This is only a Preview!

You must Publish this diary to make this visible to the public,
or click 'Edit Diary' to make further changes first.

Posting a Diary Entry

Daily Kos welcomes blog articles from readers, known as diaries. The Intro section to a diary should be about three paragraphs long, and is required. The body section is optional, as is the poll, which can have 1 to 15 choices. Descriptive tags are also required to help others find your diary by subject; please don't use "cute" tags.

When you're ready, scroll down below the tags and click Save & Preview. You can edit your diary after it's published by clicking Edit Diary. Polls cannot be edited once they are published.

If this is your first time creating a Diary since the Ajax upgrade, before you enter any text below, please press Ctrl-F5 and then hold down the Shift Key and press your browser's Reload button to refresh its cache with the new script files.


  1. One diary daily maximum.
  2. Substantive diaries only. If you don't have at least three solid, original paragraphs, you should probably post a comment in an Open Thread.
  3. No repetitive diaries. Take a moment to ensure your topic hasn't been blogged (you can search for Stories and Diaries that already cover this topic), though fresh original analysis is always welcome.
  4. Use the "Body" textbox if your diary entry is longer than three paragraphs.
  5. Any images in your posts must be hosted by an approved image hosting service (one of: imageshack.us, photobucket.com, flickr.com, smugmug.com, allyoucanupload.com, picturetrail.com, mac.com, webshots.com, editgrid.com).
  6. Copying and pasting entire copyrighted works is prohibited. If you do quote something, keep it brief, always provide a link to the original source, and use the <blockquote> tags to clearly identify the quoted material. Violating this rule is grounds for immediate banning.
  7. Be civil. Do not "call out" other users by name in diary titles. Do not use profanity in diary titles. Don't write diaries whose main purpose is to deliberately inflame.
For the complete list of DailyKos diary guidelines, please click here.

Please begin with an informative title:

Starting in January, your ability to access personal Social Security earnings and benefits via online access has been handed over to Experian - the same company that keeps your credit information completely screwed up accurate.

Experian's huge store of frequently inacurate records now includes personal and confidential Social Security Administration information they didn't have on file already, but only so they can verify your identity. What could possibly go wrong ...?


You must enter an Intro for your Diary Entry between 300 and 1150 characters long (that's approximately 50-175 words without any html or formatting markup).

Anyone else experienced this?

A friend just tried to access his account information online via the Social Security Adminstration's web portal. He was told his online account had been cancelled and that he would have to create a new account as of January 1st. Suddenly, he was redirected to an Experian web site that started asking obscure personal "security questions" that proved impossible to answer and he was locked out of his account. (Do you remember all the license tags for any cars that could have been in your name for the last 10 years?)

After several hours of waiting on hold ('yes, we're getting a lot of calls from people having problems with this...') so he could start over, it appears that inaccurate information may have been entered and there's no way to fix it except by visiting a SS field office in person. I'm guessing this sounds familiar to ANYONE who's ever had to deal with Experian with an error on their credit report in the past.

What has happened is this: in response to concerns about the security of the massive amounts of sensitive data held by the Social Security Administration, someone thought it would be a good idea to award the contract to Experian. Experian seems to have merged with some other world-wide agencies under the banner of "A Single Version of the Truth" (not kidding) and are now offering their expertise in identity verification.

On the surface, this seems to be a violation of our expectation of privacy with respect to the massive volume of data that the Social Security Administration collects on all individual's employment history. Secondly: Experian may now have the ability to correlate and data mine this secure information combined with all the other records they collect about individuals - and we have no control over how this information will be used or verification of it's accuracy.

Finally: Experian has always had a terrible record for accuracy of their records. They have a poor documented record with the public (when you can find them - they obviously scrub well - not much on Google) and that aligns with my direct personal experience over the years.  One incident after some strange credit events took me 6 weeks and a 25 page letter documenting errors that needed to be corrected. One bank supervisor during my ordeal candidly told me Experian always had the most errors, but they were the least expensive and that's why they were used so often. When you realize that errors on your credit report only allow providers to charge more fees - you can see why there's not much incentive for accuracy ... but that's another issue.

I'm wondering if anyone else is bothered by this massive hand-over of personal data to a company that, frankly, I don't trust to respect my privacy and not misuse the information. Granted, this doesn't affect operation of Social Security or payments - but with fewer field offices, this could affect many people's access to their information.

6:38 AM PT: Update: Here's another scary concern from comments (DRo):

"Offers two report types, full and partial, for clients with and without a Fair Credit Reporting Act (FCRA) permissible purpose"
... so further into private, non-regulated data?

Also: I wonder if this "data exchange" applied to only the 50 Million active SS benefit recipients ... or did the get access to ALL SS records? And I'll bet Experian did it for "free" (saved taxpayer $s!) for access to data that will be worth a goldmine to them!

3:07 PM PT: In response to a downstream "pie fight", I stand by my assumption that Experian explicitly states they have access to Social Security data:

"...people age 18 and older must be able to provide information about themselves that matches information already on file with Social Security. Then, Social Security uses Precise IDSM, Experian’s fraud detection and prevention platform, to securely authenticate and further verify the person’s identity."
The statement from Experian says they use "information already on file with Social Security". They then state that Social Security uses "Precise IDSM (tm, I assume), Experian's fraud detection and prevention platform" to further verify the person's identity.

We can assume that either SSA hands off to Experian for the ID verification, or that Experian is within SSA system to verify.  Since the questions I've seen used so far are from the Experian Credit Reporting system only - I have to assume this happens on Experian secure servers.

If Experian explicitly states they use "information already on file with Social Security", then they must have that information on file and , by implication, on their servers.  If they do not possess the individual information directly, then they are able to do some sort of secure, real-time SQL query - which also implies a level of access I am NOT comfortable giving to a company with the track record of Experian.

To Conclude:
We can parse all we want to about what privacy policies exist and how they are being respected, but the bottom line is: Experian is now in bed with your Social Security data. Whether they have limited access to only certain records or some other hands-off arraignment to respect privacy rules is unknown. We cannot know without looking at the specific details of the contract, which is unlikely to be available to the public.

Someone needs to review this relationship who has consumer interests in mind (Calling Elizabeth Warren?). Credit reporting agencies have shown a disturbing tendency to disrespect the public's privacy when profits are at stake and new business opportunities present themselves.  Knowledge is power; your data is the currency - when your financial well-being, your job application, your security clearance and your good name is at stake - who do you trust?

Thu Jan 24, 2013 at  2:22 PM PT: Last update: though I did't need to, I created an account since a few friends have not be able to get in. I was able to log in with little problem, but I was already prepared to research obscure personal data. Calls to Social Security indicate that this was put in place to help secure personal data living on their servers. Both Experian & SS statements seem to indicate there is some sort of "short lived" data exchange.

The jury is still out as to how data is transferred to/from Experian and whether they are simply an "extra step" front-end for creating an account via Experian's existing identity verification software and database. I fail to see how adding this outside vendor to filter account creation does ANYTHING to keep SS Admin data secure.

Extended (Optional)

Originally posted to TechBob on Wed Jan 23, 2013 at 04:43 AM PST.

Also republished by Social Security Defenders.

Your Email has been sent.