Discussions with Privacy Experts on SSA's Authentication Process

Discussions with the Privacy Experts on SSA’s Authentication Process

Date

4/26/2010

4/27/2010

Organization

Background

Privacy and
Information
Policy Consultant

The purpose of the meeting was to brief the
privacy consultant on SSA’s new identity
proofing, credentialing, and second-factor
authentication proposal and receive his feedback
on the proposal or strategy.

Approved –
• Commended SSA’s efforts
• Offered recommendations
• Suggested names/organizations for further
Privacy related briefings

The purpose of the meeting was to brief CDT on
SSA’s new identity proofing, credentialing, and
second-factor authentication proposal and to
receive feedback and recommendations.

Approved –
• Commended SSA’s efforts
• Offered recommendations:

 Do not use Mother’s Maiden Name

 Every user should get an OOW question at
enrollment time, and maybe even at every
subsequent logon

 Implement automated removal of block

 Aggressively handle fraudulent attacks
• Suggested names/organizations for further
Privacy related briefings
• Suggested organizations for future benchmarking
activity

Vice President of
the Center for
Democracy &
Technology
(CDT)

Recommendations

1

Discussions with the Privacy Experts on SSA’s Authentication Process

Date

Organization

Background

Privacy Times is a newsletter covering privacy and
Freedom of Information Law and policy.
5/10/2010

5/10/2010

Editor/Publisher
of Privacy Times

Professor of Law
& Director,
Information
Privacy
Programs,
Berkeley
University

The purpose of the meeting was to brief Privacy
Times on SSA’s new identity proofing,
credentialing, and second-factor authentication
proposal for the public and to receive feedback
and recommendations.

The purpose of the meeting was to brief the
professor on SSA’s new identity proofing,
credentialing, and second-factor authentication
proposal for the public and to receive feedback
and recommendations.

Recommendations
Approved –
• Stressed the importance of user education
regarding use of Experian for identity
verification only
• Cited that Experian offers the most dynamic
database of the leading credit bureaus
• Enforced SSA’s right to audit Experian and
tweak the process as needed
• Recommended consultants for further privacy
consultation activity
Approved –
• Commended SSA’s efforts
• Reactions:

 Our business model is comprehensive and
secure.

 He sees no problems with going to a private
sector database to help with identification and
authentication.

 Our design deals with any sensitivity this
model might provoke.
• Cautioned SSA about “over-engineering” (i.e.
making our process so difficult that the public
will not use it)

2

Discussions with the Privacy Experts on SSA’s Authentication Process

Date

5/11/2010

5/17/2010

Organization

Assistant
Professor, School
of Information,
UC Berkeley;
Director,
Berkeley Center
for Law and
Technology

Director,
Consumer
Program, U.S.
PIRG

Background

The purpose of the meeting was to brief the
Assistant Professor on SSA’s new identity
proofing, credentialing, and second-factor
authentication proposal for the public and to
receive feedback and recommendations.

The purpose of the meeting was to brief the
Director of Consumer Programs, U.S. PIRG. U.S.
PIRG, the federation of state Public Interest
Research Groups, on SSA’s new identity proofing,
credentialing, and second-factor authentication
proposal for the public, and to receive feedback
and recommendations.

Recommendations

Approved –
• Commended SSA’s efforts
• Reactions:

 The risk of identity theft to the user is high
(i.e. what malware exists on the user’s
machine and fraudulent sites).

 Recommended we look into the Team for
Research in Ubiquitous Secure Technology,
for ways to identify secure sites.
• SSA will update its ROME Executive Summary
to include user security practices and risks.
• Clarify that authentication should be defined as
“identity authentication”.
• Clarify that SSA program determinations will not
be affected by Experian’s identity risk score.

Approved –
• Commended SSA’s efforts
• Recommended that SSA remain vigilant in
monitoring and auditing Experian’s performance

3

Discussions with the Privacy Experts on SSA’s Authentication Process

Date

5/27/2010

5/28/2010

Organization

Privacy Expert,
Founder and
Director of the
Privacy Rights
Clearinghouse

Members of the
Privacy Coalition

Background

The purpose of the meeting was to brief the
founder and director of the Privacy Rights
Clearinghouse on SSA’s new identity proofing,
credentialing, and second-factor authentication
proposal for the public and to receive feedback
and recommendations.

The purpose of the meeting was to brief the
Privacy Coalition members on SSA’s new identity
proofing, credentialing, and second-factor
authentication proposal for the public and to
receive feedback and recommendations.

