National ID card on the way? Congress about to approve Real ID act [priv]

[Declan McCullagh <declan () well com>]

Previous messages:
http://www.politechbot.com/2005/02/09/bush-admin-loves/
http://www.politechbot.com/2005/02/09/two-more-warnings/
http://www.politechbot.com/2005/03/24/john-gilmore-on/


-------- Original Message --------
Subject:        Real ID = National ID
Date:   Wed, 04 May 2005 11:02:54 -0400
From:   Barry Steinhardt <bsteinhardt () aclu org>
To:     <declan () well com>



Declan,


Congressional passage of the "Real ID" legislation is now all but a done
deal, House and Senate conferees having agreed to inclusion of language
in an appropriations bill that is all but certain to pass.

The name "Real ID" is, if anything, too modest.  Despite deep public
opposition over the years to a national identity card, and Congress's
unwillingness to even consider the idea directly, our security agencies
have now gotten what they want as proponents have succeeded in pushing
through Congress a National ID-in-disguise.

    * *The "Real ID" Act is indeed a real (national) ID.*  Although
      individual states' driver's licenses may continue to exhibit
      cosmetic differences, they will now contain a standardized set of
      information collected by all 50 states, which means that
      underneath each state's pretty designs they are really a single
      standardized national card - backed up not only by biometrics, but
      also by a standardized "machine-readable zone" and by a national
      database of ID information.  Local DMV offices may continue to
      appear to be state offices, but they will now become agents acting
      on behalf of the federal government, charged with issuing a
      national identity document without which one will be unable to
      function in America.
    * *National database creates powerful tracking tool.* Real ID
      requires the states to link their databases together for the
      mutual sharing of data from these IDs.  This is, in effect, a
      single seamless national database, available to all the states and
      to the federal government.  (The fact that the database is a
      distributed one, maintained on interconnected servers in the
      separate states, makes no difference.)* *
    * *National database creates security risks.* The creation of a
      single interlinked database creates a one-stop shop for identity
      thieves and terrorists who want to assume an American's identity.
      The security problems with creating concentrated databases has
      recently been demonstrated by the rampant number of data breaches
      in recent months in which information held by commercial database
      companies has fallen into the hands of identity thieves or
      others.  The government's record at information security is little
      better and that is especially true at state Motor Vehicle
      Departments that have routinely been the targets of both insider
      and outsider fraud and just plain larceny.
    * *The "machine-readable zone" paves the way for private-sector
      piggybacking.*  Our new IDs will have to make their data available
      through a "common machine-readable technology."  That will make it
      easy for anybody in private industry to snap up the data on these
      IDs.  Bars swiping licenses to collect personal data on customers
      will be just the tip of the iceberg as every retailer in America
      learns to grab that data and sell it to Choicepoint for a dime.
      It won't matter whether the states and federal government protect
      the data - it will be harvested by the private sector, which will
      keep it in a parallel database not subject even to the limited
      privacy rules in effect for the government.
    * *This national ID card will make observation of citizens easy but
      won't do much about terrorism.*  The fact is, identity-based
      security is not an effective way to stop terrorism.  ID documents
      do not reveal anything about evil intent - and even if they did,
      determined terrorists will always be able to obtain fraudulent
      documents (either counterfeit or real documents bought from
      corrupt officials).
    * *Negotiated rulemaking.*  Among the any unfortunate effects of
      this legislation is that it pre-empts another process for
      considering standardized driver's licenses that was far superior.
      That process (set in motion by the Intelligence Reform Act of
      2004) included a "negotiated rulemaking" among interested parties
      - including the states and civil liberties groups - to create
      standards.  Instead, the worst form of rules is being imposed,
      with the details to be worked out by security officials at DHS
      instead of through balanced negotiations among affected parties.
    * *"Your papers, please."*  In the days after 9/11, President Bush
      and others proclaimed that we must not let the terrorists change
      American life.  It is now clear that - despite its lack of
      effectiveness against actual terrorism - we have allowed our
      security agencies push us into making a deep, far-reaching change
      to the character of American life.


Barry Steinhardt

Director Technology and Liberty Project
American Civil Liberties Union


_______________________________________________
Politech mailing list
Archived at http://www.politechbot.com/
Moderated by Declan McCullagh (http://www.mccullagh.org/)