Amid the whirring of pigs' wings and crackling of ice from the underworld comes another unexpected noise: the sound of someone in government actually taking charge. Believe it or not, federal agencies across the board have been given 120 days to go through their files, track down every unneeded SSN, and put a plan into place to "eliminate the unnecessary collection and use of Social Security numbers within 18 months."

These long overdue marching orders arrived in a memo from Clay Johnson III, deputy director for management of the Office of Management and Budget, which he sent to the heads of every federal department and agency. The agencies were also told to review all information that could be used to identify an individual citizen or employee, make sure those records are accurate, and "reduce them to the minimum necessary" for the agencies to do their job.

Never mind the inevitable chorus of whining bureaucrats. Johnson's line in the sand will be tough to retreat from, and that's all to the good.

This welcome change is based on the common-sense premise that "the federal government should not unnecessarily collect or maintain personally identifiable information," according to an OMB spokesperson. That may sound obvious to the ordinary mortals among us, but bureaucrats are a breed apart. That being so, this realization has taken a little time.

Too much time, if you ask the 26.5 million military personnel whose SSNs and other personal data were on a laptop stolen from a Veterans Affairs Department employee. (To make matters worse, 2.2 million of those people were on active duty — not the folks you want to saddle with an extra set of problems.) In the wake of that scandal, an investigation by a House committee found that 19 federal agencies had suffered a total of 788 data breach incidents just since the beginning of 2003, putting hundreds of thousands more Americans' personal information in jeopardy in the process.

The OMB spokesperson said the memo "formalizes the recommendations" of the President's Identity Theft Task Force, which were made public on April 23. "Agencies will reduce the unnecessary use of the Social Security number, thus reducing the potential for loss of personal data and the potential for identity theft."

Provided the federal government actually follows through on this call to action, we'll have taken a major step forward in the fight against identity theft by early 2009. Will that undo the sorry record of breaches, inaction, and doubletalk? To do that would require a time machine — but maybe that's the next miracle up Johnson's sleeve.