Watch this…I learned about this project from a great lecture I saw by Larry Lessig. It is an extremely interesting presentation. Seriously, watch his presentation style it is really cool and similar to that of Prof. Lessig.
Tag Archive for 'Privacy'
After Saturday, anyone seeking to obtain or renew a Maine license or identification card will have to prove their legal presence in the United States — even if they’ve lived here all their lives and are well-known by the people processing their request.
The change, which is related to the state’s reluctant compliance with the federal Real ID law
The Ellsworth American – Maine’s Compliance with Real ID Effective Saturday.
Last spring, I blogged a lot about Real ID. It has kind of flown under the radar recently, but here is some news that makes me a little sad. While many states have passed legislation against Real ID, it appears that Maine will start implementing the law this week.
I’ll be on the look out for more news of this nature, but let us hope it doesn’t come!
Americans expect a high level of privacy when it comes to their electronic gadgets. The devices have become a repository for their lives. People store sensitive bank information, medical details, work documents, personal photos and emails on their laptops and smart phones. They’re outraged when spammed, protect information with passwords they regularly change, and encrypt important files.
When the Police Go Through Your Email: Quirk of Search Law Sets Off Alarm Bells – WSJ.com.
Now that the election is over, perhaps I can start blogging about tech and privacy again. Here is a primer for issues to come. Certainly, something that is alarming considering the number of devices I bring through an airport.
This is from the end of June, but something everyone should be aware of.
Well, I have fallen behind on update the spencerb.net-o-sphere on Real ID, but I will give you a quick catch up that divulges to you most of my knowledge.
First of all, March 31, 2008 was the deadline for states to file for an extension. Several states including South Carolina, Maine, New Hampshire and Montana held out to the end. Keep in mind that filing for an extension is by no means a commitment to enforcing this law. A larger number of states including New Hampshire, Maine, South Carolina, Oklahoma, Washington and Montana have expressed their hesitancy toward enacting Real ID.
I found this paragraph of the above linked the cnet news article particularly interesting:
In political terms, that’s a long time–and a new presidential administration–away. Some opponents of Real ID are already predicting that no state will actually comply with the deadline, or, alternatively, the next administration will find a way to quietly dispose of Real ID without much fanfare.
The justification for this argument is that in order for the Department of Homeland Security to not look completely silly they took the promises of Governors as enough to grant an extension until December 31, 2009. The May 11, 2008 deadline for enactment will be enforced for 0 of the 50 states. When Maine was threatening non-compliance for the May 11, 2008 DHS countered that Maine citizens would no longer fly. What sort of world would the U.S. have descended into if we restricted the citizens of Maine from flying on commercial airliners. I am sure that would have been great for the airline industry bottom line, not to mention basic rights of U.S. citizens.
I was reading over an article titled Colorado Opposes Real ID Plan
and I got excited at the prospect of another state outright rejecting the plan. Then I read on:
On a February 1 deadline, the Department of Homeland Security (DHS) granted Colorado’s request for an extension regarding the Real ID plan. The extension gives Colorado until January 1, 2010 to comply with the law. However, in a somewhat confusing situation, the DHS says it will not enforce Real ID until that date for all states because so many are opposed to it, while still requiring states to request extensions if they claim difficulty reaching compliance. The original start date for Real ID was May 11, 2008. 39 states have opposed Real ID either by receiving extensions, or by approving or proposing resolutions in their legislatures.
There seems to be some confusion that filing for an extension is an opposition. I guess in the sense that one could apply for an extension with the belief that the plan would be derailed in the future, but I think the likely reason is that it is not feasible. Hopefully, this discrepancy is clarified as reporting continues.
Is this a “Real ID” Compliant Card?
The federal government has not yet issued any federal regulations for the Real ID Act. While this card contains features that we expect will be included in these future regulations, this card is not related to the Real ID Act.When the regulations are issued, Illinois will determine if any additional changes are needed when those regulations take effect. Until then, Illinois will continue to make improvements to meet the immediate needs for technology upgrades and the challenges of ensuring card security.
This answer worries me as far as Illinois’s propensity to implement the Real ID Act.
