Death Master File — The Final Rule– 28 Nov 2016

Today is the effective date for the Final Rule implementing the statutory mandate found in Section 203 of the Bipartisan Budget Act of 2013 directing the Secretary of Commerce to develop a certification program limiting access to and the content of the Social Security Administration’s Death Master File.

To get to this point this project has required very nearly a full three year effort since the passage of this act in December of 2013.

I wish to start by thanking the National Technical Information Service (NTIS) of the Department of Commerce for the exemplary manner in which they have sought to craft regulations implementing their statutory mandate, for conducting the most rigorous review of the legitimate uses of the Death Master File (DMF) conducted thus far, and for providing stakeholders a forum in which to describe the impact of and offer suggestions to improve various approaches that could be taken.  Originally published in the Federal Register on the 1st of June, 2016 at 81 Fed. Reg. 34891, the pdf file of the regulation is found at:  https://www.gpo.gov/fdsys/pkg/FR-2016-06-01/pdf/2016-12479.pdf . They have provided a commendable demonstration of what a robust notice and comment process looks like, an example truly worthy of emulation.

NTIS acknowledges numerous suggestions found in the submissions made by over sixty legitimate historical users of the DMF but found themselves limited by the requirement that they implement the statute as written. Virtually all suggestions for improving the DMF or minimizing the adverse impact upon legitimate users had to be rejected because the statutory language left the Secretary of Commerce little discretion to do otherwise.  Contributor’s comments were made a part of the record found at:  https://www.regulations.gov/docketBrowser?rpp=25&po=25&dct=PS&D=DOC-2014-0001

Would that an opportunity to provide the user community an opportunity to provide input had been provided before the statutory language was carved in stone!  Although the rationale provided to support limiting access to the DMF was the prevention of identity theft, these measures may well make us even more vulnerable.

Legislators should be assured that the genealogical community is prepared to be supportive of measures which actually protect us from identity theft. We fervently wish that we could believe that the measures mandated by Section 203 of the Bipartisan Budget Act of 2013 limiting access and content of the Social Security Administration’s Death Master File would have that effect. Our analysis has suggested otherwise.

What is the documented impact?

  1. Clearly many legitimate historical users of the DMF are simply denied access to this resource (including medical and economic researchers.)
  2. The cost and burden on those authorized access to the Limited Access DMF has been significantly increased. A good example of the advice counsel are now having to give to their clients seeking to use the DMF is found at:  http://www.jdsupra.com/legalnews/cybersecurity-certifications-now-48385/
  3. Some certified users find that the Limited Access DMF no longer serves their needs because of questionable redactions of data elements and limitations in functionality found in the available search engines.
  4. When combined with the decision made in 2011 to redact some state provided data from the publically available DMF, we may be under-reporting up to one million deaths per year, thus further undermining the comprehensiveness of the DMF of the future.
  5. Once the IRS started actually using the DMF in December of 2011 to flag suspicious tax refund claims, they were already intercepting any fraudulent returns the thieves could have facilitated by misusing the DMF without burdening legitimate users.

 

I have long asserted that this Certification program does not belong in permanent legislation. https://www.regulations.gov/document?D=DOC-2014-0001-0093 .

As the right lessons are learned from this effort, let us hope that legislators chose to revisit the issue of whether this represents an enduring solution to the issues surrounding the proper role and future of death records such as the Death Master File.

Surely we can do better!

Share Button

Closing Death Records — The Logical Flaw

One of the misperceptions with which we have repeatedly had to wrestle in recent years has been that ALL Personally Identifiable Information (PII) by default must be safeguarded.  For many legislators in recent years, it is almost a reflexive belief that the best or only way to fight identify thieves is to close the records that thieves might have used.  At this level of thinking, rarely do current decision-makers distinguish between the active PII of the living from records of deceased individuals.  It is this flawed logic that was given as the rationale for the provisions of Section 203 of the Bipartisan Budget Act of 2013 limiting access to and the content of the SSA’s Death Master File.

