Skip to main content

View Diary: Data Grab? Experian now controls web access to Social Security Admin (322 comments)

Comment Preferences

    •  Contact about what? (1+ / 0-)
      Recommended by:
      wader

      The diary author is mistaken. Experian verifies your identity based on information they already have. No Social Security data is or has been transferred to them. End of story.

      •  Are you certain or stating this because you've (4+ / 0-)
        Recommended by:
        Eileen B, fuzzyguy, JesseCW, TechBob

        never heard about it?  Can you explain the situation of being redirected to Experian and then having to go to an SS office to get an account re established?

        "If you trust you are not critical; if you are critical you do not trust" by our own Dauphin

        by gustynpip on Wed Jan 23, 2013 at 08:55:39 AM PST

        [ Parent ]

        •  Yes I am certain. (2+ / 0-)
          Recommended by:
          geordie, Sue B

          Here is the situation:

          1. SSA has sensitive data about you (basically how much money you have earned from working over your lifetime), and they both want to give you access, and want to protect the data so someone else does not get access to it. They are much more concerned with latter. That is why they have rolled out this service just now, when your bank has been giving you access to your actual money online for many years.

          2. SSA decided they would contract out the process of authenticating our identity for the purposes of access their website to Experian. When you go to the mySSA page you get redirected to the Experian site and then must match your answers to their admittedly often obscure and bizarre trivia about you with the records they already have in their file. If Experian think the online person is the same as the person in their file they pass you back to SSA and say this person is OK.

          3. If that process fails or if you choose for some reason not to have your records accessible online, you can always visit a Social Security office to have your identity authenticated and set up access to the website. People who have been victims of spousal abuse for example, will sometimes lock online access tot heir account since it could allow someone with intimate knowledge of their personal details to access their current address.

          Clearly the system they have is cumbersome and if fails to work often enough that significant improvements are necessary.  That said, there are no hi-jinks going on. This is SSA being overcautious, not incautious.

          •  I hope that your information is correct. But if (3+ / 0-)
            Recommended by:
            DRo, tardis10, triv33

            what the diarists wrote about this system is correct, we should demand that it be improved ASAP.

            Don't know what's worse--dealing with the often rude and/or inefficient customer service reps, or going to our local office with its Swat Team-looking police guards at the door (that is serious folks--couldn't believe my eyes when I visited the office last year, to help a relative).

            This is particularly irksome since the Administration had our annual hard copy Social Security benefit statements 'cut off.'  Mr. Mollie and I were supposed to receive one in 2012, and we're still waiting for them.

            I'll be calling these folks today, for sure.  When I get a good number, I'll post it here for everyone else.

            Mollie

            “If a dog won’t come to you after having looked you in the face, you should go home and examine your conscience.” -- Woodrow Wilson

            by musiccitymollie on Wed Jan 23, 2013 at 09:48:13 AM PST

            [ Parent ]

            •  Yes it is (0+ / 0-)

              1. My information is first hand and it is correct. The diarist was speculating by his own admission.

              2. You should still demand the system be improved ASAP. But the problem is that Experian's authentication system is too obtuse, or too error-prone. The problem is NOT a violation of your private information (Experian gains no access to SSA's data about you).

              3. SSA receives hundred if not thousands of threats every year. Employees have been attacked. That is why they have armed guards--and video surveillance--at every office. An office in Arizona was just recently bombed (with no damage to life or major property damage thankfully). Sixteen Social Security employees dies in the bombing of the Federal building in Oklahoma City. So they may be rude and inefficient but they also put their lives on the line to serve the public.

              4. SSA will eventually offer many more online services than just an electronic version of the Social Security Statement. For now though you can get an equivalent estimate of your benefit using the the online retirement estimator.
              http://www.ssa.gov/...

              the login procedure is not the same as the one being discussed in this diary.

              You can get a copy of the information in the statement at your local field office.

              •  Sorry, but I don't believe I'm "mistaken" (4+ / 0-)

                Quoting Experian's press release, to access the SS site, an person:

                " must be able to provide information about themselves that matches information already on file with Social Security"
                The # of bedrooms in your house or your old auto plate #s are NOT "on file with Social Security". Directly stating that they use information already on file with Social Security implies they have access to SS files. The questions they ask are from their credit files, I know this after answering them to obtain my "free" report to keep track of their errors.

                Either Experian is mistaken in their PR about the service they provide to Social Security or they are simply using their own data to verify identity - again, NOT what they state.  

                If they are only using their credit history data to verify identity - this is also of concern to us.  What about people who have little credit history - or some older people who have NO credit history? Not as rare as you'd think.

                If we somehow assume that Experian is able to maintain an internal "firewall" on the data they access from SS with respect to their own files; who would possibly think this would be error free? If you have had ANY direct experience with Experian, you know how poor their records can be.

                Ever tried to CALL Experian to deal with problems or get THEIR errors fixed? Their mistakes happen instantly - you're lucky if you get things fixed within 6 weeks and the burden of proof is on you. Further, this is only the information that you have access to: ever try to protest your Credit Score? Do you think you'll be able to fix errors in their new "identity security" product? New products are conveniently NOT directy covered by consumer protection laws.

                I stand by my deductions, and I retain my concerns about turning over "security checks" to a private vendor that has shown itself prone to outrageous and persistent errors and has poor accountability and responsiveness to customers.

                "Curiouser and curiouser!"

                by TechBob on Wed Jan 23, 2013 at 02:41:17 PM PST

                [ Parent ]

                •  What you think but don't know is the problem (1+ / 0-)
                  Recommended by:
                  2dot

                  First, You go to SSA's website and say you want to activate your account. You tell them who you are. First they check their records to see if you exist. I suspect if you give them a fake SSN at this stage you get dumped out or something.

                  Second, SSA communicates to Experian that some guy named John Q. Public from Jerkwater, PA, wants to access our site. IS this guy really JOhn Q. Public from Jerkwater.

                  Third, the Experian screen comes up. They ask you questions to match against data they already have on John Q. Public from Jerkwater. If he is not already in their database, I assume you get kicked out. If your answers match theirs they send SSA a yes.

