Ezel / AG Opinions / NC
NC NC AG Advisory Opinion (1999-06-24) 1999-06-24

When North Carolina county boards of elections collected Social Security numbers on voter registration cards without giving applicants the Privacy Act disclosure (whether the disclosure is mandatory or voluntary, the authority for it, and how the number will be used), can the State Board of Elections lawfully release those SSNs to the public as part of voter registration lists?

Short answer: No. AG Mike Easley's office concluded that under § 7 of the federal Privacy Act of 1974, any SSN collected by a state or local government since January 1, 1975 without the required disclosure cannot be disseminated. The State Board must develop a plan to keep those SSNs confidential, with several options listed (deletion from computer-generated lists, re-execution of cards, redaction). The Fourth Circuit's decision in Greidinger v. Davis, 988 F.2d 1344, reinforces that public disclosure of SSNs as a condition of voting creates an intolerable First/Fourteenth Amendment burden.
Currency note: this opinion is from 1999
Subsequent statutory amendments, court decisions, or later AG opinions may have changed the analysis. Treat this page as historical context, not current legal advice. Verify current law before relying on any specific rule, deadline, or remedy mentioned here.
Disclaimer: This is an official North Carolina Attorney General advisory opinion. AG opinions are persuasive authority but not binding precedent like a court ruling. This summary is for informational purposes only and is not legal advice. Consult a licensed North Carolina attorney for advice on your specific situation.
About this page: The plain-English summary, reader guidance, and Q&A below were written by Ezel based on the official AG opinion. The original opinion (linked at the bottom of this page) is the authoritative source for any reliance.

Plain-English summary

For years North Carolina's voter-registration application cards asked applicants to write down their Social Security numbers, but did not give the applicants the disclosure required by § 7(b) of the federal Privacy Act of 1974: whether the disclosure was mandatory or voluntary, what statutory or other authority required the SSN, and what uses the agency would make of it. The State Board's Executive Secretary-Director, Gary Bartlett, asked whether SSNs already collected this way could be released to the public as part of voter-registration lists. North Carolina's Public Records Act (G.S. § 132-1) generally favors public access to government records.

AG Mike Easley's office concluded that public release was not permissible.

The Privacy Act of 1974, § 7. That federal provision establishes a default rule: it is unlawful for any federal, state, or local government agency to deny any individual any right, benefit, or privilege provided by law because that individual refused to disclose his SSN. There are exceptions for disclosures required by federal statute and for pre-1975 records, but state-and-local solicitations otherwise require the disclosure-of-purpose notice in § 7(b). North Carolina's voter-registration cards had not been giving that notice, so the SSNs collected without it were tainted at intake.

42 U.S.C. § 405(c)(2)(C)(viii)(I). Added later, this section makes confidential "Social security account numbers and related records that are obtained or maintained by authorized persons pursuant to any provision of law enacted on or after October 1, 1990." That is an additional confidentiality layer for more recent SSNs.

Greidinger v. Davis, 988 F.2d 1344 (4th Cir. 1993). The controlling Fourth Circuit case. Virginia, like North Carolina, required SSNs on voter-registration applications and then made the registration records (including SSNs) available to the public. The Fourth Circuit held that requiring an SSN as a condition of voting and then publicly disseminating that SSN created "an intolerable burden" on the right to vote under the First and Fourteenth Amendments. The court did not strike down the underlying right of agencies to use SSNs internally; it struck down the public dissemination of them in the voting-list context.

Yeager v. Hackensack Water Co., 615 F. Supp. 1087 (D.N.J. 1985). A district court case the AG used as a template for remedy: the agency could not destroy the SSNs already collected, but it had to retroactively comply with the Privacy Act disclosure, safeguard the numbers in the meantime, and stop disseminating them until disclosure was achieved.

What the State Board has to do. The AG laid out the remedy in functional terms. The State Board must develop a plan to keep SSNs on voter-registration records confidential. Several options:

  1. Delete SSNs from any computer-generated voter list.
  2. Ask voters who registered after January 1, 1975 (without the Privacy Act disclosure) to re-execute new registration cards. The new cards would become the official record.
  3. Direct counties to redact SSNs from any cards before they are publicly disclosed.

The specific plan is up to the State Board and its director, but the result must be that SSNs collected without the required disclosure (post-1975) cannot be released.

A cautious note about pre-1975 numbers. Pre-1975 SSNs are not strictly governed by § 7 of the Privacy Act, but the AG observed that "it would be prudent to take steps to maintain the confidentiality" of those numbers too, given the financial harm that public release could cause. That is a recommendation, not a mandate.

The legal punch line: even though North Carolina law generally favors public records, that policy gives way when a specific federal statute prohibits disclosure. The Privacy Act and the SSN confidentiality statutes preempt public-records release of these voter SSNs.

