Advertisement

Federal ID Act May Be Flawed

The new law could actually increase the risk of a person's identity being stolen, critics say.

May 31, 2005|Joseph Menn | Times Staff Writer

A federal law designed to make it harder to assume someone else's identity may instead have the opposite effect, critics of the measure say.

The Real ID Act, attached to a crucial bill for military spending and tsunami relief that was signed by President Bush on May 11, sets new rules for issuing driver's licenses and requires states to share electronic access to their records.

The standards are intended to weed out impostors applying for licenses, in part by requiring state employees to check on the validity of birth certificates and other supporting documents. After states adopt the necessary changes, anyone applying for or renewing a license will get one reflecting the new standards.

But once the law takes full effect three years from now, it will also give many more bureaucrats access to personal information on people nationwide. And it will add more data to each file -- including digital copies of documents with birth and address information.

To some industry experts and activists concerned about the fast-growing crime of identity theft, putting so much data before more eyes guarantees abuse at a time when people are increasingly concerned about who sees their personal information and how it gets used.

"It's a gigantic treasure trove for those who are bent on obtaining data for the purpose of creating fake identities," said Beth Givens of the nonprofit Privacy Rights Clearinghouse. Armed with a stranger's name, Social Security number and date of birth, it's not hard for fraudsters to take out bogus loans that can wreck a victim's credit record.

The new licenses themselves must contain some data -- as yet unspecified -- that can be scanned electronically by a device like a credit card reader. Virtually all states make machine-readable cards now, but they use differing technologies.

Critics predict the standardization will prompt many more merchants to scan customer licenses and then pass on the information to such data brokers as ChoicePoint Inc. and LexisNexis. The databases of both ChoicePoint and LexisNexis have been exploited by identity thieves.

"There's no data-protection law, so it can be sold to companies like ChoicePoint," said Bruce Schneier, the author of several books on security technology. "It would be silly not to, since it's a revenue stream."

The concerns of privacy advocates got little airing before the bill became law, and some are already working to overturn it with new legislation of their own.

Debate on the measure was sharply limited by political maneuvering, and other issues raised by the act drew more fire. Greater attention went to the bill's changes in the procedures for people requesting political asylum, its treatment of other immigrants, and what some decried on civil liberties grounds as a move toward a national identification card.

But the more basic provisions in the law might have the most profound effect on ordinary Americans already beset by a rising tide of identity theft and related credit card fraud.

"We will have all this information in one electronic format, in one linked file, and we're giving access to tens of thousands of state DMV employees and federal agents," said American Civil Liberties Union Legislative Counsel Timothy Sparapani.

Others opposed to the bill include the American Conservative Union, the National Organization for Women and the National Governors Assn., which objects to the required increases in state spending.

The bill was introduced by House Judiciary Committee Chairman F. James Sensenbrenner Jr. (R-Wis.), following a recommendation of the 9/11 Commission that the country strengthen its means for identifying people. Noting that some of the 9/11 hijackers held fraudulent papers that helped them rent cars and board planes, the panel wrote that "sources of identification are the last opportunity to ensure that people are who they say they are."

Commission member Slade Gorton said the act fulfilled the group's objective.

Even some who fault other provisions of the law, including a national group of state driver's license officials, agree that it soon will be harder for impersonators to get licenses.

Just the new mandatory background checks on DMV employees "can make a huge impact," said Jason King, a spokesman for the American Assn. of Motor Vehicle Administrators.

But others say that merely making licenses harder to obtain raises a new set of problems. Among them: While trust in the new cards will be higher, fraud won't be eliminated completely. Applicants still aren't required to produce a photo ID to get a license, and foreign passports -- available in some countries for cash under the table -- are acceptable as proof of identity.

Real U.S. birth certificates, another common proof of identity, can be sent to the wrong person after a modest amount of subterfuge, said Joseph Eaton, an emeritus professor at the University of Pittsburgh and author of a 2003 book arguing in favor of a national ID.

Advertisement
Los Angeles Times Articles
|
|
|