Not Letting Chips Follow Where They May
It begins with a computer chip that can pick up and transmit an electronic signal. When stuck to a new television or a car traveling a FasTrak toll lane, it instantly transmits the TV’s model or the driver’s identification.
Businesses believe it will revolutionize the way items are tracked from warehouse to checkout. Even the Department of Defense manages supply lines with the technology.
But should government use this radio-frequency identification to track people too?
Some California lawmakers don’t think so and have supported a bill to ban certain uses. Unlike driver’s licenses and bank cards with magnetic stripes, cards with radio-frequency technology would not have to be individually swiped through a machine to release their information. They could be read from afar -- without the owner’s knowledge.
That’s why Sen. Joe Simitian (D-Palo Alto) thinks the technology should never be used for forms of identity that everybody must carry. His bill, SB 682, would ban state and local governments from including the “contact-less” electronic tags in driver’s licenses, student ID cards, health insurance cards and public library cards.
The legislation is the first of its kind in the nation and runs counter to a U.S. State Department plan to put such electronic tags in passports beginning this year. Privacy rights activists back the legislation, saying they can foresee the technology’s use by thieves to steal people’s identities, by terrorists to target Americans, by stalkers to track victims or by the government to take names at political events.
Other supporters of the bill include AARP, Consumer Federation of California and the California Alliance Against Domestic Violence.
The technology consists of a computer chip with an antenna energized by radio waves emitted by a reader. The chips can be scanned from several feet away and through a wallet or purse, depending upon the strength of the electronic reader, which can be purchased for a few hundred dollars.
“The government shouldn’t be forcing people to carry documents that are going to broadcast their identity,” said Nicole Ozer, technology policy director with the Northern California chapter of the American Civil Liberties Union, a sponsor of Simitian’s bill.
The bill passed the Senate last month with bipartisan support and no industry opposition. But the electronics industry -- a leading employer in Simitian’s Silicon Valley district -- has lately become aware of the bill and has begun lobbying against it, fearing that it would complicate the technology’s development. Manufacturers say there are simple ways to encode the data emitted by the tags to prevent abuse, and they call Simitian’s bill a Luddite response to a useful technology.
“We want legislators to legislate behavior and not the technology,” said Timothy Heffernan, spokesman for Symbol Technologies Inc. of New York. He compared fears of radio-frequency identification to concern in the mid-1970s that Uniform Product Code bars on grocery store items would be used to mislead consumers.
Last week a coalition including the American Electronics Assn., Kimberly-Clark Corp., Oracle Corp., Texas Instruments and Philips Electronics wrote Simitian to oppose the bill.
They called it an “overbroad assault on the technology.”
“The approach SB 682 takes to public policy is deeply flawed,” they wrote, “as it will produce law that will necessarily prohibit current and future beneficial uses and innovations not yet known to the Legislature -- innovations that will save time, save money, and most importantly, save lives.”
The federal government appears far less concerned than California lawmakers about abuse of radio-frequency identification technology. A recent General Accounting Office report shows widespread use or planned use of the technology within the federal government, including the Department of Labor tracking case files and the Environmental Protection Agency tracking radioactive materials.
Kelly Shannon, spokeswoman for the State Department’s Bureau of Consular Affairs, said the radio-frequency ID planned for new passports won’t be readable from more than 4 inches away and will include a cover with metallic fibers that block radio waves.
The State Department is evaluating whether to require encryption, she said, but no decision has been made.
Simitian’s bill was inspired by the little town of Sutter, 40 miles north of Sacramento, where parents erupted in protest this spring after an elementary school issued radio-frequency ID badges to every student and installed readers in classroom doorways to help teachers take attendance.
“You want to track cans of soup, fine. You want to track cattle, fine. You want to track elementary school students, not so fine in my opinion,” said Simitian.
Originally, his bill would have banned state and local governments from mandating the use of such identity cards except at highway toll booths, in prisons and for young children in government hospitals.
But with the electronics industry weighing in and the bill facing a vote Tuesday in the more business-friendly Assembly, Simitian revamped his bill.
Rather than an across-the-board ban, the amended bill would forbid state and local governments from mandating radio-frequency ID technology in driver’s licenses and in student ID, health insurance and public library cards. The bill would not limit private industry use of the technology.
With a few exceptions, governments could use the technology in other forms of identification so long as they included at least three protections, stipulated in the amended bill:
* They must make sure the information is disguised with a unique identifier. A person’s name, address and birth date, for example, would be represented by a number.
* State and local governments would have to encrypt that unique identifier or scramble it in some way so that only a person with a code could link the identifier with the original information.
* The cards must not transmit information to a reader until the machine verifies, perhaps using a secret password, that it is authorized to accept the data.
The electronics industry still opposes the bill, despite the amendments, although it supports a provision that would make unauthorized scanning of an identity card a crime.
Paul Nicholas Boylan, an attorney and legislative director for InCom Corp., the Sutter-based company that manufactured the elementary school ID badges, said that if Simitian’s bill became law, it would ruin the firm because most prospective clients are in California.
Boylan called Simitian’s fears of privacy invasion legitimate but misplaced.
The student badges, he said, release no names but instead a 16-digit number unique to each student. The electronic reading of those badges, as children file into a classroom, saves teachers time, ensures an accurate attendance -- upon which school funding depends -- and alerts administrators quickly when a child is missing, said Boylan.
“This bill doesn’t make one kid safer, doesn’t make anyone more private,” he said. “Kids are being tracked right now. It’s called attendance.”
