EPIC takes aim at legislation affecting privacy

Computerworld - A privacy watchdog group is raising objections to a law that governs how financial institutions can use personal information, and to a bill in the U.S. House that calls for a national driver's license using biometric markers such as iris scans.

The Washington-based Electronic Privacy Information Center (EPIC) filed objections (download PDF) to the Gramm-Leach-Bliley Act with the U.S. Treasury Department and also said it opposes legislation calling for a national driver's license. Both measures hurt the cause of personal privacy, the group said.

EPIC staff counsel Mikal Condon said her group's problems with Gramm-Leach-Bliley, which governs how and when financial institutions can use personal information, can be summed up in two words -- opt out.

The act, passed by Congress a year ago, forces consumers to essentially ask financial institutions not to use their personal data through an opt-out clause, Condon said. EPIC joined the Privacy Clearing House, U.S. PIRG and Consumers Union in filing objections to the law as part of a one-year review required by the law. The groups want to see the law changed to opt in, which means financial institutions wouldn't be able to use personal information unless consumers permitted it.

Condon said that industry has been lobbying heavily in Washington in favor of opt out and that EPIC and the other groups felt compelled to submit their objections, if only to have them on the public record.

In the meantime, EPIC has joined the fight against a bill filed by two Virginia congressmen, U.S. Reps. Jim Moran, a Democrat, and Tom Davis, a Republican. The bill calls for the creation of a uniform driver's license for all 50 states and the District of Columbia that would contain a biometric marker, such as a retinal scan or a fingerprint, encoded in a chip. The bill is at least the second piece of legislation calling for some authentication in driver's licenses (see story).

"We're arguing that it is creating a national ID system," said EPIC legislative counsel Chris Hoofnagle.

Moran dismissed critics who said the license bill would create a national ID. "I don't think, personally, it is a terrible idea," Moran said. "But it doesn't do that."

Moran said the license wouldn't be tied to a federal database, although states would be able to share information among themselves and law enforcement.

But Hoofnagle said sharing information with law enforcement will lead to federal intervention. He said he didn't buy the argument that it wasn't a federal program.

"I am kind of perplexed by their argument,"