|
Electronic Frontier Foundation ACTION ALERT
ALERT: National ID Cards from DMV? Protect Your Privacy! (Issued: Jan. 16, 2002 / Expires: February 8, 2002) Introduction: The American Association of Motor Vehicle Administrators (AAMVA) Special Task Force on Identification Security has recommended that the driver's license become the functional equivalent of a national ID card and has requested that Congress adopt and fund the Driver Record Information Verification System (DRIVers), so that "state agencies and federal agencies such as the Immigration and Naturalization Service, the Social Security Administration, the Bureau of Vital Statistics, and, if necessary, the Federal Bureau of Investigation, can share information." What You Can Do:
Sample Letter (or Phone Script): Dear Ms. Lewis: I oppose the AAMVA proposal to adopt the driver's license as a national ID card. I also oppose the AAMVA's efforts to get Congress adopt and fund the Driver Record Information Verification System. Most Americans oppose efforts to create a national government database of personally-identifiable information because of the potential abuses and malfunctions any such system would necessarily create. Even the Bush administration has stated that it does not support national ID cards. National ID cards are simply not worth the risks to privacy and civil liberties posed by increased and increasing ability to track people. Sincerely, [sign name here, include full address for maximum effect] Who to Contact: Linda Lewis, President and CEO
Tips: Please remember to be polite but firm. Ranting, swearing, or lack of clear focus and resolve will not make a good impression. Try to make it brief (1-3 paragraphs written, or a few sentences spoken) and clear, without getting into nitpicky details. Re-casting the letter in your own words will be more effective than copy-pasting our sample. Activists Around the World This alert is primarily for U.S. residents. However, national ID schemes and other surveillance measures are on the rise globally, so keep an eye out in your own jurisdiction for similar issues you can act on. Background: Among the most questionable responses to the Sept. 11 tragedy is the call for a national ID card or system. Although the Bush Administration has so far rejected the idea, many others -- including commercial vendors -- are clamoring for some kind of national ID system. Oracle chairman Larry Ellison has been in the forefront of these calls, but he's not alone. The most recent proposal is by the American Association of Motor Vehicle Administrators. The AAMVA's Special Task Force on Identification Security has recommended that the driver's license become the functional equivalent of a national ID card. The AAMVA wants to "produce a uniform, secure, and interoperable driver's license/ID card to uniquely identify an individual." In a 90-page document, the AAMVA has already issued a "National Standard for the Driver License/Identification Card." The AAMVA also wants Congress to adopt and fund the Driver Record Information Verification System (DRIVers), so that "state agencies and federal agencies such as the Immigration and Naturalization Service, the Social Security Administration, the Bureau of Vital Statistics, and, if necessary, the Federal Bureau of Investigation, can share information." There's no question that ID systems can be useful for many purposes -- we use them every day -- or that the driver's license is the de facto ID card in modern America. But it's quite unclear how a new national ID system shared between governmental agencies would help prevent terrorism -- and dubious whether it is worth the risks to privacy posed by increased and increasing ability to track individuals. Computer security expert Bruce Schneier explains that a national ID system has four basic components: a card that contains information about the person; a database (or set of databases) of information linked to the card; a system for checking the card data against the database; and some sort of registration procedure that verifies the information. He goes on to say: "The way to think about the security of this system is no different from any other security countermeasure. One, what problem are IDs trying to solve? Two, how can IDs fail in practice? Three, given the failure modes, how well do IDs solve the problem? Four, what are the costs associated with IDs? And five, given the effectiveness and costs, are IDs worth it?" ID system proponents seem to think that the problem is being unable to verify identity. But it's not at all clear how that helps against terrorism. For instance, most of the hijackers were in the United States legally and had no "bad" record with the FBI. Simply knowing who someone is doesn't mean you know that person should or shouldn't be allowed to board an airplane. As Schneier puts it, "much of the utility of the national ID card assumes a pre-existing database of bad guys. We have no such database." Schneier notes that IDs can fail in practice many different ways. Each component of the system can fail: cards can be counterfeited, databases can be wrong or compromised; those who check IDs can be careless, make mistakes or, even worse, be compromised. Schneier concludes that IDs are "prone to errors and misuse, and are likely to be blindly trusted even when wrong." Even state DMV officials appear aware of the weaknesses in their systems. At a recent hearing on ID cards before the California State Assembly Judiciary Committee attended by an EFF representative, an official of the California DMV anticipated questions about card fraud and admitted that counterfeiters can make "very passable forged driver's licenses, including the magstripe." He also explained that while California has around 30 million thumbprints on file, their data isn't good enough to be used for computer matching -- so they would probably need to collect thumbprints again for use on driver's licenses. Perhaps none of these problems is insoluble. But what's clear is that it would take an enormous commitment of resources to "harden" the system, and an enormous commitment to pay attention to maintain it. Schneier's rough calculation: "tough" cards might cost a dollar each; creating and maintaining the database will cost a few times that per person, registration will cost many times that per person (assume 250 million Americans); then factor in the costs associated with hardware, software, and person-hours of checking IDs. Even worse, a national ID card or system carries tremendous risks to civil liberties. Fundamentally, of course, an ID system aims to uniquely identify people and permits them to be tracked across their transactions and to be linked to all the informational traces thereby created. History tells us that ID systems have a strong momentum toward a checkpoint mentality. Those who push for ID systems are well aware of this and try to start small. During the attempt to introduce the Australia Card, one planning document stated: "It will be important to minimize any adverse public reaction to implementation of the system. One possibility would be to use a staged approach for implementation, whereby only less sensitive data are held in the system initially with the facility to input additional data at a later stage when public acceptance may be forthcoming more readily." Police who are given powers to demand ID invariably have powers to detain people who do not have the card, or who cannot prove their identity. Great Britain, for instance, began issuing wartime ID cards in 1939 in order to administer rations. In 1952, the system was discontinued because police had too much discretion to stop people for ID checks. Do we really trust our DMVs, or any other ID bureaucracy, to run this system? EFF fears that we'll end up with the worst of both worlds: a system that isn't good enough to protect against terrorism, but is good enough to create an internal passport system for ordinary, law-abiding Americans. Amazingly -- or perhaps not so amazingly -- the AAMVA's recommendations and press releases don't even mention personal privacy. Indeed, AAMVA will soon be holding a conference to talk about its plans, and it is inviting commercial vendors to display their wares. EFF urges its members and readers to contact the AAMVA to express opposition to this ill-considered proposal. Links: AAMVA Website: http://www.aamva.org/ Bruce Schneier's Crypto-Gramm newsletter article on national IDs: http://www.counterpane.com/crypto-gram-0112.html#1 EFF Privacy Archive: http://www.eff.org/Privacy/ EFF's "Privacy Now!" Campaign:
About EFF: The Electronic Frontier Foundation is the leading civil liberties organization working to protect rights in the digital world. Founded in 1990, EFF actively encourages and challenges industry and government to support free expression, privacy, and openness in the information society. EFF is a member-supported organization and maintains one of the most linked-to Web sites in the world:
Contacts: Will Doherty, EFF Online Activist / Media Relations
Katina Bishop, EFF Offline Activist / Education Dir.
|