Scanning through a couple articles in today's ComputerWorld email and hit this one about the Senate passing a bill for electronic ID's. While I at least try to keep politics out of my blog and most of my dealings at work, this one struck me both on a political level, a homeland security level, and a technological level.

 

Part of their reasoning is that it would make it harder for terrorists to come through the US borders, BUT, it is not mandated until May 2008. That gives anyone about three years to set up shop and work around it...IMHO, a bit too long to let folks get set up to work around something they know is coming.

 

While I’m not necessarily opposed in this case, I do think that if they were to put RFID tags in the cards, it really would be a step toward “Big Brother”. RFID bulk scanners could be placed anywhere and tracking movement of individuals would become a closer reality. The average person that occasionally touches on the gray fringes of law (buys some pot, pays for sex, etc.) would not be immediately affected (and they could just leave their “Real ID” at home negating the RFID tracking possibility). Real criminals also would not be affected as there are means of jamming the RFID as well as (fairly easily) spoofing them (send a different number out).

 

I personally would much rather see a smartcard that has a chip that can be scanned when I seek a service (flying on an airplane) or where I’ve been lawfully detained (arrested for drunk driving). Using current technology they could include features that would make the card just about fool-proof…you still would have the corrupt official at the license department to worry about, but even that avenue would be limited as you could include in the card database a tracking of every official that was involved in generating a particular card…once you find a bad egg, you could but out a revocation of all the cards they “touched” along with a “level” of revocation…if you caught someone selling fake ID’s for kids to buy liquor, you wouldn’t want to make everyone who’s card he touched instantly unusable for travel, but you might want to do just that if you found someone selling to a terrorist cell.

 

There is also technology available, that could be included and encrypted for verification by law enforcement, to make sure that the person using the ID is indeed the person it was issued to. Face characteristic matching, fingerprints, perhaps in the future even DNA profiles (today they just take to long to make it worth doing...contrary to what you see on CSI, a real DNA match takes weeks or months) could be used on the cards to ensure the user of the card matches the person it was issued to.

 

I’m at least glad to see that they are “marketing” this more as prevention for illegal immigration than as a stop for terrorists entering and moving about the country…it will do the former but will do little to alleviate the latter. Now if we could just get our government to do the same type of due diligence that we expect from business…bring in experts in this technology so we can get a system that is usable and practical while limiting the “big brother” invasion of privacy aspects the first time rather then waste a lot of money on a system that does little more than invade privacy and cause more pain for folks that want to do a bit of traveling.