A bill that would put strict limits on California's use of such devices in all state-issued identity documents is making its way through the state's legislature and was approved this week in a 6-to-1 vote by a senate judiciary committee. It's the first bill of its kind in the nation, said its author, state Sen. Joe Simitian.
The benefits sound
good, but what about
the privacy trade-offs
(not to mention the
Supporters of the bill, including the American Civil Liberties Union and the Electronic Frontier Foundation, say unchecked use of the technology, known as radio frequency identification, or RFID, could trample people's privacy and aid identity thieves.
"I have real concerns about the suitability of RFID technology for government identification documents," said Simitian, D-Palo Alto. "I thought that it probably made sense to try to develop some kind of boundaries."
Simitian introduced the Identity Information Protection Act of 2005 in February after a rural elementary school just 40 miles north of the state capital to outfit students with electronic IDs amid protest from parents and students. The case, which involved Brittan Elementary School in Sutter, Calif., got national media attention.
"The issue of RFID in identification documents really hit home with what happened in Sutter," said Nicole Ozer, technology and civil liberties policy director of the ACLU of Northern California.
Brittan Elementary had issued the electronic badges to seventh- and eighth-graders in an effort to attain better class attendance records and tighten campus security. Critics said the technology, which is also used to track livestock, was dehumanizing.
Consumer advocates also worry about the ability of data thieves to intercept RFID signals or break into databases storing the information collected by such systems. The RFID chips are designed to broadcast personal data, such as name, address and date of birth, to special receivers at close range.
The California bill also puts the state at the forefront of a national debate. The U.S. State Department plans to issuesoon, and schools and are experimenting with them, too. A that has passed a vote in the U.S. House of Representatives proposes implanting RFID chips in driver's licenses. Businesses are also their use of the technology.
"My hope is that it will underscore the importance of these issues and prompt a wider and more thoughtful debate at a national level," Simitian said.
Simitian's bill would prohibit identity documents created or issued by the state containing computer chips that can be read remotely. Identity documents include driver's licenses, ID cards, student ID cards, health insurance or benefits cards, professional licenses and library cards.
It allows for some exceptions, though, including the use of electronic IDs for prisoners and for newborn babies in hospitals. It would also permit government workers to use them to access secured areas. The bill would make any surreptitious gleaning of data from RFID chips, government-issued or otherwise, a misdemeanor punishable by up a year in jail and a $5,000 fine.
A number of lawmakers in other states, including Maryland, Missouri, Nevada, South Dakota, Utah and Virginia, have proposed, but few states have actually passed laws. Even California has proved resistant to such efforts. to regulate commercial use of the technology was killed by the state assembly after facing opposition from numerous business groups.