Privacy and Security Risks in Driver's License Proposals

THE CENTER FOR DEMOCRACY AND TECHNOLOGY ^ | 09-05-02 | staff

[backhoe]

 

----- Original Message -----

From: <info@cdt.org>

To: <policy-posts@cdt.org>

Sent: Thursday, September 05, 2002 2:01 PM

Subject: Policy Post 8.17: Privacy and Security Risks in Driver's License Proposals

>
> CDT POLICY POST Volume 8, Number 17, September 5, 2002
>
> A BRIEFING ON PUBLIC POLICY ISSUES AFFECTING CIVIL LIBERTIES ONLINE
> from
> THE CENTER FOR DEMOCRACY AND TECHNOLOGY
>
> CONTENTS:
>
> (1) Privacy and Security Risks in Driver's License Proposals
> (2) CDT Calls for Moratorium on New Uses of Driver's License
> (3) Fraud Common at State DMVs
> (4) Japanese Privacy Protests Offer Lesson for U.S.
> (5) Congressional Proposals on Driver's Licenses
>
> ------------------------------------------------------------------------
>
> (1) PRIVACY AND SECURITY RISKS IN DRIVER'S LICENSE PROPOSALS
>
> The state driver's license has become much more than a license to drive. It
> is now used as a primary means of authenticating identity in a wide range of
> commercial and governmental transactions having nothing to do with operating
> a motor vehicle.
>
> In the wake of the horrific attacks of September 11, some have suggested that
> we should standardize the design of the state driver's license, add more
> features to the card and create data systems linked to the card. The new
> functionality of the card would lead to further reliance on it, including for
> access control and security screening purposes. Yet, the policy structure for
> issuance and use of driver's licenses has not kept pace with the increased
> weight already being placed upon the cards and is totally inadequate for the
> expansions proposed in the name of fighting terrorism.
>
> One year after the September 11 attacks, there is no evidence that flaws in
> the design and security of drivers' licenses themselves facilitated the
> hijackers in carrying out their plans. From what we know, most of the
> hijackers were not using stolen, counterfeit or altered ID cards. Rather,
> they were using legitimate state driver's licenses or non-driver ID cards
> obtained from Department of Motor Vehicle (DMV) offices. The hijackers appear
> to have obtained these cards using methods that highlight basic problems in
> the process of issuing ID cards, ranging from weak laws and procedures to the
> bribery of DMV employees. These problems are not ones that could be cured by
> introducing more biometrics in the cards themselves or by linking driver's
> licenses to other state or commercial databases.
>
> CDT Associate Director Ari Schwartz testified today before the House
> Subcommittee on Highways and Transit on these concerns. Schwartz's full
> testimony can be found at: http://www.cdt.org/testimony/020805schwartz.shtml
>
> The National Research Council issued a report in April 2002 entitled
> "IDs -- Not That Easy: Questions About Nationwide Identity Systems":
> http://www.nap.edu/catalog/10346.html?opi_newsdoc041102
>
> In February, CDT was part of a large coalition urging President Bush not to
> create a National ID Card: http://www.aclu.org/congress/l021102a.html
>
> ------------------------------------------------------------------------
>
> (2) CDT CALLS FOR MORATORIUM ON NEW FUNCTIONALITY IN DRIVER'S LICENSE
>
> Building a linked database of information and adding new functionality to
> state driver's licenses (chips with financial or biometric information) would
> add to the demands on use of the driver's licenses and exacerbate the known
> security problems. Instead, Congress and the states should take four steps:
>
> *  Improve the license issuing process -- Fixing the process of issuing
>    driver's licenses is a complex and difficult undertaking, but must be the
>    top priority. In particular, fraud and bribery are rampant in the DMVs and
>    the basic documents used to make decisions about individuals applying for
>    licenses and ID cards are rife with inconsistencies and themselves subject
>    to fraud.
>
> *  Improve computer security in the states and federal government -- use and
>    storage of personal information in networked government computer systems
>    continues to grow while computer security continues to lag. Before federal
>    and state governments seek more information identifying individuals, they
>    must prove their ability to protect this information.
>
> *  Enact privacy standards for use of the driver's license and baseline
