College and University Privacy Issues: Social Security Numbers and Smart Cards

College and University Privacy Issues: Social Security Numbers and Smart Cards

Presentation by Beth Givens, Director
NACUA 41st Annual Conference

National Association of College and University Attorneys
San Diego, California


Outline of Presentation:



1. Overview: There are many privacy issues facing colleges and universities today. This presentation covers only the first two below:

  • SSNs as student identification numbers
    - Identity theft and other security issues
  • Multi-purpose "smart" cards, privacy implications
  • Violence profiling
  • Weapons searches
  • Drug testing
  • E-mail, Internet uses, websites, acceptable use policy
  • Records disclosure
  • Uses of directory information
  • Video surveillance
  • Health services
  • Research subjects

2. Presentation Topics

  • Social Security numbers as student IDs
    - Identity theft and other security issues
  • Multi-purpose cards
    - "Smart" cards, memory cards, advanced cards

3. Uses of SSNs As Student IDs:

Complaints received by the Privacy Rights Clearinghouse:

  • No alternative numbers given
  • SSNs are written on checks at bookstore - a fraud risk
  • Used as library computer log-on number
  • Required to sign-in at the computer center
  • Listed on class rosters
  • Why are students complaining?
    - Privacy concerns
    - Identity theft fears

4. Rise of Identity Theft in U.S.

  • SSN is key to assuming identities for credit and other types of financial fraud
  • Fastest growing crime in U.S.
  • 500,000-700,000 victims in 2000, based on credit bureau statistics
  • [Sept. 2003 Update: Recent surveys show there are currently 7-10 million victims per year,
    greatly exceeding our earlier estimates.
    For more information,]
  • Opportunistic crime, rather than targeted
  • Bad or non-existent credit is not a deterrent to the criminals
  • Criminalization is not a deterrent
    - Very low-risk crime because of light penalties; it is a nonviolent crime.

5. Campus Horror Stories

  • Florida professor posted SSNs of students on his class web site
  • 1,600 USC Orientation Dept. checks stolen, many with students' SSNs on memo line
  • Univ. of Indiana computer hacked by foreign intruder who obtained 3,000 SSNs
  • Professor posted grades by SSN and stole identities of some of her students
  • A teacher's ID was stolen by student -- her SSN was required on top of class roster
  • Female student was stalked several years by a male student who was able to obtain information about her on Internet information broker site
  • Female student's ex-boyfriend used SSN to commit identity theft as revenge

6. Sign of the Times

  • "The time has come to put the SSN back into its box.Its misuse is a national crisis."
    - John Huse, SSA Inspector General, Congressional hearing, May 22, 2001
  • States that prohibit SSN as student ID -- by law
    - Wisconsin, Arizona, New York, Rhode Island, Maryland
  • Voluntary actions - universities that have replaced SSNs with another number system
    - Montana State Univ., USC, Duke, Univ. of Virginia, Florida Univ. System, and others

7. Legislation

  • California SB 168, Sen. Bowen (update 12/01: university prohibition was removed)
  • U.S. Congress -- prohibit display, sale, etc. (update 12/01: no bills have yet passed)
    - H.R. 1478 (Kleczka)
    - H.R. 2036 (Shaw) (S. 1014)
    - S. 324 (Shelby)
    - S. 451 (Nelson)
    - S. 848 (Feinstein & Gregg)
    - S. 1014 (Bunning) (H.R. 2036)

8. Judicial Action

  • Krebs v. Rutgers
    - 797 F. Supp. 1246 (D.N.J. 1992)
  • 7 undergrads were plaintiffs -- complaints regarding uses for class rosters, ID cards, dining services, posting of grades, and denial of benefits if students refused to give SSNs.
  • Federal statutes cited -- Privacy Act of 1974 and Family Educational Rights and Privacy Act (FERPA, also known as the Buckley Amendment)

9. Privacy Act

  • Pub. L. No. 93-579, 5 U.S.C. 552a note
  • Unlawful for any federal, state, or local government agency to deny any individual any right, benefit, or privilege provided by law because the individual has refused to disclose his SSN . unless disclosure is required by federal statute or is required under law adopted prior to Jan. 1, 1975.

10. FERPA - Family Educational Rights and Privacy Act (Buckley Amendment)

  • 20 U.S.C. 1232g(b)(1) (1988)
  • "No funds shall be made available under any applicable program to any educational agency or institution which has a policy or practice of permitting the release of education records (or personally identifiable information . other than directory information ...) .of students without the written consent of their parents ."

11. The Krebs Decision

  • Rutgers is an independent institution and not a public entity vis-à-vis Privacy Act
  • But FERPA applies to Rutgers, and SSNs are "educational records" and/or personally identifiable information.
  • Rutgers was ordered to stop disseminating SSNs on class rosters only.
  • Rutgers was granted a FERPA exception regarding use on ID cards.

