Senate Democrats have solidified and given more definition to their plan to create a biometric national ID, the centerpiece of their immigration reform proposal. (For reasons unrelated to the national ID plan, Senator Lindsey Graham (R-SC) has dropped out of the picture for now.) The “Conceptual Proposal for Immigration Reform” they released last week gives much more detail to the sketchy plans I previously reviewed.

In my Cato Policy Analysis, “Electronic Employment Eligibility Verification: Franz Kafka’s Solution for Illegal Immigration,” I wrote about the possibility of a work authorization document limited to that purpose—and my doubts that the government would adopt one.

A credential such as eligibility for employment under [the immigration laws] can be proved without creating a nationwide biometric tracking scheme. In fact, templates already exist. But it is unlikely to see adoption. . . . [I]dentification and tracking . . . shift the risk of error in the card-issuance process from the government to the citizen. . . . [T]racking preserves government power. A work-eligibility and tracking system . . . makes the individual’s employment eligibility subject to revision at a later time, if the government wants to change the rules or adapt the system to new purposes, for example.

Those doubts are validated by this plan, which appears to be a full-fledged national ID and national biometric database. Assurances that it won’t be used for purposes beyond immigration control are not persuasive. This is national identity and surveillance infrastructure that will be “switched on” by later policy changes.

They’re calling it “BELIEVE,” short for “Biometric Enrollment, Locally-stored Information, and Electronic Verification of Employment.” They can call it that. We’ll study it, and give credence to what we learn.

The plan is confusing, disorganized, repetitive, and sometimes contradictory. Summarizing it is a little like trying to piece together the egg when all you have is the omelet, but three themes emerge: First, this summary backs away from an earlier claim that there would not be a biometric national identity database. There will be a national biometric database. Second, repeating the word “fraud-proof” does not make this national ID system fraud proof. Third, this national ID system definitely paves the way for uses beyond work authorization. This is the comprehensive national identity system that people across the ideological and political spectrum oppose.

The national ID part of the Democrats’ proposal begins at the bottom of page eight. It’s a veritable word-cloud, suggesting a violation of the rule of thumb that simple solutions are usually the best. But let’s look at it, line by line.

Not later than 18 months after the date of enactment of this proposal, the Social Security Administration will begin issuing biometric social security cards.

That’s pretty darn ambitious. Watch for any national ID plan to take several years to get started, decades to complete. The REAL ID Act—a simpler proposal than this one—has been law for five years and not a single compliant card has yet been issued. Not one.

These cards will be fraud-resistant, tamper-resistant, wear resistant, and machine-readable social security cards containing a photograph and an electronically coded micro-processing chip which possesses a unique biometric identifier for the authorized card-bearer.

All these things are easier said than done. And “fraud-resistant”? That’s unlikely. We won’t know until we see details.

The card will also possess the following characteristics:

We’ll take them in chunks.

(1) biometric identifiers, in the form of templates, that definitively tie the individual user to the identity credential;

Cards have biometrics today—low-tech ones like your picture and a copy of your signature printed on it. Here, “biometric identifiers” probably refers to machine-readable biometrics like fingerprints or iris scans. The card wouldn’t have an image of the biometric itself, but rather a mathematical description of its key features—the arches, loops, and whorls in your fingerprint and their distances from one another, for example. Research continues into how secure these algorithms are against future high-tech versions of identity fraud.

(2) electronic authentication capability;

This is pretty opaque, but it confirms again that the card will have a computer chip. “Authentication” is a word without a distinct meaning—what fact will be proven to whom, and how will it be proven? We have to learn more.

(3) ability to verify the individual locally without requiring every employer to access a biometric database; (4) offline verification capability (eliminating the need for 24-hour, 7-days-per-week online databases);

This is two ways of saying roughly the same thing. How will this goal be achieved? Without more information, the privacy and security issues are hard to assess. 

A freestanding ability to verify individuals without accessing a biometric database implies that there will be a biometric database, a likelihood I noted earlier.

(5) security features that protect the information stored on the card; (6) privacy protections that allow the user to control who is able to access the data on the card;

Security protects privacy so these two features are siblings if not one feature. But these opaque claims don’t tell us much at all. Knowing what exact card security features the plan envisions would allow an assessment of their quality. They could be anything from distributing RFID-chipped cards with a metallic sleeve that many users will lose or fail to use—almost no protection at all—to using a card that will only reveal data when the biometric of the authorized bearer is presented to the card.

The best protection for privacy and data security is not collecting people’s identity information in one place at all, nor organizing it uniformly on a card everyone must have. A technically secure national ID card isn’t privacy protective when the bearer is practically or legally required to release the information on it. Pushing card security as a privacy feature is like looking for your keys under a lamp post. The light may be better there, but you haven’t solved the privacy issues by securing the card.

(7) compliance with authentication and biometric standards recognized by domestic and international standards organizations.

This feature conflicts with the privacy claims in the previous bullet. Compliance with standards increases the likelihood that the national ID system will interoperate with other national governments’ systems and with corporate systems. Picture a future not too far off when every government collects and shares data on every citizen and foreigner using a consistent identity system. This is an efficiency feature with huge privacy and liberty costs for individuals.

The new biometric social security card shall enable the following outcomes:

One by one:

(1) permit the individual cardholder to control who can access their information;

This is the same as characteristic (6) above.

(2) allow electronic authentication of the credential to determine work authorization;

We got this from characteristic (2) above.

(3) possession of scalability of authentication capability depending on the requirement of the application.

This jargon cloud doesn’t mean anything discernible, but it does suggest that this national ID system is being designed for multiple uses. Let’s start with some terms:

“Scalability” is the idea that a technology still works well “at scale.” A system that works will with 10 users may not work well with 10,000, and a system that works well with 10,000 users may not work well with 10,000,000 or 100,000,000. So the idea here is that it will work well with many users. It’s not enough just to say that, of course. We should know specifically how it would meet the challenges of scale.

“Authentication”—again, a poorly defined term—means adequately proving some fact, such as a person’s identity, his or her work authorization, and so on.

“Application”—another favorite word in the tech lingo—simply means “use.” A hammer has many different applications: pounding in nails, denting metal, bonking intruders on the head, and so on.

So the sentence translates roughly to: “The card system will handle large numbers of people no matter what it’s used for.”

That’s telling, because the next line in the plan claims that the system will only be used for work authorization. If it’s only used for work authorization, why would it need to handle large scale for other authorization applications?

Possession of a fraud-proof social security card will only serve as evidence of lawful work-authorization but will in no way be permitted to serve—or shall be required to be shown—as proof of citizenship or lawful immigration status.

Repeat: If this is true, why does the card work at scale for other authorization applications?

The use of the word “permitted” suggests that the card will be capable of other uses, but such uses will be barred by law. Once again, if the plan is to use the cards only for work authorization, why not design the cards to serve only that purpose and no other?

