Amidst a torrent of criticism, Equifax CEO Richard Smith managed to score some points with the House Energy and Commerce Committee during his October 3, 2017 testimony about the company’s massive data breach. Smith suggested that the continued use of Social Security numbers as unique and secure identifiers is “untenable,” joining a chorus of critics who claim that Social Security numbers have outlived their utility and in fact were never meant to be used as unique identifiers when introduced in 1936. Also on Tuesday, White House cybersecurity coordinator Rob Joyce announced that the continued use of Social Security numbers by federal departments and agencies is under review, adding that “It's really clear there needs to be a change.”
In their latest CNBC op-ed, Morrison & Foerster’s Global Risk + Crisis Management Chair John P. Carlin and Counsel David Newman agree, arguing that systems that rely on Social Security numbers for authentication are inherently insecure. While there are pros and cons to other available methods, Carlin and Newman suggest that now is the time for the U.S. government to make the necessary investment and get creative in crafting an alternative.