Previous messages:
http://www.politechbot.com/2005/02/09/bush-admin-loves/
http://www.politechbot.com/2005/02/09/two-more-warnings/
http://www.politechbot.com/2005/03/24/john-gilmore-on/
-------- Original Message --------
Subject: Real ID = National ID
Date: Wed, 04 May 2005 11:02:54 -0400
From: Barry Steinhardt <bsteinhardt@private>
To: <declan@private>
Declan,
Congressional passage of the "Real ID" legislation is now all but a done
deal, House and Senate conferees having agreed to inclusion of language
in an appropriations bill that is all but certain to pass.
The name "Real ID" is, if anything, too modest. Despite deep public
opposition over the years to a national identity card, and Congress's
unwillingness to even consider the idea directly, our security agencies
have now gotten what they want as proponents have succeeded in pushing
through Congress a National ID-in-disguise.
* *The "Real ID" Act is indeed a real (national) ID.* Although
individual states' driver's licenses may continue to exhibit
cosmetic differences, they will now contain a standardized set of
information collected by all 50 states, which means that
underneath each state's pretty designs they are really a single
standardized national card - backed up not only by biometrics, but
also by a standardized "machine-readable zone" and by a national
database of ID information. Local DMV offices may continue to
appear to be state offices, but they will now become agents acting
on behalf of the federal government, charged with issuing a
national identity document without which one will be unable to
function in America.
* *National database creates powerful tracking tool.* Real ID
requires the states to link their databases together for the
mutual sharing of data from these IDs. This is, in effect, a
single seamless national database, available to all the states and
to the federal government. (The fact that the database is a
distributed one, maintained on interconnected servers in the
separate states, makes no difference.)* *
* *National database creates security risks.* The creation of a
single interlinked database creates a one-stop shop for identity
thieves and terrorists who want to assume an American's identity.
The security problems with creating concentrated databases has
recently been demonstrated by the rampant number of data breaches
in recent months in which information held by commercial database
companies has fallen into the hands of identity thieves or
others. The government's record at information security is little
better and that is especially true at state Motor Vehicle
Departments that have routinely been the targets of both insider
and outsider fraud and just plain larceny.
* *The "machine-readable zone" paves the way for private-sector
piggybacking.* Our new IDs will have to make their data available
through a "common machine-readable technology." That will make it
easy for anybody in private industry to snap up the data on these
IDs. Bars swiping licenses to collect personal data on customers
will be just the tip of the iceberg as every retailer in America
learns to grab that data and sell it to Choicepoint for a dime.
It won't matter whether the states and federal government protect
the data - it will be harvested by the private sector, which will
keep it in a parallel database not subject even to the limited
privacy rules in effect for the government.
* *This national ID card will make observation of citizens easy but
won't do much about terrorism.* The fact is, identity-based
security is not an effective way to stop terrorism. ID documents
do not reveal anything about evil intent - and even if they did,
determined terrorists will always be able to obtain fraudulent
documents (either counterfeit or real documents bought from
corrupt officials).
* *Negotiated rulemaking.* Among the any unfortunate effects of
this legislation is that it pre-empts another process for
considering standardized driver's licenses that was far superior.
That process (set in motion by the Intelligence Reform Act of
2004) included a "negotiated rulemaking" among interested parties
- including the states and civil liberties groups - to create
standards. Instead, the worst form of rules is being imposed,
with the details to be worked out by security officials at DHS
instead of through balanced negotiations among affected parties.
* *"Your papers, please."* In the days after 9/11, President Bush
and others proclaimed that we must not let the terrorists change
American life. It is now clear that - despite its lack of
effectiveness against actual terrorism - we have allowed our
security agencies push us into making a deep, far-reaching change
to the character of American life.
Barry Steinhardt
Director Technology and Liberty Project
American Civil Liberties Union
_______________________________________________
Politech mailing list
Archived at http://www.politechbot.com/
Moderated by Declan McCullagh (http://www.mccullagh.org/)
This archive was generated by hypermail 2.1.3 : Wed May 04 2005 - 15:26:57 PDT