                  Fourth, SSA gives you login and password credentials and you have an account. You have no further contact with Experian when accessing the SSA site.

                  What information did SSA pass to Experian? Your name and address. Maybe date of birth. How the hell else does Experian know who to verify? And if Experian doesn't already have this information about you then their service is clearly of no use to SSA. (the reason SSA is using someone to do their verification is because SSA does not have reliable current information on your place of residence).

                  Does this count as Experian having it's hooks in SSA data? I do not see how that is the case. Your SSA data is your name attached to an  SSN, and includes your earnings history, your employer, your tax contribution history and if you are a beneficiary-- all the information on your application, and your benefit payments. This the stuff that SSA guards with its life. It does not guard your name and address. SSA does not give Experian your SSN, even tough there is zero chance Experian wouldn't have it in their records if you have any credit history at all. They don't get it from SSA, they get it from financial institutions.

                  So SSA and Experian exchange a list of names and addresses and a yes or no on verification. That is a far, far cry from Experian peeking into the Master Beneficiary record which is clearly what you are insinuating in this diary.

          •  How are you certain? (0+ / 0-)

            Meaning, what are your sources? What is your experience?

            What's it to you, anyway?

            The "extreme wing" of the Democratic Party is the wing that is hell-bent on protecting the banks and credit card companies. ~ Kos

            by ozsea1 on Wed Jan 23, 2013 at 10:08:08 AM PST

            [ Parent ]

            •  It's your choice... (0+ / 0-)

              to be an ignorant fool or not.

              I know this information firsthand. How I know that is my business.

              Here is what the public SSA website says (Obviously you haven't bothered to read it):

              https://secure.ssa.gov/...

              •  Why don't you step away and come back when (3+ / 0-)
                Recommended by:
                JesseCW, triv33, gustynpip

                you can converse with people without being so insulting.

                It's your choice to be an ignorant fool or not.
                I choose not to believe someone as rude as you've been.
              •  Totally unnecessary arrogance and nastiness. (2+ / 0-)
                Recommended by:
                triv33, DRo

                This site is not big on the "believe this because I said so" route.  It is big on asking for verification - usually.  I will grant you that we seem to accept the outrageous much more readily than the reasonable.  However, even when providing the reasonable, it's much wiser to do so with some degree of courtesy and a lot less arrogance.

                I do, however, appreciate your having responded to my question and providing the information you provided.

                "If you trust you are not critical; if you are critical you do not trust" by our own Dauphin

                by gustynpip on Wed Jan 23, 2013 at 11:44:32 AM PST

                [ Parent ]

                •  Yes, the truth is nasty. Spare me. (0+ / 0-)

                  I've taken a sizable portion out of my day trying to correct what is a damaging mis-perception about how SSA protects your personal information. Educating the public is indeed part of my job, but I am not sure my boss wants me hanging out here. So I will maintain my anonymity, thank you very much.

                  It is partly SSA's fault for not making the answers to these questions crystal clear right up front. That said, most of it is on their website and I liked to that repeatedly.

                  Again: https://secure.ssa.gov/...

                  If the diarist had read this in the first place, I could have saved a lot of time.

                  I  have a lot of firsthand information about how this works, why decisions were made etc.. and I have no intention of compromising those sources. You can choose to believe me or not. That is on you, not me.

                  •  your link provides the agency's respresentation (3+ / 0-)
                    Recommended by:
                    JesseCW, triv33, poligirl

                    of the matter, that's all it is. Hardly impartial.

                    Your continuing authoritarian assertions of "facts" do not make them factual.

                    FAIL.

                    The "extreme wing" of the Democratic Party is the wing that is hell-bent on protecting the banks and credit card companies. ~ Kos

                    by ozsea1 on Wed Jan 23, 2013 at 12:21:55 PM PST

                    [ Parent ]

                    •  You'd make an excellent climate change denier nt (0+ / 0-)
                      •  Your argument is that this is great, and we (2+ / 0-)
                        Recommended by:
                        triv33, poligirl

                        shouldn't worry about it, because trust the people managing the SSA, that's why.

                        This is about opinions.  

                        If your job is to browbeat citizens and spit talking points when they disapprove of their government enriching corporations, all I can say is that I prefer being unemployed and wondering how the hell I'm going to pay the power bill.

                        Sometimes, calling it your job just can't ever make it right.

                        "I have often seen people uncivil by too much civility, and tiresome in their courtesy." Michel de Montaigne

                        by JesseCW on Wed Jan 23, 2013 at 02:34:58 PM PST

                        [ Parent ]

                        •  No it is not. (0+ / 0-)

                          My argument is that SSA is not giving any protected information to Experian. Experian has no access to your Social Security records. Yes they get your name, and probably address, but SSA does not protect that, and of course Experian already knows it.

                          My argument is that SSA thinks they need Experian's identity verification service to properly authenticate people in real-time, online. (note: they do not think they need anyone's help to authenticate you in person). I find that as surprising as many people, considering they used to just put this stuff in the mail. I find it amazing that it has taken them years to catch up to banks for example. But that was their decision.

                          So those two things are facts. Not opinions. And those are important facts to get out there when some one is publicly insinuating the opposite is true.

                          If anything SSA is being too cautious with our data and making it hard for the average citizen to do their business. That's my opinion.

                          If your problem is merely that SSA contracts with for profit entities then the deal with Experian is small potatoes. (This is a contract in the tens of millons not hundreds). But SSA also enriches Verizon, Microsoft, Staples, Dell as well as ADP and Lockheed Martin (who provide SSA with huge amounts of programmers). Are you outraged that SSA employees need to use phones?

                  •  I have no interest in outing you, but here's the (4+ / 0-)
                    Recommended by:
                    triv33, poligirl, Willa Rogers, gustynpip

                    thing.

                    Arguments from authority aren't worth a damn.  You can graduate from Harvard Law and still be an idiot who thinks Dredd Scott was well decided.

                    There are people with M.D.s who insist HIV is unrealted to AIDS.

