DHS privacy committee joins Real ID opposition
It's concerned about costs, privacy and data security
Computerworld - A privacy committee of the U.S. Department of Homeland Security (DHS) has joined a growing chorus of voices opposed to the controversial Real ID bill, which proposes to create a national standard for state driver's licenses and other forms of state-issued identification.
In comments submitted to the DHS earlier this week, the department's own Data Privacy and Integrity Advisory Committee called the Real ID Act "one of the largest identity management undertakings in history" and said it raises serious privacy, security and logistical concerns.
"These include, but are not limited to, the implementation costs, the privacy consequences, the security of stored identity documents and personal information," the committee noted. It also cited other concerns such as mission creep, redress and fairness issues.
The committee was commenting on a set of draft regulations that the DHS released in March for implementing the requirements of the Real ID Act. The deadline for submitting public comments was Tuesday.
The Real ID Act of 2005, passed as part of a wider effort to combat terrorism, sets minimum national standards that states must use when issuing driver's licenses and other forms of identification. This includes a photo ID, documentation of birth date and address, proof of citizenship or immigration status, and verification of Social Security numbers.
States are required to hold digital images of each identity document for between seven and 10 years. The cards themselves will include all of the standard elements found on most driver's licenses today and will be machine-readable to allow for the easy capture of information from the card.
As proposed, the Real ID Act is scheduled to go into effect starting May 2008.
States are not mandated to issue Real ID cards. However, individuals would need Real ID-compliant cards for air travel or for getting into federal buildings, such as courthouses and nuclear facilities, or for receiving federal benefits. Under the act, all state driver's license databases would be linked with each other in one system with shared access.
The proposal to issue Real ID cards has provoked a firestorm of protest from several quarters. Much of the concern stems from fears that the card would become a de facto national ID system that would be hard to manage and even harder to secure. There are also fears that the cards could eventually be used for a wide set of purposes -- including surveillance by the U.S. government.
The DHS committee comments echoed those concerns. The DHS draft regulations, for instance, make no mention of a comprehensive plan for securing the stored identity data that states around the country could use. Neither is there any mention of specific steps that states need to take to prevent the unauthorized access of information from the machine-readable strips on the back of the proposed cards, the committee said.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
Red Hat Enterprise Linux - The Original Cloud Operating System
Linux adoption is growing against a number of measures, such as the
number of supercomputers that run Linux and the size of the contributing...
- OpenStack Hype vs. Reality: CIO Quick Pulse Open-source architecture can enable IT departments to build infrastructure-as-a-service (IaaS) clouds running on standard hardware.
- Building a Bridge to the Next Generation Data Center Selecting a widely adopted operating system is a foundational component of a standardization strategy.
- OpenStack and Red Hat: IDC White paper Most OpenStack deployments are by public cloud providers that are early adopters of technology and use OpenStack in a do-it-yourself deployment and support...
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- Webinar: Building a Big Data solution that's production-ready Big data solutions are no longer just a nice-to-have. All Privacy White Papers | Webcasts