>    legislation for commercial privacy -- The use of the driver's license and
>    other identifiers continues to increase in the commercial sector. Without
>    privacy legislation on the use of personally identifiable information in
>    the commercial arena, Americans will not be protected against the misuse
>    of government identifiers. We need rules addressing when the driver's
>    license or other government ID card can be demanded, what information can
>    be taken from it, how individuals denied access or service can resolve
>    doubts about themselves, how to treat people without cards, etc.
>
> *  In the meantime, Congress should declare a moratorium on new features for
>    the driver's license -- Congress should not promote new functionality in
>    a system that we already know is broken. Placing more reliance on the
>    driver's license - such as using it as the centerpiece of an airport
>    security "fast lane" - serves to increase the value of illegally obtained
>    documents at a time when there is a known marketplace for such items.
>
>
>
> ------------------------------------------------------------------------
>
> (3) FRAUD RAMPANT AT STATE DMVS
>
> While the DMVs have spent time and effort on technologies such as laminates
> to make counterfeiting more difficult, other forms of fraud have arisen that
> are of equal or greater consequence. In particular, the fraudulent obtaining
> of legitimate driver's licenses calls into question the utility of many of
> the newly suggested biometric features.
>
> The most alarming case of illegally obtained driver's licenses involves the
> September 11 hijackings. It has been reported that at least 13 of the 19
> hijackers obtained valid licenses or non-driver ID cards from Florida,
> New Jersey or Virginia.
>
> While the Virginia cases have been well documented and involved laws that
> were immediately changed by the Virginia legislature, many other problems in
> the issuance process remain across the country. In particular, multiple recent
> cases involve the bribing of DMV personnel point to a disturbing trend.
>
> *  In June 2002, 36 people - including New Jersey DMV employees - were
>    arrested for involvement in a bribery plot in which an unknown number of
>    legitimate driver's licenses were issued illegally.
>
> *  In February 2002, 9 people - including 3 New York DMV employees - were
>    charged in a bribery scheme that produced about 100 legitimate driver's
>    licenses.
>
> *  Even in the area of commercial licensing - where states have a single
>    database and follow uniform federal standards as required and the under
>    the Commercial Motor Vehicle Safety Act of 1986 (CMVSA) - bribery is
>    common. Such as the well known case in Illinois where at least 175 cases
>    of fraud have been alleged.
>
> *  In December 2001, an eight-year employee of the New York DMV was involved
>    in a bribery scheme to steal the personal information of licensed drivers
>    from the DMV computer database over a two-year period indicating that
>    there is already a known market for personal information held by the DMV.
>
> These bribery cases show that the current driver's license and driver's
> license information are not being adequately protected. Adding new features
> to the card, such as a smart chip, a biometric identifier and/or a uniform
> ID number, would increase the value of the card to society and in the
> marketplace with the result that fraud will increase even as the use of the
> card increases.
>
> ------------------------------------------------------------------------
>
> (4) JAPANESE PRIVACY PROTESTS OFFER LESSON FOR U.S.
>
> Last month, Japanese citizens took to the streets to protest a new government
> identification system, called Juki Net. In a society that Westerners sometimes
> assume does not care about privacy, the project touched a nerve.
>
> Juki Net is based on a national database in Tokyo, intended to link a set of
> personal information--the 11-digit ID number already assigned to all Japanese
> citizens, plus name, date of birth, sex and address. The goal of the network,
> in the short term, is to make it easier for individuals to apply for residency
> cards from anywhere in the country.
>
> But identity theft is a fast-growing crime in Japan. Opponents of Juki Net
> warned that creating a network that concentrates sensitive information
> without respect to fair information principles.
>
> Furthermore, Japan has no comprehensive privacy law for the commercial