12. Rutgers Today

  • Still uses the SSN as the student ID.
  • Allows students to obtain an alternate number.
  • Requires SSN for telephone registration and Internet access -- with PIN number.
  • Default PIN is month/day of student's birth.

13. Case Study: University of Illinois

  • Adoption of system-wide SSN policy
  • Year-long process, 1999, working group
  • Risk analysis
    - Loss of trust in institution
    - Loss of control of business (lawsuits)
    - Financial risk (loss of federal funding)
  • Web:

14. University of Illinois SSN Policy

  • Purpose and objectives
    - Compliance with FERPA and Privacy Act
    - Broad awareness of confidential nature of SSNs
    - Reduced reliance on SSN for ID purposes
    - Consistent policy toward uses of SSN
    - Increased confidence by students and employees that SSNs are handled in confidential manner
  • Phased-in compliance over 5 years
  • Administrator to oversee SSN usage on each campus and to educate university
  • Unique ID Number assigned to all students, employees, contractors, consultants
  • No grades posted by SSN
  • Encrypted when transmitted electronically
  • Secure document disposal (shredding)
  • SSN not collected unless legal requirement
  • Limited release to third parties
  • May be stored with student records as confidential attribute
  • Explicit notices on forms and in handbooks
  • IT Dept. guidelines for electronic uses
  • Biennial report to Provosts and President
  • Compliance monitoring
  • Sanctions for breaches of confidentiality

15. Privacy Rights Clearinghouse Recommendations

  • Phase out use of SSN as student ID
  • Be prepared if SSNs are compromised. Provide identity theft information for students and employees.
  • Encourage a "culture of confidentiality"
  • Practice responsible information-handling
  • Establish position of Chief Privacy Officer
  • Develop privacy policy for smart cards

16. Multi-Purpose Cards (second topic of presentation)

  • Student ID card
  • Library use
  • Check cashing
  • Discretionary account
  • Facilities access -- dorms, computer labs, parking lots, recreational centers
  • Vending machines
  • Laundry
  • Student activities
  • Long distance phone service
  • Banking or credit union

17. Potential Privacy and Security Issues

  • Ensuring legitimate access to card data
  • Vendor access and vendor uses
  • Restricting secondary uses of data
  • Civil subpoena policy
  • Profiling
  • Student tracking
  • Data retention

18. The Answer?

  • Conduct "privacy impact assessment" before implementing
  • Develop and adopt code of "fair information principles"

19. Privacy Impact Assessment

  • Description of applications for which the cards will be used
  • Description of personally identifiable information collected and stored
  • Purposes of collection
  • How notice is given and consent is obtained
  • Methods of collection of student data
  • Duration of collection of information
  • Ensuring accuracy
  • Method of storage
  • Key personnel who have access
  • Procedures for access and correction
  • Complaints process
  • Security

20. Fair Information Principles - The Foundation of the University's Privacy Policy

(There are several such compilations. The following is my preferred code, developed by the Canadian Standards Association, 1995.)

  • Accountability
  • Identifying purpose
  • Consent
  • Limiting collection
  • Limiting use, disclosure and retention
  • Accuracy
  • Safeguards and security
  • Openness
  • Individual access
  • Challenging compliance

21. References

Krebs v. Rutgers, 797 F. Supp. 1246 (D.N.J. 1992)

Alexander C. Papandreou, "Krebs v. Rutgers: The Potential for Disclosure of Highly Confidential Personal Information Renders Questionable the Use of Social Security Numbers as Student Identification Numbers," Journal of College and University Law (20:1, pp. 79-96) 1993.

Federal Laws

Family Educational Rights and Privacy Act,
Privacy Act of 1974,

University of Illinois Social Security Number Policy


Identity Theft Resources

Privacy Rights Clearinghouse Fact Sheet 17 series.
Identity Theft Resource Center,
Federal Trade Commission,

Smart Cards

"Smart, Optical and Other Advanced Cards: How to Do a Privacy Assessment," Joint Project of the Information and Privacy Commissioner of Ontario and the Advanced Card Technology Association of Canada, Sept. 1997

Responsible Information-Handling

"A Checklist of Responsible Information-Handling Practices," Fact Sheet 12 by the Privacy Rights Clearinghouse
Fair Information Principles

"A Review of the Fair Information Principles: The Foundation of Privacy Public Policy," by Beth Givens, Privacy Rights Clearinghouse

Model Code for the Protection of Personal Information

(Canadian Standards Association, 1995)
From Who Knows: Safeguarding Your Privacy in a Networked World, by Ann Cavoukian and Don Tapscott, McGraw-Hill, 1997, pages 182-183.