Privacy Digest

Homeland Security dismisses Real ID privacy worries | CNET News.com: "ARLINGTON, Va.--A senior U.S. Department of Homeland Security official on Wednesday said he finds privacy concerns prompted by the proposed Real ID regime puzzling.

Stewart Baker, the department's assistant secretary for policy, said a forthcoming system of uniform national identification cards will not put more personal information into the hands of motor vehicle administrators or result in a massive centralized database that's more susceptible to hackers.

In fact, Baker said, the controversial law will improve Americans' privacy. 'You can never foresee the future, but every indication is that Real ID is actually going to make it less easy for people to engage in identity theft,' Baker told the Homeland Security Data Privacy and Integrity Advisory Committee at its quarterly public meeting here.

Real ID has been a target of criticism since Congress enacted it three years ago as part of an 'emergency' Iraq spending bill. Although Homeland Security has tried to defuse criticism by extending deadlines, the law still requires states to reconfigure their drivers licenses and share data. If they don't agree to comply by this October, their citizens won't be able to use their driver's licenses to board planes or enter federal buildings starting on May 11, 2008.

Baker said the process is privacy-protective because it will require Americans to produce legal documents like birth certificates, whose authenticity will be verified, before they can receive a card that meets Real ID protocol. That approach would allow, for instance, airport officials to be more confident in the identity of travelers when it comes time to check them against government watch lists, Baker said.

Some states, including Maine, have rejected Real ID on cost grounds, however, and privacy advocates worry about what will happen to data on the IDs' mandatory bar code when it is scanned by banks, bars and other businesses. DHS ruled earlier this month that the data will not be encrypted because of 'operational' concerns, such as police being able to easily scan the data from the backs of licenses during traffic stops.

Baker said Wednesday that the department would consider requiring encryption as it writes the final rules, but added: 'If you impose encryption requirements that make that exchange of information difficult, you're undermining, not improving, security associated with driver's licenses, we don't want to do that.'"