And there’s “fraud-proof” again. The plan says little or nothing about what makes the card fraud-proof. In my earlier assessment of the national ID plan as it stood then, I discussed the three different meanings the concept of “fraud-proof” may have in an identity system, and the difficulties of achieving all three.

It will be unlawful for any person, corporation; organization local, state, or federal law enforcement officer; local or state government; or any other entity to require or even ask an individual cardholder to produce their social security card for any purpose other than electronic verification of employment eligibility and verification of identity for Social Security Administration purposes.

Confirmed: This will be a multi-purpose identity card. Most of the public will be barred by law from asking for the cards, but it will perform “verification of identity for Social Security Administration purposes.” That means, at the very least, that it can display Social Security Number and probably name. It will be convertible to lots of other purposes when mission creep takes hold.

Legal rules against using the card for new purposes don’t mean very much. If you create a system with rules like that in place, they might be in place for a while, but policymakers will think of new uses for the card, people and organizations use the card unlawfully for a while, and the weight of these “misuses” will break down the legal barriers. The national ID system created for one limited purpose will be “switched on” and it will become the full-scale surveillance device that freedom-loving Americans abhor.

No personal information will be stored on the electronic chip contained within the social security card other than the individual’s name, date of birth, social security number, and unique biometric identifier.

What more do you need? Presenting these identifiers allows organizations, public and private, to easily identify people distinctly in their data stores. Highly accurate tracking systems will grow up around this identity system, many of which provide convenience and other benefits, but the sum total of which will be a federal-government-fostered surveillance society.

And, by the way, an encrypted work authorization (see below) can act as an identifier—that’s more personal information—unless the card’s design takes some very impressive steps to prevent that.

Under no circumstances will any other information, including medical information or position-tracking information, be contained within the card.

This is nice protection—and if it’s a bar on radio frequency identification, fine—but putting these protections in law is rather quaint, though. A bar on additional data going on the card may hold up for a few decades, but it will ultimately give way to new demands for data on the card to fix some new policy problem.

And, remember, the card itself is not the only source of privacy concern. The card will facilitate highly accurate record-keeping about people’s locations when they use the cards. Location tracking may not be integral to the card, but the card will be integral to location tracking.

The Secretary of Homeland Security shall work with other agencies to secure enrollment locations at sites operated by the federal government.

Yes, you need to secure enrollment facilities or people will break in and steal equipment and data. I’m not impressed that DHS will be involved in providing physical security to SSA, and I bet SSA isn’t either.

Prior to issuing an individual a new fraud-proof social security card, the Social Security Administration will be required to verify the individual’s identity and employment eligibility by asking for production of acceptable documents to be provided by the individual as proof of identity and employment eligibility.

Yes, that’s how you do it. This is the step in the card issuance process that is probably the weakest. Forgery and corruption attacks are a function of the value to which the card controls access.

(Again with the unsubstantiated “fraud-proof”!)

The Secretary of Homeland Security will work with the Commissioner of the Social Security Administration to verify non-citizens’ employment authorization.

As they must. DHS has the info on naturalized citizens and non-citizens legally in the country.

SSA will also be required to engage in background screening verification techniques currently used by private corporations that use publicly available information that can be derived from the individual’s social security number.

This is a new one—doing database background checks on applicants for the new national ID. Rather than using only the documents proffered by the applicant for the card, the Social Security Administration would look up the claimed SSN of the applicant and see if his or her story checks out. For example, the system might compare the address claimed by the applicant to addresses that are found in public or private records. (“Publicly available” is ambiguous.)

This is a way of reducing fraud in the issuance of cards. (Mind you, it doesn’t make the process “fraud-proof!”) But it also raises new issues, particularly if the background check on the applicant will be run against private commercial data. The DHS Privacy Committee has twice issued cautionary documents about using commercial data in government applications. There are many issues, including privacy and due process, if indeed the intent is to use private databases to run background checks on applicants for a government benefit.

An administrative adjudication process can be invoked in the event that an individual is unable to establish his or her identity or lawful immigration status. Adverse decisions can be reviewed in the federal courts.

You’re gonna need it. The full range of appeals will be required if this card indeed will be used to control access to work. Some important decisions have to be made about whether a person can work while their appeal is pending. If an appeal fails, should the appellant be arrested and deported as a presumptive illegal immigrant? Expect to see stories of people who lack documentation and fixed addresses—the very poor, recovering drug addicts, and so on—who cannot prove their existence to the SSA or who don’t pass their background checks. They will find themselves unable to work because their government has denied them an officially recognized identity.

There will be a multi-stage process of re-verification if an individual claims he lost his previously issued fraud-proof social security card to ensure that there is no identity-theft or unlawful collaboration of identity.

I noted in my previous analysis that a database-free identity system is very difficult to administer, such as for replacing lost cards. The plan to address this challenge is unclear. Someone who has lost a card will have to return to the SSA and take part in this “multi-stage process of re-verification”—whatever it is—perhaps waiting to work until it has been completed. I have no idea what “unlawful collaboration of identity” is.

There will also be a multi-stage process for resolution of proper identity if an individual claims an identity tied to a social security number that has been claimed by another individual.

More undefined, but “multi-stage” processes, when a person comes to the Social Security Administration and finds that someone else has already claimed the same identity. Will they be able to work during the pendency of their “multi-stage” processing?

Tough penalties will be put in place for fraud in procurement of a fraud-proof social security card.

This raises a metaphysical question: Can there be fraud in a “fraud-proof” card? Of course there can. There is no fraud-proof card, which is why you have to penalize fraud, hoping to suppress it.

The same penalties shall apply for conspiracy to commit fraud if false information is intentionally provided.

Let’s spend just a moment on the capacity of criminal penalties to suppress fraud. It’s easy for people like us—wealthy and highly educated—to assume from the comfort of our offices that criminal penalties will suppress fraud. After all, prison looks pretty awful compared to an office. But an illegal immigrant has a different calculus. Going to jail and getting “three hots and a cot” is not a bad outcome compared to repatriation to a life of hunger and political instability in one’s home country. Committing fraud in the interest of “legitimate” work is preferable to theft or violence aimed at getting money and food here. Criminal penalties won’t suppress fraud as well as many might imagine.

Employers hiring workers in the future will be required to use the newly created Biometric Enrollment, Locally-stored Information, and Electronic Verification of Employment (BELIEVE) System as a means of verification. There will be strict employer penalties for failure to participate in the BELIEVE system after being notified of a requirement to do so by the Secretary of Homeland Security or after the BELIEVE system has been fully implemented nationwide such that it is required to be used by all employers.

E-Verify has too many problems. Renaming it will help!

Prospective employees will present a machine-readable, fraud proof, biometric Social Security card to their employers, who will swipe the cards through a card-reader to confirm the cardholder’s identity and work authorization.

