Category Archives: ID Cards and Identification

Aluminum Foil Does Have Its Uses

Posted on November 19, 2005 by Michael Froomkin

Bruce Perens blogs a funny/sad incident involving Richard Stallman, WSIS, RFID and, yes, tin foil (well, aluminum foil, actually):

Richard is opposed to RF ID, because of the many privacy violations that are possible. It’s a real problem, and one worth lobbying about. At the 2003 WSIS in Geneva, there was objection to the RF ID cards that were used, resulting in a promise that they would not be used in 2005. That promise, it turns out, was not kept. …

You can’t give Richard a visible RF ID strip without expecting him to protest. Richard acquired an entire roll of aluminum foil and wore his foil-shielded pass prominently. He willingly unwrapped it to go through any of the visible check-points, he simply objected to the potential that people might be reading the RF ID without his knowledge and tracking him around the grounds. This, again, is a legitimate gripe, handled with Richard’s usual highly-visible, guile-less and absolutely un-subtle style of non-violent protest.

During his keynote speech at our panel today, Richard gave a moment’s talk about the RF ID issue, and passed his roll of aluminum foil around the room for others to use. A number of people in the overcrowded-to-the-max standing-room-only meeting room obligingly shielded their own passes. UN Security was in the room, not only to protect us but because of the crowd issue, and was bound to notice. Richard and I delivered our keynotes, followed by shorter talks by the rest of the panel and then open discussion.

… I was busy with the press for two solid hours. So, I didn’t see what happened with Richard. But a whole lot of the people in the room did, and stayed with Richard for the entire process.

Apparently, UN Security would not allow Richard to leave the room.

There’s lots of other funny/sad stuff in the whole post.

Ironically, this comes close on the heels of an MIT study showing that aluminum foil hats don’t actually work to block CIA mind rays but may amplify them.

Posted in ID Cards and Identification, Politics: Tinfoil | 1 Comment

Hazards of IDs: Price Discrimination

Posted on November 19, 2005 by Michael Froomkin

People often focus on the wrong things when worrying about ID cards. For me, one of the right things to worry about is price discrimination. Not necessarily the illegal sorts, like redlining, but the legal sorts, in which firms try to sort buyers by their ability to pay, or their intensity of preference. In economic terms, in some cases its an attempt to shift consumer surplus to producer surplus; in other cases it’s an attempt by a local monopolist to move the apparent supply curve. (I’ve discussed aspects of this problem in a number of articles, the most accessible of which is probably DeLong & Froomkin, Speculative Microeconomics for Tomorrow’s Economy.)

For a real-life example of the kind of price discrimination I mean, see Ed Foster’s Gripelog || Dell Has Three Prices For One Part.

Posted in ID Cards and Identification | 1 Comment

National ID Forum Underway

Posted on September 21, 2005 by Michael Froomkin

MIT’s online forum on the Real ID Act is underway. In an attempt to stir a little controversy, I just posted the following under the title ‘Consensus and Controversy’, which I reprint here for those not following along. While you’re welcome to comment here too, I urge those interested to Join the Real ID forum discussion.

Here are a few propositions that I think might form a basis for
going forward in reasoned debate.  (I of course welcome debate on
the accuracy of these propositions as well as the conclusions that
might flow from them)

Base propositions:

1.  A national ID is not the magic bullet that will make the
country safe from terrorism.   Given the very poor controls
we have on birth certificates at home (not to mention the impossibility
of relying on the quality control foreign credentials) it at most it
creates a speedbump for foreign terrorists who will need to get phony
versions of the credentials used as the basis for issuing the US ID.

2.  A national ID system cannot secure our borders.

3.  A national ID system can, however, assist in making illegal
immigration more unpleasant for immigrants by, for example, making it
more difficult to employ them.   All other things being
equal, this should reduce the incentive for that part of illegal
immigration driven primarily by economic considerations.

4. More generally, a national ID system has some substantial
potential to be the cornerstone of a national fraud-prevention
system.   

5. A national ID system potentially creates new avenues for super-fraud and highly effective identity theft.

6. A national ID system potentially creates new avenues for
governmental dossier creation on all citizens who use the national
ID.  These opportunities exist even if the system is not misused,
and are greater if it is misused.  As Lee Tien put it“‘national ID’ is not a card, but an entire system of databases, information gathering activities, and human beings making fateful
judgments about individuals based on that overall system.”

7.  A National Research Council report (“Who Goes There —
Authentication Through the Lens of Privacy”) noted
this:

Finding 6.5: State-issued driver’s licenses are
a de facto nationwide identity system. They are widely accepted for
transactions that require a  form of government-issued photo
ID.

Real ID substantially increases the likelihood
that driver’s licenses will become a defacto national ID for an even
greater range of offline and online transactions.