                    That aside, it's just fucking goofy to think that anyone will accept an argument based on authority when you choose not to disclose from what source you think this this authority derives.

                    Your argument is going to have to stand on its merits, not bashing those who disagree with the scam you're defending, and not on some "trust me, because I'm important in ways I cannot describe" bullshit.

                    "I have often seen people uncivil by too much civility, and tiresome in their courtesy." Michel de Montaigne

                    by JesseCW on Wed Jan 23, 2013 at 02:32:25 PM PST

                    [ Parent ]

                    •  When did I say I was important? (1+ / 0-)
                      Recommended by:
                      2dot

                      I'm a fly on the wall, but my information is first hand and collected over a number of years. I think the information publicly available backs up what I am saying. The diarist, by contrast, is  "deducing" things, he has no first hand knowledge. But his conjectures are simply false.

                      You can look around  this site and check my record. I surely have opinions about things like everyone else, but I have factual knowledge about Social Security that I think stands up pretty well. ( I do make mistakes, from time to time also)

                      I was under the illusion that people would find it helpful to know that in fact SSA was not giving your protected information away, despite the fevered imagination of the diarist. You apparently don't care. Good for you.

                  •  No, it wasn't the truth that was nasty. It was (0+ / 0-)

                    you.  Don't blame your own nastiness and arrogance on truth.  

                    It's always so convincing when someone says  "I have these fantastic sources but I can't provide those sources.  They're much too sensitive for peons like you.  

                    Give me a break.  I was ready to, while not ready to rely on your statements, at least give them credence.  After your arrogance exhibitionism, I find your statements less than persuasive.  If your job is indeed to "educate the public", you're pretty bad at your job.

                    "If you trust you are not critical; if you are critical you do not trust" by our own Dauphin

                    by gustynpip on Wed Jan 23, 2013 at 08:43:24 PM PST

                    [ Parent ]

                    •  Your truth-o-meter is broken (0+ / 0-)

                      My identity on Dkos is anonymous. If that's a problem for you then perhaps you should at least start posting under your own real name.

                      I am offering you some information gthat I am personally privy to. SSA is not giving Experian access to your private records. I have linked to the places where SSA makes these points as well on their public website. No one else in this conversation is offering you any facts, they are just offering conjecture, supposition, suspicion, paranoia.

                      You can believe who you want I guess, but that is on you, not me.

                      •  You "offered" it in an arrogant and dismissive (0+ / 0-)

                        manner.  No one has a problem with your maintain your anonymity here.  It's pretty standard.  What we do have a problem with is your arrogance in demanding that we accept your statements because you said them when all you are is an anonymous blogger.  We have absolutely no idea whether you're someone who knows what you're talking about or just someone trying to stir the pot.  When your arrogant and dismissive, it certainly seems more likely it's the latter.  And your arrogance continues in your determination that you've been justified in being offended that people haven't bowed down to your great wisdom and knowledge - even though to us you're just an anonymous blogger.

                        It's not that we're demanding or expecting you to disclose who you are.  It's that you have choices.  You can either disclose either your identity or at least your source of information and make it likely people will accept what you say.  Or you can retain your anonymity and refuse to provide any verification of your offer of information and people will consider it the offerings of some anonymous blogger who refuses to provide any verification and so probably doesn't have any.  If you're not willing to provide some support for your assertions, you're probably as well off not bothering to provide them.

                        I again will say that if you carry your arrogance into your job, and your job involves dealing with the public, I'd put money on it that you're not very good at it.

                        "If you trust you are not critical; if you are critical you do not trust" by our own Dauphin

                        by gustynpip on Thu Jan 24, 2013 at 05:37:10 AM PST

                        [ Parent ]

              •  touchy, aren't we? (0+ / 0-)

                Extraordinary claims requre extraordinary proof, and all you've done set off the bs troll-meter, bigtime.

                The "extreme wing" of the Democratic Party is the wing that is hell-bent on protecting the banks and credit card companies. ~ Kos

                by ozsea1 on Wed Jan 23, 2013 at 12:12:00 PM PST

                [ Parent ]

                •  Extraordinary (0+ / 0-)

                  Writing a diary insinuating that Experian has access to your social Security data.

                  Providing a link to the actual government privacy statements (that even explains the mechanics of how this whole thing actually works) that make it clear that is not the case is not trolling.

              •  Disregarding your condesection (2+ / 0-)
                Recommended by:
                Willa Rogers, triv33

                Perhaps you should read your link.  It says nothing about the new, outside verified security program and has no date or back-link to which page this statement referred to (which is a bit odd from a web design standpoint - most gov sites are pretty rigorous about documentation and dates).

                Stating that:

                " ... we ask you to provide several different types of information and to answer questions that only you should be able to answer."
                says nothing about where the info comes from (Experian or SS data) and that is my point.

                "Curiouser and curiouser!"

                by TechBob on Wed Jan 23, 2013 at 02:50:24 PM PST

                [ Parent ]

                •  *ack* (0+ / 0-)

                  (opens door)
                  "condescension"
                  (slams door, walks off ... dammit, blew my exit)

                  "Curiouser and curiouser!"

                  by TechBob on Wed Jan 23, 2013 at 10:05:44 PM PST

                  [ Parent ]

                •  Oh jeez. (0+ / 0-)

                  BUt you need to go down to the what we do with your information tab.
                   "We verify your information against our records. Experian verifies your information against its records.
                  We will not share your Social Security number with Experian."

                  I agree that the website is not nearly as clear as it should be and that is precisely why I was chiming in with my personal knowledge. When I first tried to log on my reaction was WTF, as well. But I also had a chance to ask the people who designed the system what was going on.  So I am trying to help clarify for you. I will also try to get SSA to make their system clearer (something over which I have very little influence, but you never know)

                  To clarify:

                  The first screen you come to is SSA's and it asks for name SSN, address, phone number email. SSA checks that against their records. Only SSA knows for sure what names are supposed to match with what SSNs and birth dates (also birth places and mother's name--you had to show a birth certificate at some point to get a SSN). They check to make sure this matches their records. (ALmost certainly they did not previously have a telephone number or email from you. Their address data can be unreliable as well especially if you have moved recently and did not tell them.)