> sector. This means that as essential information, such as the ID number,
> becomes more centralized and more commonly used, it can be collected, stored,
> sold and combined with other information with no notice, consent or access
> and correction rights afforded the individual.
>
> In the face of growing public outcry, several major cities have backed away
> from involvement. Yokahama, a city of 3.4 million people, has decided to let
> each resident choose whether to include personal information in the database.
> The mayor of Kokubnji held an official "disconnecting" ceremony to show the
> residents of his city that they would not be included in the database at all.
>
> The state of privacy in Japan and the U.S. is strikingly similar. Identity
> theft has been considered by some officials to be the fastest growing crime
> in the U.S. Like Japan, the U.S. has no comprehensive law to protect
> individual privacy in the commercial sector. Marketers have increasingly
> relied on government-issued identifiers to build and link databases.
>
> For more on Juki Net and its relevance to debates in the U.S., see Ari
> Schwartz's op-ed in the 8/23/02 Chicago Tribune --
> http://www.chicagotribune.com/news/opinion/oped/chi-0208230229aug23.story?
> coll=chi%2Dnewsopinioncommentary%2Dhed (Registration Required)
>
> ------------------------------------------------------------------------
>
> (5) CONGRESSIONAL PROPOSALS ON DRIVER'S LICENSES
>
> In May, Representatives Jim Moran (D-VA) and Tom Davis (R-VA) introduced the
> "Driver's License Modernization Act of 2002" (H. R. 4633). The bill would
> require states to turn the driver's license into a "smart card" by including
> a computer chip on each card. The chip would hold biometric data on the
> license or cardholder, such as fingerprint information. The chips would be
> based on private sector standards so that commercial vendors could utilize
> information and perhaps put their own data on the card. A program would be
> created to link state motor vehicle databases electronically. Each state
> would implement procedures for accurately documenting the identity and
> residence of an individual before issuing a license or card.
>
> This bill mirrors a proposals put forward by the American Association of
> Motor Vehicle Administrators (AAMVA) and the Progressive Policy Institute
> (PPI). Senator Richard Durbin (D-IL) is said to be drafting less ambitious,
> but similar legislation.
>
> The Moran/Davis "Driver's License Modernization Act of 2002" (H. R. 4633):
> http://thomas.loc.gov/cgi-bin/bdquery/z?d107:hr4633:
>
> AAMVA's "Special Task Force on Motor Vehicle Security" Executive Summary:
> http://www.aamva.org/IDSecurity/idsExecutiveSummary.asp
>
> The PPI's "Using Technology to Detect and Prevent Terrorism":
> http://www.ppionline.org/ppi_ci.cfm?knlgAreaID=124&subsecid=307&
> contentid=250070
>
> ------------------------------------------------------------------------
>
> Detailed information about online civil liberties issues may be found at
> http://www.cdt.org/.
>
> This document may be redistributed freely in full or linked to
> http://www.cdt.org/publications/pp_8.17.shtml.
>
> Excerpts may be re-posted with prior permission of ari@cdt.org
>
> Policy Post 8.17 Copyright 2002 Center for Democracy and Technology
>
> ---------------------------------------
> CDT Policy Post Subscription Information
>
> To subscribe to CDT's Policy Post list, send mail to majordomo@cdt.org In
> the BODY of the message type "subscribe policy-posts" without the quotes.
>
> To unsubscribe from CDT's Policy Post list, send mail to majordomo@cdt.org
> In the BODY of the message type "unsubscribe policy-posts" without
> the quotes.
>
> Detailed information about online civil liberties issues may be found at
> http://www.cdt.org/
>

[Shermy]

bump

[Eala]

From what we know, most of the hijackers were not using stolen, counterfeit or altered ID cards. Rather, they were using legitimate state driver's licenses or non-driver ID cards obtained from Department of Motor Vehicle (DMV) offices.

The first rule of any post-9/11 proposal to make us "safe" from a repeat ought to be: "Would it have prevented 9/11?"

The answer here is clearly, "No."

[backhoe]

Thanks!

[backhoe]

The first rule of any post-9/11 proposal to make us "safe" from a repeat ought to be: "Would it have prevented 9/11?"

That is the best, most telling single argument I can find. Unfortunately, we seem cursed with a herd that will trade freedom for security, and end up with neither...