Social Security Number Verification Law

Regulation 1

• Social Security considered privacy an integral part of the program from its inception. The first regulation established the privacy of SSA records. This regulation has had additions and amendments but remains SSA's authority for refusing to give information in response to demands for information. It says in part: "Any request or demand for any such record or information, disclosure of which is forbidden by this regulation, shall be declined upon the authority of this regulation." The same regulation also gives the agency authority to provide information if authorized by its regulations. It states: "Disclosure of such records or information is hereby authorized, in such manner as the Board may by instructions prescribe."

Privacy Act of 1974

• The Privacy Act of 1974, found in 5 U.S.C. § 552a, covers only federal agencies such as the Social Security Administration. It requires all agencies to protect their systems of records and to list the kinds of records maintained. The law prohibits agencies from releasing information without written consent. However, the act spells out 12 exceptions to the requirement for consent in 5 U.S.C. § 552a(b).

Privacy Act Exception

• Social Security uses the "routine use" exception of the Privacy Act (5 U.S.C. § 552a(b)(3)) to justify verifying Social Security numbers when there is sufficient justification. SSA does not have to obtain an individual's consent to verify their number in cases where SSN use is in the public interest. Examples involve employers who need SSNs to report taxes they have collected, state agencies administering food stamp or Medicaid programs and state DMVs.

Law Enforcement Exception

• Another exception to disclosure provided in the Privacy Act is 5 U.S.C. § 552a(b)(7), which deals with providing information to law enforcement. Although the law permits Social Security to verify numbers for law enforcement, Social Security has developed policies regarding when requests meet the intent of the law. The agency limits verification to cases where the individual has been indicted or convicted of a serious crime involving violence or drugs, or the criminal activities involve fraud against agencies administering benefit programs for the public.

Consent to Disclosure

• The Privacy Act provisions in 5 U.S.C. §552a(d) and (h) define who may sign written authorizations to verify Social Security numbers. An adult or his legal guardian, or the custodial parent of a minor child may authorize Social Security to verify an SSN. A legal guardian must be appointed by a court that has found the adult legally incompetent. In unusual situations, an SSA office manager has the authority to accept authorizations by incompetent adults and minors. SSA will not honor verification requests signed by others such as relatives, or the holder of a power of attorney.