More than two pages into the summary, we’re back to the basics of the card and what it does. We already know that the card is not fraud proof. What’s new here is that employers will have to have card readers—an additional inconvenience, expense, and barrier to hiring new employees.

What this fails to mention is that the machine will have to be able to process machine biometrics—fingerprint reading or iris scanning, for example. These are not inexpensive machines, their use will probably require training, and they must have very high accuracy in all conditions or they will produce a mountainous administrative burden on employers and workers.

We also learn from this—again—that this will not be a simple work authorization system, but a national identity system. Running the card through a machine (and checking the bearer’s biometrics) will reveal identity.

Again, we’re looking at mission creep: With all these cards and machines in place, able to prove identity, why wouldn’t they be applied to new purposes like airline security? Checking in at hotels? Confirming identity at office building entrances? Administration of government benefits? Proof of identity in credit card transactions? Night and weekend access to office buildings and parking lots? Traffic stops?

The cardholder’s work authorization will be verified by matching a digital encryption key contained within the card to a digital encryption key contained within the work authorization database being searched.

Here’s a new notion—the use of encryption. But how encryption would be used is far from clear. Presumably, a signal that the bearer of the card is work authorized (referred to here as an “encryption key”) would be released by the card and matched against information (also referred to as an “encryption key”) in a database. It is highly doubtful that either item of data is actually an encryption key, as an encryption key is the code used to encrypt or decrypt the information you are trying to work with. Most likely, work authorization data will be encrypted on the card. Somehow or another, once presented, that encrypted data will be decrypted and show that the bearer of the card is work authorized.

This contradicts statements above saying that the system won’t require access to a central database. Perhaps it envisions public key encryption, in which a private key scrambles the work authorization data and a public key de-scrambles it. I doubt that PKI is up to this. If the private key were released or reverse-engineered, the system would fail because forgery of work authorizations would then be easy.

This project has a long way to go before it articulates a card system that can securely confirm work authorization without connecting to a database.

The cardholder’s identity will be verified by matching the biometric identifier stored within the micro-processing chip on the card to the identifier provided by the cardholder that shall be read by the scanner used by the employer.

This is confirmation that it is not just a card reader, but a biometric reader. It is also confirmation that the system will confirm identity, not just work authorization. Prepare for mission creep.

Two-and-a-half pages of summary information reveals little more than the wall of complexities behind the Democrats’ plan for a national identity system. It repeats as an incantation the words “fraud-proof” even while it admits that criminal penalties are needed to tamp down fraud. The summary ratchets back from the dubious claim made earlier that there wouldn’t be a national biometric database—there almost certainly would be. The summary confirms that the card system would be used to confirm identity, not just work authorization. That sets it up for mission creep—expansion to new uses and data collections that plunge us into a surveillance society.

Indeed the mission creep begins with this very plan. When employer sanctions don’t sweep the country clean of visa overstayers, these ID cards will be used to hunt them down inside the country. From page five:

In addition to increasing border enforcement, this proposal will substantially enhance our capabilities to detect, apprehend, and remove persons who entered the United States unlawfully and persons who entered lawfully on temporary visas but failed to leave the country when designated.

Will these removal plans be carried out through a system of checkpoints at which all Americans have to present their national ID card? Will private providers of financial services, health care, housing, or retailing be required to check a person’s national ID card? Or will the entire nation adopt an Arizona-style law that requires law enforcement to examining the papers of people “reasonably suspected” of remaining in the country illegally?

The Democrats’ national ID plan raises all these questions and many more. My colleague Dan Griswold has the true answer:  To control the border, you must first reform immigration law.

Don’t BELIEVE the Hype—Though Unformed, the Democrats’ National ID Plan Is Rife With Threats to Privacy and Civil Liberties is a post from Cato @ Liberty - Cato Institute Blog

If you have a job, a panel convened by the University of Denver thinks you should have a national ID card.

DU’s “Report of the Strategic Issues Panel on Immigration” says:

The idea of a national card for identifying citizens and non-citizens has become the third rail of immigration politics. But in truth, without a means of positive identification, it makes very little difference what immigration policies are adopted because they can’t be effectively enforced. A means of positive identification is essential to prevent the employment of illegal immigrants.

Only the panel’s narrow framing leads to this conclusion.

Restrictive immigration policies may require a national ID and federal background check system because such policies are so at odds with employers’ and workers’ interests. The federal government will have to continually investigate workers and employers to maintain them.

But policies that align immigration rates with our country’s demand for new workers would foster the rule of law naturally—without a national ID, worker surveillance, and an overweening federal government.

Much hand-waving animates the report. It imagines a card system that is “extremely difficult or impossible to counterfeit.” But that’s a product of how much value your card system controls—the more value, the more effort goes into forging it—and access to employment in the U.S. is worth a lot. The report says nothing about fraud in the card issuance process.

Nor does it calculate the expense to our nation’s seven million employers—many of them small businesses, families, and individuals—for getting card readers. Their proposal to hold employers harmless is an embossed invitation to fraud on the system—unless those inexpensive card readers are also fingerprint or iris scanners. If the system is going to work, someone legally responsible has to verify that the card belongs to the person presenting it. And if you’re going to use biometric scanners, there is a lot of work yet to be done to control error rates.

Of privacy concerns, the panel says it listened to “experts and advocates on all sides.” But the advisors listed in the report do not include any privacy expert or civil liberties advocate. They do include an advocate for restrictionist immigration policies, a police chief, a former U.S. attorney, a federal Immigration and Customs Enforcement official, a Colorado state homeland security official, a federal Department of Homeland Security official, a sheriff, the Colorado Attorney General, and a CIA officer. It is unlikely that the one “immigrant rights” advocate addressed the privacy issues for U.S. citizens, much less the technical and data security problems.

It’s not new for people focusing on one issue to think that a national ID is their solution. In fact, it’s typical for people to think that sprinkling technology over economic and social problems can solve them.

University of Denver Panel Recommends You Have a National ID is a post from Cato @ Liberty - Cato Institute Blog

It was good of Ari Schwartz to respond last week to my recent post querying whether the Center for Democracy and Technology outright opposes a national ID or simply “does not support” one.

Ari says CDT does oppose a national ID, and I believe that he honestly believes that. But it’s worth taking a look at whether the group’s actions are consistent with opposition to a national ID. I believe CDT’s actions — most recently its support of the PASS ID Act — support the creation of a national ID.

(The title of his post and some of his commentary suggest I have engaged in rhetorical excess and mischaracterized his views. Please do judge for yourself whether I’m being shrill or unfair, which is not my intention.)

First I want to address an unusual claim of Ari’s — that we already have a national ID system. If that is true, his support for PASS ID is more sensible because it is an opportunity to inject federal privacy protections into the existing system (putting aside whether it is a federal responsibility to manage a state system or systems).

