Perhaps it would be worth setting and publicising a standard tariff, say 1 day inside for each record sold. That way there'd be no expectation of just getting a few years. Just work out your life expectancy, what's the maximum proportion of that you're prepared to spend and set the maximum number you'll sell based on that. Making that calculation might give even those who think they'll never get caught have a few sobering moments.
Admin of $19M marketplace that sold social security numbers gets 8 years in jail
A Ukrainian national is facing an eight year prison sentence for running an online marketplace that sold the personal data of approximately 24 million US citizens. Vitalii Chychasov, 37, was sentenced on Tuesday after pleading guilty to conspiracy to commit access device fraud and trafficking in unauthorized access devices. In …
COMMENTS
-
-
Friday 1st December 2023 18:25 GMT Michael Wojcik
Even if the operators are rationalists — and my guess is they aren't, because actually making life choices rationally carries high cognitive and affective load — I doubt that calculation works. Most operators are never brought to trial, so probable risk is low; and these behaviors indicate a risk-friendly personality in the first place.
Also, isn't the present carceral state bad enough? Frankly, I think it's unethical to advocate for longer sentences without significant prison reform first.
-
-
Thursday 30th November 2023 20:00 GMT Anonymous Coward
> A Ukrainian national is
> Attempting to enter Hungary at the time, Chychasov was arrested in March 2022
> US in July 2022, a month after SSNDOB was shut down by US, Latvian, and Cypriot authorities.
Well, that was one fortunate side effect of Putins invasion then.
Maybe our criminal mastermind should not have picked on US nationals thinking he was safe and beyond reach.
-
Friday 1st December 2023 00:46 GMT Kev99
According to the Social Security Act of 1934, the director of the social security administration was to create a method to identify beneficiaries of the social security benefits. Nowhere did the Act say the system was to be used for anything else. Yet, the SSN is still used by everyone and his brother to identify people for reasons completely unrelated to social security, and the federal government is one of the biggest culprits. At least Medicare switched an unfathomable string of letters and numbers a few years ago. Too bad all this entities using the SSN can't be held liable.
-
Friday 1st December 2023 18:37 GMT Michael Wojcik
This is a myth — or more precisely, the implication that the situation established by SSA 1934 remains in force is a myth.
See for example the Background section of the FTC's 2008 report on the use of SSNs in private industry, which notes:
Many SSN uses have also been legally mandated. The Internal Revenue Service (“IRS”), for example, requires private sector entities, including banks, insurance companies, and employers, to collect SSNs for income and tax-related purposes....
There appears to be broad consensus [among the experts consulted by the Commission] that the use of the SSN as an identifier – to match individuals to information about them both within an organization and between organizations – is prevalent and, in many contexts, beneficial.
The report concludes that while SSN use in private business has been a major contributor to identify theft, it's too late to "put the genie back in the bottle" and instead urges better protection of SSN data by businesses.
Of course numerous other groups and individuals have long campaigned for eliminating uses of SSNs not required by law (or with the force of law by empowered regulatory agencies and the like), and it's difficult not to sympathize with them, though we do have the problem of legitimate, consumer-serving business coordination without the use of SSNs.
-
-
-
Friday 1st December 2023 02:22 GMT doublelayer
Re: Call me crazy
And instead they will use what? They want something that uniquely identifies people. If they can't use that number, they'll find something else, and chances are that won't be any harder to compromise. If you ban them from using every government-issued identifier, then you'll probably see them come up with a private identifier that, in practice, everyone will have to register for because employers and financial institutions will demand it. I'm not supporting this number or the similar ones used in various other countries, but if we're going to ask for its replacement, we may want to have some idea of what we make them replace it with before they decide on their own.
-
Friday 1st December 2023 18:39 GMT Michael Wojcik
Re: Call me crazy
The FTC formed a commission to look into this in 2008 and deemed it infeasible. See my post in another thread.
You may not be crazy, but apparently you didn't bother doing any research before you made that suggestion. Tip: Whatever bright idea you have for reforming things, it's possible other people have considered it already.
-