Electronic Passports Raise Privacy Issues
Tuesday, January 1, 2008
The federal government will soon offer passport cards equipped with electronic data chips to U.S. citizens who travel frequently between the United States and Canada, Mexico or the Caribbean. The cards can be read wirelessly from 20 feet, offering convenience to travelers but raising security and privacy concerns about the possibility of data being intercepted.
The goal of the passport card, an alternative to the traditional passport, is to reduce the wait at land and sea border checkpoints by using an electronic device that can simultaneously read multiple cards' radio frequency identification (RFID) signals from a distance, checking travelers against terrorist and criminal watchlists while they wait.
"As people are approaching a port of inspection, they can show the card to the reader, and by the time they get to the inspector, all the information will have been verified and they can be waved on through," said Ann Barrett, deputy assistant secretary of state for passport services, commenting on the final rule on passport cards published yesterday in the Federal Register.
The $45 card will be optional and cannot be used for air travel. Travelers can opt for a more secure, if more costly, e-passport that costs $97 and contains a radio frequency chip that can only be read at a distance of three inches. Privacy and security experts said the new passport cards that transmit information over longer distances are much less secure.
"The government is fundamentally weakening border security and privacy for passport holders in order to get people through the lines faster," said Ari Schwartz, deputy director of the Center for Democracy and Technology, which submitted comments in opposition to the proposed rule, along with 4,000 others, the vast majority in opposition.
The problem with the card, Schwartz said, is that it uses a standard that wasn't meant to track people. "It's not made as an identity document," he said. "The technology they're using was designed to track goods -- pallets of toilet paper at Wal-Mart," he said.
The government said that to protect the data against copying or theft, the chip will contain a unique identifying number linked to information in a secure government database but not to names, Social Security numbers or other personal information. It will also come with a protective sleeve to guard against hackers trying to skim data wirelessly, Barrett said.
The card is part of the Western Hemisphere Travel Initiative, aimed at strengthening border security while easing entry for citizens and legitimate visitors with standard identity documents.
Although the chip is passive and can be read only when a reader pings it, a reader with a strong battery can detect the chip's signal from as far as 40 feet away, Schwartz said. It can easily be cloned, posing the risk that a hacker could make a duplicate card to fool a border agent, he said.
Avi Rubin, a professor at Johns Hopkins University, said that two years ago, he duplicated an RFID chip in his "speedpass" used for buying gas, copied the information onto a laptop and, after extending a radio antenna from the laptop out the car door, was able to buy gas with the cloned RFID chip.
Randy Vanderhoof, executive director of the Smart Card Alliance, represents technology firms that make another kind of RFID chip, one that can only be read up close, and he is critical of the passport card's technology. It offers no way to check whether the card is valid or a duplicate, he said, so a hacker could alter the number on the chip using the same techniques used in cloning.
"Because there's no security in the numbering system, a person who obtains a passport card and is later placed on a watchlist could easily alter the number on the passport card to someone else's who's not on the watchlist," Vanderhoof said.
Last year, the Government Accountability Office reviewed technology similar to that used in the passport cards. The report found low read rates and said the technology should be used only to track goods, not to identify people.
The State Department hopes to begin issuing the cards in the spring. For more information, go to http:/