Comments on: A letter to the editor about Real ID

By: Daddy55

Daddy55 — Thu, 22 Oct 2009 23:14:46 +0000

Not to mention the self-examination that revealed more than a few ugly truths. ,

By: A conversation with Phil Libin about REAL ID « Jon Udell

A conversation with Phil Libin about REAL ID « Jon Udell — Sat, 31 Mar 2007 04:23:44 +0000

[...] of the context for our conversation was a letter to the editor I’d written to my local newspaper in response to an editorial that rejected the notion of [...]

By: Mark Wilcox

Mark Wilcox — Mon, 05 Mar 2007 13:48:26 +0000

Hi Jon,
I’ve written a post about how a new standard initiative I’m involved (Identity Governance Framework) could potentially help provide the necessary safeguards at:
http://blogs.oracle.com/mwilcox/2007/03/05#a99

By: Reed Hedges

Reed Hedges — Sun, 04 Mar 2007 16:18:15 +0000

Hi Jon, your arguments assume that the US would be able to design a proper electronic ID with user control. I am extremely doubtful that this is within our government’s capability. My guess is that the Sentinel editors have a similar intuition on the matter.

Belgium is a small country. Imagine if New Hampshire implemented electronic IDs only for itself, and the state had comparable funds to those of Belgium. Which effort is more likely to come up with an electronic ID card with the user-control benefits you advocate– that of a small state with only state, county, and town governments invoved, or that of the federal government with all the states, the congress, all of the myriad executive agencies, the FBI, involved?

By: Andrew Denny

Andrew Denny — Sun, 04 Mar 2007 15:13:15 +0000

Given the sentiment in the Keene Sentinel article, it’s ironic that before they allow you to add a comment to the story, the paper insists you provide not just your name but your email address and phone number too. Couldn’t it just ask for your smart card ID instead? :-)

By: BlueVertex LLC Articles - Tim Denby

BlueVertex LLC Articles - Tim Denby — Fri, 02 Mar 2007 20:43:46 +0000

A National Registry for Personally Identifiable Privacy Data

Personally-identifiable data is a commodity in the twenty-first century and it needs to become a heavily-regulated commodity, like a controlled and hazardous substances are. We need to regulate how it is acquired, stored, and transferred.

By: Tim Oren

Tim Oren — Fri, 02 Mar 2007 19:36:50 +0000

Jon – Though I’m likely more on your side than not in this discussion, the one word answer to your query is: efficiency. Sometimes it’s not an unalloyed good. There could be all the difference in the world between an inefficient, inconsistently applied ID scheme – what we have now – and a truly efficient, universally applied ID scheme – what we might end up with. This is not a trivial distinction – a little friction can go a long way.

By: Jon Udell

Jon Udell — Fri, 02 Mar 2007 18:25:29 +0000

“Give some more thought to why ID Card 2.0 will really keep you and your family safe.”

I have not made that argument, and would not.

The precise question is whether, in a regime where ID is already required in a variety of ways, there is a rational basis for rejecting an electronic version of the ID.

By: Max Erickson

Max Erickson — Fri, 02 Mar 2007 17:04:15 +0000

The issues around identity, digital or not, are subtle and complex, and not going away. I have concerns about a national ID, largely that it encourages people to forget that various forms of identification provide information about a person(in the case of a drivers license, largely that they have gone through the process of obtaining it), rather than conferring an identity upon that person, while simultaneously increasing the consequences of that mistake. There are 8 states the size of Belgium or larger, and dozens more that are of substantially similar size; the issues that they can safely handle at a national level do not necessarily translate to the US.

The persistent labeling of fraud as ‘identity theft’ is a case in point, nothing is stolen from the victim, and often they did nothing to expose themselves, but they are made to bear the majority of the consequences of the breakdown in the identification system. To the extent that it works, a stronger id fights this, but to the extent that it strengthens the association of identity with the possession of a given credential, it also makes it harder to clean up after, as ‘it must have been you’.

The clerk at the liquor store is also an interesting example. If we ask the clerk to check id, he doesn’t have to take any responsibility for selling to anybody with a proper id; if we ask him to be responsible about who he sells alcohol to, he doesn’t necessarily have to check id at all. It’s cheaper for the store owner to not pay him to be responsible, probably gives us better prices, and isn’t a serious privacy issue, but it is a two way street.

