on Oversight and
Government Reform on February 14, 2017. The two pieces of
legislation are similar and CBO's estimates of their budgetary
effects are the same.
The CBO staff contact for this estimate is Matthew
Pickford. The estimate was approved by H. Samuel Papenfuss,
Deputy Assistant Director for Budget Analysis.
VII. CHANGES IN EXISTING LAW MADE BY THE BILL, AS REPORTED
Because S. 218 would not repeal or amend any provision of
current law, it would make no changes in existing law within
the meaning of clauses (a) and (b) of paragraph 12 of rule XXVI
of the Standing Rules of the Senate.
[all]