May I suggest that death changes many things!

Ironically, some of the best examples of the impact of passing this milestone flow from that experienced by living individuals erroneously reported as deceased.  http://www.denverpost.com/2016/11/06/what-happens-when-social-security-accidentally-declares-you-dead/

The lesson: The personally identifiable information of persons “known” to be dead  (even if erroneously so) loses its value, thus thwarting its abuse by identify thieves!

My thesis is that, until recently, as a society we recognized the distinction between active  personally identifiable information and the records of deceased individuals.

The European Union still does.  Although RPAC has railed against many provisions of the European Union’s Data Protection Regulations (e.g. –“Right to be Forgotten”), I just note that the European Union Data Protection Regulations specifically recognize this distinction and even goes so far as to declare that “(27)  This regulation does not apply to the personal data of deceased persons.”  http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=OJ:L:2016:119:FULL&from=EN  See page 5. (With thanks to Jan Meisels Allen for highlighting this and related references.)

I am recalling another of our colleagues sharing a discussion he once had with a physician during which the doctor declared the then widely held belief that “The Deceased do not have  privacy rights!”

Because of the way in which US privacy law has evolved, it is more difficult to find as specific a provision in either federal or state statutes.  An excellent discussion of the contrast between the European Union approach to a comprehensive privacy statute and implementing regulations and the path followed in the United States is found at:  http://www.genomicslawreport.com/index.php/2015/09/01/how-privacy-law-affects-medical-and-scientific-research/.

Drawing largely upon case law instead of statutory language, the usual source for this concept is Section 652I of the Restatement of Torts: “Except for the appropriation of one’s name or likeness, an action for invasion of privacy can be maintained only by a living individual whose privacy is invaded.” [3 Restatement Torts, 2d, § 652I, p 403. Emphasis added.] (With thanks to Judy Russell for providing this citation).

The Supreme Court of Michigan cites to this Restatement provision in ruling that the Medical Examiner’s autopsy report  documenting that the death of a prominent judge was  a suicide and should be made available to a journalist in response to a Freedom of Information Act Request.  The opinion of the court, separate opinion and dissenting opinion provide an extensive discussion of various approaches to this situation and the basis for their ruling:  http://law.justia.com/cases/michigan/supreme-court/1991/89602-5.html .

My assessment is that the operative current paradigm fails to distinguish between the essentially different character of active personally identifying information from that of the deceased.  As long as this illogic survives, there is little chance that the utility previously afforded to genealogists and other legitimate historical users of the SSA’s Death Master File can be restored, or that we will have appropriate access to its possible successors.   Unfortunately, this same logical flaw burdens access to fact of death information found in the vital records of many of the fifty states, five territories and two independent cities making up the vital records community of the United States.

In coming months I anticipate that several opportunities to influence the path forward to an enduring solution may present themselves although rarely accompanied by an invitation to the genealogical community to do so.

The need for a major educational effort on the part of the genealogical community and other legitimate historical users of the Death Master File is clear.

Stay tuned for further suggestions on how best to bring about this much needed paradigm shift.

Share Button

Closing Death Records Is Just Dead Wrong!

The threat of Identity Theft has prompted over a thousand legislative proposals at the Federal, state or local level in recent years impacting access to vital records.  The vast majority of these proposals have had the effect of limiting that access for genealogical and other purposes. The rationale used to justify most of these measures suggests an almost reflexive belief that the best or only way to prevent the fraudulent use of such data by identity thieves is to close the records thieves might have used. This logic carries with it the unstated assumption that no harm or costs result from closing such records.

 

The most dramatic example of this paradigm at the Federal level is found in those provisions in Section 203 of the Bipartisan Budget Act of 2013 limiting access to and the content of the Social Security Administration’s Death Master File. The context prompting these provisions arose in 2011 from particularly egregious cases of tax fraud by identity theft involving recently deceased children.  Early House and Senate hearings highlighting these horror stories involved a narrative which injected additional elements to the paradigm.

