An issue getting some traction in the western part of the state this week is the RMV audit released by State Auditor Suzanne Bump. This audit alleges that from 2014 to 2016, the RMV issued drivers licenses to 1,905 individuals who were deceased, with most dates of death being prior to 2010.
The RMV responded by saying that exactly zero of these licenses were issued to dead people. Charlie Baker even said it himself: “Everybody on that list is alive, OK? Everybody”.
This is an astounding accusation that crucially needs to be explored. Who is incompetent here? The RMV/Charlie Baker Administration, or Suzanne Bump?
To be honest, I dislike Bump’s style. I appreciate that the auditor must prove that they are doing their job, but her press releases have a style that fan the flames of distrust in government in a way that resembles conservative demagoguery.
But on the other hand, is it really true that there are 1,905 people in this state who have received drivers licenses by impersonating the deceased? If that is true, then we have a pretty big problem, don’t we? I can understand that it may be impractical for the state to know immediately when someone dies, and may send out a welfare check or two to their address. But requesting a drivers license is an affirmative action, isn’t it? It seems like this would indicate pure fraud.
So who is right here? Baker or Bump? One of the two of them needs to have some significant egg on their face here.
In 2015, my late mother was discharged from an on-campus rehab facility in her best-of-class Gaithersburg MD retirement community (“Asbury Methodist Village“, Gaithersburg MD campus). A staff worker inadvertently checked the “deceased” box on her discharge paperwork.
My mother first recognized that something was wrong when her pharmacy began refusing to fill her prescriptions. Her bank notified her that various electronic deposits made to her bank account were being reversed.
It took my mother months of nearly full-time effort to correct the mistake, and thousands of dollars in legal fees (which were eventually reimbursed by Asbury). Although a single inadvertent check mark on a form (which she never saw) created the issue, repeated in-person visits to several social security offices were not sufficient to reverse the obvious mistake.
My mother sat with her attorney in front of a social security worker. My mother had her active MD driver’s license, original social security card, and various other government-issued IDs. She was clearly alive and sentient. The worker calmly explained, with no hint of irony, that the worker “did not have the authority” to reverse the decision and did not know who did or when the issue would be resolved.
I worked professionally in identity-theft protection backend software for five years, two of those for Experian. I can tell you that the “Master Death List” apparently relied on by the RMV is notoriously inaccurate, and is seldom relied on by professionals in the business.
It isn’t so hard to choose a sample from the 1,905 names and do a “deep dive” to establish whether or not the report of the individual’s death is premature. In the absence of such data (which for obvious personal privacy reasons is impossible for any of us to gather), my money is on the RMV.
It looks to me as though we’re seeing more grandstanding by Ms. Bump. I find it striking that Ms. Bump somehow missed major scandals like the State Police fraud uncovered earlier this year by the US Attorney’s office.
Ms. Bump began her tenure as auditor in 2011. Her office has had NOTHING to say about:
– The probation department scandal
– The several police and fire disability and pension scandals
– The Annie Dookan and Sonia Farak scandals
– State police overtime abuse
This looks to me like more empty headlines emanating from yet another hack who plunders the least powerful among us while zealously protecting the most powerful.
You do have a choice. My friend Dan Fishman is running against her as a Libertarian. He has some Boston and Somerville area events coming up. He has spoken up about taking on Beacon Hill and Baker alike, going after the Republican hacks in the state police department and the Democratic hacks in the probation department. Like you, he has a lot of IT experience and also has been an accountant. Very much in the socially liberal camp of the Libertarian crowd (think Economist editorial page rather than the Ron or Rand Paul).
He is unlikely to win, but he is a worthy protest vote against Bump.
My money is on the auditor being right.
Here’s part of the RMV’s response to the audit.
Here’s the corresponding response from the Auditor’s office:
The RMV’s rebuttal is weaker than the audit. Not only does the RMV get the sample number wrong, they don’t specify their methodology for its findings. Maybe these are honest mistakes, but they read the audit know its methodology.
Tom, does auditor have jurisdiction over the state police? Perhaps it should, but a cursory search found no existing audits of the state police.
If that’s true, then we have a serious problem in this state with people getting false IDs. And if that is true, it lends serious credibility to the idea that we should have strict voter ID laws – in fact, maybe even stricter, because if 1,905 people can figure out how to get fake drivers licenses – a process that is fairly strict – it should be relatively easy to get people onto the voter rolls, since it is a much less strict process.
Personally, my money is on the RMV – my guess is that the auditor either did not match names properly, or presumed that the SS Death Index is 100% infalable, which, of course, it is not. I also would be shocked that the RMV would assert that it reviewed 105 from the list and found them to all be alive. I can’t imagine they would lie about that given the scrutiny.
