Real ID worries domestic violence groups

Editor's note: A May deadline looms as just one flash point in a political showdown between Homeland Security, privacy advocates, and states that oppose Real ID demands. Friday's story follows a four-part series that we published earlier this week.

Every year, about 1,000 domestic violence victims legally change their Social Security numbers in an attempt to elude people who may pose threats, and many more change their legal names, according to figures compiled by advocacy groups.

But hiding from stalkers may become more difficult under a federal law called the Real ID Act that's scheduled to take effect on May 11.

The U.S. Department of Homeland Security's new regulations mandate specific standards for what personal information states must print on the face of Real ID drivers licenses and encode on their machine-readable zones. Although there's some consideration for people who qualify for special confidentiality treatment, critics argue the protections don't go far enough.

"The statute is troubling because it's trying very much to identify people who are dangerous, such as terrorists, and at the same time, how do you do that in a way that keeps everyday citizens and victims safe?" Cindy Southworth, technology project director for the National Network to End Domestic Violence, said of the Real ID Act, which Congress passed nearly three years ago. "I think inherently there's a conundrum there."

Homeland Security did weigh some of the concerns voiced by domestic violence prevention groups, as well as existing laws like the Violence Against Women Act, before issuing its final rules.

Currently, 19 states have confidentiality programs for domestic violence survivors, according to the National Conference of State Legislatures. The agency's final rule appears to preserve that, saying: "A DMV may apply an alternate address on a driver's license or identification card if the individual's address is entitled to be suppressed under state or federal law or suppressed by a court order including an administrative order issued by a state or federal court."

That "alternate address"--which in many cases is a dummy address created by the government that forwards to someone's real address--is also the only address required to be encoded on the two-dimensional bar code. That means that if convenience store clerks or police officers swipe the unencrypted card, they'll in theory only gain access to limited information.

Still, victims-rights and privacy advocates remain concerned about one important Real ID requirement, which dictates that state DMVs interlink their databases and make all their drivers' records and identity documents available.

The final rule says that both an individual's "full legal name" and "true address" must be stored in the DMV database, regardless of what's displayed on the card and encoded on its bar code. It also requires that motor vehicle departments scan and store "source documents," such as birth certificates, to verify a driver's license applicant's identity.

Homeland Security hasn't yet stipulated what information must be exchanged among the state-to-state databases, saying only that it will be "limited," nor has it specified exactly how the database linking will work, leaving lingering worries among privacy and victim advocates.

All it would take is a determined, persuasive stalker--many have tricks, like saying an ex-spouse is suicidal or otherwise in need of help--and a gullible or corrupt DMV employee, and a victim's identity could be divulged, Southworth said.

"Given that there are less than six degrees of separation between most abusers and a friend or relative who works for the DMV, we are concerned about victims' location information housed in state databases that could be searched nationally," Southworth said. "Prior to national search ability, a victim could move to a different state and increase her safety and privacy, but national search functionality could place countless victims at risk."

In response to privacy groups' concerns about DMV employees' access to the databases, Homeland Security opted to require states to devise their own "security plans" for Real ID. That plan is supposed to include, among other things, "procedures to prevent unauthorized access, use, or dissemination of applicant information and images of source documents retained pursuant to the act" and background checks for some, though not all, DMV employees.

The final rule has offered little comfort, however, to some privacy advocates.

"We still have this problem of the backbone of this system, which is that we're creating this nationwide system of databases, all interlinked," said Guilherme Roschke, an Electronic Privacy Information Center fellow who focuses on domestic violence privacy issues. "A breach in one is a breach in all of them."

[perfectblue97]

Wow?

All these years and i never new that some states could legally print fake addresses on DMV papers.

I get why they do it, but the fact that they do feels wrong somehow.

[nelsk]

re: WOW?

I understand that the alternative address used by DMVs for people in these types of situations is that of a post office box or municipal building. Along with domestic violence victims, people like police officers or judges some times use this type of privacy protection too. Still may ring as wrong-- but it's not quite as off putting as a 'fake' address.

