Ezel / AG Opinions / NC
NC NC AG Advisory Opinion (1999-06-24) 1999-06-24

Can a NC county board of elections release a voter's Social Security number along with the rest of their voter registration record?

Short answer: No, the AG concluded, for any SSN collected from a voter after January 1, 1975, without the disclosure notice the federal Privacy Act of 1974 requires. The Privacy Act forbids government agencies from denying a benefit because someone refuses to give their SSN, and requires the agency to tell the person whether the disclosure is mandatory or voluntary, the statutory authority, and the uses. The Fourth Circuit's Greidinger v. Davis (1993) held that Virginia's practice of publishing SSNs on voter registration lists created an unconstitutional burden on the right to vote under the First and Fourteenth Amendments. The AG concluded the State Board of Elections had to keep registered voters' SSNs confidential. The opinion left the precise remediation plan (purging from computer lists, re-registering affected voters, redacting cards before public inspection) to the Board's discretion, but warned that pre-1975 SSNs were 'prudent' to protect too.
Currency note: this opinion is from 1999
Subsequent statutory amendments, court decisions, or later AG opinions may have changed the analysis. Treat this page as historical context, not current legal advice. Verify current law before relying on any specific rule, deadline, or remedy mentioned here.
Disclaimer: This is an official North Carolina Attorney General advisory opinion. AG opinions are persuasive authority but not binding precedent like a court ruling. This summary is for informational purposes only and is not legal advice. Consult a licensed North Carolina attorney for advice on your specific situation.
About this page: The plain-English summary, reader guidance, and Q&A below were written by Ezel based on the official AG opinion. The original opinion (linked at the bottom of this page) is the authoritative source for any reliance.

Plain-English summary

Gary Bartlett, who ran the NC State Board of Elections, had a privacy problem. NC voter registration cards had historically asked applicants for their Social Security number, and county boards of elections treated those cards as public records subject to inspection under Chapter 132. SSNs on the cards were getting copied along with everything else when the public requested registration lists. The federal Privacy Act of 1974 had imposed two requirements on agencies that collect SSNs (you cannot condition a benefit on SSN disclosure, and you must give written notice about voluntariness, statutory authority, and uses), and the Fourth Circuit had struck down Virginia's substantially similar practice in Greidinger v. Davis, 988 F.2d 1344 (4th Cir. 1993).

Senior Deputy AG Ann Reed and Special Deputy AG Susan K. Nichols answered with a flat no on public disclosure. Their reasoning ran in three steps.

First, federal law clearly prohibited dissemination of SSNs that were obtained without the Privacy Act notice. Section 7 of the Privacy Act required the agency, when it collected the SSN, to inform the individual whether disclosure was mandatory or voluntary, under what statutory authority, and what uses would be made of it. Bartlett's letter to the AG indicated the State Board of Elections had not provided this notice. Without notice, the SSN was effectively collected in violation of federal law, and its public dissemination compounded the problem.

Second, Greidinger directly governed. The Fourth Circuit had held that to the extent Virginia's statutes "permitted the public disclosure of [Greidinger's SSN] as a condition of his right to vote, it creates an intolerable burden on that right as protected by the First and Fourteenth Amendments." The court had remanded so Virginia could either drop the SSN requirement at registration or stop including SSNs in voter records open to public inspection. NC's options were the same.

Third, Yeager v. Hackensack Water Co. (D.N.J. 1985) supplied the remediation template. In Yeager, a water utility had collected SSNs without the Privacy Act notice and faced a customer suit. The court did not require the utility to destroy the records. Instead, it ordered retroactive notice, gave customers a chance to opt out, and enjoined dissemination until the notice was completed. The AG cited Yeager for the proposition that the SBE could keep the SSNs it had but had to stop releasing them.

The AG's bottom line was operational. The State Board of Elections needed a plan. The Board could (1) delete SSNs from any computer-generated lists, (2) request voters who registered without the proper Privacy Act disclosure to execute fresh cards that would become the official record, or (3) redact SSNs from any cards before public release. The precise mix was left to the Board's discretion, "but the remedy chosen must assure that social security account numbers of registered voters are not disseminated to the public for those voters who registered on or after January 1, 1975." For pre-1975 SSNs (the Privacy Act's effective date), the AG said it was nonetheless "prudent" to protect them too, given the financial harm SSN disclosure can cause.

The opinion landed before the explosion of identity theft into a national policy issue, but its analysis tracks what later became settled practice: SSNs are sensitive enough that public-records exemptions and Privacy Act compliance kick in even when the underlying record (a voter registration card) is otherwise public.

Currency note

This opinion was issued in 1999. Subsequent statutory amendments, court decisions, or later AG opinions may have changed the analysis. Treat this page as historical context, not current legal advice. Verify current law before relying on any specific rule, deadline, or remedy mentioned here. NC has since enacted G.S. § 132-1.10 and other identity-theft protections that specifically address SSN handling in public records, and the Help America Vote Act (HAVA, 2002) reshaped federal voter-registration data practices. A modern analysis would draw on those statutes rather than this opinion's pure Privacy-Act framing.

