George Hulme at InformationWeek has an interesting story about a Target store scanning his driver’s license when he went to buy Nicorette gum:
Now, during checkout, the cashier asks to “see” my driver’s license. Alright, since I’ve been carded before buying controlled substances, I figure she needs to check my age.
Before I have a chance to realize exactly what’s going on, the cashier swipes my driver’s license through the register. The machine then kicks and spasms out my receipt. Whoa!
I inquire, “What information, if any, was captured from my license?”
I get that deer-in-the-headlights what-ya-talk’n-bout glaze. She’d never thought about, or was apparently never asked, why she was physically scanning driver’s licenses.
“You asked to ’see’ my license, but you swiped it. Big difference,” I say.
The cashier has no idea how to answer his question. Hulme leaves a message at Target’s press office asking for information as to whether his data was merely scanned to verify age or if all of his license data was downloaded by Target; if so what was the reason for this data capture and how long were they going to keep his data. No answer. He also e-mailed Target customer service and got a response. But it was a non-response. Read his full story.
Note that the final regulations for the REAL ID national identification system includes an unencrypted machine-readable zone. This means that anyone with an off-the-shelf card reader could swipe and download your personal data. And DHS Secretary Chertoff wants everyone to use this national ID card to “cash a check, hire a baby sitter, board a plane or engage in countless other activities,” so all of those situations could lead to your data being downloaded and retained.
Has your license or ID card data been swiped and retained by a store, bank, bar, club or other business? Tell us about it. E-mail jph AT papersplease.org