Technology that may be used for a national ID card could take the form of a chip loaded onto a driver's license, said Linda Lewis-Pickett, chief executive of the American Association of Motor Vehicle Administrators.
Lewis-Pickett was one of several panelists addressing the controversy over the National ID System, during the RSA Conference 2006 here.
"The DMV is in differing aspects of readiness and it would need to make a quantum leap to get to the point of issuing national ID cards," Lewis-Pickett said.
She added that the various states need to develop a method of interoperability to share information that could be used for a national ID system.
The panel unanimously agreed that a national ID system will fail to fight terrorism, one of the intents of thethat passed last year and is slated to take affect in 2008.
The act will, requiring a federally approved ID card to board an airplane, collect social security payments or use virtually any government service.
"We don?t have a field in the database system that will say you're an evildoer," said Bruce Schneier, chief technology officer of Counterpane Internet Security.
A national ID system may create other security concerns beyond an inability to fight terrorism, the panelists noted, pointing to potential exploitation of the information in the database, as well as to commercial harvesting of information every time a national ID card is used.
"This is a rules problem, not a technology problem. We need rules on who has access to the information," said James Lewis, senior fellow and director of technology and public policy for the Center for Strategic and International Studies, a Washington, D.C., think tank with close ties to the military.
The process for issuing the cards is another area that requires great scrutiny, the panelists warned.
"It doesn't matter how good the card is if the issuance process is flawed," Schneier said.
A national ID card may soon find itself used for other purposes than verifying credentials of Americans, the panelists warned.
The issue of "function creep" could arise, much like it has with the use of driver's licenses, said Paul Kocher, president and chief scientist of Cryptography Research. He noted that driver's licenses are used for more than just verifying the ability of a person to drive a car--they're also used as a form of ID when writing a check and as a way to verify that a person is old enough to drink alcohol.
Lawmakers are already keenly aware that secondary uses may be found for the card, as companies seek to commercialize the data gathered when cards are used., for example, floated a bill to put restrictions on use of identification devices in all state-issued ID documents.
Lewis noted that 100 countries currently use a national ID card and that this hasn't been a deterrent to identity theft in those nations. Panelists also pointed out that Europe has tougher laws restricting the use of data brokering.