Federal rules adopted for electronic U.S. passports
RFID-equipped passports will be issued starting in December
October 27, 2005 12:00 PM ETComputerworld -
The U.S. State Department has approved new rules that pave the way for the use of RFID-equipped electronic passports beginning in December -- despite concerns about privacy issues raised by the new technology.
The rules went into effect Tuesday and call for the inclusion of several security measures to protect passport holders from data theft, according to the agency. One method will prevent data on the built-in radio frequency identification tag from being "skimmed," or captured from afar by using a special material on the passport cover that blocks the data from being read by unauthorized equipment.
In August, the State Department announced that the electronic passport program will begin in December for government workers who have "official" or "diplomatic" passports, and will be fully rolled out by next October for all U.S. citizens (see "Electronic U.S. passports coming in December").
The use of electronic passports is designed to enhance document and border security and to make identification for international travel easier and more secure for U.S. citizens, the department said.
During a public comment period earlier this year, the agency received 2,335 messages, with more than 2,000 of them from critics concerned about data integrity, data theft and privacy.
Marc Rotenberg, executive director of the Washington-based Electronic Privacy Information Center, said the latest rules are an improvement over the State Department's original plans. Rotenberg said the main privacy worry centered around the possibility of RFID tag skimming. "This is improved. It's certainly better than it was earlier this year," he said.
He cautioned that the government could still one day use RFID-equipped passports to track passport holders in various locations -- even when they are not crossing national borders. "With RFID, you create the risk of remote identification, where people don't know their identification information is being collected," Rotenberg said.
The new rules reflect and incorporate those comments by building in safeguards to protect the passport information, according to the State Department. To combat data theft, the passport RFID chip must be held within about four inches of a special reader and the passport cover must be open.
The agency also noted that the RFID chips are not the same as those used for warehouse inventory tracking over larger distances and will not permit "tracking" of individuals. "It will only permit governmental authorities to know that an individual has arrived at a port of entry -- which governmental authorities already know from presentation of nonelectronic passports -- with greater assurance that the person who presents the passport is the
Privacy
Additional Resources



White Papers & Webcasts
Accelerating Your Mobile Workers: Controlling the Uncontrollable
Today's workforce is truly mobile. Unlike the managed environment of the office LAN, remote users face many challenges to being productive while out...
eGuide: Enterprise Security
Smart Security Strategies for 2010. Read now!
Managing Laptops Outside the Office
Learn how you can reduce costs by tracking mobile computers no matter where they are located.
How to Improve Remote User Satisfaction and Maximize ROI by Using SSL VPNs
Download this white paper today!
Mobile U Webinar
Watch Now!
The New Mobile Order
Download Now
4G Ahead Video Program
Uncover the features and benefits of the two leading 4G technologies for enterprises considering future deployment.
WAN Application Delivery for Executives
Learn how to simplify server and application administration without creating performance problems for distributed users.
Horror stories: Managing IT Across Multiple Locations
How one extra sharp IT manager eliminates daily agony, hassle and repetition.

