Welcome to Talking Justice Sign in | Join | Help
in
Justice Talking About All Blogs Today's Blog Forums
The Center for Democracy and Technology works to promote democratic values and constitutional liberties in the digital age. With expertise in law, technology, and policy, CDT seeks practical solutions to enhance free expression and privacy in global communications technologies. CDT is dedicated to building consensus among all parties interested in the future of the Internet and other new communications media.

About Leslie Harris
Leslie Harris joined the Center for Democracy and Technology in the fall of 2005 and became Executive Director at the beginning of 2006. Ms. Harris brings over two decades of experience to CDT as a civil liberties lawyer, lobbyist, and public policy strategist Her areas of expertise include free expression, privacy and intellectual property. Ms. Harris is a recognized expert on Internet and technology policy, and she writes and speaks frequently on these subjects. Ms. Harris has served in leadership positions in the American Bar Association, including as the Chairperson of the Section on Individual Rights and Responsibilities. For many years, she served as the Co-Chair of the CDT Public Interest Advisory. She currently serves on the Board of the Health Privacy Project. Ms. Harris received her law degree cum laude from the Georgetown University Law Center and her BA at the University of North Carolina at Chapel Hill, where she graduated Phi Beta Kappa.

The Boiling Frog Factor of REAL ID

Three years after the REAL ID Act, the government's driver's license reform program, became law, the Department of Homeland Security has finally issued its rules for implementing the Act.

Sadly, the rules raise more questions than provide answers.  Given the longstanding opposition of many states, it appears that DHS’s first order of business was to diffuse that opposition. Rather than requiring states to implement the Act now, the final rule pushes back full implementation until 2017; however, citizens born after Dec. 1, 1964 will have to start using the REAL ID card by Dec. 1, 2014.

That stretches out implementation over the next six to ten years and leaves many of the hard decisions to the states. What is worse, the rule punts on the privacy issue, saying only that the creation of REAL ID cards should follow a set of "best practices" solutions, which the states are in no way obligated to follow. With the slower rollout, the impact on American’s privacy will be more difficult to track. Like the proverbial frog in boiling water, we may not fully feel the loss until it’s too late.

One of the biggest concerns that we at the Center for Democracy & Technology have about the Act is the strong possibility that Real ID will be implemented using a centralized database to house personal information collected in the course of creating these cards. 

But don't look for the phrase "create a centralized database” in the final regulations, it isn't there.  However, when you drill down into the tedious government prose it's clear that DHS strongly supports creating a “hub” IT infrastructure.  This plan leverages the architecture of the existing commercial driver’s license database, which is centralized and accessible by all 50 states, as a model for setting up the information infrastructure of REAL ID.

A centralized database, containing the personal, private data on hundreds of millions of Americans, would create a tremendous security risk, a mother lode for identity thieves, terrorists and all manner of computer criminals. 

At the same time, citizens—starting with those under 50—will be required to present an easy to read Real ID with an insecure, unencrypted standardized barcode for a variety of federal purposes. And it won’t take long before the states and many commercial entities start to demand the REAL ID card for a variety of other purposes, repopulating personal data in a variety of databases.

So now the troubled legacy of this Act will shadow the next administration.  And in that, there may be flicker of hope.  With a little White House muscle, and a shot of political will from a newly minted Congress, perhaps REAL ID can be repealed and a sensible plan for driver’s license security be enacted in its place. Then we can turn our gaze once again to the horizon, searching for new solutions that don't erode privacy and shred civil liberties in the name of national security.


Published Monday, January 14, 2008 10:40 AM by Leslie Harris

© Leslie Harris/Center for Democracy and Technology. All rights reserved.

Anonymous comments are disabled. Click "Join" at top-right to add comments.

Closed to Comments

Note: Justice Talking ceased production on June 30 of 2008. The Talking Justice blogs and forums are provided as a read-only resource for historical interest only. Commenting on blog posts has been suspended.

All opinions expressed are those of the author. The Annenberg Public Policy Center makes no claim as the the accuracy of claims or continued availability of any third party web links found on this site.

This Blog

Select Blog by Day

Syndication

Groups

©2009 Trustees of the University of Pennsylvania unless otherwise noted.