Safeguarding Children

By Laura Spadanuta

01 July 2011

Print Issue: July 2011

NATHAN HAD a credit history that went back for 10 years. He had several credit cards and a foreclosed home on record. But Nathan was only 14 years old, and his credit history was established by someone who had stolen his Social Security number (SSN); the fraud totaled more than $600,000. Nathan was a victim of child identity theft. He is not alone.

Richard Power, distinguished fellow at Carnegie Mellon University’s CyLab, examined credit account records of 40,000 minors who were signed up for Debix’s AllClear ID protection network, and found that 10 percent showed evidence of identity theft. That compares with .2 percent for the adult population surveyed from the group.

The problem arises from the fact that children are given an SSN long before they need to use it. While one can’t directly extrapolate the rate of theft found in Debix’s files to the general population, the data suggests “that identity thieves are targeting children due to the unique value of unused Social Security numbers,” states Powers in the report.

That suggests that parents may want to take special precautions. Some news outlets have even suggested that writing about a baby’s birth and listing his or her name on Facebook may tempt potential identity thieves to exploit the newly issued SSN.

Children are also attractive to identity thieves because their credit histories are clean slates. Individuals aren’t supposed to be able to get credit until they turn 18. Additionally, parents don’t often have reason to run a credit report on a child, so the theft can go on for years without the crime coming to light.

There aren’t enough safeguards in place to protect misuse of SSNs in this way, according to Identity Theft Resource Center Executive Director Jay Foley. If you went to the Social Security Administration today and asked them about a Social Security number, they could only tell you whether it was a valid number, and perhaps whether the correct name was attached to it. “They’re not going to tell you how long it’s been in service; they’re not going to tell you how old the person is,” states Foley. In fact, Social Security does not operate off the basis of your date of birth; it operates off the date of issue for your number,” he explains. He points out that a parent could apply for an SSN for their newborn on a certain date, but a grown-up immigrant could also receive an SSN on that same date, so date of issue has no relation to age.

Some of the primary drivers of child identity theft, according to the report, are illegal immigration, organized crime, and friends and family attempting to circumvent their own low credit ratings.

In many cases that Foley has seen, the guardians who are supposed to protect the children are often the ones committing the theft. For example, Foley cites reports that as many as 50 percent of children in foster care in California have been victims of identity theft, with the foster parents being the perpetrators in many cases. Another tricky aspect of these situations: The guardians are the only ones who would be able to run credit reports on the children to detect fraud and correct false information.

Identity theft of children can have unique and far-reaching consequences. A child who has had his or her credit damaged may have difficulty getting loans and scholarships for college, says Foley, forcing that person to change his or her life plan drastically. Clearing up the problem could take years and delay education or the ability to find a decent job.

Power makes recommendations on how to curb this problem. One suggestion is for lawmakers to establish the Identity Theft Resource Center’s proposed 1710 database. This database would include the name, birth date, and SSN of all people under 17 years and 10 months of age. The information would be available to credit reporting agencies and others so that when someone attempted to open a line of credit, the agencies could check that SSN against the list and deny the credit request if the number belonged to someone underage.

Another recommendation is that parents conduct cyber risk assessments for their children. Of course, this would not help those children victimized by parents, guardians, or foster parents.