Every time a Transportation Security Administration (TSA) agent closely examines my driver's license, I have a hard time not making one of those wisecracks that gets you into trouble. The reason? I know that driver's licenses as a means of identification are a joke. Fake ones can still be ordered on the Internet or purchased for about $60 in many cities, and real ones can be obtained fraudulently.
The joke becomes a lot less funny when one recalls that several of the 9/11 hijackers used phony documents to acquire driver's licenses, which they used to obtain credit cards, enroll in flight school and purchase airplane tickets. Yet little has been done since then to make driver's licenses more reliable, despite the fact that they are by far the most commonly used means of identification in the United States -- not just for travel, but also for entering most public buildings and numerous private ones. As a result, the "no fly" and "selectee" watch lists (used by the TSA to identify passengers who pose threats to airline safety), as well as other security-related databases, are at least partially blinded.
I am hardly a smart-card expert (or even a dull-witted one). But as a sociologist and social philosopher, I have studied circumstances under which concern for the common good might trump the right to privacy -- for instance, the question of whether convicted pedophiles should be required to notify the communities in which they settle of their predilections. As a result, the New York-based Markle Foundation, which focuses on technology policy, invited me to join a task force composed of privacy advocates and former officials from the Pentagon, National Security Administration and CIA to study national security and information technology. I chaired a subgroup on reliable identification.
Our deliberations opened with a bombshell. Robert J. Cramer of the General Accounting Office described a test in which GAO agents had been able to enter the United States using counterfeit driver's licenses without being stopped -- 25 out of 25 times in late 2002 and early 2003. They entered through sea ports from Canada, walked through border crossings from Mexico and arrived at airports from Jamaica. Shocked by these findings, our subgroup issued a report in 2003 with a long list of remedies. In March and April this year, Jared Bloom, my research assistant, and I queried officials in the 50 states and the District of Columbia about measures taken on these matters. The findings reveal how useless driver's licenses are as a means of identification:
* It is still impossible for any state to find out whether a person applying for a driver's license has already been issued one by another state (unless the applicant has had a license revoked or suspended). Thus, anyone with a clean driver's record can get a handful of licenses and hand over the extras to terrorists or other criminals.
* Sixteen states still do not check online to see if an applicant presents a valid Social Security number. Instead, they submit hard copies of Social Security numbers for confirmation. While waiting for replies, several of these states let applicants, who can be very hard to locate later, walk away with possibly false temporary, or sometimes even permanent, licenses.
* Each state follows its own procedures in deciding which so-called breeder documents (those used to obtain other cards or forms of identification) will be used to determine applicants' identities.
* Seventeen states do not require proof that applicants are legally in the United States.
* Only nine states collect biometric information (facial features, iris patterns or fingerprints), which is the most reliable means of identification. (In Texas, for example, fingerprints are taken and put on file, but not on the licenses themselves.)
Driver's licenses -- like other state-issued ID cards -- are relics of the past. They were never meant to be used for national security purposes, or even national identification purposes. Hence, a relatively low level of reliability sufficed for the original purpose of confirming that a person had passed a driving test, met the physical requirements and was old enough to operate a vehicle.
The rub is that since 9/11, these state-issued pieces of plastic have been used increasingly as de facto national security cards, because a driver's license issued by one state is honored by all others and because federal authorities, especially the TSA, treat them as the equivalents of national passports. However, the federal government has not taken over the issuance of these cards the way it controls the issuance of Social Security or green cards. It has not even required states to improve their own issuance practices. It has merely treated the licenses as though they were high-grade certificates.
Why has America been so slow to take remedial actions? It is not an accident, or a matter of plain neglect, that the states largely act as if 9/11 did not happen. One reason is that because of a strong U.S. tradition of states' rights, the country is reluctant to move from an archaic state system to a 21st century form of government in which more tasks -- especially those concerning national security -- are federalized. And no state wants the folks in Washington to tell it how to issue licenses.
If the federal government did ask the states to meet standards suitable for what amounts to a domestic passport -- needed to travel within the United States by air, by road and by rail -- it would have to provide the states with the resources needed, otherwise it would be just another unfunded mandate.
Another major reason elected officials dare not touch ID cards is that backing for privacy with respect to this issue is particularly strong, with support spanning the ideological spectrum from conservative activist Phyllis Schlafly to the American Civil Liberties Union (ACLU). In a 2002 letter to President Bush, a group of privacy advocates led by the ACLU and the Free Congress Foundation wrote, "The administration should not take any steps to implement such a system or fund any proposals that would result in a national ID, including the study or development of standardized state drivers' licenses." And in a letter to the New York Times published on May 2, 2002, Schlafly and ACLU president Nadine Strossen, stirred by one U.S. senator's proposal for standardizing driver's licenses as an effort to implement national ID cards, wrote: "A national identity card would diminish privacy in America and do nothing to prevent further acts of terrorism on our soil."
The privacy lobby disregards the fact that such cards are commonly used in many other democracies. I prefer to call them national security cards because they differ from national ID cards in two profound ways: A person is required to carry a national ID card at all times and to produce it on demand from police without any reason. (I have seen the police in Brussels block both ends of a street and ask everyone to identify themselves.) In the U.S. system, people are not required to carry any form of identification unless they wish to enter a secure public area, such as some parts of airports or certain public buildings. Even when driving on public roads, Americans cannot be asked to present their licenses unless they have shown cause for police concern, for example by speeding or driving without a license plate.
Some privacy advocates push the most emotional buttons they can find. Lillie Coney, a senior policy analyst for the Electronic Privacy Information Center, argues that more reliable means of identification would make it easier for employers and government officials to discriminate against minorities. For instance, police might be more likely to demand to see the ID cards of foreign-looking citizens. In effect, the opposite is the case; in places where an ID is required, such as airports, all are treated equally. When there are no universal means of identification, however, those who look suspicious are queried, which can lead to racial discrimination.
Many privacy advocates also argue that more reliable ID cards would, as the ACLU put it in 2002, "lull Americans into a dangerously false sense of security." This argument holds that if we rely too heavily on our improved means of identification for security, then we will take in-person security less seriously. The same argument was made about seat belts -- that if people felt more secure they might drive like maniacs. If this absurd logic were followed, all effective safety measures should be abandoned.
Most important, privacy advocates disregard the fact that the higher the level of reliability of the means of identification, the less that privacy will be violated. The reason is that if authorities cannot establish the most elementary aspects of a person's identity, such as a person's name, with some measure of reliability, then the only available alternative is to create a much more invasive profile from a wider variety of databases, that use race, birthmarks, buying habits, and other activities and characteristics.
I am not arguing that ID cards are harmless. In a civil libertarian utopia, they would not exist. However, our world changed on 9/11. Moreover, this issue is governed by the Fourth Amendment, which is much less absolute than the First. It does not state that Congress shall make no law allowing search and seizure, only that there should be no unreasonable search and seizure -- which, on the face of it, implies that there is a whole category of searches that are reasonable and fully compatible with the Constitution. No one has the right to a false ID. And if, after 9/11, we are going to identify people entering secure areas, then such identification should be reliable.
Author's e-mail: email@example.com