If there is a real need for a common digital id, it seems like something that can be well served by private industry, with the advantages that brings; participation is optional, it is paid for by those who want it most, obsolete technology can be abandoned without legislation. For me, it is ideal that government attempt to get by on the least information possible, as it is a uniquely powerful and persistent institution.

By: Dave Holden

Dave Holden — Fri, 02 Mar 2007 16:41:06 +0000

An honest discussion of the issues is a good thing. Here in the UK it seems that government politicians are not interested in such discussions.

The web site “www.no2id.net” lists some of its concerns with the proposed British ID cards

http://www.no2id.net/IDSchemes/whyNot.php

By: Mike Smick

Mike Smick — Fri, 02 Mar 2007 16:39:59 +0000

There’s no security created by providing ID to board an aircraft. Same with trains and buses. Would you feel wierd presenting ID to a cab driver so s/he can report your whereabouts? How about where you go on your lunch break? I don’t mind security precautions, such as material detectors and even the x-ray is ok with me, as long as it’s not storing the images. Bomb scanners continue to get better. Heck a working “tricorder” was just unveiled. And remember that Boyscout who built the shoe-bomb detector in his garage? Having to show ID everywhere doesn’t benefit society. A devil’s advocate would say “So you think escaped criminals should be able to travel freely?” What a scary thought. Too bad it’s too uncommon to even consider. Thanks for spreading the FUD though.

Read about John Gilmore’s battle to board aircraft without ID.
http://arstechnica.com/news.ars/post/20060817-7533.html

Most don’t realize what’s going on though. Most people don’t read this blog. Most people aren’t informed. If my plane crashes, a passenger list might help inform my wife efficiently of my demise, but I also have the ability to tell her the flight number before I leave. Or subscribe to a private service that will eventually be created.

These ID cards will be forgeable. They create a false sense of security. They will not prevent people from committing crimes or being a nuisance on a plane. They do not improve security and they cost billions of our dollars through taxes and another wallet hit in time and picking it up.

The Department of Homeland Security is already extremely behind on all the other department responsibilities they have decided to commandeer. The backlog of immigration processing is one issue that many don’t appreciate right now. Not just for new immigrants but even for green card renewals of our permanent residents from all countries. Funneling money into this project is going to make it worse. Are we able to increase our random shipment checks at ports? Have we updated all the airlines equipment and trained the staff as much as possible? No. Are we able to increase the random checks on port shipments? No. Is the DHS handling it’s responsibilities so well it can take on another one? No.

Oh and by the way, when the ID cards are made and standardized, I guarantee you that I can find someone in my neighborhood that can home-build a device that will let them read yours, and your children’s ID card likely from several feet away. Now I know where you live. Now I know where your daughter goes to school and how old she is. Are you safer yet?

Don’t worry though, these cards will be beneficial to a lot of people right? Especially the “independent information consultant” who is loitering outside the supermarket scanning people on their way out and creating his database for sale to anyone who wants the exploit the information. Is that illegal? It won’t matter once the information is sold. For the consultant, it’s probably worth the risks.

Give some more thought to why ID Card 2.0 will really keep you and your family safe. You should be able to spend that money on improving your home and personal security if you are scared to live in a free-roaming society. Or you can fly the airlines that subscribe to these ID card requirements and I’ll fly the ones that don’t. Give me that freedom of choice.

By: Eric

Eric — Fri, 02 Mar 2007 16:22:07 +0000

I think your letter need to stress more heavily the idea that discussion on the topic needs to proceed rather than be shut down unconditionally by the unreasonable stigma that is currently attached to the topic. Comparing to European practices is only so effective, as many people (myself included) do NOT necessarily want to have much in common with the Continental crowd. Too much talk about “how Europe does it” will alienate some people who don’t want to be anything like “them.”
I think you need a couple of more sentences about the idea of being open to the subject instead of just shutting our minds against it.

By: Phil Libin

Phil Libin — Fri, 02 Mar 2007 16:06:51 +0000

Jon,

You are right on the money on this one. Reflexive scorn against the concept of digital IDs is bad for security AND bad for privacy, and I’m getting really sick of it. Your call for other arguments shall be heeded on my blog as soon as I’ve had some more coffee.

- p