Background and statutory framework

The Privacy Act of 1974, § 7. Section 7 of Pub. L. 93-579 made it "unlawful for any Federal, State or local government agency to deny to any individual any right, benefit, or privilege provided by law because of such individual's refusal to disclose his social security account number." The provision had two parts. First, the no-conditioning rule, which barred agencies from making SSN disclosure a hard precondition for participation in any government benefit, including voter registration. Second, the disclosure-notice rule (§ 7(b)), which required agencies that ask for SSNs to tell the individual three things: whether disclosure is mandatory or voluntary, the statutory or other authority, and the uses to be made of the number.

The 1990 confidentiality provision. Congress went further in 1990 with 42 U.S.C. § 405(c)(2)(C)(viii)(I): "Social security account numbers and related records that are obtained or maintained by authorized persons pursuant to any provision of law enacted on or after October 1, 1990, shall be confidential, and no authorized person shall disclose any such social security account number or related record." This was a flat confidentiality mandate for SSNs collected under post-1990 statutes.

Greidinger v. Davis (4th Cir. 1993). Marc Greidinger had refused to disclose his SSN on a Virginia voter registration application. Virginia rejected the application. Greidinger sued. The Fourth Circuit held that Virginia's combination of (a) a mandatory SSN requirement at registration and (b) statutes making voter records public was an "intolerable burden" on the right to vote under the First and Fourteenth Amendments. The court remanded so Virginia could fix the constitutional infirmity either way: drop the SSN requirement, or stop including SSNs in public voter records. The case bound NC because NC is in the Fourth Circuit.

Yeager v. Hackensack Water Co. (D.N.J. 1985). Yeager was the remediation case. A water utility had collected SSNs without the Privacy Act notice. The court found a violation but did not order destruction of the records. Instead, it ordered the utility to provide retroactive notice, give customers a chance to opt out, and refrain from dissemination until the notice was complete. The AG borrowed that framework for the SBE.

The voter registration record under NC law. G.S. § 163-82.10 (which governed the format and contents of voter registration applications) had historically called for the applicant's SSN. G.S. § 163-82.13 governed access to voter records. Chapter 132's general public records framework treated the records as public unless an exemption applied. The friction between federal SSN privacy and state public-records access was the core of the question.

The State Board's discretion. The AG explicitly declined to dictate the remediation method. Three approaches were sketched (delete SSNs from computer lists, re-register affected voters, redact at the disclosure stage), and the AG signaled that any approach was acceptable so long as the end state protected the SSN from public dissemination.

The "prudent" pre-1975 advice. Even SSNs collected before the Privacy Act's January 1, 1975 effective date were not statutorily protected by § 7's notice rule. The AG nonetheless recommended protecting those too. The reasoning was practical: the financial harm from public SSN exposure was the same whether the collection date was pre- or post-1975, and the SBE could not easily separate the two categories operationally.

Common questions

Q: Did NC have to stop collecting SSNs at voter registration?

A: The opinion did not require that, but Greidinger offered it as one path. The other path (continued collection plus removal from public records) was the route NC could take if it gave proper Privacy Act notice going forward.

Q: What about SSNs collected before January 1, 1975?

A: Technically not covered by § 7's notice rule. The AG nonetheless called it "prudent" to protect them, because the harm from public exposure was no different.

Q: Could a county board release a voter registration card that contained an SSN?

A: Only with the SSN redacted. The AG was specific that "the remedy chosen must assure that social security account numbers of registered voters are not disseminated to the public for those voters who registered on or after January 1, 1975."

Q: Did the AG say SSNs were exempt from G.S. § 132-1?

A: The AG's reasoning was federal-supremacy-based: federal law preempted state public-records access to the extent it would require disclosure of an improperly-collected SSN. The opinion did not reach a free-standing state-law exemption argument.

Q: What if a county refused to redact?

A: The opinion did not address enforcement. In practice, a refusal to redact would have created federal claims by the affected voter under Greidinger and the Privacy Act.

Q: Did this opinion apply to other government records too, not just voter records?

A: The opinion was scoped to voter registration. Its logic extends to any government record where SSNs were collected without the Privacy Act notice.

Citations from the opinion

  • 5 U.S.C. § 552a note, Pub. L. 93-579, § 7 (Privacy Act of 1974)
  • 42 U.S.C. § 405(c)(2)(C)(viii)(I)
  • Greidinger v. Davis, 988 F.2d 1344 (4th Cir. 1993)
  • Yeager v. Hackensack Water Co., 615 F. Supp. 1087 (D.N.J. 1985)
  • N.C. Gen. Stat. § 132-1
  • N.C. Gen. Stat. § 163-82.10
  • N.C. Gen. Stat. § 163-82.13

Source

Original opinion text

Best-effort transcription from the NCDOJ landing page; the opening paragraphs were not in the scraped capture, so the text below begins where the capture starts. The linked landing page is authoritative.

