- Related Stories
Senators skeptical of Real ID Act rulesMarch 26, 2007
Homeland Security dismisses Real ID privacy worriesMarch 21, 2007
Homeland Security offers details on Real IDMarch 1, 2007
State officials oppose repealing Real ID ActFebruary 8, 2007
If we just throw our hands up and refuse to engage Real ID, we'll get the lousy law we deserve.
What is the status quo that Real ID is aiming to replace? Basically, each state has its own standards for driver's licenses, which differ on many of the important details. This is pretty bad across all four dimensions.
Security is a mess under the current systems. Methods of collecting, verifying and storing background data differ from state to state, as do the physical protections on the cards themselves and the qualifications of the people that handle your licenses. It's not terribly difficult to get a fraudulent driver's license in any state, and it's easier in some states than others. This kind of setup is structurally likely to worsen over time as people "shopping" for a fake license disproportionately target states known to have weak security. The argument that monoculture and homogenization of systems are generally bad for security doesn't apply here; all the state systems don't have to fail for a terrorist to get a fake license--it only takes one.
At the security line at Chicago O'Hare Airport, a New York driver's license is functionally equivalent to a California license. Since the federal government has to treat all the licenses as equal, it's perfectly reasonable to ask that they all be equal. And not just equal, but at least passably secure. Real ID can improve this.
Privacy with the status quo isn't much better. All of your personal data is already stored on your license and can be read electronically by anyone with a simple 2D bar code scanner. DMV databases are susceptible to data theft, and there are no consistent regulations for what you're allowed to do with a driver's data. With the bar set so low, Real ID should be able to provide a significant privacy upgrade, so it's disappointing that the initial proposed language is mostly mute on privacy. If passed today, Real ID would probably do no net harm to our already meager privacy, but this isn't good enough. Let's work explicit privacy protections into the plan. Real ID should be about real privacy and real security.
Convenience, usually the single most important factor in the successful adoption of new security programs, is pretty much a wash here. The quality of the worst licenses will go up and more attention to training should even out the experience of dealing with DMV staff, but most people won't notice a difference in convenience. My friend who routinely gets extra special airport security treatment because his official DC license is so poorly printed that it looks completely fake, will feel better, but most people won't care.
Cost is tricky as well. Initial adoption of a new driver's license standard will certainly be more expensive in the short term, but the efficiencies of scale and standardization may save money over time. Is this wishful thinking? Probably.
So how do we judge Real ID? We are already living with a national-scale identity system, except it's an accidental system that sucks for security and privacy and is lackluster in convenience and cost.
Is Real ID overwhelmingly better? Not yet, but it can be made so. Let's.
45 commentsJoin the conversation! Add your comment