U.S. Opposed Passport Privacy Protections
Fri Nov 26, 5:31 PM ET
http://story.news.yahoo.com/news?tmpl=story2&u=/ap/20041126/ap_on_go_ca_st_p
e/electronic_passports
By LESLIE MILLER, Associated Press Writer
WASHINGTON - The Bush administration opposed security measures for new
microchip-equipped passports that privacy advocates contended were needed to
prevent identity theft, government snooping or a terror attack, according to
State Department documents released Friday.
The passports, scheduled to be issued by the end of 2005, could be read
electronically from as far away as 30 feet, according to the American Civil
Liberties Union (news - web sites), which obtained the documents under a
Freedom of Information Act request.
Though the passports wouldn't include transmitters of their own, they would
have antennas to allow a reader to capture the data.
The ability to read remotely, or "skim," personal data raises the
possibility that passport holders would be vulnerable to identity theft, the
ACLU said. It also would allow government agents to find out covertly who
was attending a political meeting or make it easier for terrorists to target
Americans traveling abroad, the ACLU said.
Frank Moss, deputy assistant secretary of state for passport services, said
the United States wants to ensure the safety and security of Americans
traveling abroad.
"We are still hard at work at ensuring the security and integrity of the
data on the chip," Moss said.
He said, however, encrypting the data might make it more difficult for other
countries to read the passports.
"It flies in the face of global interoperability," Moss said.
In a memo drafted in August 2003, Moss dismissed objections that information
could be copied remotely.
"There is little risk here since we plan to store only currently collected
data with a facial image," he wrote. "The U.S. will recommend against the
use of PINs (personal identification numbers) or other methods that might be
required to unlock a chip for reading."
Moss said in a telephone interview on Friday that the passport data does not
need to be encrypted because it does not include fingerprints. Stealing
fingerprint data might allow unauthorized access to automatic teller
machines or secure computer networks.
Barry Steinhardt, an ACLU lawyer, said skimming photographs and other data
from passports does present a problem: thieves could strip away the owner's
face and replace it with their own.
"At a minimum, it should be encrypted to prevent unauthorized access by
terrorists," Steinhardt said.
Passport data can be protected by enclosing the document in a metal pouch or
adding metal fibers to the cover, two options the State Department is
exploring, Moss said.
The United States and other countries have been working for at least two
years to set new passport standards with the International Civil Aviation
Organization, a group affiliated with the United Nations (news - web sites)
that sets aviation standards.
The documents obtained by the ACLU show that information technology experts
and countries including Canada, Germany, the Netherlands and Britain share
the suspicion that the international standard set for the electronic
passports inadequately protects privacy and security. The standards don't
require that data be encrypted.
All new U.S. passports issued by the end of 2005 are expected to have a chip
containing the owner's name, birth date, issuing office and a "biometric"
identifier � a photo of the owner's face.
The ACLU warns that the chips ultimately might contain far more data and be
embedded in drivers' licenses.
Last month, the Government Printing Office awarded contracts to four
companies to develop chip packages that could be incorporated in passports.
One or more companies will win a contract for the passports by year's end,
and the U.S. government will begin issuing them to officials and diplomats
starting early next year.
You are a subscribed member of the infowarrior list. Visit
www.infowarrior.org for list information or to unsubscribe. This message
may be redistributed freely in its entirety. Any and all copyrights
appearing in list messages are maintained by their respective owners.