8.  The extent to which we reap the costs and benefits listed
above is very sensitive to how the system is actually
implemented.   For example, a well-implemented biometric
identifier makes fraud and identity theft more difficult, but also
makes it more devastating when it happens since people become more
reliant on the ID’s security (and it is hard to grow a new retina).

Am I correct that the above propositions are (in the abstract)
uncontroversial, and the controversy is in fact about how big and how
likely the positive and negative effects are, and how they compare to
each other?

Or, as Dan Combs put it in his contribution,

1. REAlID done right = good

2. RealID done wrong = very bad

3. The bar is high for such a system to be good.

        We aren’t close yet!

I will add the following personal observations, which I suspect might be more controversial than the above:

I.  For any ID system to be implemented competently (let alone in a fashion that inspires trust) supervisory authority must be taken out of the hapless Department of Homeland Security.

II.  For Real ID to be implemented competently it must have
federal funding rather than being left to the states as an unfunded
mandate.

III.  Real ID driver’s licenses are likely to become a de facto
national ID — much more than current driver’s licenses — not just
because of the federal pressure driven by national security needs (or
rhetoric) but also because of commercial pressure from a variety of
industries.

IV. The ID must be transparent — end users must be able to read everything coded on the ID itself. 

V.  If we are going to have a real or de facto national ID
card, all citizens must have a right to review and correct information
held on them in both public and private dossiers linked to the ID.

(For more about what I think, see my paper, The Uneasy Case for National ID Cards.)

Posted in ID Cards and Identification, Talks & Conferences | 3 Comments

MIT REAL ID Forum Online

Posted on September 19, 2005 by Michael Froomkin

I’m going to be participating in the MIT REAL ID online Forum this week, and you’re invited. Here’s the description sent out by co-organizer Daniel Greenwood, Lecturer, MIT Media Lab and Director of the MIT E-Commerce Architecture Program:

Your digital identity and physical identity may be about to merge under a new federal law that requires a standard federally controlled identity card. You are invited to participate in the first Real ID Forum, convened by the MIT Media Lab and MIT E-Commerce Architecture Program. The Real ID Act of 2005, as enacted by Congress and signed by the President, sets up a new federally controlled driver license that can be read by computers according to common national standards. This raises many public policy, technical and business problems and prospects. The act is binding starting in less than three years.

The first forum is on online discussion, facilitated by experts in the relevant fields, and taking place from Monday, September 19th at 3pm Eastern Time through Friday, September 23rd. Is the Real ID going to be a National Identity for the USA? Does it represent the ultimate convergence of physical identity cards and your digital log in? Are the privacy, civil liberties and administrative issues addressed adequately? How should the various competing interests surrounding implementation of the Real ID Act be balanced? These are among the questions that will be addressed in the online Forum. There will also be a face to face meeting, held at the MIT Media Lab in November, 2005. To find out more information and to register for this free program, please see http://ecitizen.mit.edu/realid.html

The tracks and moderators include:

Track 1. Real ID And National Convergence of Physical and Digital Identity (facilitated by Dan Combs, President of Global Identity Solution)

Track 2: The Need for a Secure Driver License (facilitated by Colleen Gilbert, Executive Director, Coalition for a Secure Driver’s License)

Track 3: The Need for Privacy and Civil Liberties (facilitated by Lee Tien, /Senior Staff Attorney, /Electronic Frontier Foundation)

Track 4: Practical Implementation Issues (facilitated by David Lewis, Former CIO, Massachusetts and President of American Association of Motor Vehicle Administrators)

Track 5: Balancing Interests Going Forward (facilitated by Professor Michael Froomkin, University of Miami School of Law)

In addition, there will be a section of the web site called What is Real ID? This is where we’ll house the background information on the Act itself.

While you are encouraged to register and participate from the start of this event, we will be accepting new participants throughout the week. Again, to find out more information and to register for this free program, please see http://ecitizen.mit.edu/realid.html. We sincerely hope you will join us for this important and timely event.

My track won’t actually get under way until Wednesday, but it all promises to be interesting and informative.

Posted in ID Cards and Identification, Talks & Conferences | 1 Comment

“The cutest puppy pianist on the planet”

Posted on July 8, 2005 by jon

The recent bombings presumably will only strengthen the British government's current effort to mandate national ID cards. The good people at eclectech, though, have now brought us the ultimate musical (and flash) commentary on the UK's national ID card effort:The Very Model of a Modern Labour Minister. Go there now.

Posted in ID Cards and Identification | Comments Off on “The cutest puppy pianist on the planet”

Stefan Brands’s “Identity Corner”

Posted on February 3, 2005 by Michael Froomkin

The Identity Corner is a new blog by Stefan Brands, who is one of the top applied cryptographers in the world, yet also a very fluent writer on the social policy implications of cryptographic systems.

Brands's book, Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy remains one of the best works on digital certificates and the policy questions that surround them.

I'm sure this will be interesting for anyone who cares about the technological version of 'identity politics'.

Posted in Blogs, ID Cards and Identification | 7 Comments