By Thomas Hargrove
WASHINGTON - Members of Congress say they are increasingly concerned by failures of the Social Security Administration to keep confidential information safe and to warn the public when the security of personal data has been breached.
Several have expressed dismay following disclosures by Scripps Howard News Service that federal authorities kept silent when the Social Security numbers of tens of thousands of living Americans accidentally were released in a widely available database of dead persons intended to protect U.S. businesses from fraud.
"The failure of the Social Security Administration to protect that critical information and its failure to notify the tens of thousands of Americans that this breach put them at risk is disturbing," said Sen. Tom Carper, D-Del., responding to the Scripps investigation.
"This most recent incident once again underscores the need for modern and comprehensive laws that protect consumers if their personal information has been compromised," he said.
Carper and Sen. Roy Blunt, R-Mo., have sponsored the Data Security Act of 2011, which would require financial groups, retailers and federal agencies to safeguard sensitive information, investigate security breaches and notify consumers when there is a substantial risk of identity theft or account fraud.
Their bill is one of six pending in Congress -- three in the Senate and three in the House -- that would bring federal standards more in line with state consumer protection laws already in effect in 46 states.
Although there have been federal breaches of sensitive information over the years, the recently disclosed errors by Social Security are especially embarrassing, congressional leaders and consumer protection experts have said.
"This error can cause very significant challenges," Senate Deputy Majority Leader Richard Durbin, D-Ill., warned Social Security Commissioner Michael Astrue in a letter last month. "If a person is placed on this list, it can result in problems with credit agencies, applying for a loan or even getting a job. In addition, individuals who have been in this situation report the problem can be difficult to resolve."
Failure to warn people when the error occurs underscores need for federal legislation, they said.
"The Social Security Administration is definitely not in line either with state law or with what is widely considered to be a best practice," said Beth Givens, director of the San Diego-based Privacy Rights Clearinghouse.
People are not warned after they've been erroneously placed on the Social Security's Death Master File and, therefore, had their Social Security numbers, dates of birth and other private information become public information. As a result, banks and credit institutions often shut down their checking accounts, credit cards and refuse loan applications.
Social Security officials estimate they accidentally put 14,000 living Americans on the death list every year because of keying errors by federal workers.
"Why isn't there a mechanism in place to help these individuals by informing them what has happened?" asked Christopher Calabrese, legislative counsel for the Counsel at American Civil Liberties Union.