SOS Social Security Number Watch
Validate SSN | Overview | Identity theft | Privacy | Team members | Join mailing list | Frequently asked questions | Visitor comments | News


Privacy Issues

Most people are reluctant to share their Social Security numbers (SSNs) unless required by law to do so or coerced to do so in order to receive a desired service or product. Other people freely share SSNs (their own and those of others) because of different views they hold about the identifiability and availability of SSNs. These views need to be scientifically addressed so that related behaviors and practices can be encouraged, if there is no or minimal risk, or discouraged, if provable risks and harms are shown. These are goals of our work in this SSNwatch project. Below are three privacy issues we will investigate.

  • Fact or Fiction: An SSN alone cannot be re-identified to the subject of the SSN without an SSN registry.

    Some people believe that releasing only an SSN, in part or whole, cannot be readily re-identified to the person to whom the SSN was issued without access to credit reports or other information containing both the person's SSN and name explicitly. An example is the somewhat common practice of listing student scores on the Internet by SSN or part of an SSN. Another example is the use of part of the SSN as part of an account number at commercial establishments.

    To demonstrate whether this is a fact or merely a myth, we begin by understanding how much and what kind of information is revealed about a person when part or all of the person's SSN is shared. The SSNwatch Validation Server already identifies the issuing state, date issued, estimated age range of the recipient, and activity status of an SSN. Our future work will build on these results to develop methods that estimate the number of people to whom an SSN (in entirety or fragment) could refer and thereby prove or disprove this belief.


  • Fact or Fiction: Large numbers of SSNs are not publicly available.

    Some people argue that access to SSNs, while available within many financial, health, employment, and government institutions, are not publicly available. Even though SSNs of known people can typically be purchased for less than $30 each, these people believe that access to large numbers of active SSNs is limited physically and economically. A goal in this work is to estimate how many active SSNs can be obtained for free (over the Internet) and to examine related risks.


  • Fact or Fiction: Releasing information about SSN encoding and assignments helps prevent the misuse of SSNs.

    Our SSNwatch Validation Server reports the issuing state, date issued, estimated age range of the recipient, and activity status of an SSN. This information was computed from publicly available information about SSN encoding, SSN assignments, and SSNs retired from service due to death. All of this information is provided directly from the United States Social Security Administration under the Freedom of Information Act. One of the rationales for the government's sharing of this information is to help identify fraudulent SSNs when they are presented to businesses and government entities. Using the information to help combat SSN misuse is a primary goal of our SSNwatch Validation Service. Another primary goal of our work is to also determine the effectiveness of this information in combating SSN misuse, to identify risks, and to examine alternatives.



If you would like to be kept abreast of our progress, you should join our mailing list. You will be notified of updates and news about our SSNwatch project. To join our mailing list, send an email message to ssnwatch-register@dataprivacylab.org.



Tell me more about:

Copyright © 2011. President and Fellows Harvard University.   |   IQSS   |    Data Privacy Lab   |    [info@dataprivacylab.org]