Working Groups
Computer Professionals for Social Responsibility

Summary of some legal cases relevant to SSNs

Below are some summaries of a few recent cases. There are pointers in the summaries to longer files, usually the court's decision.


Back to ToC
Ohio Case

In a decision handed down on October 26, the Ohio Supreme Court has ruled that governmental disclosure of Social Security numbers (SSNs) violates individuals' constitutional right to privacy. At issue was a request by the Akron Beacon Journal for release of computer tape records of the City of Akron's year-end employee master files. The payroll files contain various information including employees' names, addresses, telephone numbers, SSNs, birth dates, education, employment status and positions, pay rates, service ratings, annual and sick leave information, overtime hours and pay, and year-to-date employee earnings. The City had provided the records to the newspaper, but deleted the SSNs on privacy grounds.

EPIC staff, on behalf of Computer Professionals for Social Responsibility, joined with the Public Citizen Litigation Group in filing a "friend of the court" brief in the case. The CPSR/Public Citizen brief highlighted the privacy implications of SSN disclosures and argued in support of the City's decision to withhold the numbers. The brief urged the Ohio Supreme Court to follow the lead of the U.S. Court of Appeals for the Fourth Circuit in the case of Greidinger v. Davis, where Virginia's practice of requiring SSNs for voter registration purposes was held unconstitutional. EPIC staff had similarly participated in the Greidinger litigation as friends of the court.

Text of the court's decision. CPSR's amicus brief on the case. (plain text)

Back to ToC IRS Case

Dr. Peter Zilahy Ingerman filed suit against the IRS in Federal District Court in 1991, and CPSR filed a friend of the court brief in August '91. The case was decided in favor of the IRS. According to "Privacy Journal", the IRS plans to start covering the SSNs on its mailing labels, but they made the decision too late to affect returns for 1993. More recently, this plan has been put into affect, though we don't know how widely.

CPSR's amicus brief on the case

Back to ToC Virginia Case

The Virginia case was filed by a resident who refused to supply a Social Security Number when registering to vote. When the registrar refused to accept his registration, he filed suit. He also challenged Virginia on two other bases: the registration form lacked a Privacy Act notice, and the voter lists they publish include Social Security Numbers. The Federal court of appeals ruled that Virginia may not require the disclosure of Social Security numbers as a condition of registering to vote. The court said that the Virginia requirement places an "intolerable burden" on the right to vote. The case is officially referred to as Greidinger v. Davis, No. 92-1571, Fourth Circuit Court of Appeals, March 22, 1993.

The following docs are available:

CPSR's press release on the decision.
CPSR's amicus brief.
The decision in the case.

Back to ToC Rutgers Case

(Krebs v. Rutgers. 797 F.Supp. 1246 (D.N.J. 1992). )

A student advocacy group at Rutgers University, which is a semi-public institution of higher education in New Jersey, discovered that the university administration and faculty were misusing social security numbers of students. The group claimed that the University did not have the authority to ask for its students' SSNs without certain information required by the Privacy Act of 1974, 5 U.S.C. Section 552a note. One piece of information was that the student giving the SSN is voluntary, and that the student would not be denied any benefit or privilege by refusing to submit it.

Additionally, the group charged that the University, by allowing the dissemination of SSNs to employees other than those with a legitimate educational interest, violated the Family Educational Rights and Privacy Act ("FERPA"), 20 U.S.C. 1232g.

Rutgers argued that it was not an "agency" within the meaning of the Privacy Act, which is applicable to federal, state, and local governmental "agencies" and thus was not subject to it. After an extensive analysis, the court said that since Rutgers was not closely controlled or supervised by state government, it was not an agency.

However, the court also concluded that since Rutgers was a recipient of federal education funds, it was subject to FERPA. The practices which the student group complained of were indeed violations of FERPA, and as such, the federal judge issued an injunction against Rutgers prohibiting these practices.

Keith Krebs recently sent me email saying that the case may need to be re-opened, since the University seems to be "unilaterally abrogating the settlement decree by initiating a change in policy prohibiting students from obtaining dummy SSNs." He's maintaining a new site to report on the issue.

Back to ToC Testimony and advocacy on responsible use of SSNs

Return to SSN FAQ.

Return to the CPSR home page.

Send mail to webmaster.

E-mail webmaster@cpsr.org with questions or comments.