Federal rules adopted for electronic U.S. passports
RFID-equipped passports will be issued starting in December
Computerworld - The U.S. State Department has approved new rules that pave the way for the use of RFID-equipped electronic passports beginning in December -- despite concerns about privacy issues raised by the new technology.
The rules went into effect Tuesday and call for the inclusion of several security measures to protect passport holders from data theft, according to the agency. One method will prevent data on the built-in radio frequency identification tag from being "skimmed," or captured from afar by using a special material on the passport cover that blocks the data from being read by unauthorized equipment.
In August, the State Department announced that the electronic passport program will begin in December for government workers who have "official" or "diplomatic" passports, and will be fully rolled out by next October for all U.S. citizens (see "Electronic U.S. passports coming in December").
The use of electronic passports is designed to enhance document and border security and to make identification for international travel easier and more secure for U.S. citizens, the department said.
During a public comment period earlier this year, the agency received 2,335 messages, with more than 2,000 of them from critics concerned about data integrity, data theft and privacy.
Marc Rotenberg, executive director of the Washington-based Electronic Privacy Information Center, said the latest rules are an improvement over the State Department's original plans. Rotenberg said the main privacy worry centered around the possibility of RFID tag skimming. "This is improved. It's certainly better than it was earlier this year," he said.
He cautioned that the government could still one day use RFID-equipped passports to track passport holders in various locations -- even when they are not crossing national borders. "With RFID, you create the risk of remote identification, where people don't know their identification information is being collected," Rotenberg said.
The new rules reflect and incorporate those comments by building in safeguards to protect the passport information, according to the State Department. To combat data theft, the passport RFID chip must be held within about four inches of a special reader and the passport cover must be open.
The agency also noted that the RFID chips are not the same as those used for warehouse inventory tracking over larger distances and will not permit "tracking" of individuals. "It will only permit governmental authorities to know that an individual has arrived at a port of entry -- which governmental authorities already know from presentation of nonelectronic passports -- with greater assurance that the person who presents the passport is the legitimate holder of the passport," according to the
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
Red Hat Enterprise Linux - The Original Cloud Operating System
Linux adoption is growing against a number of measures, such as the
number of supercomputers that run Linux and the size of the contributing...
- OpenStack Hype vs. Reality: CIO Quick Pulse Open-source architecture can enable IT departments to build infrastructure-as-a-service (IaaS) clouds running on standard hardware.
- Building a Bridge to the Next Generation Data Center Selecting a widely adopted operating system is a foundational component of a standardization strategy.
- OpenStack and Red Hat: IDC White paper Most OpenStack deployments are by public cloud providers that are early adopters of technology and use OpenStack in a do-it-yourself deployment and support...
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- Webinar: Building a Big Data solution that's production-ready Big data solutions are no longer just a nice-to-have. All Privacy White Papers | Webcasts