Do We Already Have a National ID?

I have heard a few people suggest that we have a national ID in the form of the Social Security Number. I believe the SSN is a national identifier, but it fails the test of a national identification card or system because it is not used for identification. As we know well from the scourge of identity fraud, there is no definitive way to tie an SSN to a person. The SSN is not used for identification (at least not reliably and not alone), which is the third part of my national ID definition. (Senator Schumer might like the SSN to form the basis of a national ID system, of course.)

But Ari says something different. He does not claim any definition of “national ID” or “national ID system.” Instead, he appeals to the authority of a 2003 report from a National Academy of Sciences group entitled “Who Goes There?: Authentication Through the Lens of Privacy.” That report indeed says, “State-issued driver’s licenses are a de facto nationwide identity system” — on the second-to-last substantive page of its second-to-last substantive chapter

But this is a highly selective use of quotation. The year before, that same group issued a report called “IDs — Not That Easy: Questions About Nationwide Identity Systems.” From the beginning and throughout, that report discussed the many issues around proposals to create a “nationwide” identity system. If the NAS panel had already concluded that we have a national ID system, it would not have issued an entire report critiquing that prospect. It would have discussed the existing one as such. Ari’s one quote doesn’t do much to support the notion that we already have a national ID.

What’s more, CDT’s own public comments on the proposed REAL ID Act regulations in May 2007 said that its data-intensive “one person — one license/ID card — one record” policy would ”create a national identification system.”

If a national ID system already existed, the new policy wouldn’t create one. This is another authority at odds with the idea that we have a national ID system already.

Support of PASS ID might be forgiven if we had a national ID system and if PASS ID would improve it. But the claim we already have one is weak.

“Political Reality” and Its Manufacture

But the heart of Ari’s claim is that supporting PASS ID reflects good judgment in light of political reality.

Despite the fact that there are no federal politicians, no governors and no appointed officials from any party publicly supporting repeal of REAL ID today, CDT still says that repeal is an acceptable option. However, PASS ID would get to the same outcome, or better, in practice and has the added benefit of actually being a political possibility. . . . I realize that Harper has invested a lot of time fighting for the word “repeal,” but at some point we have to look at the political reality.

A “Dear Colleague” letter inviting support for a bill to repeal REAL ID circulated on the Hill last week. How many legislators will hesitate to sign on to the bill because they have heard that the PASS ID Act, and not repeal of REAL ID, is CDT’s preferred way forward?

The phrase “political reality” is more often used by advocates to craft the political reality they prefer than to describe anything truly real. Like the observer effect in experimental research, statements about “political reality” change political reality.  Convince enough people that a thing is “political reality” and the sought-after political reality becomes, simply, reality.

I wrote here before about how the National Governors Association, sensing profit, has worked diligently to make REAL ID a “political reality.” And it has certainly made some headway (though not enough). In the last Congress, the only legislation aimed at resolving the REAL ID impasse were bills to repeal REAL ID. Since then, the political reality is that Barack Obama was elected president and an administration far less friendly to a national ID took office. Democrats — who are on average less friendly to a national ID — made gains in both the House and Senate.

But how are political realities crafted? It has often been described as trying to get people on a bus. To pass a bill, you change it to get more people on the bus than get off.

The REAL ID bus was missing some important riders. It had security hawks, the Department of Homeland Security, anti-immigrant groups, DMV bureaucrats, public safety advocates, and the Bush Administration. But it didn’t have: state legislators and governors, privacy and civil liberties groups, and certain religious communities, among others.

PASS ID is for the most part an effort to bring on state legislators and governors. The NGA is hoping to broker the sale of state power to the federal government, locking in its own institutional role as a supplicant in Washington, D.C. for state political leaders.

But look who else was hanging around the bus station looking for rides! — CDT, the nominal civil liberties group. Alone it jumped on the bus, communicating to others less familiar with the issues that PASS ID represented a good way forward.

Happily, few have taken this signal. The authors of PASS ID were unable to escape the name “REAL ID,” which is a far more powerful beacon flashing national ID and all the ills that entails than CDT’s signal to the contrary.

This is not the first time that CDT’s penchant for compromise has assisted the national ID effort, though.

Compromising Toward National ID

The current push for a national ID has a short history that I summarized three years ago in a righteously titled post on the TechLiberationFront blog: “The Markle Foundation: Font of Evil II.”

Briefly, in December 2003, a group called the Markle Foundation Task Force on National Security in the Information Age recommended “both near-term measures and a longer-term research agenda to increase the reliability of identification while protecting privacy.” (Never mind that false identification was not a modus operandi of the 9/11 attacks.)

The 9/11 Commission, citing Markle, found that “[t]he federal government should set standards for the issuance of birth certificates and sources of identification, such as drivers licenses.” In December 2004, Congress passed the Intelligence Reform and Terrorism Prevention Act, implementing the recommendations of the 9/11 Commission, including national standards for drivers’ licenses and identification cards, the national ID system recommended by the Markle Task Force. And in May 2005, Congress passed a strengthened national ID system in the REAL ID Act.

An earlier post, “The Markle Foundation: Font of Evil,” has more — and the text of a PoliTech debate between myself and Stewart Baker. Security hawk Baker was a participant in the Markle Foundation group, as was national ID advocate Amitai Etzioni. So was the Center for Democracy and Technology’s Jim Dempsey.

I had many reservations about the Markle Foundation Task Force and its work product, and in an April 2005 meeting of the DHS Privacy Committee, I asked Dempsey about what qualified people to serve on that task force, whether people were invited, and what might exclude them. A month before REAL ID passed, he said:

I think the Markle Task Force at least sought balance. And people came to the table committed to dialogue. And those who came with a particular point of view, I think, were all committed to listening. And I think people’s minds were changed. . . . What we were committed to in the Markle Task Force was changing our minds and trying to find a common ground and to try to understand each other. And we spent the time at it. And that, I think, is reflected in the product of the task force.

There isn’t a nicer, more genuine person working in public policy than Jim Dempsey. He is the consummate honest broker, and this statement of his intentions for the Markle Foundation I believe to be characteristically truthful and earnest.

But consider the possibility that others participating on the Markle Foundation Task Force did not share Jim’s predilection for honest dialogue and compromise. It is even possible that they mouthed these ideals while working intently to advance their goals, including creation of a national ID.

Stewart Baker, who I personally like, is canny and wily, and he wants to win. I see no evidence that Amitai Etzioni changed his mind about having a national ID when he authored the recommendation in the Markle report that ultimately produced REAL ID.

Other Markle participants I have talked to were unaware of what the report said about identity-based security, national identity standards, or a national ID. They don’t even know (or didn’t at the time) that lending your name to a report also lends it your credibility. Whatever privacy or civil liberties advocates were involved with the Markle Task Force got rolled — big-time — by the pro-national-ID team.