To extend the deadline by which State identification documents shall comply with certain minimum standards and for other purposes. (Introduced in Senate)
S 563 IS
February 13, 2007
Ms. COLLINS introduced the following bill; which was read twice and referred to the Committee on Homeland Security and Governmental Affairs
- Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,
SECTION 1. MINIMUM DOCUMENT REQUIREMENTS.
- Section 202(a)(1) of the REAL ID Act of 2005 (49 U.S.C. 30301 note) is amended by striking `3 years after the date of the enactment of this division’ and inserting `2 years after the promulgation of final regulations to implement this section’.
SEC. 2. AUTHORITY TO EXTEND COMPLIANCE DEADLINES.
- Section 205(b) of the REAL ID Act of 2005 (49 U.S.C. 30301 note) is amended–
-
- (1) by striking `The Secretary’ and inserting the following:
-
- `(1) IN GENERAL- The Secretary’; and
-
- (2) by adding at the end the following:
-
- `(2) LACK OF VALIDATION SYSTEMS- If the Secretary determines that the Federal or State electronic systems required to verify the validity and completeness of documents under section 202(c)(3) are not available to any State on the date described in section 202(a)(1), the requirements under section 202(c)(1) shall not apply to any State until adequate electronic validation systems are available to all States.’.
SEC. 3. NEGOTIATED RULEMAKING.
- (a) Negotiated Rulemaking Committee- The Secretary of Homeland Security shall reconvene the committee originally established pursuant to section 7212(b)(4) of the 9/11 Commission Implementation Act of 2004 (49 U.S.C. 30301 note), with the addition of any new interested parties, including experts in privacy protection, experts in civil liberties and protection of constitutional rights, and experts in immigration law, to–
-
- (1) review the regulations proposed by the Secretary of Homeland Security to implement section 202 of the REAL ID Act of 2005 (49 U.S.C. 30301 note);
-
- (2) review the provisions of the REAL ID Act of 2005;
-
- (3) submit recommendations to the Secretary of Homeland Security regarding appropriate modifications to such regulations; and
-
- (4) submit recommendations to the Secretary of Homeland Security and Congress regarding appropriate modifications to the REAL ID Act of 2005.
- (b) Criteria- In conducting the review under subsection (a)(1), the committee shall consider, in addition to other factors at the discretion of the committee, modifications to the regulations to–
-
- (1) minimize conflicts between State laws regarding driver’s license eligibility;
-
- (2) include procedures and requirements to protect the Federal and State constitutional rights, civil liberties, and privacy rights of individuals who apply for and hold driver’s licenses and personal identification cards;
-
- (3) protect the security of all personal information maintained in electronic form;
-
- (4) provide individuals with procedural and substantive due process, including rules and right of appeal, to challenge errors in data records contained within the databases created to implement section 202 of the REAL ID Act of 2005;
-
- (5) ensure that private entities are not permitted to scan the information contained on the face of a license, or in the machine readable component of the license, and resell, share, or trade such information with third parties;
-
- (6) provide a fair system of funding to limit the costs of meeting the requirements of section 202 of the REAL ID Act of 2005;
-
- (7) facilitate the management of vital identity-proving records; and
-
- (8) improve the effectiveness and security of Federal documents used to validate identification.
- (c) Rulemaking- To the extent that the final regulations to implement section 202 of the REAL ID Act of 2005 do not reflect the modifications recommended by the committee pursuant to subsection (a)(3), the Secretary of Homeland Security shall include, with such regulations in the Federal Register, the reasons for rejecting such modifications.
- (d) Reports- Upon submitting recommendations to the Secretary of Homeland Security under subsection (a), the committee shall submit a report to the Committee on Homeland Security and Governmental Affairs of the Senate and the Committee on Homeland Security of the House of Representatives that includes–
-
- (1) the list of recommended modifications to the regulations that were submitted to the Secretary of Homeland Security under subsection (a)(3); and
-
- (2) a list of recommended amendments to the Real ID Act of 2005 that would address any concerns that could not be resolved by regulation.
I was cruising through my Google News Privacy Alert when I happened upon this article:
This is a point emphasized by a new report. In the most recent survey of “Leading surveillance societies in the EU and the World,” the United States gives new meaning to the hackneyed chant, “We’re Number 1!” According to London-based Privacy International (PI), a human rights group formed in 1990 as a watchdog on surveillance and privacy invasions by governments and corporations, the U.S. now has an “endemic surveillance society.”