                  Then SSA passes a name and I think address to Experian and asks them to run their verification screen. Can the user match the data that Experian has. Experian passes a yes or no to SSA. SSA is not capturing or storing the data in the Experian verification screen.

                  But the bottom line is that at no time does Experian get access to the data about you that SSA by law has to protect. Hell there are making it difficult to let you see your own data.

                  TO get more The SSA website says:

          •  I suspect what we have here is a Privacy Act (2+ / 0-)
            Recommended by:
            DRo, JesseCW

            violation.

            I believe we need to have lawsuits to stop this, pronto.

            LBJ, Lady Bird, Anne Richards, Barbara Jordan, Sully Sullenberger, Ike, Drew Brees, Molly Ivins --Texas is no Bush league! -7.50,-5.59

            by BlackSheep1 on Wed Jan 23, 2013 at 10:09:04 AM PST

            [ Parent ]

          •  Do you really want to know what the big (12+ / 0-)

            problem with this is?

            This is just another instance of something that didn't have to be privatized being privatized because it's cheaper and more expedient and it feeds that narrative that "the government can't do ANYTHING right, the private sector ALWAYS does it better."

            Well, no it doesn't and some things, like Social Security, a lot of us believe the government has been a huge success at. Many people don't believe that government services, info and such, should be outsourced or privatized.

            If the government knew they needed this, then they should have trained for and made it so, in house.

            I shave my legs with Occam's razor~

            by triv33 on Wed Jan 23, 2013 at 11:07:16 AM PST

            [ Parent ]

            •  really, the private sector doing everything... (8+ / 0-)

              better is the very definition of a right wing meme.

              There’s a word for the people who keep complaining that the “ideologues” are getting in their way: Lobbyists. ~ RJ Eskow

              by poligirl on Wed Jan 23, 2013 at 11:11:29 AM PST

              [ Parent ]

            •  I agree except for "being privatized (7+ / 0-)

              because it's cheaper."

              That's a right-wing talking point, or meme that politicians of all stripes love to spout.  Don't fall for it.

              This is being done for reasons of conservative (libertarian) ideology.  Just like the rest of the 'fiscal crises hysteria' is intended to frighten folks into allowing the PtB to do what they would NEVER normally get away with--eviscerate the social safety net.

              It is almost ALWAYS MORE EXPENSIVE WHEN FARMED OUT TO THE PRIVATE SECTOR.

              For instance:  Medicare vs Private Health Insurance.

              Mollie

              “If a dog won’t come to you after having looked you in the face, you should go home and examine your conscience.” -- Woodrow Wilson

              by musiccitymollie on Wed Jan 23, 2013 at 11:41:03 AM PST

              [ Parent ]

            •  nonsense (0+ / 0-)

              SSA does not believe they have the ability to verify you online. They are happy to do so in person. For the past 10 years SSA provided almost no online services because they couldn't solve the problem of verifying your identity to their satisfaction. Their problem is not their own capabilities, but their security standards (which may well be unreasonably high).  Call me when the IRS  allows you to log in an view your past years' returns. Or when the Census lets you see your own responses from 30 years ago.

              To your general point, it is obvious that every government should not try to maintain expertise that they buy cheaper and better elsewhere. Why should the government run a software company at SSA? Should they employees their own

              •  Nonsense? (5+ / 0-)

                Bullshit.

                I shave my legs with Occam's razor~

                by triv33 on Wed Jan 23, 2013 at 11:51:59 AM PST

                [ Parent ]

                •  Let's just stipulate (0+ / 0-)

                  That you have no knowledge of the SSA-Experian arrangement. OK?

                  You have no idea of how much it would cost SSA to do this to their own satisfaction.
                  You have no idea how much this arrangement is costing them.
                  You have no idea how much SSA will save in front-line in-person service costs over the future if they can stand-up their on-line services effectively.

                  Just so we are both clear:
                  You have no idea about any of the facts in this case.

                  What we do know is: You "don't believe in privatizing any part of any government services ever."

              •  yeah, i think they should. given that SS, Medicare (8+ / 0-)

                Medicaid etc, as well as IRS docs et al are all government programs, wouldn't it make sense for the government to work to develop a security system that they could use for all government run programs?

                does that not make more sense?

                surely, since we put money into development for things like say, the space program and the internet, why on earth is putting money into developing something that would be very usable security wise so out of the question?

                why?

                There’s a word for the people who keep complaining that the “ideologues” are getting in their way: Lobbyists. ~ RJ Eskow

                by poligirl on Wed Jan 23, 2013 at 11:57:41 AM PST

                [ Parent ]

                •  allow me to answer the question. big business (8+ / 0-)

                  give the money to the politicians; the politicians in turn direct business their way.

                  the politicians are invested in NOT having government develop much of anything.

                  There’s a word for the people who keep complaining that the “ideologues” are getting in their way: Lobbyists. ~ RJ Eskow

                  by poligirl on Wed Jan 23, 2013 at 11:59:53 AM PST

                  [ Parent ]

                •  The answer (0+ / 0-)

                  First, Government agencies with sensitive information for the most part do not share it with other government agencies. That includes SSA, IRS, Census, CMS.

                  Second, SSA has it's own very high security requirements. Why? Because they are a very conservative organization. They think if they screw up, Congress will murder them. So they are intent on not screwing up.

                  Clearly they have created a security hurdle that is much higher than say banks have for allowing you to access and spend your actual money. They have set a security hurdle that is too high for them to adequate address with their own data and IT infrastructure.

                  •  so then we invest the money into developing (3+ / 0-)
                    Recommended by:
                    nchristine, triv33, m16eib

                    a security system that can be used individually by other departments.

                    if the private sector can develop one, so can the public sector.

                    saying that government can't is untruthful. saying the government won't is probably more what you're meaning. and to that i say pshaw!