CDT is a sophisticated Washington, D.C. operation. It is supposed to understand these dynamics. I can’t give it the pass that outsiders to Washington might get. By committing to compromise rather than any principle, and by lending its name to the Markle Foundation Task Force report, CDT gave credibility to a bad idea — the creation of a national ID.

CDT helped produce the REAL ID Act, which has taken years of struggle to beat back. And now they are at it again with “pragmatic” support for PASS ID.

CDT has been consistently compromising on national ID issues while proponents of a national ID have been doggedly and persistently pursuing their interests. This is not the behavior of a civil liberties organization. It’s why I asked in the post that precipitated this debate whether there is anything that would cause CDT to push back from the table and say No.

Despite words to the contrary, I don’t see evidence that CDT opposes having a national ID. It certainly works around the edges to improve privacy in the context of having a national ID — reducing the wetness of the water, as it were — but at key junctures, CDT’s actions have tended to support having a U.S. national ID. I remain open to seeing contrary evidence.

Assessing the Claim that CDT Opposes a National ID is a post from Cato @ Liberty - Cato Institute Blog

The proposed PASS ID Act is a national ID just like REAL ID, and it threatens privacy just as much. Some argue that a national ID under PASS ID should be palatable, though, because it reduces costs to states.

But savings to states under PASS ID are not at all clear. Let’s take a look at the costs of creating a U.S. national ID.

The REAL ID Act, passed in May 2005, required states to begin implementing a national ID system within three years. In regulations it proposed in March 2007, the Department of Homeland Security extended that draconian deadline. States would have five years, starting in May 2008, to move all driver’s license and ID card holders into REAL ID-compliant cards.

The Department of Homeland Security estimated the costs for this project at $17.2 billion dollars (net present value, 7% discount). Costs to individuals came it at nearly $6 billion – mostly in wasted time. Americans would spend more than 250 million hours filling out forms, finding birth certificates and Social Security cards, and waiting in line at the DMV.

The bulk of the costs fell on state governments, though: nearly $11 billion dollars. The top three expenditures were $5.25 billion for customer service at DMVs, $4 billion for card production, and $1.1 billion for data systems and IT. Getting hundreds of millions of people through DMVs and issuing them new cards in such a short time was the bulk of the cost.

To drive down the cost estimate, DHS pushed the implementation schedule way back. In its final rule of January 2008, it allowed states a deadline extension to December 31, 2009 just for the asking, and a second extension to May 2011 for meeting certain milestones. Then states would have until the end of 2017 to replace all cards with the national ID card. That’s just under ten years.

Then the DHS decided to assume that only 75% of people would actually get the national ID. (Never mind that whatever benefits from having a national ID drop to near zero if it is not actually “national.”)

The result was a total cost estimate of about $6.85 billion (net present value, 7% discount). Individual citizens would still spend $5.2 billion worth of their time (in undiscounted dollars) on paperwork and waiting at the DMV. But states would spend just $1.5 billion on data and interconnectivity systems; $970 million on customer service; and $953 million on card production and issuance—a total of about $2.4 billion. (All undiscounted—DHS didn’t publish estimates for the final rule the same way it published their estimates for the proposed rule.)

Maybe these cost estimates were still too high. Maybe they weren’t believable. Or maybe Americans’ love of privacy and hatred of a national ID explains it. But the lower cost estimate did not slow the “REAL ID Rebellion.” Given the costs, the complexity, the privacy consequences, and the dubious benefits, states rejected REAL ID.

Enter PASS ID, which supposedly alleviates the costs to states of REAL ID. But would it?

At a Senate hearing last week, not one, but two representatives of the National Governors Association testified in favor of PASS ID, citing their internal estimate that implementing PASS ID would cost states just $2 billion.

But there is reason to doubt that figure. PASS ID is a lot more like REAL ID – the original REAL ID – in the way that most affects costs: the implementation schedule.

Under PASS ID, the DHS would have to come up with regulations in just nine months. States would then have just one year to begin complying. All drivers’ licenses would have to be replaced in the five years after that. That’s a total of six years to review the documents of every driver and ID holder, and issue them new cards.

How did the NGA come up with $2 billion? Maybe they took the extended, watered-down, 75%-over-ten-years estimate and subtracted some for reduced IT costs. (The NGA is free to publish its methodology, of course.)

But the costs of implementing PASS ID to states are more likely to be closer to $11 billion than the $2 billion figure that the NGA puts forward. In just six years, PASS ID would send some 245 million people into DMV offices around the country demanding new cards. States will have to hire and train new employees to handle the workload. They will have to acquire new computer systems, documents scanners, data storage facilities, and so on.

There is another source for cost estimates that draws the $2 billion figure into question: the National Governors Association itself. In September 2006, it issued a report with the National Conference of State Legislatures and the American Association of Motor Vehicle Administrators finding that the costs to re-enroll drivers and ID holders over a 5-year period would cost states $8.45 billion (not discounted).

Just as with REAL ID, re-enrollment under PASS ID would undo the cost-savings and convenience that states have gained by allowing online re-issuance for good drivers and long-time residents. As the NGA said:

Efficiencies from alternative renewal processes such as Internet and mail will be lost during the re-enrollment period, and states will face increased costs from the need to hire more employees and expand business hours to meet the five year re-enrollment deadline.

Angry citizens will ask their representatives why they are being investigated like criminals just so they can exercise their right to drive.

PASS ID does reduce some of the information technology costs of REAL ID, such as requirements to use systems that still do not exist, and requirements to pay for driver background checks through the Systematic Alien Verification for Entitlements system and the Social Security Online Verification system.

But PASS ID still requires states to “[e]stablish an effective procedure to confirm that a person [applying] for a driver’s license or identification card is terminating or has terminated any driver’s license or identification card” issued under PASS ID by any other state. How do you do that? By sharing driver information. The language requiring states to provide all other states electronic access to their databases is gone, but the need to share that information is still there.

A last hope for states is that the federal government will come up with money to handle all this. But the federal government is in even tougher financial straights than many states. The federal deficit for this fiscal year is projected to reach $1.84 trillion.

Experienced state leaders recognize that the promise of federal money may not be fulfilled. The weakly funded PASS ID mandate will likely become a fully unfunded mandate.

So, does PASS ID really save states money? I wouldn’t put any money on it . . . .

Would PASS ID Really Save States Money? is a post from Cato @ Liberty - Cato Institute Blog

The Electronic Privacy Information Center has produced a very thorough analysis of the PASS ID Act, which would revive the REAL ID national ID program.

The EPIC analysis states flatly, “The bill would establish a national ID card,” and, “The intent of this legislation is to facilitate a National ID system.”

That’s quite a contrast to Ari Schwartz at the Center for Democracy and Technology, who alone believes that PASS ID “prevents the creation of a National ID system.”