What your legislators have heard can be summarized as follows:

  1. The DMF/SSDI was a substantial source of SSNs used in filing fraudulent tax returns.
  2. SSNs of deceased individuals need to be protected in the same ways we safeguard those of the living.
  3. Simple fix (Silver Bullet?) – Just limit access to DMF
  4. Unstated assumption:  Nothing would be lost by closing this resource.
  5. Unspecified Assertion:  Alternative sources exist for DMF data.

In fairness, when these issues surfaced in 2011, data needed to understand the nature and magnitude of the identity theft and erroneous payments then making headlines was not available and would not become available for some time.  Initial speculation reflected above became the paradigm upon which legislative responses would be based.

The adoption of Section 203 has presented a unique opportunity to gather data exploring the effectiveness of alternative measures intended to fight identity theft. The most optimistic among us might even suggest that those proposing to close death records at the Federal level may have done us a favor by creating this opportunity to subject this issue to analysis using real data that has subsequently become available rather than acting upon ill-informed speculation. The robust notice and comment process employed by the Department of Commerce in implementing their statutory mandate has provided a forum for gathering actual impact information.

Many of the posts to this blog for the past year have reflected conclusions supported by the data (especially that drawn from the IRS experience) that normally requires well over a year to work its way through their processes.

As that data has become available, what can we conclude?

In summary, I now assert that NO ELEMENT  THE ABOVE PARADIGM UPON WHICH RESPONSES TO THE THREAT OF IDENTITY THEFT HAVE BEEN BASED ARE SUPPORTED BY THE DATA NOW AVAILABLE!

 

Share Button

RPAC at FGS Springfield 2016

The Federation of Genealogical Societies is celebrating its 40th Anniversary as a featured theme at its Annual Conference this week in Springfield, Illinois.  On this occasion, the Records Preservation and Access Committee is presenting a workshop session entitled “Striking a Balance Between Records Access and Privacy”  Thursday Afternoon the 1st of September at 3:30pm CDT in Room B1 of the Springfield Conference Center.

As genealogists we want access to all our ancestors’ records but as individuals we want information about ourselves to remain private.  Should the records of the living all be protected and the records of the deceased all be available?  At this session we will discuss many examples of records which are closed to access and other open records which may be closed in the future.

The syllabus for this session is found at:  RPAC at FGS Springfield 2016

The PowerPoint slides for this session will be posted to the Publications page of this Blog the morning of the session.

 

Share Button

RPAC at RootsTech 2016

The RootsTech 2016 Conference held last month in Salt Lake City has grown in the last six years to become the largest family history themed gathering in the United States, if not the world.  Although I have not seen the final “official” attendance numbers, the last number I recall hearing was in excess of 24,000.

The Records Preservation and Access Committee announced  the launch of the Records Advocate Blog on this occasion, a resource designed to alert subscribers of state, federal and international access issues throughout the year which may impact our family history research.  This and other pending topics were described in the attached flyer distributed at the FGS and IAJGS Booths in the Exhibit Hall and on other occasions.  RootsTech 2016 RPAC Flyer (002)

I was also privileged to deliver a presentation entitled “Closing Death Records: ‘Silver Bullet’ or Dead End?”  Among the more pleasant surprises coming out of RootsTech was that the rehearsal for my Friday  presentation which was videotaped on Thursday was subsequently displayed with the same accessibility as if it had been planned as part of the RootsTech video schedule all along.  I intend to continue to polish this presentation highlighting the folly of “Closing Death Records” and to seek every available forum to share that message.  http://www.rootstech.org/video2/4739709016001

UPDATED LINK TO Video:  https://dl.dropboxusercontent.com/u/16962106/Moss%20-%20RootsTech2017-closing-death-records–.mp4

Share Button

Death Master File — Analysis — IRS Filters Really Work!