                    There’s a word for the people who keep complaining that the “ideologues” are getting in their way: Lobbyists. ~ RJ Eskow

                    by poligirl on Wed Jan 23, 2013 at 12:54:36 PM PST

                    [ Parent ]

                    •  If that was how government worked, great (0+ / 0-)

                      No one said SSA can't do this. I said they decided that could not do it to their own satisfaction. That was their decision. Then again they are happy to verify you in-person.

                      For whatever reason they were willing to do somethings by mail, than they are willing to do online.

                      OK so you are a smart person: what pieces of information should SSA require to verify your identity online and give you access to your records?

                      As a thought experiment think about how anyone can really know you are who you say you are?

                      •  The very same can be said of Experian - (3+ / 0-)
                        Recommended by:
                        triv33, poligirl, m16eib
                        OK so you are a smart person: what pieces of information should SSA require to verify your identity online and give you access to your records?
                      •  someone higher up should tell them to... (5+ / 0-)
                        Recommended by:
                        m16eib, JesseCW, triv33, nchristine, angel d

                        do it to their satisfaction instead of outsourcing something like this to a company known for fuckups.

                        i worked around programmers and in IT for a good decade and if someone really wanted to have better security developed, they could.

                        i think this was the easier decision for them - a decision to move some off of their plate. which is understandable. but, what i'm saying is that for things as important as SS - and i would daresay you probably think of SS as important - that we should never pass the buck to the private sector. and we should certainly be able to develop better security than the private sector, even at a high bar.

                        i understand you're saying that this was the government's choice and why the government made that decision. i am telling you that in my opinion, the government's choice is piss poor, both in deciding that they didn't want to bother with/spend money developing a high bar security system AND the decision to outsource to Experian, of all places.

                        There’s a word for the people who keep complaining that the “ideologues” are getting in their way: Lobbyists. ~ RJ Eskow

                        by poligirl on Wed Jan 23, 2013 at 02:29:53 PM PST

                        [ Parent ]

                        •  I think you are missing something (0+ / 0-)

                          SSA has no problem keeping your records private.

                          SSA has no problem verifying your identity. They do it all the time in person. IN extreme circumstances they will actually verify a person's identity and cut them a check right there and then (as they did after Katrina, along with a note form the president of BoA and The Secretary of the Treasury attesting to any bank that the check was in fact authentic)

                          What they don't have confidence in is verifying your identity online in real-time. They can't just say Oh fuck it, it's good enough for us. They think if they screw up--if some perpetrator of domestic violence somehow accesses the SS records of his spouse who has taken refuge in some undisclosed place, and then tracks her down and commits an act of violence--there will be hell to pay before congress. The public will demand they shut down online access, after all they have 1500 storefronts, etc... That's how they think.

                          Anyway, so what is this high bar security system going to consist of. They can ask you about your name, birth date, SSN, mother's name, place of birth. they can ask you to verify your social security wages from your w2 for any year you worked. What if they decided that is not enough?

                          They cannot verify your address, or phone number. They don't know if you are married, or if you own a house or have a bank account or credit card. I think they know the name of your employer. Not entirely sure.

                          •  you are not understanding me. i am not... (2+ / 0-)
                            Recommended by:
                            triv33, Sharon Wraight

                            arguing that SSA can provide that level now and is choosing not to. and i am not arguing that SSA has a problem with keeping records private.

                            what i am saying is that gatekeepers by nature, no matter how stringent, have access, at least some, the the gate; they could not gatekeep if that was not so.  and what i am saying is that if SSA cannot secure access enough to pass muster themselves they should not  farm out security even for access; they should say "fuck it" and not do it at this time.

                            as for what a high bar system includes, well, i'm not a programmer, so i'm not going to speculate what is possible. but clearly there are a lot of people, including myself, who have been victims of Experian's special brand of misinformation, so much so that trusting them as gatekeepers is a very questionable idea to many of us. makes one wonder how they got the contract and what type of bidding process was undertaken to decide who got it.

                            There’s a word for the people who keep complaining that the “ideologues” are getting in their way: Lobbyists. ~ RJ Eskow

                            by poligirl on Thu Jan 24, 2013 at 01:09:36 PM PST

                            [ Parent ]

                  •  No, their standard isn't TOO high, it's based (3+ / 0-)
                    Recommended by:
                    poligirl, triv33, m16eib

                    upon data that is not always 100% accurate.

            •  We're in big trouble if the richest country in (7+ / 0-)

              the world, supposedly the richest, can't secure and validate information for a program that's been in place for 76 years and has to pay such a fucked up private sector business like Experian to do it for them.

              How many bedrooms in your home?  You've got to be kidding.  That's really secure, huh?

              Go back to mailing the information through the government mail system until they can figure out this newfangled Internet that just went online yesterday.

              •  Concur. Go back to mailing annual statements. (4+ / 0-)
                Recommended by:
                gooderservice, poligirl, triv33, m16eib

                Is the SSA unaware that NOT EVERYONE even has a computer, or access to one.

                And, does the SSA want folks who don't have a personal computer to go down and use a computer at the public library for this sensitive type of information?  For Pete's Sake, what were these folks thinking.  

                Saving money on government mailings was part of Bowles-Simpson's recommendations.  Guess they thought they had to act immediately.

                Just found an AARP article.  Stopping the mailing of the benefit statements saves a paltry 60 million per year.  Bet it pales compared to what they pay Experian.  Here's the link.

                This was an ill-conceived policy change.  And clearly, the concern was NOT saving money.

                Mollie

                “If a dog won’t come to you after having looked you in the face, you should go home and examine your conscience.” -- Woodrow Wilson

                by musiccitymollie on Wed Jan 23, 2013 at 12:09:49 PM PST

                [ Parent ]

                •  The point your made is much, much bigger than (6+ / 0-)

                  that.

                  Is the SSA unaware that NOT EVERYONE even has a computer, or access to one.
                  The private sector is NOT, I repeat NOT creating the infrastructure to bring high speed Internet access to EVERYONE no matter where they live in the U.S.

                  Sure, if you're wealthy and want to pay thousands of dollars for the wire/cable to be run to your home from the nearest junction, sure.  

                  Private sector companies won't do that because it's too costly to run the wire in rural areas.

