Privacy advocates are making a last-ditch effort to muster public opposition to the controversial Real ID bill, which proposes to create a national US standard for issuing state drivers' licences and other forms of state-issued identification.
A broad coalition of more than 40 organizations has launched a national campaign urging the public to submit comments to the US Department of Homeland Security (DHS) expressing opposition to Real ID.
The deadline for submitting comments on a set of draft regulations for implementing Real ID is May 8. Those regulations were released by the DHS in March.
"Basically this large coalition is trying to solicit public comment to stop the national ID system created by the Real ID Act," said Melissa Ngo, senior counsel for the Electronic Privacy Information Center (EPIC), a US-based privacy group. "There already is a large groundswell of public support against this national ID program. What we are trying to do is rally the public. They didn't get a chance to speak out when Real ID was pushed through Congress attached to a military funding bill."
The Real ID Act of 2005 was passed as part of a wider effort to combat terrorism. It establishes certain minimum national standards that states must use when issuing drivers' licences and other forms of identification. This includes a photo ID, documentation of birth date and address, proof of citizenship or immigration status and verification of Social Security numbers. States are required to hold digital images of each identity document for periods ranging from seven to 10 years. The cards themselves will include all of the standard elements found on most drivers' licences today and will be machine-readable to allow for the easy capture of information from the card.
Under the Act, all state driver's licence databases would be linked, with shared access across them. The system will allow information in a person's record in any state to be accessible by officials in other states and by the federal government. The database could include images of birth certificates, marriage licences, Social Security numbers, divorce papers and other information used to issue state identification cards.
Though states are not required to issue Real ID cards, individuals would need Real ID-compliant cards for air travel or for getting into federal buildings such as courthouses and nuclear facilities - even for receiving federal benefits such as Medicaid or Social Security.
"Make no mistake, this is a national identification system that will affect your everyday life" and could eventually be used for a wider range of purposes than the DHS has stated, Ngo said.
The act substantially changes how drivers' licences are issued and used, said Pam Dixon, executive director of the World Privacy Forum, a US-based advocacy group.
"The biggest difference is that a licence will be linked to a centralized database" accessible from anywhere, Dixon said. The sheer size of the database, the kind of information it will contain and the number of access points it offers make it more susceptible to security threats, she said. But the DHS has set no minimum privacy or security safeguards to protect the data from external or internal compromise or misuse, she said.
"The stated goal of this system is to make the country more secure, but no studies have been done to really substantiate that," Dixon said. "This has been done backwards. We need a vigorous national debate on this," she said.
Machine readable drivers' licences and identity cards that are linked to a central access point raise privacy implications for library users, said Tara Olivero, assistant director of government relations at the American Library Association. "[Real ID] would create a national database of information," she said. "We are concerned that the data could be used for purposes that were never intended such as profiling and even surveillance. All of us are for the security of the community and we are all aware of the new threats. We are a smart and innovative group of individuals in this country. We can develop new security that also protects privacy and civil liberties."
The Act would also result in significant administrative burdens and expenses for state governments, which will need to update driver's licence issuing processes and systems, she said.
Montana, Maine, Idaho, Arkansas and Washington have already said they will not issue Real ID cards as defined by the DHS. Several members of Congress have also expressed their opposition to the bill. Senators Daniel Akaka and John Sununu in February introduced a proposal called the Identification Security Enhancement Act of 2007 that would fix some of the shortcomings in the Real ID Act. The bill's co-sponsors include Senators Patrick Leahy and Jon Tester.
Meanwhile, Tom Allen introduced similar legislation in the House in February. His bill, the Real ID Repeal and Identification Security Enhancement Act of 2007, seeks to address some of the concerns raised about the Real ID Act.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.