When presented graphically, the data reflected in the Charts quantifying the impact of the IRS Filters shared in the previous blog entry demonstrate patterns that are both clear and encouraging.  http://www.fgs.org/rpac/2016/01/08/death-master-file-impact-of-irs-filters-ty2010-ty2011-ty2012/

IRS Fraud $

Although scattered incidents of fraudulent tax returns involving identity theft were reported over a decade ago, their frequency and magnitude prior to 2010 could be said to fall within the noise level on the IRS radar.  The emphasis within the IRS and on Capital Hill was to expedite refund payments to the point that checks were being issued within days of electronic filing early in the filing season and well before the IRS would have received information returns that would be used months later to verify the accuracy of the data on the return justifying a significant refund.  Instead of taking steps designed to prevent improper payments, the IRS practice as 2011 began was to pay claimed refunds as quickly as possible and then chase the filer in a labor intensive effort to recover the fraudulent or otherwise improper payment.  http://www.gao.gov/products/GAO-15-482T

As stories began to make headlines during 2011 of thieves filing fraudulent tax refund claims abusing the SSNs of recently deceased children, the public was made to realize that the harm being perpetrated was no longer just a manageable drain on the Treasury.  The disruption and pain inflicted upon the grieving parents (the legitimate taxpayers) for them felt like losing their child all over again.  The IRS was prompted to revisit the wisdom of continuing the “pay and chase” approach to correcting improper payments to possible identity thieves.  Prevention of fraudulent payments became a new focus of their enforcement efforts.

The comparison between the TY 2010 and TY2011 experience confirms the assertion that the IRS enforcement policies changed in December of 2011 to institute practices intended to prevent improper payments by diverting suspicious returns for further scrutiny before they were processed for payment.  The first year impact of this change in policy was dramatic, especially where the SSN of a deceased individual had been abused.

 

IRS Fraud Cases

Note:  12 Jan 2016 — Please expect additional materials to be added to this blog post in the next few days developing the implications of the data that has only become available well after the issue first became the focus of Congressional attention.  The initial narrative surrounding the situation suggested that the problem lay with the ready public availability of deceased person’s SSNs in the DMF, and that a simple fix would result by limiting access to the DMF.  I continue to assert that the real problem rose from the incredible vulnerability of the IRS online filing system and, in their haste to expedite the payment of refunds, the failure of the IRS  during 2011 to use the DMF [ listing, as it does, the no-longer-active SSNs of deceased persons]  or other filters to flag suspicious returns.  The effectiveness of the post-December 2011 IRS enforcement efforts is praiseworthy.

 

Share Button

Death Master File — Impact of IRS Filters TY2010, TY2011, TY2012

The issue of tax refund fraud by identity theft provides a unique opportunity to analyze significant data over a period of years in an effort to learn the right lessons about the phenomenon.  The sequence in which changes were made also makes it possible to assess the impact of different approaches to combating this crime.  The ongoing case study described in earlier Blog posts outlines a form that analysis might take.  http://www.fgs.org/rpac/2015/07/05/id360-closing-death-records-silver-bullet-or-detour-a-case-study/

Examining this essentially comparable  data from Tax Years 2010, 2011, and 2012 seems to validate my assertion that this approach helps to give us visibility over the effectiveness of the IRS efforts to combat tax refund fraud.  Recognizing that it may take over a year for a final determination to be made as to the validity of a tax return, we should anxiously pursue and evaluate the equivalent TY 2013 data at the earliest possible moment.   Meaningful information  may be gleaned from subsequent years as well.