                  So when information from the government is only available online, it's just wrong, wrong, wrong.

                  And OT, an elderly retired neighbor of mine who worked for local government recently had their health benefits change to be run by the state.  I accompanied him to a meeting where they were explaining what the changes were and yadda ya.

                  They handed out  three pieces of paper when we walked in, mostly advertising the different companies, and there were representatives from the health insurance companies from which to choose that spoke.

                  All these people kept saying one by one, to find out about this, go to this website, to find out about that, go to that website and so on.

                  During the question and answer period, several elderly people stood up and stated they didn't have computers, so how could they find out this information.

                  All of the responses were:  Go the library or get someone who has a computer to help you.

                  I can't tell you how pissed I was listening to this shit, and I mean shit.  That's bullshit.  I felt so bad for these people who were being given these answers by healthcare insurance company representatives who kept smiling.  Bleh.

                  And the people attending lived in an area where everyone had access to the Internet... if they could afford it and actually had a computer.

                  And then there is the other issue of if you do have a computer, even if you're going to a "safe" site, that doesn't mean there aren't any keyloggers or malware on your computer to capture the sensitive information.

                  This just stinks all around.

                  (Sorry... stepping down now.)  

                  •  Actually, thanks, gooderservice. Said it better (4+ / 0-)
                    Recommended by:
                    triv33, gooderservice, nchristine, m16eib

                    than I could.

                    We have a couple of very elderly aunts who do not have computers (one was childless, and other has three sons, none of which have home computers).  The sons can well afford a computer, but simply have no use for them.  [They also don't allow TV's in their homes, because they think they're a bad influence.]

                    My point being that there are folks (including the three men who are younger than Boomers, sorry, not sure what that generation is called) that don't have one, whose close relatives don't have one, and for whom going to the public library to use one at ages 94 and 99, would be quite ridiculous.

                    Thank you for sharing your experience with the insurance company reps.

                    It's appalling to me that our government shows such insensitivity to the most vulnerable, and in some instances, the most economically hard-pressed members of our society.  

                    Really, it's quite chilling.

                    Mollie

                    “If a dog won’t come to you after having looked you in the face, you should go home and examine your conscience.” -- Woodrow Wilson

                    by musiccitymollie on Wed Jan 23, 2013 at 01:44:19 PM PST

                    [ Parent ]

                •  Your bet (0+ / 0-)

                  "Just found an AARP article.  Stopping the mailing of the benefit statements saves a paltry 60 million per year.  Bet it pales compared to what they pay Experian.  Here's the link."

                  OK so what do you think they are paying Experian?

                  Do you think this information is public?

                  Do you think SSA might be planning to save on other online services?

                  How much do you plan to bet?

              •  You are confused about what Security means (0+ / 0-)

                They are happy to verify you in person. The problem they have is doing it online.

                After Hurricane Katrina, when people lost everything., They set up shop in shelters and issued people temporary ID based on data only they had in their system (and only they could access in a practical way). They were the only government agency capable of doing this.

                Currently SSA can give you an estimate of your benefits based on your earnings history, without all the rig-a-ma-roll.
                http://www.ssa.gov/...

                They can take your application for retirement or disability benefits (DI not SSI) online.

                What they are unwilling to do is potentially compromise your personal earnings record information online unless they are convinced they can verify your identity online. That is they set their own standard for security extremely high.

                The problem is not that they are unsecure. It is that they want to be more secure than is perhaps reasonable.

                •  Quit your insults. (3+ / 0-)
                  Recommended by:
                  poligirl, triv33, m16eib

                  I'm not confused because I won't adopt your bullshit. Sorry, ain't happening.

                •  then make them secure. PERIOD. do not... (3+ / 0-)
                  Recommended by:
                  gooderservice, triv33, m16eib

                  outsource this shit.

                  i don't know how much clearer we can get here.

                  There’s a word for the people who keep complaining that the “ideologues” are getting in their way: Lobbyists. ~ RJ Eskow

                  by poligirl on Wed Jan 23, 2013 at 12:56:46 PM PST

                  [ Parent ]

                  •  This is a no brainer. Yet for some reason (3+ / 0-)
                    Recommended by:
                    poligirl, triv33, m16eib

                    there are Experian champions.  Go figure.

                  •  Your social security records ARE secure (1+ / 0-)
                    Recommended by:
                    m16eib

                    Maybe too secure if people are having so much trouble accessing online what used to come in the mail.

                    Why is this confusing?

                    •  It's not confusing - Experian does not have (3+ / 0-)
                      Recommended by:
                      triv33, m16eib, poligirl

                      100% accurate data in their system.  Experian is wanting answers based upon that data in their system.  Experian will not release, nor change, what information they have on you, even when you have a lawyer tell them it's not correct.  How difficult is that to understand??

                      Their 'security' questions are based upon faulty data and some data that most reasonable people would not be expected to remember (when did you get your first credit card??? - who really knows that answer and why would they want to remember something that trivial??).

                      •  Right (0+ / 0-)

                        So the problem is not that Experian authenticates people who it should not (unless someone can somehow guess the inaccurate data they maintain), but that it falis to authenticate people it should. In other words, SSA by accepting Experian's verification is keeping some data private (from the person who record it is) when it should not.

                        In this case you can go directly to SSA and they will authenticate you in person. No need to go through Experian at all. In fact you can do that directly and never bother with Experian in the first place. Is that a pain? Yes. Of course a few years ago you still had to go to an office in person to file for benefits. You still have to go in person to get a replace SS card

                        The alternative is that SSA simply authenticates you online using the information they have. and the real-time response capability they have. Their concern in this case however is that they will in fact authenticate some people who they should not. (Once you log in they offer you the choice to use an additional layer of security, each time you login in they text you a code, and you have to enter it). And that they will reap the negative repercussions of that. Of course it is true that someone could spoof the Experian screen, but SSA thinks it is harder to do that.

          •  Of course, if you are diabetic you might not be (3+ / 0-)
            Recommended by:
            gooderservice, DRo, triv33

            able to go to a SS office as they won't let you take your insulin in with you.  In practice it is the same with any other pills as you need water to take them and they will search you to ensure you don't have any food or drinks on you.

