Politech is the oldest Internet resource devoted to politics and technology. Launched in 1994 by Declan McCullagh, the mailing list has chronicled the growing intersection of law, culture, technology, and politics. Since 2000, so has the Politech web site.

Previous messages:
http://www.politechbot.com/2005/02/09/bush-admin-loves/
http://www.politechbot.com/2005/02/09/two-more-warnings/
http://www.politechbot.com/2005/03/24/john-gilmore-on/


-------- Original Message --------
Subject: 	Real ID = National ID
Date: 	Wed, 04 May 2005 11:02:54 -0400
From: 	Barry Steinhardt <bsteinhardt@aclu.org>
To: 	<declan@well.com>



Declan,


Congressional passage of the "Real ID" legislation is now all but a done
deal, House and Senate conferees having agreed to inclusion of language
in an appropriations bill that is all but certain to pass.

The name "Real ID" is, if anything, too modest.  Despite deep public
opposition over the years to a national identity card, and Congress's
unwillingness to even consider the idea directly, our security agencies
have now gotten what they want as proponents have succeeded in pushing
through Congress a National ID-in-disguise.

     * *The "Real ID" Act is indeed a real (national) ID.*  Although
       individual states' driver's licenses may continue to exhibit
       cosmetic differences, they will now contain a standardized set of
       information collected by all 50 states, which means that
       underneath each state's pretty designs they are really a single
       standardized national card - backed up not only by biometrics, but
       also by a standardized "machine-readable zone" and by a national
       database of ID information.  Local DMV offices may continue to
       appear to be state offices, but they will now become agents acting
       on behalf of the federal government, charged with issuing a
       national identity document without which one will be unable to
       function in America.
     * *National database creates powerful tracking tool.* Real ID
       requires the states to link their databases together for the
       mutual sharing of data from these IDs.  This is, in effect, a
       single seamless national database, available to all the states and
       to the federal government.  (The fact that the database is a
       distributed one, maintained on interconnected servers in the
       separate states, makes no difference.)* *
     * *National database creates security risks.* The creation of a
       single interlinked database creates a one-stop shop for identity
       thieves and terrorists who want to assume an American's identity.
       The security problems with creating concentrated databases has
       recently been demonstrated by the rampant number of data breaches
       in recent months in which information held by commercial database
       companies has fallen into the hands of identity thieves or
       others.  The government's record at information security is little
       better and that is especially true at state Motor Vehicle
       Departments that have routinely been the targets of both insider
       and outsider fraud and just plain larceny.
     * *The "machine-readable zone" paves the way for private-sector
       piggybacking.*  Our new IDs will have to make their data available
       through a "common machine-readable technology."  That will make it
       easy for anybody in private industry to snap up the data on these
       IDs.  Bars swiping licenses to collect personal data on customers
       will be just the tip of the iceberg as every retailer in America
       learns to grab that data and sell it to Choicepoint for a dime.
       It won't matter whether the states and federal government protect
       the data - it will be harvested by the private sector, which will
       keep it in a parallel database not subject even to the limited
       privacy rules in effect for the government.
     * *This national ID card will make observation of citizens easy but
       won't do much about terrorism.*  The fact is, identity-based
       security is not an effective way to stop terrorism.  ID documents
       do not reveal anything about evil intent - and even if they did,
       determined terrorists will always be able to obtain fraudulent
       documents (either counterfeit or real documents bought from
       corrupt officials).
     * *Negotiated rulemaking.*  Among the any unfortunate effects of
       this legislation is that it pre-empts another process for
       considering standardized driver's licenses that was far superior.
       That process (set in motion by the Intelligence Reform Act of
       2004) included a "negotiated rulemaking" among interested parties
       - including the states and civil liberties groups - to create
       standards.  Instead, the worst form of rules is being imposed,
       with the details to be worked out by security officials at DHS
       instead of through balanced negotiations among affected parties.
     * *"Your papers, please."*  In the days after 9/11, President Bush
       and others proclaimed that we must not let the terrorists change
       American life.  It is now clear that - despite its lack of
       effectiveness against actual terrorism - we have allowed our
       security agencies push us into making a deep, far-reaching change
       to the character of American life.


Barry Steinhardt

Director Technology and Liberty Project
American Civil Liberties Union

Posted by Declan McCullagh on May 04, 2005 in category privacy

Get a Politech feed through RSS or Atom

The Politech general information pages and photographs are copyrighted by Declan McCullagh. Original posts distributed to the mailing list are licensed under a Creative Commons License.