  • (2) the [The] provisions of paragraph (1) of this subsection shall not apply with respect to
  • (A) any disclosure which is required by Federal statute, or

  • (B) the disclosure of a social security number to any Federal, State, or local agency maintaining a system of records in existence and operating before January 1, 1975, if such disclosure was required under statute or regulation adopted prior to such date to verify the identity of an individual.

  • (b) Any Federal, State, or local government agency which requests an individual to disclose his social security account number shall inform that individual whether that disclosure is mandatory or voluntary, by what statutory or other authority such number is solicited, and what uses will be made of it.

5 U.S.C.A. § 552a(note)(Act of Dec. 31, 1974, P.L. 93-579, § 7, 88 Stat. 1909).

In addition, the following language in 42 U.S.C. § 405(c)(2)(C) protects the confidentiality of social security account numbers:

(viii)(I) Social security account numbers and related records that are obtained or maintained by authorized persons pursuant to any provision of law enacted on or after October 1, 1990, shall be confidential, and no authorized person shall disclose any such social security account number or related record.

42 U.S.C. § 405(c)(2)(C)(viii)(I).

These statutes make clear a federal policy favoring the confidentiality of social security account numbers. These and similar provisions have been interpreted in several cases, two of which are particularly pertinent. In Greidinger v. Davis, 988 F.2d 1344 (4th Cir. 1993), the Fourth Circuit Court of Appeals reviewed a challenge to Virginia's requirement that a person seeking to register as a voter supply his social security number. The plaintiff did not challenge Virginia's receipt and internal use of his social security number, but he did challenge dissemination of the number to the public under Virginia's statutes making available voter registration lists. The Court noted that "the harm that can be inflicted from the disclosure of a [social security number] to an unscrupulous individual is alarming and potentially financially ruinous." Id. at 1354. The Court concluded that to the extent Virginia's statutes permitted the public disclosure of Greidinger's [social security number] as a condition of his right to vote, it creates an intolerable burden on that right as protected by the First and Fourteenth Amendments." Id. at 1355. The case was remanded to allow Virginia to cure the constitutional infirmity by either deleting the requirement that an applicant for voter registration supply a social security number or by eliminating the use of these numbers "in voter registration records open to public inspection and contained in voter registration lists provided to candidates" and others. Id.

A second case dealt with how a local government agency should handle records which improperly obtained social security account numbers. In Yeager v. Hackensack Water Co., 615 F.Supp. 1087 (D. N.J. 1985), a private water company acting under state directive obtained social security numbers without complying with the disclosure requirements of the Privacy Act of 1974 set forth in § 7(b) above. The court held:

The proposed use to which Hackensack would put its customers' social security numbers is not per se impermissible. Defendants erred, however, by failing to comply with the disclosure requirements of section 7(b) of the Privacy Act. Accordingly, the relief sought should be tailored to enable plaintiffs and others to make an informed, knowing and educated decision. At the same time, the court believes that a significant amount of time and money would be wasted if it were to compel destruction of the information already gathered.

Therefore, the following relief — as to social security numbers only - is granted. Defendants must retroactively comply with the disclosure requirements of section 7(b) of the Privacy Act. Plaintiffs, and others from whom Hackensack has solicited social security numbers, must be informed of the voluntariness of the disclosure, the source of the authority for it, and the possible uses to which the disclosed number might be put. Until such time as this disclosure is accomplished, defendants are required to safeguard the information gathered and are enjoined from disseminating to anyone by any means the social security numbers provided without the disclosure required by section 7(b) of the Privacy Act.

615 F.Supp. at 1091-92.

It is our conclusion that social security account numbers obtained since 1974 without the disclosure required by the Privacy Act of 1974, may not be disseminated to any member of the public. Since January 1, 1975, any state or local government agency requesting social security numbers had to comply with disclosure requirements. The information available to you suggests that no such disclosure was provided to applicants for voter registration. Thus, we conclude that the numbers may not be disclosed to the public.

The two cases cited above suggest that the State Board of Elections should develop a plan to assure that social security account numbers on voter registration records maintained by the county boards of elections are kept confidential. The cases also suggest that the State Board could choose to direct county boards to delete social security numbers from any computer-generated lists, to request those who executed cards without requisite disclosure and provided social security numbers to execute new cards which would become the official voter registration record, or to direct that counties redact social security numbers from any cards before they are publicly disclosed. The precise plan is within the discretion of the State Board of Elections and the Executive Secretary-Director, but the remedy chosen must assure that social security account numbers of registered voters are not disseminated to the public for those voters who registered on or after January 1, 1975. Given that the statutes and courts recognize the desirability of maintaining the confidentiality of social security account numbers, and that considerable financial and related harm may come to individuals because of their disclosure, it would be prudent to take steps to maintain the confidentiality even of those numbers obtained before the enactment of the Privacy Act of 1974.

Sincerely,

Ann Reed, Senior Deputy Attorney General

Susan K. Nichols, Special Deputy Attorney General

SKN/cwh