<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.0 Transitional//EN'>

<html><head><title>531096-00057.htm</title>

<meta name='vs_defaultClientScript' content='JavaScript'>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8">

<meta name='vs_targetSchema' content='http://schemas.microsoft.com/intellisense/ie3-2nav3-0'>

<meta name='Originator' content='CommentWorks'></head><body><Table>

<tr><td><b>Comment Number: </b></td><td>531096-00057</td></tr>

<tr><td><b>Received: </b></td><td>8/4/2007 9:34:37 AM</td></tr>

<tr><td><b>Organization: </b></td><td></td></tr>

<tr><td><b>Commenter: </b></td><td>Jukka Ukkonen</td></tr>

<tr><td><b>State: </b></td><td>Outside the United States</td></tr>

<tr><td><b>Agency: </b></td><td>Federal Trade Commission</td></tr>

<tr><td><b>Rule: </b></td><td>Private Sector Use of SSNs</td></tr>

<tr><td>No Attachments</td></tr></Table>

<hr><P><b>Comments:</b></p>A lot of services out there (both Internet and telephone) use SSN simply as a unique identifier for people. This use of SSN for purposes which typical SSN schemes have not been designed for has at least two serious problems. 1. Some SSNs may not be exactly unique, though, they do not have very frequent clashes. So, combined with a person's name they may produce almost unique identification. 2. A lot of SSN schemes used around the world reveal much more information about the person than is actually needed for providing a unique identity. Most services which need a uniquely distinguish people have absolutely no need for information like a person's birthday or sex. Anyhow both sex and birthday are shown as parts of many SSN schemes around the world. This makes it much easier to misuse e.g. stolen SSN numbers for identity theft / impersonating another person while contacting network or phone based services. In general the SSN should be only a long and unique random number which is used while accessing public services provided by the country or state when an ID which can be mapped back to a person's age, sex, etc. is required. This mapping should be possible only via a database run by government officials. Similarly there should be another completely separate but equally long, unique, and random public identifier for accessing any other services which merely need a unique ID for a person, but no further mapping to the individuals' personal data. As e.g. doctors, banks, and even larger shops as well as internet and phone based services maintain records of their clients, a separate ID would make sure they can only have access to information which the client has voluntarily given. Still they could be certain of the unique identity of the person. Two separate random identifiers could also be changed relatively quickly and easily in case there is a reason to suspect they have been stolen and either are or might potentially be misused. </body></html>