Either way though, I think this is a much bigger issue than the press it is receiving.
Reading the audit may be a useful supplement to news reports:
One of the problems with not cross-checking is that it didn’t catch the people who died out of state.
Joe DeNucci (God rest his soul) may have been a hack. Suzanne Bump has been modernizing the office since she took office in 2011, commenced an external peer review of the office, and implemented the recommendations. None of this is evidence that the audit is right and the RMV is wrong, but it militates against Tom’s accusation that Bump is a hack.
As you say, none of this is evidence.
Actually, I think it doesn’t militate against anything. Sites like this suggest that there are about five million licensed drivers in MA. Even if licenses were improperly issued to two thousand drivers, that’s about 0.04% of the total.
I’m glad that she’s modernizing the office and following up on the recommendations from the peer review.
I describe her as a “hack” because she is issuing press releases like this while ignoring SIGNIFICANTLY more important fraud happening throughout state government.
As I said, I don’t think she has jurisdiction over the state police. They have their own auditing office. The coroner and drug testing labs come under the state police.
The percentage of error is immaterial if the number is great enough, particularly because the concern is that the licenses were provided to people with criminal intent. The RMV also had the data in the form of monthly reports to crosscheck and eliminate the errors.
I don’t agree with your last paragraph. Identity theft is a significant issue. Stolen drivers licenses is an insignificant part of that. We don’t yet even know whether we’re talking about 2,000 cases (over two years), 200, 20, or zero. We surely don’t know how many of those have any connection to “people with criminal intent”.
If there is any story here, that story hasn’t been yet been published.
Among people with criminal intent, identity theft from hacked email addresses is orders of magnitude more common than what we’re talking about here.
Experian has published statistics about identity theft in 2017. It’s worth a read, at least for context of what we’re discussing here.
I think Ms. Bump is again cherry-picking activities for press releases, based on what she thinks makes her office look good rather than what is important for the people of Massachusetts.
I don’t understand the focus on the press reports, except to beat up on the auditor. Bump didn’t just issue a press release; she released the audit. The media doesn’t bother to read and report that. To answer, NoPolitician’s question, the primary source, as it almost always is, is the best source to examine.
https://www.mass.gov/audit/audit-of-the-registry-of-motor-vehicles
Bump’s office isn’t auditing identity theft. Experian is irrelevant. She’s auditing the RMV. She’s pointing out problems with identity theft in the RMV.
@ Experiean is irrelevant: Come on, Mark. You put identity theft on the table with this (emphasis mine):
From the audit itself is this (emphasis mine):
The auditor’s office and your own commentary cites identity theft as a (or the) motivation for concern.
Perhaps the media comes to the same conclusion as me — that there is no story here.
My emphasis is on press releases, not reports. The auditor’s office issues many more audits than press releases.
I read the sections entitled “Auditee’s Response” and “Autitor’s Reply” in the original piece. Neither is substantive.
This is not a hard problem to answer. It is straightforward for anyone with access to the PII in the RMV database to query aggregator databases (such as those used by Experian and the other credit bureaus) to examine various transactions such as opening and closing bank accounts, changes in credit history, and change-of-address records. Investigators could even — perish the thought — simply ASK the individual in question.
It seems to me that our exchanges are rather more about protecting the reputation of Ms. Bump, and rather less about identifying and addressing substantive financial impropriety in Massachusetts government.
When I have an issue, I try to consider the primary source, not the press report, which doesn’t usually dig deep or address complexity.
What I’m saying about identity theft is the auditor’s report is limited to identity theft within the RMV, not all of identity theft. It’s a small percentage of identity theft overall. There are/could be 1900 plus people using false identities that could be stopped had the RMV done as it should have done. Those names have been sent to the state police. This doesn’t solve the identity theft problem at large–it’s not supposed to–it solves it at the RMV.
I do think Bump does a good job as auditor, and I dislike good public officials getting criticized for nothing more than a newspaper article.
Anyway, I’m not going to argue this anymore. Not because I’m angry with you. I’m trying to get less attached to unimportant arguments. (That was my main reason for taking a 6 or 7 month break from BlueMassGroup). I’m trying to get overly concerned with winning or losing an argument. Hope that makes sense. It’s not a judgement on anyone else but myself.
I hear you about not wanting to extend this particular argument.
I’m professionally curious about the outcome, and wondering if perhaps there may be a way to skin that cat. My purpose in mentioning the identity theft issue is to put this particular concern (stolen DL numbers) in context.
