The Social Security numbers of potentially millions of registered voters in Ohio were included on CD-ROMs distributed to some 20 political campaign operations in recent months as campaigns geared up for spring primary election races.
The problem was discovered Tuesday when one of the political campaigns contacted the Ohio secretary of state’s office to say that the personal data was on the discs, even though it wasn’t requested, said James Lee, a spokesman for Secretary of State J. Kenneth Blackwell.
All of the political organizations that received the CDs were immediately contacted and have agreed to return the discs for replacements that won’t include the Social Security numbers, Lee said. The records of about 7.7 million registered voters in Ohio are listed on the CDs, but Lee said he didn't know how many voter records included Social Security numbers. The records show which elections a voter participated in since 2002, along with their names and addresses.
For many years, Ohio voter registration forms included a space where the voter could choose to include a Social Security number, but it was optional, he said. Earlier this year, the forms were changed to include only the last four digits of the number to better protect a voter’s private information.
The Social Security numbers were included when the CDs were created, Lee said. “When we did one of our data merges, some data included some Social Security numbers” accidentally, he said. “It’s just a data issue that can be fixed now by leaving out that column.”
Once the affected CDs are returned sometime in the next two weeks, updated discs will be issued. Asked if any printouts from the CDs will also be returned or destroyed, Lee said he doesn’t believe any printouts were made. “We consider the issue resolved,” he said.
Political campaigns use the voter registration lists to conduct phone canvassing, create mailing lists for brochures about candidates and to put together door-to-door efforts.
This is the second time since March that the issue of privacy has arisen in Ohio government agencies. Last month, an Ohio man sued the state for posting his and other residents’ Social Security numbers for years on state Web sites where publicly searchable records are stored, showing retail purchases made using credit cards or bank loans (see ”Ohio secretary of state sued over ID info posted online”).
Lee Tien, a senior staff attorney for the Electronic Frontier Foundation, a San Francisco-based, nonprofit digital rights and privacy group, said the Ohio incident is particularly egregious because there has been no public notification of the data disclosure by state officials.
"There was a foul-up by the state in sending the data out," Tien said. "They've got to make sure it never happens again."
Chris Hoofnagle, senior counsel for the Electronic Privacy Information Center, a Washington-based privacy group, said the incident underscores the importance of laws that would allow people to "freeze" their credit to prevent unauthorized persons from gaining their personal information and opening credit accounts in their names. Ohio does not have such laws, he said.
The state, however, does have a security breach notification law, Hoofnagle said, but it is unclear how it would apply in this case. The law, which went into effect Feb. 17, requires a state agency, person or business entity to contact residents "if unencrypted or unredacted personal information about those individuals ... [that is] included in computerized data owned or licensed by the agency, person, or business entity is accessed and acquired by unauthorized persons." The law states that such notification must be given if such release "causes or reasonably is believed will create a material risk of the commission of the offense of identity fraud or other fraud to the individual."
"The bill may apply," Hoofnagle said. "It seems like something should happen."
According to Ohio officials, Social Security numbers have been used for years to help state elections officials confirm voter identities by cross-referencing the information with data from the state’s Bureau of Motor Vehicles, according to BMV spokesman Fred Stratmann. The secretary of state’s office would send the voter registration databases to the BMV, which then compared it with another registration database maintained by the American Association of Motor Vehicle Administrators (AAMVA) in Arlington, Va., Stratmann said. By cross-referencing the data, election officials confirmed the identities of voters, he said.
AAMVA is a tax-exempt, nonprofit organization that assists U.S. and Canadian governments with motor vehicle administration, police traffic services and highway safety.
Under the Help America Vote Act of 2002, voters must include only the last four digits of their Social Security numbers as part of their registrations to help confirm their identities, Stratmann said. That information is then cross-referenced against the AAMVA database, he said.
That procedure has at least one Ohio resident very angry. Rosanna Miller, a 55-year-old musician and music teacher in Amanda, Ohio, said the use of Social Security numbers for identification purposes by government agencies is wrong. She said that information is supposed to be kept private, according to the Social Security Administration.
“Every time you turn around, the government’s telling you something that’s not the truth,” Miller said.
Last year, Miller said she was turned down for assistance from a state program to help pay her home heating bills because she refused to put her Social Security number on the form.
When Miller telephoned the state secretary of state’s office earlier this week to check to see if her Social Security number was listed in her voting registration records, she was told that the number was not on her records. “Now, do I believe that?” she said.
The problem is that many different government agencies have been using the information, including the secretary of state’s office, she said. “Now [the BMV] is passing it out. This just gets deeper and deeper and deeper.”