Quoting Wolf Halton <[email protected]>:
Storing SSNs unencrypted is a terrific mistake, in the US. Storing them at all is a Very Bad Thing (TM). Storing a hash that is evidence that a proper authority has seen the number, or just a boolean true, seems like enough.
This reply is not directed at Wolf in particular, but to the whole discussion of the US SSN and its storage.
The SSN was intended to be used by the Social Security Administration and that Administration only! Any other use of that number, including by the IRS, is against the law that established US Social Security. of course, when has the US Government ever followed its own law....
It *should* be perfectly harmless to store that number. In many cases, many persons SSNs are a matter of public record for various reasons.
The flaw is not the storage of the SSN, but how that number is misused in the US financial system.
The above also applies to drivers' license numbers. They should not need to be secret, except for the stupidity of humans and human-designed systems that assume those numbers are secure and unique identifiers, which they are not. (As an example, I am the second person to have my SSN. They are often recycled when people die.)
I hold SSN, DL# and passwords all in equal contempt as "identification" measures. They fulfill no such purpose.
Stepping down from my soapbox, I see absolutely no reason for a US library to store a patron's SSN. A drivers' license number, perhaps, but not the SSN. My suggestion is to delete the field, and if someone needs to track such an identifier then let them figure it out within the bounds of their local law.
"I am not a unique identifier! I am a free man!" To paraphrase Patrick McGoohan.
-- Jason Stephenson Assistant Director for Technology Services Merrimack Valley Library Consortium Chief Bug Wrangler, Evergreen ILS