There are, in fact, aggregators of data that can be mined to address questions like this. I’m interested in what might happen if a third party investigated the general question of whether valid drivers licenses are (1) contained in various “death lists” and (2) being used for commercial transactions after the “death”.
I don’t much care about this audit, I just find it an interesting question — particularly in light of my late mother’s experience with being falsely listed in the “Death List” from Social Security.
I, too, took a break from BMG for apparently similar reasons. It’s good to have you back, and I mean no personal attack or insult.
I looked at the audit and the web site for the Social Security Death Master File. As someone who’s worked a lot with government databases, I don’t think there’s much of a story here. These are huge databases built on old technology. There are plenty of opportunities for bad SSNs, name variations, inaccurate input, etc. to spawn errors. When the RMV claims that they do use the SSDMF, that makes me wonder if they get a lot of false positives from there and have to override them using independent sources of data (like DPH).
This story tips the balance in favor of the RMV.
https://www.wcvb.com/article/license-audit-leaves-gov-baker-auditor-bump-in-strong-disagreement/23039067
So again, who is right here, and why isn’t this a bigger issue?
We have some more information about Suzanne Bump from the article linked below:
I read the audit; nothing in it made me say “gee, Bump is right here”. Yet she released the audit with such strong, but weaselly language – “Because these licenses appeared to have been issued to individuals who were attempting to obtain false identification, there is a significant risk that they could be used for malicious purposes (e.g., fraud).”
It was pretty clear from the audit that the extent of their effort was to match names to a database that was outside their control. There was no attempt to follow up on the 1,905 people in the “dead, but still applied to get a license” category. Again, this is a serious allegation that Bump is making here.
There are certainly valid points in the audit – but those points could have been made without the sensational language in the audit. For example, it was noted that the “ALARS” system was not updated frequently enough to catch it when a license holder died; the license was not marked as “deceased”. This is room for improvement, but clearly not a major security threat to the Commonwealth. Boring stuff, so why not allege that 1,907 people have “obtained false identification”?
On the other hand, Baker also doubled-down with his “they’re all alive, OK” comment.
My inclination is to withhold my vote for Bump. I think that she is grandstanding to make it look like she is doing a better job than she is doing.
There isn’t any way of knowing who is right without access to the data. If either Mr. Baker or the RMV want to find out — and have access to resources with the required technical expertise — the investigation is straightforward.
For example, each entry in the driver’s license (“DL”) database is readily tied to the SSN and address of the claimant. There are multiple data sources, including all three major credit bureaus, that can provide any addresses associated with that SSN for at least 10 years. The resulting address history can then be compared with the address(es) in the DL database. Similarly, each bank and credit card account associated with the given SSN can be enumerated. Activity on the resulting accounts is accessible to the government (access by private firms is more expensive, though not impossible).
If the person is actually deceased, then either there will be no such activity after the death date or the activity will be improper (except for activity needed to finalize an estate).
If there is activity after that date, then either the person is not dead or the identity is being used improperly. An easy next step is to see if tax returns are being filed by the person in question. It is very unusual for a thief to pay taxes due on a stolen identity. If refunds are due, and are paid, those refunds are usually paid to a newly-created bank account and are nearly always done using on-line tax filing tools. Such tax fraud is readily detected (although it can be difficult to identify the perpetrator). The bottom line is that technical resources with access to the data can answer this question in a very straightforward way.
I think the question is whether anyone in government or the media cares enough to actually perform the needed investigation. All we’ve seen so far is posturing and finger-pointing.
NoPolitician hits on something that is always a problem, one that we usually ignore: we almost always make political decisions based on incomplete information. As Tom (who knows more than I do about these databases) points out, we’re not likely to receive the missing information. It’s unlikely most people would understand the issue would understand it if they had the info.
One correction: the RMV received monthly reports from the Social Security Death Index (or whatever it is).
Although she’s ultimately responsible for it, she probably didn’t write the press release. You’d be more effective changing her behavior if you sent a letter to her campaign. Your vote won’t register on her radar either way.
Bump is head and shoulders above Joe DeNucci, the Bill Galvin of the office (1987 to 2011).
This news story contributes some interesting details, if not answers, to the question of who is right. Republicans are attacking Bump en masse for the timing of the RMV audit.
Bump’s spokesperson:
Did the “lengthy negotiations” contribute to the tone of Bump’s press release?
Was Bump trying to make a political statement against Baker? (Probably not).
Are Republicans using the story to challenge Bump? Clearly.
Was the original pushback the result of a Republican strategy to challenge Bump?
Did the RMV have something to hide?