TIGTA TY2010

I am reminded that it would have been TY 2010 transactions generating CY 2011 headlines and, thus,  TY 2010 data provides our best baseline against which to assess the impact of the evolving IRS use of filters to flag potentially fraudulent tax returns claiming inappropriate refunds.  Little, if any, fraud detection filtering was in place as TY 2010 returns were being processed with the primary emphasis being placed upon quick refund processing and payment.  In fact, refund checks were being written within days of receipt early in the filing season even before the IRS would have received information returns that would eventually be used to validate returns.  The Government Accountability Office has described this IRS business model  as a “Pay and Chase”  enforcement approach.  http://www.gao.gov/products/GAO-15-482T

Addendum 12 Jan 2016:  During this baseline period, and until the closure mandated by the Bipartisan Budget Act of 2013 took effect in March of 2014, DMF data was widely available from the official site at NTIS and elsewhere.  It should be noted, however, that in December of 2011 all of the major genealogical sites responded to the possibility that thieves might have gotten information used to file fraudulent tax returns from their resources by masking the display of deceased persons SSNs for a minimum of three years after their death.

TIGTA TY2011

If, as reported, the IRS began the use of fraud detection filters (likely including the Death Master File) in December 2011, we should not be surprised that TY 2011 data reflects a significant reduction in the number of undetected fraudulent returns involving the SSNs of deceased individuals.   In TY 2010,  the 104,950 deceased cases represented slightly over 7% of the total 1,492,215 potentially fraudulent tax refunds paid that year.  In TY 2011, the 19,102 deceased cases represented approximately 2% of the total 1,086,998 cases.  The pleasant surprise occurs when one considers the extent to which the IRS development of a series of filters, scoring algorithms and clustering methodologies over the last four years has improved the detection of identity theft returns involving the living, a far more difficult task.TIGTA TY2012

TY 2012 improved further with 12,338 deceased cases representing slightly over 1.5% of the total 787,343 cases determined to be potentially fraudulent.  The dollar amounts of the TY 2012 questionable refunds involving the SSNs of deceased individuals ($22,239,751) represented barely 1% of the $2,137,397,982 total.

These results are clearly consistent with the assertion that the IRS, once they began to develop filters to flag potentially fraudulent tax returns in December 2011, continued to expand and improve the events which would prompt additional scrutiny of a return before a refund check would be processed. That initial set of filters used in processing Tax Year 2011 returns using 11 filters was increased to more than 80 for Processing Year 2013 generating the further improvements seen in the Tax Year 2012 results above.

A subsequent blog entry will provide further analysis of this information and explore the implications of these findings.

 

 

 

 

 

 

 

 

Share Button

IRS DOES Use the Death Master File . . . NOW (since 2012) !

When egregious examples of tax fraud by identity theft using the Social Security Numbers of recently deceased children began making headlines in 2011, the initial narrative became that the public availability of their SSNs in the Social Security Administration’s Death Master File (DMF) facilitated this despicable crime.  Recognition that the vulnerability to this fraud was the inevitable result of the emphasis to expedite the payment of tax refund claims rather than actually using the DMF to flag fraudulent returns was not reflected in the early Congressional hearings addressing this issue.  Efforts on the part of the genealogical community urging the IRS to do so essentially fell upon deaf ears and were never officially acknowledged.

Only recently have members of the Congress begun to ask the right questions and to focus on solutions that could actually intercept this particular form of fraud.  A May 18, 2015 letter from Senate Finance Committee Chairman Orrin Hatch addressed to IRS Commissioner John Koskinen specifically sought “assurances that the IRS is doing all that it can feasibly do, with full Death Master File data available to it, to prevent tax fraud.”     5 18 2015 letter to IRS Regarding Death Master File

The letter cites a Treasury Inspector General for Tax Administration (TIGTA) report quite clearly identifying that: “The Death Master File is one of the Government’s most effective tools against financial fraud.” (emphasis added)  Furthermore the TIGTA report indicates that the IRS first developed identity theft filters for use in Processing Year 2012.