Currency note

This opinion was issued in 1999. Subsequent statutory amendments, court decisions, or later AG opinions may have changed the analysis. Treat this page as historical context, not current legal advice. Verify current law before relying on any specific rule, deadline, or remedy mentioned here.

Several things have changed materially since 1999. First, the Help America Vote Act of 2002 substantially restructured how voter-registration data is collected (HAVA introduced the "last four digits of SSN" framework where states require either a driver's license number or the last four SSN digits). Second, NC voter registration practices were updated to comply with HAVA and with subsequent state-level identity-protection statutes. Third, federal and state identity-theft law has expanded dramatically. The principle the AG articulated, that SSNs collected without the proper Privacy Act notice cannot be re-disseminated, has remained doctrinally stable, but the specific North Carolina elections-records environment is much different than it was in 1999.

Common questions readers actually have

Was this opinion saying North Carolina had been violating federal law?

In effect, yes, with respect to voter SSNs collected since January 1, 1975 without the required disclosure. The opinion was respectful in tone (it does not point fingers), but the legal conclusion is that those numbers cannot be released because the underlying collection did not comply with the Privacy Act's notice requirement. The remedy was to stop releasing and develop a plan to handle the numbers properly going forward.

Could North Carolina lawfully ask for SSNs at all?

Yes, but it had to give applicants the § 7(b) disclosure: whether providing the SSN was mandatory or voluntary, the statutory authority for collecting it, and the uses to which it would be put. That obligation is independent of whether the SSN is later disclosed. If the disclosure is given and the SSN provided, the agency can use the SSN for its internal purposes; it just cannot put SSNs on the publicly available voter rolls under Greidinger.

What is the practical risk of public SSN disclosure?

The Fourth Circuit in Greidinger described it as "alarming and potentially financially ruinous." A public list of names paired with SSNs is an identity-theft toolkit; with name, date of birth (often also on voter cards), and SSN, anyone can open accounts, file false tax returns, and impersonate the voter. The dissemination harm was severe even in 1999 and has only grown since.

Did counties actually have to re-collect cards from millions of voters?

The opinion gives the State Board options, and the easier paths (redaction, removal from generated lists) do not require recollection. North Carolina ultimately took the route of stripping SSNs from publicly released voter information rather than re-executing all old cards.

What if a county already mailed a list with SSNs to a requester?

That cannot be unsent. The opinion is forward-looking. It does not address civil liability for prior disclosures; those would have to be litigated under the Privacy Act's separate enforcement provisions (which permit civil actions for damages against agencies that violate the disclosure rules) or under § 1983 if there's a constitutional dimension.

Are voter rolls still public in NC?

Yes. The basic voter roll (name, address, party affiliation, voting history) remains public under NC election law. What changed after the AG opinion (and after HAVA in 2002) was that SSNs, dates of birth, and certain other sensitive elements are now removed from the publicly available roll.

Background and statutory framework

§ 7 of the Privacy Act of 1974

Public Law 93-579, § 7. Two key parts:

§ 7(a) prohibits federal, state, and local agencies from denying any right, benefit, or privilege because of refusal to disclose an SSN, with exceptions for federal-statute-required disclosures and certain pre-1975 records.

§ 7(b) requires that any government agency requesting an SSN inform the individual whether disclosure is mandatory or voluntary, by what statutory or other authority the number is solicited, and what uses will be made of it.

42 U.S.C. § 405(c)(2)(C)(viii)(I)

Confidentiality provision for SSNs obtained by authorized persons under any provision of law enacted on or after October 1, 1990. "Authorized persons" cannot disclose those numbers or related records.

Greidinger v. Davis, 988 F.2d 1344 (4th Cir. 1993)

The Fourth Circuit reviewed Virginia's practice of requiring SSNs on voter registration applications and making the resulting records publicly available. The court held that requiring SSN disclosure as a condition of registering to vote, combined with public dissemination of the SSN, imposed an intolerable burden on the right to vote. The remand let Virginia choose between dropping the SSN requirement and removing SSNs from publicly disclosed records.

Yeager v. Hackensack Water Co., 615 F. Supp. 1087 (D.N.J. 1985)

A non-voting Privacy Act case that the AG borrowed for remedy structure. The court held that an agency that had collected SSNs without the proper disclosure had to (1) retroactively give the disclosure, (2) safeguard the SSNs in the meantime, and (3) not disseminate them.

The signing officials

The opinion was signed by Ann Reed, Senior Deputy Attorney General, and Susan K. Nichols, Special Deputy Attorney General, with initials SKN/cwh.

Source

Original opinion text

Best-effort transcription from the official source. The Sofya fetch retrieved the latter portion of the letter (the bulk of the legal analysis); some of the early factual recitation is not included. The linked landing page above is authoritative.

