I don't think that's a valid point at all. The OP isn't just giving the SSN to the employee in a vacuum. That SSN is going into a Delta IT system; the OP might not distrust the employee, but might very well distrust Delta to properly secure their systems.
However the OP was willing to send it directly to DL. They just didn't want to give it to their "friend."