            You have watched Faux News, now lose 2d10 SAN.

            by Throw The Bums Out on Wed Jan 23, 2013 at 11:16:02 AM PST

            [ Parent ]

          •  Social Security is wasting our money on (7+ / 0-)

            bonuses for Experian executives instead of spending it on legitimate overhead.

            This is toxic company dedicated to harming consumers for profit.

            We should not be forced to support them, or the amoral creatures willing to work for them.

            "I have often seen people uncivil by too much civility, and tiresome in their courtesy." Michel de Montaigne

            by JesseCW on Wed Jan 23, 2013 at 11:25:49 AM PST

            [ Parent ]

            •  This is especially maddening since obstensibly (5+ / 0-)
              Recommended by:
              triv33, tardis10, DRo, gooderservice, JesseCW

              the Social Security Administration "cut off" sending out annual benefit statements in order to save money!!!

              Mollie

              “If a dog won’t come to you after having looked you in the face, you should go home and examine your conscience.” -- Woodrow Wilson

              by musiccitymollie on Wed Jan 23, 2013 at 11:28:33 AM PST

              [ Parent ]

            •  No they are saving, and will save (0+ / 0-)

              Experian gets paid on a one time basis to authenticate you. After that you just log in.

              Social Security was spending $70 million or so to print social security statements. SSA is spending a fraction that to get you authenticated. Once you are authenticated you will have the ability in the future to do a lot more things online, which will save SSA money because they won't have to commit manual resources in their field offices, and it will spare millions of people a year a trip tot he office.

              Perhaps you should tell us which company can perform this service for SSA and is not toxic.

              •  the SSA. (4+ / 0-)
                Recommended by:
                JesseCW, DRo, gooderservice, wonmug

                how about them, could they do it? yes, they could!

                I shave my legs with Occam's razor~

                by triv33 on Wed Jan 23, 2013 at 11:36:48 AM PST

                [ Parent ]

              •  and BTW... (3+ / 0-)
                Recommended by:
                JesseCW, DRo, gooderservice

                how are they saving any trips to the office if Experian is causing trips to the office with their fuck-ups?

                I shave my legs with Occam's razor~

                by triv33 on Wed Jan 23, 2013 at 11:40:38 AM PST

                [ Parent ]

                •  I'll try this slowly: (0+ / 0-)

                  I agree there are too many verification fuckups at this stage, and clearly it will have to get better. The one fuckup that is not happening is that SSA is not giving any access to your social security records to Experian.

                  SSA was spending $70 million a year mailing out 160 million or so Social Security Statements every year. About 30 million of the 160 million went into the trash because of bad address (including foreign addresses). That's not a small fuckup.

                  Delivering those statements online to at least some people could be a big savings. More  important there are a whole host of services SSA provides in-person (read rather expensively) that they could save money on if they could deliver them on-line. Do you know how many millions of people come into their offices each year to replace a lost Social Security card?

                  Experian is involved in getting you online the first time. Their involvment ends after that. So SSA is trading the relatively small cost of that authentication process (even with the second or third tries it is something like 20 cents a person--I can't remember) with the many hundreds of millions they will save every year over the future if they can gets the services online and running.

              •  Providing a profit to Experian is "saving"? (4+ / 0-)
                Recommended by:
                DRo, triv33, nchristine, gooderservice

                Frankly - bullshit.

                You keep expecting everyone to just accept your premise the SSA cannot manage this in house.

                The IRS can manage to authenticate me.  At the State level, everyone from the EDD to the DMV can authenticate me on-line.

                But not the SSA?  

                I've been to local offices a few times.  The people seemed reasonably intelligent.

                "I have often seen people uncivil by too much civility, and tiresome in their courtesy." Michel de Montaigne

                by JesseCW on Wed Jan 23, 2013 at 11:56:44 AM PST

                [ Parent ]

                •  Your disapproval is blinding you (0+ / 0-)

                  This is SSA's assessment, not mine. That's why it took them so long to do this.

                  If you read my posts, I have been clear this is in no small part a function of their own standards for security. They know they have lousy address data. They are betting the credit industry has better data. They are not permitted, by law, to get the address information from your W2, even though IRS sends SSA the wage amounts from your W2 every year.  

                  Authentication is a one-time cost, which if I am recalling correctly is much less than $1 a person. Let's just say total cost is $100 million. SSA was spending $70 million a year to mail out Social Security Statements. They have costs in the hundreds of millions  every year from traffic to their offices that could be much better done on-line (e.g. replacement SS cards; benefit verifications.)

                  It is very possible that Experian makes a profit on one-time authentication, and that SSA saves by substituting online processes for paper and in-person processes over a very long time.

                  By the way, the IRS does not authenticate you. It takes your signature, and your W2 as verification. It puts you in jail or takes your money if it can prove your are lying. And they take your money.  A major scandal right now is people using stolen SSNs and other personal info to file false returns that have refunds. IRS is not verifying your identity in those cases before paying a refund.

                  DMV verifies you in person. Not on-line. SSA will do that as well.

                   

                  •  DMV happily verifies me On-Line. I can get all (2+ / 0-)
                    Recommended by:
                    triv33, Willa Rogers

                    my records without going in.

                    You're once again claiming that there is no alternative way to verify people without using a private corporation and giving them a profit.

                    This is a nakedly pro-privatization argument.  

                    "It's very possible that Experian makes a profit"???

                    You can't just say "Of course they're taking a profit"?  You have to pretend it's just a possibility?

                    The IRS is getting scammed on occasion. It's not perfect.  Neither is a "how many bedrooms is your house" system.

                    Anyone closely related to you and knowledgeable about your finances could answer all those questions correctly anyway.

                    Lastly, why the fuck is Experian getting a fat helping of our Social Security contributions to fail to verify people?

                    You claim you're well informed (somehow) on all the details we peons don't have access too.  Ok.

                    What's the false rejection rate?  Since your argument is that this scam is really a good thing that will benefit us all, and that as long as it gets people to use on-line services so that SSA can employ fewer people, isn't it all a waste if most people are being falsely rejected?