Recommendations
Approved –
• Commended SSA’s efforts
• Reactions:

 SSA has a good process and that all of our
bases are covered

 The process is thorough, well thought out,
cautious, secure, and well vetted

 The new process will serve identity theft
victims well

 Commended us for developing a way to handle
domestic abuse victims.
Approved –
• Commended SSA’s efforts
• Reactions:

 SSA should look into TSA’s experience on
lessons learned regarding accuracy of external
data sources

 Recommended exploring options such as the
use of a cell phone/biometric device

 Agreement that the members of the Privacy
Coalition would be able to follow-up with SSA
and pose additional questions via
correspondence between EPIC and SSA

4

Discussions with the Privacy Experts on SSA’s Authentication Process

Date

Organization

Background

5/28/2010

Co-chair and
Director of the
Future of Privacy
Forum

The Future of Privacy Forum seeks to advance
responsible data practices. The purpose of the
meeting was to brief the Director on SSA’s new
identity proofing, credentialing, and second-factor
authentication proposal for the public and to
receive feedback and recommendations.

6/16/2010

Office of
Management and
Budget / Office of
E-Government
and Information
Technology;
&
National Institute
of Standards and
Technology

The purpose of this meeting was to brief these
agencies on SSA’s new identity proofing,
credentialing, and second-factor authentication
proposal for the public to receive feedback and
recommendations.

Recommendations
Approved –
• Commended SSA’s efforts
• Reactions:

 Suggested that SSA consider the implications
of issuing a single ID and potentially sharing
that credential with other agencies or
organizations.



Approved –
• Received very positive reactions and favorable
feedback
• Said this model should be the standard for other
federal agencies
• Physical mailing via USPS for a Level 3
credential is essential

5

Discussions with the Privacy Experts on SSA’s Authentication Process

Date

7/15/2010

Organization

National Network
to End Domestic
Violence
(NNEDV)
Director of the
Safety Net Project
Senior Attorney
at Greater Boston
Legal Services

Background

The purpose of the meeting was to brief these
experts on SSA’s proposed credential issuance,
management, and authentication system,
Registration of Most Everyone (ROME), and to
solicit feedback, specifically as it relates to the
unique perspective and needs of the domestic
violence survivors population.

Recommendations
Approved –
• Commended SSA’s efforts
• Reactions:

 The NNEDV and SSA will continue to
collaborate on spreading educational
information through local and national training
programs

 Survivors of domestic violence must enroll for
a ROME User ID in person.

 SSA acknowledged the difficulty in balancing
security with ease of use;

 Participants agreed that the process in place
for ROME is appropriate for most survivors of
domestic violence.

6

Discussions with the Privacy Experts on SSA’s Authentication Process

Date

7/20/2010

9/2/2010

Organization

Identity Theft
Resource Center

Office of
Management and
Budget / Office of
Information &
Regulatory Affairs

Background

The purpose of this meeting was to brief the
Executive Director and founder of the Identity
Theft Resource Center on SSA’s proposed identity
proofing, credential issuance and management,
and authentication process and to solicit feedback,
specifically as it relates to the unique perspective
and needs of the victims of identity theft.

Frank Baitman, OOG staff, and OPLM staff met
with OMB representatives to brief them on the
upcoming clearance for SSA’s new identity
proofing, credentialing, and second-factor
authentication process.

Recommendations
Approved –
• Commended SSA’s efforts
• Reactions:

 Use a layered structure to store user names,
passwords, and reset questions. (i.e. don’t put
everything in one database)

 Provide 2 levels of instructions for users based
on their computer experience.

 Tell users, up front, the kinds of personal
information (PII) SSA will never ask them for,
or the kinds of activities SSA will never
engage in with their customers.
Note: SSA will allow OIG personnel to access the
ROME Customer Support Application so they can block
access to an individual’s electronic personal information
as soon as they are notified of an identity theft.

•

OMB appreciated the early notification and
promised to push this clearance request, and any
subsequent non-substantive changes, through the
review process as quickly as possible.

•

OMB alerted SSA to new guidance on the use of
"cookies."

7

Discussions with the Privacy Experts on SSA’s Authentication Process

Date

12/21/2010

Organization

Office of
Management and
Budget /
Authentication
Desk Officer

Background

OOG and OPLM met with OMB’s Authentication
Desk Officer to provide a “heads up” on the
upcoming clearance package for SSA’s new public
credentialing process and to solicit feedback on any
additional information we could submit that would
be helpful.

Recommendations

The Desk Officer requested that we add the following
items to the OMB Clearance package:
• A full description of the model;
• An explanation as to how this model complies
with NIST & OMB guidance;
• A list of the Privacy laws; and,
• A list of the Privacy Experts we consulted with.
We can attach these in a separate Addendum.

3/4/2011

Vivek Kundra,
National CIO,
White House

Alan Lane briefed the National CIO on SSA’s new
identity proofing, credentialing, and second-factor
authentication process.

Approved –
• Received a favorable reaction
• Wanted to know when SSA will federate
• Expressed an interest in putting the Social
Security Statement online.

8

Discussions with the Privacy Experts on SSA’s Authentication Process

Date

Organization

4/6/2011

Aneesh Chopra,
Chief Technology
Officer of the U.S.

Background

Alan Lane met with the Chief Technology Officer of
the U.S. this afternoon to discuss authentication
efforts at SSA.

Recommendations

Approved –
• Wants SSA to look into a USPS product that
verifies address
• Stressed the importance of performing live testing
for ROME

9