EPIC on PASS ID: a National ID Card is a post from Cato @ Liberty - Cato Institute Blog

Ari Schwartz responded in characteristic even tones to my critique of his testimony in favor of the PASS ID Act, which would revive the moribund REAL ID law. It’s worth a rejoinder, and I’ll offer him the same again here if he wishes.

Ari clouds matters slightly by suggesting that my “strong biases” obscure certain facts. I readily admit having a strong bias in favor of liberty — it’s why I do what I do. Ari admits several biases, including one in favor of consensus-building, which was what I accused him of prioritizing over principle. Let’s put aside the question of bias.

It’s good to see Ari state that CDT does not support a national ID system. It would be better to see him state that CDT opposes having a national ID system. (I imagine this is just a matter of word choice, but it would be good to have clarity.)

Next, Ari says his testimony “makes it clear that we believe that PASS ID prevents the creation of a National ID system.” I don’t believe this is clear from his testimony. More importantly, this is not a sound assessment of what a national ID is or what PASS ID does.

We need some defined terms, so let’s tease out what he means by “national ID.” (He has told me that there is some distinction between a “national ID,” a “national ID system,” and perhaps a “national ID card,” but the distinction is lost on me. I believe a national ID card is part of a national ID system, both of which are commonly referred to in shorthand as a “national ID.”)

Twice in his testimony, he correctly calls REAL ID a national ID system. The factors that make it so appear to be “the very real possibility that individuals would not be able to function in American society without a REAL ID card” and “giving unfettered discretion to DHS to expand the ‘official purposes’ for which REAL ID cards could be required.”

In my recent post on the subject, I defined a national ID as being a card: 1) nationally uniform in its key elements; 2) the possession of which is either practically or legally required; and 3) that is used for identification.

I think 1) and 3) are both given. Ari’s take on 2) – inability to function without it — and my formulation — practically required — are equivalent, so Ari and I agree on that much.

But is DHS discretion to expand “official purposes” an essential element of a national ID card? I don’t think so.

Let’s say Congress passes a law requiring employers to check a certain card before they hire new workers. What if Congress requires credit issuers to check the card? States require presentation of the card at the voting booth? What if Congress requires pharmacists to check it before selling people cold medicine?

Is this card system saved from being a “national ID system” because someone other than DHS came up with these ideas? Of course not. DHS discretion to expand usage is not what makes an ID system a “national ID system.”

The better definition is what we agree on: A national ID is national, identifying, and practically or legally required, meaning the lack of it disables people from functioning in society.

Do REAL ID and PASS ID differ in ways that make the one a national ID and the other not a national ID? No, and Ari doesn’t say so. He merely says PASS ID would slow national ID mission creep by some margin because it denies DHS some discretion. (PASS ID “[r]emoves from DHS’s authority the ability to unilaterally determine new official purposes for which a PASS ID-compliant card can be required . . . .”)

This is not central to “national ID-ness,” and PASS ID doesn’t actually deny DHS that authority — it simply removes the specific grant of authority in REAL ID. Removing a grant of authority in one law does not deny an agency authority it has elsewhere. (It’s like the difference between “not supporting” and “opposing” something.) DHS and other agencies almost certainly have power under other law to require the IDs they choose for functions that are plausibly related to security or fraud prevention.

I was wrong to assume that it was lack of principle driving CDT and Ari to endorse the PASS ID Act, which revives our moribund national ID law. Other explanations are no more palatable, though, and no other group that I am aware of missed the true import of PASS ID.

Here’s a memorable Bruce Schneier quote to emphasize the importance of opposing a national ID, which so many civil liberties groups are doing:

History will record what we, here in the early decades of the information age, did to foster freedom, liberty and democracy. Did we build information technologies that protected people’s freedoms even during times when society tried to subvert them? Or did we build technologies that could easily be modified to watch and control? It’s bad civic hygiene to build an infrastructure that can be used to facilitate a police state.

No civil liberties group supports PASS ID. CDT can’t claim that mantle while it does.

PASS ID and National ID – Rejoinder to Schwartz is a post from Cato @ Liberty - Cato Institute Blog

The Senate Homeland Security and Governmental Affairs Committee held a hearing yesterday on the REAL ID Act and the REAL ID revival bill, known as PASS ID. I attended and want to share with you some highlights.

Good News!

Little good came from the hearing, as it was primarily focused on how to get the states and people to accept a national ID. But there is some good news.

First, Department of Homeland Security Secretary Janet Napolitano declared REAL ID dead (much as I did in my testimony two-plus years ago). “DOA” is how she referred to it.

She also said that no state will be in compliance with REAL ID by the current December 31, 2009 deadline. This is important because a lot of people think that states doing anything about the security of drivers’ licenses and ID cards are complying with REAL ID.

Another highlight was the commentary of Senator Roland Burris (D-IL). He is a beleaguered outsider to the Senate and evidently wasn’t coached on the talking points around REAL ID and PASS ID. So he flat out asked why we shouldn’t just have “a national ID.”

Senator Susan Collins’ (R-ME) nervous smile was particularly noticeable when Burris asked why the emperor had no clothes. No one was supposed to talk about national IDs at this hearing! But that’s what PASS ID is.

REAL ID and PASS ID are two versions of the same national ID system, and nobody is denying it. That’s good news because the effort to rebrand REAL ID through PASS ID has failed.

A Fake Crisis

Some other issue-framing is worth pointing out. Chairman Lieberman and Secretary Napolitano took pains to point out the importance of acting on PASS ID soon, claiming that the TSA would have to seriously inconvenience travelers with secondary searches at the end of the year if nothing was done.

But this is the same “crisis” that the DHS navigated a little over a year ago. States across the country were refusing to implement REAL ID. The DHS Secretary rattled his saber about inconveniencing travelers. And the DHS Secretary ended up giving all states a deadline extension. Secretary Napolitano will do the same thing if PASS ID fails – saber-rattling included. There is no crisis.

Vermont Governor Jim Douglas Supports a National ID

As I noted above, PASS ID is a national ID, just like REAL ID.

By testifying in support of PASS ID, Vermont governor Jim Douglas (R) put himself on record as supporting a U.S. national ID. He can pretend it’s not a national ID, of course, and he did his best to paper over the issue when Senator Burris asked about it. But Governor Douglas supports a national ID.

There was a time when Republicans stood for resisting federal incursions on state power. In the 104th Congress, the Senate Judiciary Committee had a subcommittee that focused on federalism and the preservation of state power (the Subcommittee on the Constitution, Federalism, and Property Rights). But the National Governors Association, with Douglas at the helm, is now in the process of negotiating the sale of state power over driver licensing and identification policy to the federal government.

Rampant Security Ignorance

The reason why he supports this national ID law, Governor Douglas said, is that he, like every governor, “is a security governor.”