[thisisapainintheass]

real ID

Demonstrates once more that knowledge is a double edged sword.

When privacy is removed, people become vulnerable and we are all the weaker and poorer because of it.

[Quemannn]

Real ID to be complemeted by disruptive technology

The authentication technolgoy such as RFID and biometrics are a sort of linear technology that requires Users to queue up to get through with the authenticationa and identification processes. The RFID and biometrics can cost a lot for timely updates and privacy concerns.There is an emerging WiMAX-enabled non-linear technology that can enable Users to do remote check-in for boarding passes and for admission to ball parks, without privacy concerns, while Users still in their vehicles. Unfortunatley, however, DHS people are still blind to the emergence of this disruptive technology.

[digital dropout]

Real I.D. the ultimate in Enemy Weaponry

This technology needs to alarm anyone who wants to escape the global panoptic prison and the systemic violence it breeds.
Biometrics, Real I.D., is the most powerful corporate weapon today and is being deployed throughout the world by the military industrial complex.
"Capturing" Real I.D. of people to stalk them from birth to grave involves THEFT. This theft is by force in war torn regions or dictatorships & by threatened extortion of ones constitutional "enshrined" rights in "free democratic" regions like North America and Europe.
Real I.D. is a lie. These biometric copies of peoples true God given features are by design, destined to dramatically change everyones ability to live the life of their choosing.

[digital dropout]

Real I.D. the ultimate in Enemy Weaponry

This Real I.D. technology needs to alarm anyone who wants to escape the global panoptic prison and the systemic violence it breeds.
Biometrics, Real I.D., is the most promising of the powerful corporate weapons today and is the early stages of deployment by the military industrial complex around the entire globe.
The "Capturing" of "Real I.D." from people, to stalk them from birth to grave, involves blasphemous blantant THEFT of peoples sacred property. This theft is by force in war torn or dictatorships regions & by simply threatened extortion of ones constitutional "enshrined" rights in "free democratic" regions such as North America and Europe.
Real I.D. is NOT REAL, is not to provide peace and security but rather designed to steal, kill, and destroy. Everything about Real I.D. is a LIE.
These biometric copies of peoples true God given features are by design, destined to dramatically change everyones ability to live the life of their choosing.
The Real I.D. Act of May 2005 was tacked onto the end of a 480 Billion War Appropriations Bill for Iraq and rushed those Congress without being read or debated.

[johangustafsson]

Deadline moved

Just an edit.
The date for implementation was first moved from May 11th 2008 to December 2009. Announced in January 2008 though, it has been moved to 2011 in hope to gain more support from states.

[jimshy]

Calif DMV - Extension - to End of 2008

Below from CA.GOV web site
Seems DHS is granting exceptions on a State by State basis - Law apparently still goes into effect in May.

Press release dated
January 11, 2008

Sacramento ?The California Department of Motor Vehicles (DMV) announced today that the final regulations to the federal REAL ID Act have been released by the Department of Homeland Security. The Act, which sets minimum standards for U.S. driver licenses, is scheduled to take effect May 11, 2008.

?The Department of Homeland Security recognized that there were issues and procedures of importance to California and the rest of the states when they finalized the regulations,? said DMV Director George Valverde. ?The regulations will provide for consistent issuance standards that further strengthen the security of our driver licenses and identification cards.?

As provided in the regulations, states can apply for and be granted an extension by DHS through 2009, which California has done. ?Filing the extension allows California time to work with DHS on privacy and funding issues, which continue to be a concern for California,? said Director Valverde.

The Department of Homeland Security in its final rulemaking lowered the estimated cost of REAL ID nationally from $14.6 billion to $3.9 billion. ?While we are encouraged the Department has lowered its initial cost estimate, the primary responsibility for funding a federal protection measure such as REAL ID should be through the federal government, not the states,? said Director Valverde.