At minimum the 2007 PI report confirms, in spades, previous reports suggesting that the U.S. was moving toward implementing a thorough surveillance state. Nevertheless, even with my background in researching and writing on the subject of privacy and surveillance, I was still taken aback to see the relative comparisons between the U.S., the UK, and everyone else. Even as I stated in my TNA surveillance cover story, that “the UK is now the world’s most watched country, having upwards of five million closed-circuit TV (CCTV) cameras keeping a watchful eye on the public, with the average citizen being caught on camera around 300 times per day,” I was unprepared to see the stark comparisons. (Yes, I’m a slow learner!)
I decided to take a look into Privacy International to see what this report was all about.
Honestly, I did not feel that the United States would meet the standard of recording its citizens 300/times per day, but it looks like Privacy International gives the U.S. some issues of its own:
No right to privacy in constitution, though search and seizure protections exist in 4th Amendment; case law on government searches has considered new technology No comprehensive privacy law, many sectoral laws; though tort of privacy FTC continues to give inadequate attention to privacy issues, though issued self-regulating privacy guidelines on advertising in 2007 State-level data breach legislation has proven to be useful in identifying faults in security REAL-ID and biometric identification programs continue to spread without adequate oversight, research, and funding structures Extensive data-sharing programs across federal government and with private sector Spreading use of CCTV Congress approved presidential program of spying on foreign communications over U.S. networks, e.g. Gmail, Hotmail, etc.; and now considering immunity for telephone companies, while government claims secrecy, thus barring any legal action No data retention law as yet, but equally no data protection law World leading in border surveillance, mandating trans-border data flows Weak protections of financial and medical privacy; plans spread for ‘rings of steel’ around cities to monitor movements of individuals Democratic safeguards tend to be strong but new Congress and political dynamics show that immigration and terrorism continue to leave politicians scared and without principle Lack of action on data breach legislation on the federal level while REAL-ID is still compelled upon states has shown that states can make informed decisions Recent news regarding FBI biometric database raises particular concerns as this could lead to the largest database of biometrics around the world that is not protected by strong privacy law
Interesting article on public trust of data security:
Privacy International’s Director, Simon Davies, warned that the statistics revealed a deep-seated public anxiety over the way data was being handled. “Commerce has nothing if it loses trust. People will simply not risk putting their personal information onto commercial systems. It follows that they will also go out of their way to minimise their interaction with government systems.”
Good summary of civil liberties issues considering Real ID from the Atlanta Journal Constitution (AJC) on Feb 6, 2008:
If, as proposed in the law, a person must have a Real ID Act-compliant card in order to access a federal building, access any regulated or interstate mode of transportation, or obtain any federal benefit, then we have surrendered to the federal government (that is, federal bureaucrats) the power to deny citizens all manner of activities guaranteed in the Bill of Rights. Consider:
* A person not possessing a Real ID Act-compliant identification card could not enter any federal building, or an office of his or her congressman or senator or the U.S. Capitol. This effectively denies that person their fundamental rights to assembly and to petition the government as guaranteed in the First Amendment.
* A person seeking to exercise their right to keep and bear arms as guaranteed by the Second Amendment could henceforth be denied that ability if they do not possess a precious Real ID card, because the federal bureaucracy known as the Bureau of Alcohol, Tobacco, Firearms and Explosives probably will decree that such a form of identification is necessary to meet federal requirements for purchasing a firearm.
* Very possibly the Real ID card will be required in order to vote in any election for federal office.
* A veteran may be denied access to a VA hospital because he or she lacks the requisite Real ID card, perhaps because they did not have the money required to purchase it or because they could not locate the background forms the Department of Homeland Security required to obtain one.
* A business traveler, unable to afford to travel by private jet, is denied the ability to make a living because their job requires air travel and they do not have a Real ID card — even though they demonstrably pose no danger whatsoever to their fellow travelers.
* Even though individual states, such as Georgia, may provide greater legal protection for private information of its residents than other states or the federal government, this will mean nothing in the Real ID Act world, because all the data under that law will be subject to the lower federal standards, thereby subjecting residents to a higher likelihood of identity theft than they would risk under the laws of their state.
* And, they would have no recourse to correct erroneous data, or prevent identity theft pursuant to the Real ID regulations.
Recent Comments