And just how the hell is that supposed to work? Are they going to issue everyone ITINs? If they do, it'll just replace the SSN/SIN as something new for criminals to steal with the exact same results as getting your SSN stolen now. Ask anyone who lives in the US and pays taxes but isn't a citizen about what happens if someone steals your ITIN. Its more difficult to deal with than having your SSN stolen, and that's saying something as SSN fraud isn't exactly a walk in the park.
It'll never happen, especially with the group of clowns occupying both houses of congress and the white house but something has to give. When even a credit bureau can't seem to do the job right, it doesn't say much for any of these fools. And I'm in the same boat as the disgraced ex-CEO here, I've had my SSN (and medical files, and security paperwork, as well as biometrics with my military files) stolen four times in as many years, twice from OPM/NARA, once with Anthem and now with Equifax.
Instead of treating the symptoms, and giving us yet another number that's going to get stolen, they need to treat the disease itself, and the only way to do that is to make corporations that mishandle NPPI liable for the theft itself to the tune of a thousand dollars (or more) plus any losses incurred by their customers through their mishandling and make it an immediate discharge from Federal service for the agency directors if a Federal Agency mishandles NPPI. I'm sick of hearing how much they value my business and how seriously they take their security when its plain to see that they simply do not.