With so many Senators and panelists conjuring security and the 9/11 Commission report, it would be a delight if someone actually examined the security benefits of a national ID. The information is there for them. Again, my testimony to the committee two years ago supplied at least some. Then, I said, “Implementation of REAL ID would impose more costs on our society than it would provide in security or other benefits,” and I articulated how and why a national ID fails to secure.

But Senator Lieberman said he “assumes” REAL ID provides national security benefits. Assumes? He and his staff apparently haven’t familiarized themselves with the level of national security that a national ID would create, taking into account the counterattacks and complications of such a system.

Five years after the vaunted 9/11 Commission report – and the three-quarters of a page it devoted to identity security – Senator Lieberman, the chairman of a committee dealing with domestic security, has yet to look into the merits.

In case Senator Lieberman needs some help . . .

I’m So Sick of the 9/11 Commission Report!

Speaking of the 9/11 Commission, it has been five years since that report came out, and people continue to parrot the line that REAL ID was a “key 9/11 Commission recommendation.”

The 9/11 Commission dedicated three-quarters of a page to the question of identity security, out of 400+ substantive pages. Its entire treatment of the subject is on page 390.

The 9/11 Commission did not articulate how a national ID system would defeat future terror attacks. It did not even articulate how a national ID would have defeated the 9/11 attacks had it been in place. A minor shift in behavior by the 9/11 attackers, such as using their passports to board planes, would have defeated REAL ID and PASS ID, were we somehow allowed “do-overs.”

We are not allowed “do-overs,” and the problem we face is not 9/11, but securing against current and future threats – including people who might shift their behavior in light of security measures we take.

These shifts in behavior might include taking a few extra steps to get the documentation they need, for access to the country or targets. These shifts in behavior might include attacking targets that do not require documentation. Identity-based security is a Maginot Line.

The 9/11 Commission report was written at a time when little research on identity-based security had been done. It was written by fallible humans who knew little about identity-based security, and who got it wrong. The report is not a religious text.

The report did say something important, though: “For terrorists, travel documents are as important as weapons”! (page 384) It’s a terrific turn of phrase because it shuts down the logic centers in the brain – eek, terrorists! – and ends the discussion.

The “travel documents” the report was talking about, though, were passports and visas, not drivers’ licenses and birth certificates – the things foreign terrorists use to get into the country. If we’re going to turn the driver’s license into an internal passport – and TSA checkpoints are the beginning of such a policy – then perhaps these are travel documents. Just, please, Secretary Napolitano, train your TSA agents to not say, “Your papers, please.”

Even as to international travel documents, though, the 9/11 Commission got it wrong. Weapons are the only things as important as weapons. And the 9/11 terrorists didn’t actually use weapons any more substantial than box cutters. They “weaponized” a non-weapon. (Security is complicated, you see.)

Denying terrorists travel documents, drivers’ licenses, and IDs simply presents them some inconveniences – such as using people with no record of terrorism. Seventeen of nineteen 9/11 attackers were unknown to U.S. officials as threats, so it’s obviously not that much of an inconvenience.

Evading identity-based security is so easy. People do it all the time. And it won’t stop under anyone’s version of a national ID. But the 9/11 Commission said . . . !

Something New to Worry About

Much of the national ID battle happens at the federal level with these national ID laws, of course, but it’s important to realize that federal officials, state officials, companies, and non-profit groups are working to knit together a cradle-to-grave national ID system no matter what happens with REAL ID and PASS ID.

Here’s one worth highlighting: Thirteen states apparently are already scanning, or have scanned, their birth certificates into databases for use in the national ID system. The effort is being led by the National Association for Public Health Statistics and Information Systems in Silver Spring, Maryland. This group will undoubtedly have access to your private health information should federal e-health records be implemented, so you might want to familiarize yourself with them.

Is your state one of them? How many copies of your birth certificate can be found in how many places around the country? You might want to ask your state legislators about that. The future of this effort is to collect biometrics at birth, of course. This is a privacy problem.

But maybe all the privacy concerns have been taken care of. The proponents of REAL/PASS ID found themselves a fig leaf on that score.

Token Cover on Privacy Issues

Ari Schwartz from the Center for Democracy and Technology testified in favor of PASS ID. (Senator Akaka noted in his opening statement that CDT endorses PASS ID.)

He characterized opponents of REAL/PASS ID as wanting to “do nothing.” It’s a classic ploy – but cheaper than we’re used to seeing from Ari and CDT – to mischaracterize opponents as wanting to “do nothing.” As Ari knows well, I have advocated endlessly for a diverse and competitive identification and credentialing system that would provide all the security ID systems can, without government surveillance.

But Ari testified imaginatively about how PASS ID makes a national ID okay. He has concerns with it, of course, yadda yadda yadda – the privacy fig leaf obliged to wear a fig leaf himself.

And this is the unexpected bad news from the hearing. The Center for Democracy and Technology supports having a national ID in the United States.

Many would find this inexplicable, but it’s not. Though the people who work at CDT personally want very much to do the right thing, there are no principles to the organization beside compromise and having a seat at the table (neither of which are actually principles, of course).

CDT plays a wonderful convening role on many issues, and the name of the organization implies that it reconciles technology programs with fundamental societal values. But here it has given political cover to the push for a national ID in the United States. One can’t help wondering if there is anything that would cause CDT to push back from the table and say No.

Review of the Big REAL ID Hearing is a post from Cato @ Liberty - Cato Institute Blog

In a recent post, I noted how Department of Homeland Security secretary Janet Napolitano was “taking the national ID tar baby in a loving embrace.” Now the administration seems to be similarly embracing the E-Verify government background check system.

Starting September 8th, it will go forward with a Bush administration plan to require federal contractors to check their employees against federal databases. The E-Verify program is riddled with problems, and it will send many American workers and legal immigrants into Kafkaesque ordeals when they find they aren’t approved by the federal government to earn a living. Ultimately, “internal enforcement” of immigration law, which is what E-Verify is about, requires a biometric national identity system.

Wasn’t a Democratic administration going to be the antidote to the aggressive security-statism of the Bush administration? Well, no. Once in power, either political party will see merit in national ID systems. After all, a national ID gives the government direct regulatory control over individuals – and that’s a sweet sound to the powerful, regardless of political affiliation. This is why it was so interesting to see the left begin to embrace a national ID as it anticipated an Obama victory in November.

Parties in power like national ID systems.

Parties in Power Like National ID Systems is a post from Cato @ Liberty - Cato Institute Blog

Showing off those pearly whites frustrates facial recognition software used by the Virginia Department of Motor Vehicles, so DMV workers are instructing motorists not to smile for their driver license photos. It’s a story worthy of The Onion, but it’s apparently true.