                    "I have often seen people uncivil by too much civility, and tiresome in their courtesy." Michel de Montaigne

                    by JesseCW on Wed Jan 23, 2013 at 02:26:44 PM PST

                    [ Parent ]

                    •  Didn't DMV previously verify you in person? (0+ / 0-)

                      I never claimed there was no alternate way, and I am a skeptic that SSA needs to use an outside service. What I said is that this is what SSA believes. And all that is beside the point that SSA is not giving access to their protected data.

                      SSA contracts with plenty of people who do things more efficiently than they do. I don't expect SSA to invent their own phone system. They use ATT or Verizon's or whoever. Likewise, why should they employs hundreds of programmers, re-inventing the data base wheel.

                      Lots of things only SSA can do. Private industry aggressively poaches SSA trained disability examiners, for example. Some things SSA should get help doing. I wish they would get some design pros to re-design their website for example.

                      I don't disagree with you about the false rejection rate (although we both agree that errs on the side of not compromising your data and can be rectified). If SSA accepts too high a rate then they are wasting resources. That's why they have IG's offices, congressional staff, and other such nosey assholes. Of course the rejection rate before this was 0, and the online access was 0. Your willingness to balance false positives and false negatives has to do with your aversion to risk.

                      You are assuming the equation is negative, without much data. Everything I have seen from the agency is they expect it to be a large positive. They are in big big trouble if they can't get online services working for them.

                      As for the "fat helping of our Social Security contributions" my understanding is that the cost per person is measured in cents, not dollars. And once you are in, you are done with them.

              •  As I mentioned earlier (2+ / 0-)
                Recommended by:
                triv33, nchristine

                I have no problem with providing some Social Security services online.  But considering that fact that not everyone has personal (home) computer access, I do not agree with the policy of stopping the mailings.  

                The 60 million dollars in the AARP (or 70 million which you quote) are a drop in the bucket of the federal budget.  There are many other places they could have looked for savings.

                And because this recommendation came from the Catfood Commission (Bowles-Simpson), I like it even less.  Here's the excerpt and link to The Moment of Truth.

                1.10.5 Reduce federal travel, printing, and vehicle budgets. . . . Additionally, we recommend allowing certain documents to be released in electronic-only form, and capping total  government printing expenditures. . . .
                This is a very vital and necessary for most (not all) folks to have when they consider their retirement options.  The very idea that a vital service like this gets the hatchet, is ridiculous in the first place (IMO).

                Mollie

                “If a dog won’t come to you after having looked you in the face, you should go home and examine your conscience.” -- Woodrow Wilson

                by musiccitymollie on Wed Jan 23, 2013 at 12:39:23 PM PST

                [ Parent ]

              •  No, they're really not. (2+ / 0-)
                Recommended by:
                nchristine, triv33
                SSA is spending a fraction that to get you authenticated.
                Because Experian is incompetent.  When you don't remember when you first got your credit card because who cares or how many bedrooms you actually have versus what they think you have, you still have to physically visit a SS office -- if you can drive, if you're physically capable of leaving your house, if you have someone to take you.
      •  According to the diarist, your info is outdated (5+ / 0-)
        Recommended by:
        Eileen B, Aquarius40, DRo, fuzzyguy, JesseCW

        and wrong.

        "There's no ideology [t]here [on the right]. It's just about being a dick." Bill Maher, June 22, 2012.

        by caseynm on Wed Jan 23, 2013 at 08:57:43 AM PST

        [ Parent ]

        •  Diarist is speculating. I am not. (0+ / 0-)

          Experian may suck in many ways, but they have no access to Social Security data. About that I am correct. The diarist has no idea what he/she is talking about.

          Experian are not "in control" of access to the website. You can go directly to Social Security field office and get authenticated in person (or lock online access to your data altogether). For anyone wanting to do this totally online, however, they do have to go through the Experian screen. SSA is free to contract with someone else if they can do a better job. Maybe they will decide to lower their security standards and use their own more limited verification process.

          •  Maybe we should just stop government contracting (1+ / 0-)
            Recommended by:
            nchristine

            of this kind of stuff, period. WTF is ANY private company doing with ANY access to private information? I have yet to see ANYTHING the private sector can do as well as or better than (in terms of governmental functions) government. Not one. Either the service is worse or the cost goes up.

            "There's no ideology [t]here [on the right]. It's just about being a dick." Bill Maher, June 22, 2012.

            by caseynm on Wed Jan 23, 2013 at 02:05:56 PM PST

            [ Parent ]

      •  Bullshit. The very fact that you're applying is (2+ / 0-)
        Recommended by:
        triv33, gooderservice

        being relayed to them.

        "I have often seen people uncivil by too much civility, and tiresome in their courtesy." Michel de Montaigne

        by JesseCW on Wed Jan 23, 2013 at 11:24:07 AM PST

        [ Parent ]

        •  Applying for what? (0+ / 0-)

          All Experian knows is that you want to set up your online password with SSA. They have no idea what you want to do there.

          For most people this is the only way to access the now defunct paper social Security statement, which used to be mailed to 180 million people every year. What value is that to Experian?

          •  If they know your age, and you're setting up (3+ / 0-)
            Recommended by:
            triv33, nchristine, gooderservice

            new access, they can make some pretty damned informed guesses.

            63 year old recently divorced woman struggling to pay her bills tries to access SS?  Yeah, they can make an informed guess that she's likely going to take early benefits.

            And they can profit from that.

            "I have often seen people uncivil by too much civility, and tiresome in their courtesy." Michel de Montaigne

            by JesseCW on Wed Jan 23, 2013 at 11:58:21 AM PST

            [ Parent ]

            •  I'd be willing to bet... (0+ / 0-)

              .... they have enough information on people that they could predict your retirement age pretty easily. About 50% of women already take their benefits at age 62.

              Exactly why is that valuable to them? Compared to what they already know.

              This is incredibly weak tea, you are serving here.

Subscribe or Donate to support Daily Kos.

Click here for the mobile view of the site