REAL ID – Page 10 – Papers, Please!

Aug 27 2009

Of course it’s not a national ID card

Whenever questions are raised about national ID schemes like REAL-ID or PASS-ID, their more public-relations savvy proponents are always quick to say, “But of course this isn’t a national ID card”. The same goes for L-1 Identity Solutions, the prime drivers license, ID card, and ID and biometric database contractor, aggregator, and data miner for California and the majority of other states (and keynote presenter at ICAO’s upcoming Symposium on Machine Readable Travel Documents next month in Montreal).

So we were interested to see how L-1 describes its products to its customers in this full-page ad on the back cover of the latest issue of ICAO’s Machine Readable Travel Document Report:

But of course, this isn’t a national ID card.

Jul 17 2009

PASS ID or REAL-ID? Tweedle-dum or Tweedle-dee?

The Senate Homeland Secuirty Committee hearing this Wednesday on “Reevaluating the REAL ID Act” was a sham, in which the only”opponents” or “critics” of the current REAL-ID law allowed to testify were those who prefer the PASS-ID bill to substitute an alternate national ID card mandate. Critics of any national ID need not apply to be heard as part of this debate between Tweedle-dee and Tweedle-dum.

Eevn the few positive features of the PASS-ID bill came under attack. Senator Collins of Maine wanted to know whether the bill would allow the sort of airport “security” measures that are used in Israel (notorious for ethnic profiling), and specifically whether the PASS-ID provision that, ““no person shall be denied boarding a commercial aircraft solely on the basis of failure to present a driver’s license or identification card issued pursuant to this subtitle,” would still allow denail of boarding, regardless of ID, solely on the basis of “behavioural profiling”. And the National Retail Association wants to make sure that the PASS-ID prohibition on non-governmental scanning or use of machine-readable (bar-code, mag stripe, or RFID) data on government-issued ID cards would still allow stores to skim this data in order to profile patterns of “suspicious” merchandise returns. Would anyone object, they want to know, to an exception to this provision that would allow scanning and tracking of machine-readable ID data to detect or prevent “fraud or other illegal activity”?

Yes, we would object to such an open-ended exception. More importantly, we object to any mandatory national ID. So do tens of millions of Americans, regardless of whether Congress does’t want our views to be part of the debate.

Jun 25 2009

Courts and Congress finally start to rein in the TSA

Until recently, the TSA has been a domestic legal Guantanamo, and the TSA has treated their domain of “checkpoints” and travel control and surveillance as a law-free zone where their powers of search, seizure, detention, and denial of passage were unconstrained by the Constitution, human rights treaties, judicial review, or stautory or regulatory standards. As indeed it has been: Congress has enacted no law specifically defining any limits on the authority of TSA agents at checkpoints (or elsewhere), and the TSA itself has never conducted any rulemaking or issued any publicly-disclosed regulations defining its authority, the limits of that authority, what orders travellers do or don’t have to comply with, and which forms of “noncooperation” are considered grounds for which sanctions (more intrusive search, denial of transportation, admninistrative fine, detention, etc.). While the TSA has never been explicitly exempted from the Constitution or treaties such as the International Covenant on Civil and Political Rights, the DHS has sought to avoid ever allowing judicial review of fly/no-fly decisions, and the courts themselves have gone out of their way to avoid ruling on the legality of TSA actions — such as when the 9th Circuit invented a counter-factual claim (without ever allowing an evidentiary hearing on the facts) that John Gilmore hadn’t actually been required to show ID credentials in order to fly, as a way to avoid ruling on whether an ID-to-fly requirement would be Constitutional. As for the Executive, President Obama has yet to nominate an Administrator of the TSA, leaving this one of the highest-ranking vacancies in the Administration and leaving the TSA operating on autopilot under lame-duck holdovers.

In the absence of any explicit rules or any judicial, legislative, or executive oversight, the TSA has felt no need to seek authority for its ever-expanding assertions of authority through legislation or rulemaking. Nor has the TSA recognized any duty of self-restraint or self-policing to ensure its actions conform to the law. Instead, the TSA has simply wielded its power to do whatever it wished, on the disgraceful assumption that, “If we’re doing something wrong, the courts will tell us — if and when someone can afford to sue us, and they win a court judgment against us.” In the meantime, the TSA will do, and claim the right to do, anything that hasn’t already specifically been ruled illegal. Kind of like the thief who assumes that they can steal whatever they want, and that if something turns out not be theirs, they’ll give it back if and when someone sues and wins a court judgment ordering its return.

