Some of you have raised concerns about the use of the Social Security Number (SSN) in online systems at MSU. As you might expect, I've had numerous conversations over the past several days with Dave Gift and others around this topic. We agree that the SSN should be protected and used as an identifier in as few instances as possible. In fact, MSU has been actively moving away from using the SSN as an identifier for the past decade. For example: - In the mid-1990s, MSU began issuing ID cards with Personal Identifiers (ZPIDs) to faculty and staff. - In 1998, Libraries, Computing & Technology (LCT) made a commitment to minimize use of the SSN and, since that time, new systems built by LCT units have avoided using the SSN as an external identifier. - Since 1998, as existing systems have been modified or replaced, LCT units have looked for opportunities to reduce usage of the SSN on forms, web pages, reports, and similar paper or electronic transactions. Despite these efforts, which have greatly reduced the instances where the SSN is the primary external identifier, the SSN is buried deeply in the fabric of many of MSU's computing systems and eradicating its use remains a multi-year effort. Think about it - the SSN was the employee ID just a few years ago. My apologies if this sounds overly defensive. I deeply regret the incident that led to the current situation. (Realize that my personal information was on the Magic system, too!) I appreciate all the ideas that have been batted around on this thread thus far; we clearly have much work yet to do. I anticipate that we will continue to make good progress on this issue in the months and years ahead. Tom Davis, Director Academic Computing and Network Services