Was the RMV afraid of an overly aggressive audit?
Have we been suckered into questioning Bump’s work?
I think you were on the right track upthread when you wrote that “Anyway … I’m trying to get less attached to unimportant arguments.” I’m not interested in more political he-said/she-said dueling press releases.
Each side knows full well that the best way to answer this is to simply look at the data. It looks to me as though we’re being suckered into a spitting contest, and I suggest that each side is spitting equally vigorously. I wish each side would get back to work.
Each side seems more eager to keep spitting than to just determine the answer, and that’s why I’m distinctly underwhelmed by ALL the players in this continuing silliness.
I see this as more than a spitting contest, because of the very nature of the allegations and how they play with various narratives out there.
The allegation by Bump – a Democrat – is that almost 2,000 people fraudulently obtained drivers licenses in an attempt to falsify their identification. This is an incredibly serious allegation, and a very serious problem if true – this is way worse than someone who receives food stamps for a month or two after getting a job because there is a delay in notification between departments. This is criminal fraud by bad actors.
If this is true, then this bolsters the Republican positions of:
If this is false, then this bolsters the Democratic positions of:
Keep in mind that Bump’s office chose to issue a sensational press release here. Right on their website, it says “Over 1,900 Driver’s Licenses Issued in the Name of Deceased Individuals”. No room for nuance there. In fact, she even made this statement: “The failure to prevent individuals from obtaining identification under the names of deceased people creates a significant public safety risk to the Commonwealth. Fixing this problem must be a top priority for the RMV”
Bump herself is alleging that almost 2,000 people deliberately obtained ID under the names of dead people in order to obtain false identification. If that is true, then she should receive the political windfall for finding it. If that is false, she should receive the political penalty of a tarnished reputation in the job she was elected to do. She put herself in a high-stakes position. She should have her feet held to the fire by both the press and groups like this.
It’s looking now like Bump might be wrong (which I didn’t think was the case) and that there were problems dealing with the RMV (which I suspected). This has at least some of the makings of a scandal. Registrar of Motor Vehicles Erin Deveney is actively disagreeing:
The reason I characterize this as a spitting contest is that these allegations are not supported by any evidence. In response to these sensational allegations, both the RMV and Mr. Baker responded with similarly extreme statements, statements that are also not supported by any evidence.
What I mean by “spitting contest” is multiple people arguing with none of the parties offering any substantive support for their increasingly extreme positions.
It is not hard to get concrete answers here. We’re talking about 2,000 people whose names, addresses, social security number, and so on are known to each of the spitters. Any party actually interested in definitively showing whether these people are dead or alive can readily do so.
The three GOP talking points you enumerate are irrelevant to this. Let me take them one at a time:
“We need a strong voter ID system because it is much easier to falsify your voter registration.”
Even if the count is 2,000 (and there is so far no evidence for this), that’s still a tiny fraction of the total number of drivers in the state — 0.04%. That’s not enough to affect the outcome of any local or state election.
There is ZERO evidence that voter fraud is happening in any state. Making it harder to get licenses will only further suppress voter turnout — it can’t possibly reduce voter fraud, because there is nothing to reduce.
“We should not increase taxes because government departments are not capable of detecting fraud.”
There is no connection between these incorrectly issued licenses and taxes. The RMV and Mr. Baker argue that every one of these 1,905 cited individuals is alive. Does that mean that Mr. Baker supports increasing taxes? Of course not.
“We should cut welfare because there is a lot fraud out there, and the state auditor keeps uncovering more and more.”
Again, we’re talking about 0.04% of the licensed drivers in the state. I’m willing to wager that there is ten or hundred times as much “lost” money in any public or private entity — especially any charitable organization (such as a place of worship). The alleged fraud is not “a lot”, it is vanishingly small.
I don’t mean to sound argumentative with your comment — I basically agree with you.
I call it a “spitting contest” in part because the GOP will repeat those three talking points whatever the outcome of this is.
I think the real scandal in all this is the abject refusal of ANY of the participants to actually do the straightforward work required to confirm or reject the sensational claims made in the press release from the Auditor’s office.
I called Ms. Bump a “hack” because I share the opinion offered by the late Carl Sagan — “Exceptional claims require exceptional proof”. Ms. Bump made an exceptional claim, and the burden was on her to support that claim with exceptional proof.
She utterly failed to meet that criteria.
My state senator just sent this out apropos the RMV (not completely related to our discussion):
http://senatorlesser.com/wp-content/uploads/2018/09/Legislators-Letter-to-RMV-Handicap-Placards-Issue-in-Western-MA-Persists-Two-Years-Later.pdf