Time and again we’ve pointed out this failure to subject the TSA to the rule of law. See, for example, our most recent prior post on this topic, our agenda on the right to travel submitted to the Obama Administration and Congress after the 2008 elections, and our comments earlier this month at the Computers, Freedom, and Privacy conference session with Obama Administration representatives and others at 1:45:53 of this video. Until recently, however, neither the Courts, the Congress, nor the Executive branch have wanted to confront the question of what rules govern the TSA.

We’re please to report that this is finally beginiing to change, in small ways but on numerous fronts:

California DMV plans crackdown on “look-alikes”

Has anyone ever looked at your face and mistaken you for someone else?

If so, and if you live in California, you could be a victim of a proposal by the California Department of Motor Vehicles which is now under consideration in the state legislature.

At a hearing yesterday (May 13, 2009) before the Assembly Budget Subcommittee No. 5 on Information Technology/Transportation, the Director and Chief Information Officer of the DMV pleaded for more money (in spite of the desperate state budget crisis) to hire a contractor to digitize and store the photographs taken for every California drivers license or state ID, and then use “biometric” facial recognition and matching software to compare each new photo of an applicant for a license or ID with every photo in the database. (The DMV proposal next goes before the Senate Budget Subcommittee No. 2 on Resources, Environmental Protection, Energy and Transportation on Wednesday, March 20th.)

If the computer thinks your picture looks like any other picture in the database, both you and the other person whose photo the robot thinks looks like yours would be placed under suspicion of fraud, identity theft, or worse. Read More →

Mar 10 2009

DHS considering hackable long-range RFID as “alternative” to REAL-ID

Chris Strohm of the National Journal’s CongressDaily reports:

Homeland Security Secretary Janet Napolitano, a former governor of Arizona, said Monday that her office is participating in a working group established by the National Governors Association to review the so-called Real ID law, which Congress passed in 2005 while under Republican control.

“What they’re looking at is whether statutory changes need to be made to Real ID,” Napolitano said after a speech to Homeland Security employees marking the sixth anniversary of the department’s creation.

“They are looking at whether some version of an enhanced driver’s license that perhaps creates options for states would be feasible. They’re looking at what the fiscal impact would be particularly given that states have no money right now,” she added.

“I would expect that over the course of the spring we’ll be rolling something out,” she said.

So-called “enhanced” drivers licenses, already being issued in Washington and Vermont, contain a remotely-readable long-range (“vicinity”) RFID chip, in violation of ICAO international standards for only shorter-range RFID chips in travel documents, with a globally unique identification number to permit anyone within range to track the card or the movements of the person carrying it. Hackers have already demonstrated, in on-camera real-world tests on the streets of San Francisco, that these enhanced drivers licences and the passport cards that use the same type of RFID chips have succeeded in their design goal of being readable from inside or outside a moving car as it passes by.

This is no “solution” to the problems of the REAL-ID Act, and no improvement.

As we’ve argued in our proposals to the administration and Congress, the only solution to REAL-ID is repeal. Until Congress takes that essential action, states and citizens should continue their refusal to comply with REAL-ID.

Feb 03 2009

Drive-by reader for RFID drivers licenses and passport cards

Hacker and researcher Chris Paget has demonstrated the ability to read the globally unique serial numbers on RFID chips in passport cards and electronic drivers licenses in the purses and pockets of pedestians on the street from a passing car, at least 30 feet (9 m) away, and to make cloned copies that broadcast the same ID numbers, using a laptop computer and commercial surplus hardware bought on eBay for $250.

Maryland Seeks to Change License Policy on Immigration In Order to Implement REAL ID System

Maryland’s governor and transportation secretary have announced that they will seek legislation to change the state’s long-standing policy on driver’s license registration and require proof of legal residence before issuing the cards to state residents. Maryland is hoping to make this change as it begins implementing the federal REAL ID national identification system. The governor had rejected a previous proposal for a two-tier system that would have allowed the issuance of a lower-tier license to individuals unwilling to show such proof.

According to the Maryland Motor Vehicle Association’s site, REAL ID implementation means that. “Effective January 1, 2010, individuals applying for a new license will be required to show documentation to prove that they are in the United States legally.” Driver’s license applicants will have to show “Documents such as Social Security Card, U.S. Birth Certificate, U.S. Naturalization of Citizenship, Valid U.S. Passport, Valid Foreign Passport with Visa, U.S. Permanent Residency Card” or other documents to prove their legal presence in the United States.