Facial recognition is just another way that governments are looking to keep tabs on citizens and residents. The need for specific no-smiling instructions will recede over time as national ID systems facilitate government control and make life in America naturally unhappy.

Virginians’ Happiness Frustrates DMV is a post from Cato @ Liberty - Cato Institute Blog

The Heritage Foundation’s “The Foundry” blog has a post up called “Questions for Secretary Napolitano: Real ID.”

Honest advocates on two sides of an issue can come to almost perfectly opposite views, and this provides an example, because I find the post confused, wrong, or misleading in nearly every respect.

Let’s give it a brief fisking. Below, the language from the post is in italics, and my comments are in roman text:

Does the Obama Administration support the implementation of the Real ID Act?

(Hope not . . . .)

Congress has passed two bills that set Real ID standards for driver’s licenses in all U.S. jurisdictions.

REAL ID was a federal law that Congress passed in haste as an attachment to a military spending bill in early 2005. To me, “REAL ID standards” are the standards in the REAL ID Act. I’m not sure what other bill the post refers to.

Given the legitimate fear of REAL ID creating a federal national ID database, section 547 of the Consolidated Security, Disaster Assistance, and Continuing Appropriations Act, 2009 barred the creation of a new federal database or federal access to state databases with the funds in that bill. (Thus, these things will be done with other funds later.)

The Court Security Improvement Act allowed federal judges and Supreme Court Justices to withhold their addresses from the REAL ID database system, evidently because the courts don’t believe the databases would be secure.

And in the last Congress, bills were introduced to repeal REAL ID in both the House and Senate. Congress has been backing away from REAL ID since it was rammed through, with Senators like Joe Lieberman (I-CT) calling REAL ID unworkable.

It’s unclear what the import of the sentence is, but if it’s trying to convey that there is a settled consensus around the REAL ID law, that is not supported by its treatment in Congress.

The Real ID legislation does not create a federal identification card, but it does set minimum security standards for driver’s licenses.

This sentence is correct, but deceptive.

REAL ID sets federal standards for state identification cards and drivers’ licenses, refusing them federal acceptance if they don’t meet these standards. Among those standards is uniformity in the data elements and a nationally standardized machine readable technology. Interoperable databases and easily scanned cards mean that state-issued cards would be the functional equivalent of a federally issued card.

People won’t be fooled if their national ID cards have the flags of their home states on them. When I testified to the Michigan legislature in 2007, I parodied the argument that a state-issued card is not a national ID card: “My car didn’t hit you — the bumper did!”

All states have either agreed to comply with these standards or have applied for an extension of the deadline.

It’s true that all states have either moved toward complying or not, but that’s not very informative. What matters is that a dozen states have passed legislation barring their own participation in the national ID plan. A couple of states received deadline extensions from the Department of Homeland Security despite refusing to ask for them. Things are not going well for REAL ID.

Secure identification cards will make fraudulent documents more difficult to obtain and will also simplify employers’ efforts to check documents when verifying employer eligibility.

It’s true that REAL ID would make it a little bit harder to get – or actually to use – fraudulent documents, because it would add some very expensive checks into the processes states use when they issue cards.

It’s not secure identification cards that make fraudulent documents harder to obtain – the author of this post has the security problems jumbled. But, worse, he or she excludes mentioning that a national ID makes it more valuable to use fraudulent documents. When a thing is made harder to do, but proportionally more valuable to do, you’ll see more of it. REAL ID is not a recipe for a secure identity system; it’s a recipe for a more expensive and invasive, but less secure identity system.

Speaking of invasive, this sentence is a confession that REAL ID is meant to facilitate background checks on American workers before they can work. This is a process I wrote about in a paper subtitled “Franz Kafka’s Solution to Illegal Immigration.” The dream of easy federal background checks on all American workers will never materialize, and we wouldn’t want that power in the hands of the federal government even if we could have it.

Real ID is a sensible protection against identify fraud.

The Department of Homeland Security’s own economic analysis of REAL ID noted that only 28% of all reported incidents of identity theft in 2005 required the presentation of an identification document like a driver’s license. And it said REAL ID would reduce those frauds “only to the extent that the [REAL ID] rulemaking leads to incidental and required use of REAL ID documents in everyday transactions, which is an impact that also depends on decisions made by State and local governments and the private sector.”

Translation: REAL ID would have a small, but speculative effect on identity fraud.

Congress is set to introduce legislation next week that could largely repeal the Real ID.

The bill I’ve seen is structured just like REAL ID was, and it requires states to create a national ID just like REAL ID did. REAL ID is dying, but the bill would revive REAL ID, trying to give it a different name.

Some groups oppose this version of REAL ID because it takes longer to drive all Americans into a national ID system and frustrates their plans to do background checks on all American workers. But it’s still the REAL ID Act’s basic plan for a national ID.

The Administration should put pressure on Congress to ensure that this legislation does not effectively eliminate the Real ID standards.

Why the administration would pressure Congress to maintain the national ID law in place – by any name – is beyond me. REAL ID is unworkable, unwanted, and unfixable.

Homeland Security Secretary Janet Napolitano signed legislation as Arizona’s governor to reject the REAL ID Act. Her predecessor at DHS, Michael Chertoff, talked tough about implementing the law but came up just shy of lighting the paper bag in which he left it on Napolitano’s doorstep.

The REAL ID revival bill that is being so widely discussed is likely to be both the national ID plan that so many states have already rejected and deeply unsatisfying to the anti-immigrant crowd. Congress rarely fails to grasp a lose-lose opportunity like this, so I expect it will be introduced and to see it’s sponsors award themselves a great deal of self-congratulations for their courageous work. You can expect that to receive a fisking here too.

Questions for Heritage: REAL ID is a post from Cato @ Liberty - Cato Institute Blog

CNN wrote an exciting headline on Wednesday: “Homeland Security Chief Seeks to Repeal Real ID Act.” What they left out was that the replacement would be . . . the REAL ID Act.

Intentionally or not, Secretary of Homeland Security Janet Napolitano has created the impression that the national ID law might go away. But simply renaming the Department of Homeland Security’s national ID program is not a repeal of REAL ID.

The REAL ID revival bill that has been circulating is the same national identification and tracking system with a few of the sharpest corners taken off and the hope of federal money held out to up-to-now recalcitrant states. The REAL ID revival bill would corral every American citizen into the national ID system to try and attack illegal immigrants.

Bills to repeal REAL ID were introduced in the previous Congress, but they did not move because the Bush administration and Chertoff DHS would have eagerly demagogued the issue. Those political conditions no longer hold. And just 10 months ago, Secretary Chertoff delayed the implementation of REAL ID without bringing any political repercussions to the Bush administration whatsoever. Secretary Napolitano can do the same if Congress fails to truly repeal REAL ID, as it should.

“. . . and Replace It with REAL ID” is a post from Cato @ Liberty - Cato Institute Blog