ACLU Comes Out Against National ID Cards

<http://thehill.com/homenews/senate/95235-democrats-spark-alarm-with-call-for-national-id-card>

just wow.

I have a SSN card that was required before I could work. The Federal Government holds this information.
I have a drivers license that was required before I could drive. My State Government holds this information.
I have numerous credit cards that required me to provide more information about myself than I was comfortable with. Private corporations hold this information.
I also have numerous identity issues spread all over the web.
Is this already enough to compromise my privacy?
How will it affect me to have a National Identification Card?
Could such a card be a step toward consolidating my personal information into a more controllable data base?
Controlled by who?
Would I be safer as I travel the world knowing such identity assurance was in place?
How easy will it be to scam the system and produce counterfeit identifications?

I have no problem with having an SSN. But it should be a felony to request your SSN for anything beyond the administration of the Social Security program.

I do not support having driver's licenses as a form of identification. I'm not certain if I support the idea of licensing, but if it has to exist it should be done in a way that does not create a de facto form of identification.

here can be identified. I lean Libertarian on issues
like this usually but common sense wins. You will always
be chasing ghosts and constantly fighting over Immigration
until there is a system of identification.

To do this it might best to just offer the pathway to citizenship
and Amnesty for those here now. Then say that is it
and have ID Cards.

What gets me -- Are there people naive enough to believe
the ID card gives the government more access to you.
Believe me, if you are important enough the Government
already knows everthing they want to know about you.
I am not being paranoid -- just realistic.

Making the ID card a boogey man stops Immigration Reform
and keeps it a political issue to be fought out each election.
Perhaps that is what people really want.

OTOH, if I don't get one, could I get deported? Cause I'm too old to emigrate as a highly skilled worker. Perhaps this would be my ticket to a place with health care and fair labor laws for its citizens.

people realize this is an enhanced social security card, right? Yes, you already have a national ID.

I figured I'd point this out.

September 2003

Introduction

Among the many reactions to the September 11 tragedy has been a renewed attention to biometrics. The federal government has led the way with its new concern about border control. Other proposals include the use of biometrics with ID cards and in airports, e.g. video surveillance enhanced by facial-recognition technology.

The purpose of this document is to sketch out EFF's concerns about biometrics. In today's public arena, biometric technologies are being marketed as a "silver bullet" for terrorism; however, very little independent, objective scientific testing of biometrics has been done. Deploying biometric systems without sufficient attention to their dangers makes them likely to be used in a way dangerous to civil liberties. This document is very much a work in progress and we welcome comments.

What Are Biometrics?

Biometrics refers to the automatic identification or identity verification of living persons using their enduring physical or behavioral characteristics. Many body parts, personal characteristics and imaging methods have been suggested and used for biometric systems: fingers, hands, feet, faces, eyes, ears, teeth, veins, voices, signatures, typing styles, gaits and odors.

Our Major Concerns

Biometric technology is inherently individuating and interfaces easily to database technology, making privacy violations easier and more damaging. If we are to deploy such systems, privacy must be designed into them from the beginning, as it is hard to retrofit complex systems for privacy.
Biometric systems are useless without a well-considered threat model. Before deploying any such system on the national stage, we must have a realistic threat model, specifying the categories of people such systems are supposed to target, and the threat they pose in light of their abilities, resources, motivations and goals. Any such system will also need to map out clearly in advance how the system is to work, in both in its successes and in its failures.

Biometrics are no substitute for quality data about potential risks. No matter how accurately a person is identified, identification alone reveals nothing about whether a person is a terrorist. Such information is completely external to any biometric ID system.

Biometric identification is only as good as the initial ID. The quality of the initial "enrollment" or "registration" is crucial. Biometric systems are only as good as the initial identification, which in any foreseeable system will be based on exactly the document-based methods of identification upon which biometrics are supposed to be an improvement. A terrorist with a fake passport would be issued a US visa with his own biometric attached to the name on the phony passport. Unless the terrorist A) has already entered his biometrics into the database, and B) has garnered enough suspicion at the border to merit a full database search, biometrics won't stop him at the border.

Biometric identification is often overkill for the task at hand. It is not necessary to identify a person (and to create a record of their presence at a certain place and time) if all you really want to know is whether they're entitled to do something or be somewhere. When in a bar, customers use IDs to prove they're old enough to drink, not to prove who they are, or to create a record of their presence.

Some biometric technologies are discriminatory.A nontrivial percentage of the population cannot present suitable features to participate in certain biometric systems. Many people have fingers that simply do not "print well." Even if people with "bad prints" represent 1% of the population, this would mean massive inconvenience and suspicion for that minority. And scale matters. The INS, for example, handles about 1 billion distinct entries and exits every year. Even a seemingly low error rate of 0.1% means 1 million errors, each of which translates to INS resources lost following a false lead.

Biometric systems' accuracy is impossible to assess before deployment Accuracy and error rates published by biometric technology vendors are not trustworthy, as biometric error rates are intrinsically manipulable. Biometric systems fail in two ways: false match (incorrectly matching a subject with someone else's reference sample) and false non-match (failing to match a subject with her own reference sample). There's a trade-off between these two types of error, and biometric systems may be "tuned" to favor one error type over another. When subjected to real-world testing in the proposed operating environment, biometric systems frequently fall short of the performance promised by vendors.

The cost of failure is high. If you lose a credit card, you can cancel it and get a new one. If you lose a biometric, you've lost it for life. Any biometric system must be built to the highest levels of data security, including transmission that prevents interception, storage that prevents theft, and system-wide architecture to prevent both intrusion and compromise by corrupt or deceitful agents within the organization.
Despite these concerns, political pressure for increasing use of biometrics appears to be informed and driven more by marketing from the biometrics industry than by scientists. Much federal attention is devoted to deploying biometrics for border security. This is an easy sell, because immigrants and foreigners are, politically speaking, easy targets. But once a system is created, new uses are usually found for it, and those uses will not likely stop at the border.

With biometric ID systems, as with national ID systems, we must be wary of getting the worst of both worlds: a system that enables greater social surveillance of the population in general, but does not provide increased protection against terrorists.

Some Current Biometric Initiatives

Sec. 403(c) of the USA-PATRIOT Act specifically requires the federal government to "develop and certify a technology standard that can be used to verify the identity of persons" applying for or seeking entry into the United States on a U.S. visa "for the purposes of conducting background checks, confirming identity, and ensuring that a person has not received a visa under a different name."

The recently enacted Enhanced Border Security and Visa Entry Reform Act of 2002, Sec. 303(b)(1), requires that only "machine-readable, tamper-resistant visas and other travel and entry documents that use biometric identifiers" shall be issued to aliens by October 26, 2004. The Immigration and Naturalization Service (INS) and the State Department currently are evaluating biometrics for use in U.S. border control pursuant to EBSVERA.

Even prior to September 11, however, large-scale civilian biometric identification systems were being pushed. Both the Personal Responsibility and Work Opportunity Act of 1995 (PRWOA), a welfare reform law, and the Immigration Control and Financial Responsibility Act of 1996 (ICFRA), an immigration reform law, called for the use of "technology" for identification purposes.

Very lengthy ...

http://www.eff.org/wp/biometrics-whos-watching-you

when people scream that we don't... we do.

And that is YOUR social security card.

As to watching you. I gave up on privacy a while ago... it is a figment of my imagination. Who is watching me, without one of this.

Ralphs, I got their card, for the discounts
Amazon, Every time I make a purchase
My credit Card Company
Yes the Feds... I KNOW I have an FBI file... how bout you?
The State... every time my Driver's License is used for ID.

I could go on.