washingtonpost.com  > Technology > Special Reports > Privacy

Correction to This Article
An April 3 article on the U.S. government's plan to embed radio-frequency technology in passports incorrectly implied that Donald Davis, editor of Card Technology magazine, was a critic of the plan. Davis said he supports the effort to include the technology in U.S. passports.

Privacy Advocates Criticize Plan To Embed ID Chips in Passports

By Sara Kehaulani Goo
Washington Post Staff Writer
Sunday, April 3, 2005; Page A06

A government plan to embed U.S. passports with radio frequency chips starting this summer is being met by resistance from travel and privacy groups who say the technology is untested and could create a security risk for travelers.

The embedded chips are designed to make passports work more like employee ID cards that can be passed over an electronic reader to gain access to a building. State Department officials said the new technology, commonly known as radio frequency identification (RFID), would allow customs agents to quickly process passengers at airports and borders. The passports are to be issued to diplomats starting in August, and then the program would expand to applicants for new passports over the next year.

The State Department said the use of radio frequency identification tags is part of a global effort to cut down on fraud associated with passports. (Steven Senne -- AP)

State Department officials said the chips are part of a global effort to prevent passport fraud. Each chip will contain a digital record of all information printed on the passport, including the holder's name and document number. The chip will also contain the passport holder's photograph, enhanced by facial recognition technology. That way, even if the paper passport is altered, customs agents would be able to compare the information on the chip with the person presenting it.

Groups representing travel-related businesses and privacy advocates say the high-tech chips would do more harm than good. Each chip has a built-in miniature antenna that uses radio waves to transmit information to a machine reader. Critics contend that terrorists or thieves could use hand-held chip readers to identify U.S. citizens, even on a crowded street, anywhere they travel. Such readers are available for $500 to several thousand dollars, depending on the level of sophistication.

"If you're walking around in Beirut, it would be well worth Al Qaeda's money to use one of these readers to pick out the Americans from the Swedes without any problem," said Barry Steinhardt, director of the American Civil Liberties Union's technology and liberty program.

State Department officials and some RFID industry executives said it would be difficult, if not impossible, to intercept transmissions because the antenna to be embedded in U.S. passports can only be read from four inches away, not several feet. "A four-inch read range makes it very difficult," said Mark Roberti, publisher of RFID Journal, a trade publication. "You have to be close to the person to be able to scan that."

The State Department has asked the National Institute of Standards and Technology to test the chips to ensure they protect travelers' privacy and are not vulnerable to hackers or "skimmers" who might surreptitiously try to read information on the chip. The testing by the institute would be completed in six to eight weeks, said Frank Moss, deputy assistant secretary for passport services at the State Department.

"The responsibility of the Department of State is not just issuing passports; it's the safety and security of Americans as they live and travel around the world," Moss said. "We're not going to make a technology decision that puts people at risk."

Critics of the technology say it is too untested to know for sure whether it could be breached. "The problem is that this data is now traveling through the air, so there is a gap and it's conceivable someone could somehow intercept that data," said Donald Davis, editor of Card Technology magazine. In Europe, Davis said, consultants have been able to intercept data on chips from several feet away.

Steinhardt said that in one lab test at the institute, researchers using a powerful chip reader were able to pick up on a passport chip from several feet away. The State Department said the radio-frequency reader was not able to see information contained on the chip during the test; it only could detect that communication was in process.

Moss said the department does not like to call the passport chip RFID, because people typically refer to the technology as it is used by retailers, such as Wal-Mart Stores Inc., and the Defense Department, which use it to track shipments. Instead, he calls it "contactless smart card technology".

The chips would help speed up the processing of passengers at a time when airports are bracing for the arrival in 2006 of Airbus's superjumbo jets that are to seat at least 500 passengers, Moss said.

"It's all part of a holistic effort to move people through airports securely, but basically, as quickly as possible." Moss said. "If we can have our inspectors have information on travelers before they come to the booth" they can separate passengers who need more scrutiny from others, he said.

The State Department said it has received more than 550 comments from the public, with several hundred coming in the past week after privacy activist Bill Scannell launched a Web site called RFIDkills.com that calls the chip-embedded passports "terrorist beacons." The public comment period ends tomorrow.

Groups representing the travel industry also have expressed concern about the technology. The Association of Corporate Travel Executives said 93 percent of its members, who are travel managers and representatives of airlines and hotels, opposed using the technology in passports in an e-mail poll.

"It could put the safety of Americans at risk," said Greeley S. Koch, the group's president.

© 2005 The Washington Post Company