(2) the [The] provisions of paragraph (1) of this subsection shall not apply with respect to

(A) any disclosure which is required by Federal statute, or

(B) the disclosure of a social security number to any Federal, State, or local agency maintaining a system of records in existence and operating before January 1, 1975, if such disclosure was required under statute or regulation adopted prior to such date to verify the identity of an individual.

(b) Any Federal, State, or local government agency which requests an individual to disclose his social security account number shall inform that individual whether that disclosure is mandatory or voluntary, by what statutory or other authority such number is solicited, and what uses will be made of it.

5 U.S.C.A. § 552a(note)(Act of Dec. 31, 1974, P.L. 93-579, § 7, 88 Stat. 1909).

In addition, the following language in 42 U.S.C. § 405(c)(2)(C) protects the confidentiality of social security account numbers:

(viii)(I) Social security account numbers and related records that are obtained or maintained by authorized persons pursuant to any provision of law enacted on or after October 1, 1990, shall be confidential, and no authorized person shall disclose any such social security account number or related record.

42 U.S.C. § 405(c)(2)(C)(viii)(I).

These statutes make clear a federal policy favoring the confidentiality of social security account numbers. These and similar provisions have been interpreted in several cases, two of which are particularly pertinent. In Greidinger v. Davis, 988 F.2d 1344 (4th Cir. 1993), the Fourth Circuit Court of Appeals reviewed a challenge to Virginia's requirement that a person seeking to register as a voter supply his social security number. The plaintiff did not challenge Virginia's receipt and internal use of his social security number, but he did challenge dissemination of the number to the public under Virginia's statutes making available voter registration lists. The Court noted that "the harm that can be inflicted from the disclosure of a [social security number] to an unscrupulous individual is alarming and potentially financially ruinous." Id. at 1354. The Court concluded that to the extent Virginia's statutes permitted the public disclosure of Greidinger's [social security number] as a condition of his right to vote, it creates an intolerable burden on that right as protected by the First and Fourteenth Amendments." Id. at 1355. The case was remanded to allow Virginia to cure the constitutional infirmity by either deleting the requirement that an applicant for voter registration supply a social security number or by eliminating the use of these numbers "in voter registration records open to public inspection and contained in voter registration lists provided to candidates" and others. Id.

A second case dealt with how a local government agency should handle records which improperly obtained social security account numbers. In Yeager v. Hackensack Water Co., 615 F.Supp. 1087 (D. N.J. 1985), a private water company acting under state directive obtained social security numbers without complying with the disclosure requirements of the Privacy Act of 1974 set forth in § 7(b) above. The court held:

The proposed use to which Hackensack would put its customers' social security numbers is not per se impermissible. Defendants erred, however, by failing to comply with the disclosure requirements of section 7(b) of the Privacy Act. Accordingly, the relief sought should be tailored to enable plaintiffs and others to make an informed, knowing and educated decision. At the same time, the court believes that a significant amount of time and money would be wasted if it were to compel destruction of the information already gathered.

Therefore, the following relief — as to social security numbers only — is granted. Defendants must retroactively comply with the disclosure requirements of section 7(b) of the Privacy Act. Plaintiffs, and others from whom Hackensack has solicited social security numbers, must be informed of the voluntariness of the disclosure, the source of the authority for it, and the possible uses to which the disclosed number might be put. Until such time as this disclosure is accomplished, defendants are required to safeguard the information gathered and are enjoined from disseminating to anyone by any means the social security numbers provided without the disclosure required by section 7(b) of the Privacy Act.

615 F.Supp. at 1091-92.

It is our conclusion that social security account numbers obtained since 1974 without the disclosure required by the Privacy Act of 1974, may not be disseminated to any member of the public. Since January 1, 1975, any state or local government agency requesting social security numbers had to comply with disclosure requirements. The information available to you suggests that no such disclosure was provided to applicants for voter registration. Thus, we conclude that the numbers may not be disclosed to the public.

The two cases cited above suggest that the State Board of Elections should develop a plan to assure that social security account numbers on voter registration records maintained by the county boards of elections are kept confidential. The cases also suggest that the State Board could choose to direct county boards to delete social security numbers from any computer-generated lists, to request those who executed cards without requisite disclosure and provided social security numbers to execute new cards which would become the official voter registration record, or to direct that counties redact social security numbers from any cards before they are publicly disclosed. The precise plan is within the discretion of the State Board of Elections and the Executive Secretary-Director, but the remedy chosen must assure that social security account numbers of registered voters are not disseminated to the public for those voters who registered on or after January 1, 1975. Given that the statutes and courts recognize the desirability of maintaining the confidentiality of social security account numbers, and that considerable financial and related harm may come to individuals because of their disclosure, it would be prudent to take steps to maintain the confidentiality even of those numbers obtained before the enactment of the Privacy Act of 1974.

Sincerely,

Ann Reed
Senior Deputy Attorney General

Susan K. Nichols
Special Deputy Attorney General

SKN/cwh