SSA Reconsiders Web Site

reeder@erols.com

At a House hearing on Tuesday, witnesses and members of Congress disagreed on whether the Social Security Administration's system allowing Americans to access their earnings and benefits records on the World Wide Web should be reinstated as is, revised radically or permanently discontinued.

The hearing of the Social Security Subcommittee of the House Ways and Means Committee grew out of public concerns that allowing individuals to receive Social Security information via the Internet would expose that information to hackers.

On April 9, SSA suspended its interactive Personal Earnings and Benefits Estimating Statement (PEBES) system, which allowed an individual to obtain a complete history of her or his earnings, Social Security and Medicare payments and estimates of old age, disability and survivor pensions. To get the information, a user had to enter his or her name, Social Security number, date and state of birth and mother's maiden name.

Acting Social Security Commissioner John J. Callahan said at the hearing that there were no reported incidents of abuse of the system during the one month it was operational. But he noted that as many as 40 percent of the inquiries were invalid, suggesting either that individuals were mis-entering information or that unauthorized people were trying to break in.

A later witness, Evan Hendricks, editor and publisher of Privacy Times, testified that, as recently as last year, SSA employees had been prosecuted for selling earnings information to "information brokers."

SSA has provided earnings and benefits information by mail upon request since 1988 and is required by law to provide annual reports by mail to all Social Security contributors 25 years of age and older, beginning in the year 2000. Individuals can continue to request PEBES statements on the Social Security Web site, but for now the information will be mailed to the requester.

At Tuesday's hearing, witnesses including General Accounting Office staff, the SSA inspector general, and privacy and security experts agreed on three points:

  • SSA's objective of making information more accessible was laudatory.
  • SSA ought to have assessed to privacy implications more carefully before taking PEBES online.
  • Callahan acted wisely on April 9 when he discontinued the service temporarily after controversy erupted.
SSA inspector general David C. Williams noted that while the online PEBES system had handled 28,000 inquiries in its first month, more than 50,000 inquires were processed in the two days after a story appeared in USA Today suggesting the potential for misuse.

Witnesses and committee members offered a wide range of prescriptions for fixing the system, such as limiting the information provided online to pension estimates only, adding more security and authentication features, or setting up a process for individuals to be included in the online database only if they elected to be included.

A representative of the Junior Chamber of Commerce made a strong plea for turning PEBES back on as soon as possible, noting that younger Americans are already skeptical about the Social Security system and welcome online access to their information.

On May 5 in Hartford, Conn., SSA began a series of public forums on the issue to be held around the country. Callahan promised to report to the committee on the results of the forums and refused to speculate on what SSA would do with the interactive PEBES until after they are completed. Hearings are expected to be held over the next 60 days. The next is in Des Moines, Iowa, on May 16.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
FROM OUR SPONSORS
JOIN THE DISCUSSION
Close [ x ] More from GovExec
 
 

Thank you for subscribing to newsletters from GovExec.com.
We think these reports might interest you:

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

    Download
  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • GBC Issue Brief: The Future of 9-1-1

    A Look Into the Next Generation of Emergency Services

    Download
  • GBC Survey Report: Securing the Perimeters

    A candid survey on cybersecurity in state and local governments

    Download
  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

    Download
  • eBook: State & Local Cybersecurity

    CenturyLink is committed to helping state and local governments meet their cybersecurity challenges. Towards that end, CenturyLink commissioned a study from the Government Business Council that looked at the perceptions, attitudes and experiences of state and local leaders around the cybersecurity issue. The results were surprising in a number of ways. Learn more about their findings and the ways in which state and local governments can combat cybersecurity threats with this eBook.

    Download

When you download a report, your information may be shared with the underwriters of that document.