We have previously detailed the many privacy and security problems that arise from requiring such documentation for a state driver’s license, but let’s focus on the immigration issue that Maryland is attempting to address. Read More →

Dec 02 2008

As DHS Secretary, Napolitano Should Halt REAL ID System

The New York Times has a story today about Arizona Gov. Janet Napolitano’s nomination as Obama’s Secretary of Homeland Security. The story states that in this new position, Napolitano would have to lead the REAL ID program, a national identification scheme that DHS is attempting to foist on the states. As governor of Arizona, Napolitano signed legislation to join 10 other states in rejecting this national ID program.

The substantial civil liberty problems inherent in this scheme to create a national database of the country’s driver’s license and state ID cardholders won’t disappear if Napolitano replaces Michael Chertoff as the head of DHS. Napolitano should stick to her beliefs and reject this system. As governor, Napolitano focused on the high cost of implementing this national ID system to the states, and these costs will remain substantial if the new administration implements the system created under Chertoff.

In The Identity Project’s recommendations to the Obama transition team, we urged the repeal of REAL ID. Besides the civil liberty problems, REAL ID also has security problems. Those of us who have been following the REAL ID issue, as well as other identification-based security programs, know that there is no sure way for an individual to prove his or her identity based merely on documents that can be easily forged. Therefore, REAL ID would create a system that people would trust even though they shouldn’t — because criminals and terrorists can spend the time and money necessary to forge these “trusted” ID cards.

REAL ID is a fundamentally flawed national ID system for which there is no fix. It must be repealed, and Napolitano should halt the implementation when she takes office.

Nov 10 2008

The Obama Administration and the Right to Travel

The Obama Administration promises change, and invites suggestions for their agenda.

Since they’ve asked, here are the first things we think the new administration should do to restore our right to travel, and to address the issues of ID requirements and identity-based government surveillance and control of travel and movement.

Some of these can be accomplished with the stroke of a pen on Inauguration Day in January, through Presidential proclamations and directives to Executive staff and agencies. Others can be ordered by the President, but will require a slightly longer process to comply with administrative notice and comment requirements for changes to (and, in many cases, withdrawal of) Federal regulations. Others will require legislation, which we urge the Presidential transition team and members of Congress to begin drafting so they can take action early in the new Congressional session. If asked, we would be available to advise and participate in this process. Finally, Senators should question nominees for Executive appointments —especially those nominated to be the new Secretary of Homeland Security and the Administrator of the TSA – about how they will address specific, important issues from the day they take office. These questions are detailed below (and also available here in PDF format).

Executive Orders:

Reaffirm Executive Order 13107 on Implementation of Human Rights Treaties, and instruct heads of agencies to ensure that it is carried out. As part of his agenda, President-Elect Obama has promised to “strengthen civil rights enforcement,” and this should include enforcement of rights guaranteed by international human rights treaties to which the U.S. is a party. In particular, President-Elect Obama should extend Executive Order 13107 to explicitly mandate consideration of international human rights treaties in Federal agency rulemakings that could implicate rights protected under those treaties — such as the freedom of movement guaranteed by Article 12 of the International Covenant on Civil and Political Rights (ICCPR). Read More →

Oct 03 2008

California Governor Rejects Bill That Would Implement REAL ID System

California Gov. Arnold Schwarzenegger has vetoed SB 60. The legislation would have created a two-tier driver’s license system that would have allowed for the issuance of licenses to undocumented immigrants while at the same time formally adopt the REAL ID Act’s national identification system in California.

Specifically, SB 60 said:

SEC. 2. The Legislature intends by the enactment of this act to accomplish the following:
(a) Meet or exceed the document and issuance standards set forth in the federal Real ID Act of 2005 (Public Law 109-13), to ensure that California has a federally recognized and acceptable driver’s license and identification card.
(b) Provide driver’s licenses that permit driving, but cannot be used for federal identification purposes, consistent with the federal Real ID Act of 2005, to California drivers that cannot meet the minimum identity confirmation requirements necessary to obtain a federally recognized driver’s license or identification card.

In a statement (PDF) accompanying the veto, Gov. Schwarzenegger focused on the immigration implications of the REAL ID Act. He explained, “This bill does not specify how DMV would validate the identity of individuals who do not have documented proof that their presence in the United States is authorized under federal law. I have previously stated that the ability to verify documents used to establish an identity must include a way to determine whether an individual is who he or she purports to be.” Read More →

S	M	T	W	T	F	S
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28	29	30