The penultimate paragraph of the Senator’s letter laments the fact that legislation limiting access to and content of the DMF (Section 203 of the Bipartisan Budget Act of 2013) was written outside of regular order in the Senate. He further suggests that the predictable and unfortunate result may well be that the costs of denying access to legitimate users may outweigh whatever benefits may be claimed in thwarting identity theft.

The IRS response describes in some detail ways in which they use the DMF as a tool to combat identity theft and refund fraud.  6 8 Hatch Response 68790

“Over the past four years, the IRS has developed a series of filters, scoring algorithms, and clustering methodologies that significantly improved the detection of identity theft returns.”  They assert that “[e]very year our filters have stopped more fraudulent refund claims from being paid than they did in the prior year.”

In subsequent posts I anticipate sharing additional data that gives visibility over the effectiveness of the IRS fraud prevention efforts.

Spoiler Alert:  By the time limitations on public access to the DMF were statutorily mandated by the Bipartisan Budget Act in December of 2013, the IRS was already accomplishing all of the potential benefits claimed for closure by more targeted, less disruptive measures.

 

 

Share Button

Library of Michigan — Good News

With thanks to Cynthia Grostick, Michigan RPAC State Liaison.

The Library of Michigan will expand its hours and services to better serve Michigan citizens and state government as announced in a recent News Release.

Library+of+Mich+expands+hours+and+services_508349_7-1

Few topics have demanded the concern and attention of the entire genealogical community as much as the critical developments accompanying this issue in the years since 2009.

Threats to our access to records have taken many forms but particularly vexing in recent years have been those threats arising out of the fiscal crisis.  From every corner of the country we have seen library and archive budgets slashed, hours curtailed, and severe staff reductions.

The very survival of some of our best resources has been threatened.  In addressing a $2 Billion deficit in the Michigan budget, then Governor Jennifer M. Granholm issued an executive order in July 2009 which abolished the Department of History, Arts and Libraries. There was a proposal that surfaced in the summer of 2009 that would have dismantled the Library of Michigan, scattered the materials gathered over 180 years occupying 27 miles of shelving and turned the building into an interactive museum and a magnet school.

Posts to this RPAC Blog have included the following:

http://www.fgs.org/rpac/2012/06/16/library-of-michigan-collections-to-move-to-the-archives/

http://www.fgs.org/rpac/2009/09/06/library-of-michigan%e2%80%94rpac-launches-petition-drive-2/

http://www.fgs.org/rpac/2010/02/22/library-of-michigan-the-threat-continues/

http://www.fgs.org/rpac/2009/10/03/library-of-michigan%e2%80%94rpac-petition-drive-closes/

http://www.fgs.org/rpac/2011/09/09/fgs-announces-genealogical-tourism-award/

Share Button

National Archives Digitization Priorities; Maximizing Values Through Web and Social Media

With thanks to Jan Miesels Allen.

Archives Logo

In September  the (US) National Archives asked for public suggestions and feedback as to digitization priorities. They have now listed those prioritizes. The overwhelming response was to digitize records of genealogical interest. This included immigration and ethnic heritage records, military and veterans records and those records with preservation concerns. The National Archives has already started to digitize and they will be available in the National Archives Catalog in a few months.


To read more about the results and a partial list of the top priorities see: http://narations.blogs.archives.gov/

Aotus Blog

The mission of the National Archives is to make the holdings of the U.S. Government available to the public. As part of American Archives Month they announced in FY 2015 over 24 million people reviewed more than 80 million pages on Archives.gov—a substantial increase over FY 2014—more than one-third of the website sessions were from a mobile or tablet device.  National Archives contributes to 130 social media accounts—almost 250 million people viewed content on social media platforms.

To read more see: http://aotus.blogs.archives.gov/2015/10/09/by-the-numbers-maximizing-value-through-web-and-social-media/  

Jan Meisels Allen

Chairperson, IAJGS Public Records Access Monitoring Committee

 

 

 

Share Button