Still Waiting for those Golden Years: Privacy and Old Age

We received our newly minted Medicare cards early because we were living in Maryland while digitizing records for FamilySearch at the Maryland State Archives. Maryland residents were some of the earliest to be sent the new cards. The idea was to replace the old cards that used a variation of the recipient's Social Security number for a new card with a new number. Along with the new card, we got also got an admonition cautioning us against losing our new card and also containing the following statement:

Starting in April 2018, Medicare will mail new Medicare cards to all people with Medicare, to help protect you from identity fraud. Fraudsters are always looking for ways to get your Social Security Number so we’re removing Social Security Numbers from all Medicare cards to make them safer. 

Your new card will have a new Medicare Number that’s unique to you. The new card will help protect your identity and keep your personal information more secure. Your Medicare coverage and benefits stay the same.

Wait a minute. Isn't the new Medicare Card a government-issued document just like my Social Security Card? Don't I have to present this card for copying by doctors, pharmacies, and every other type of healthcare provider I will be seeing? When I had a prescription transferred from Maryland back to Utah, didn't my "new number" get moved in the pharmacy in Utah? How private is that? By the way, almost every doctor I have dealt with has asked me for my Social Security Number before providing any services.

As old folks, we are constantly being warned about keeping our Social Security Number, our credit card account numbers, and now our Medicare Card number private? First, all of these numbers are blatantly public in nature. We use the cards and the cards' numbers to buy goods and services, obtain employment, obtain medical treatment, purchase items on credit, and in hundreds of other ways. For example, when I went to my first doctor's appointment after I got my new Medicare Card, the provider immediately asked for my new card and took a photocopy of the card. Unless I want to stop going to doctors and other health providers, stop buying online or anywhere else with a credit card, I am going to keep using the cards and essentially disclosing the card to someone who could easily copy the number without my permission, for the purpose they were intended to have.

Technologically speaking, it is entirely possible to design a system that does not rely on a physical card for its functioning as has already been done with electronic payment methods such as PayPal and Apple Pay but then the system would be vulnerable to hacking. Every time I use a physical card, the person receiving the card could conceivably copy the number and use my personal information for a purpose other than intended: think giving your credit card to a server in a restaurant. How does having any of the "unique numbers" protect me from identity theft? The answer is that they have nothing at all to do with protecting anything about your identity or privacy. The cards facilitate transactions. If these cards were truly protecting you from identity theft, they would have to be used anonymously but the opposite is actually true, you use them to identify yourself in complex business transactions such as buying things and obtaining medical services.

I don't really want to go back through the bugaboo that is identity theft. Identity theft is just a fancy new name for fraud. Impersonation (another name for Identity Theft) has been around since people started buying and selling physical items and services. If someone steals your physical credit card is that Identity Theft or Fraud? Essentially, it is the same thing. There are 24 separate sections in the Utah State Criminal Code under the general heading of Fraud which include six different violations for the improper use of credit cards. See Title 76 Utah Criminal Code, Chapter 6, Part 5.

In the Utah Criminal Code, Identity Theft is contained in Title 76 Utah Criminal Code, Chapter 6 Offenses against property, Part 11 Identity Fraud Act, Section 1102 Identity fraud crime. Identity fraud crime identifies "personal identifying information" as follows:
(a) name;
(b) birth date;
(c) address;
(d) telephone number;
(e) drivers license number;
(f) Social Security number;
(g) place of employment;
(h) employee identification numbers or other personal identification numbers;
(i) mother's maiden name;
(j) electronic identification numbers;
(k) electronic signatures under Title 46, Chapter 4, Uniform Electronic Transactions Act;
(l) any other numbers or information that can be used to access a person's financial resources or medical information, except for numbers or information that can be prosecuted as financial transaction card offenses under Sections 76-6-506 through 76-6-506.6; or
(m) a photograph or any other realistic likeness.

Well, now there is one more card to list. Hint from past blog posts: try and find specific statistics for the number of instances of Identity Theft or Identity Fraud in Utah or any other state.