Second in a series
of occasional articles
Navy Petty Officer Wellington Jimenez walked into the identification room at Fort Hamilton in Brooklyn one day recently and gave his name, rank and fingerprint. In return, he got a token of the future: a plastic ID card embedded with a computer chip.
The card -- with two photos, two bar codes, a magnetic stripe and the etched gold chip -- looks like a driver's license on steroids. More than 120,000 active duty military personnel, selected reserves, Defense Department civilians and some contractors have received the cards in recent months. About 4 million are to be issued over the next two years.
When Jimenez sits down at a computer on his next ship, the USS George Washington, he will slip the card into a device that will electronically scramble, or encrypt, his e-mail to prevent outsiders from reading it. The same card will automatically give him access to secure rooms across the world. At a military hospital, its chip will one day summon his medical records. Used as a debit card, it may even buy him a sandwich at a base cafeteria.
And more than ever, the cards will enable Defense Department officials to look into their databases and know the doorways he passes through, the computer he accesses, the doctor he sees, all of which is fine with Jimenez.
"I know the government will have more access to my information," Jimenez said. "But I know it's going to be used in the right way. I feel protected."
The high-tech IDs, the latest in "smart cards," were designed for tracking personnel across the globe and running more secure and efficient military operations. But now they are models for something that was unthinkable before Sept. 11: national identification cards for all U.S. citizens.
Almost from the day the planes hit the World Trade Center and the Pentagon, members of Congress, security experts and high-tech executives have endorsed the idea of some new form of identification system as a critical weapon in the fight against terrorism. They believe the cards, linked to giant databases, would be invaluable in preventing terrorists from operating under assumed names and identities.
Any such proposals in the past foundered on a distrust of centralized government as old as the American republic. Opponents raised the specter of prying bureaucrats with access to databases full of personal information, of Gestapo-like stops on the street and demands to produce papers, and the kind of unchecked police authority that would erode constitutional protections.
The nation's new consciousness of terrorism, a product of both the fear and anger engendered by Sept. 11, has markedly changed the way Americans think about security, surveillance and their civil liberties. For many people, the trade-off of less privacy for more security now seems reasonable.
As Alan M. Dershowitz, a Harvard University law professor, wrote in October in endorsing a national ID card, the "fear of an intrusive government can be addressed by setting criteria for any official who demands to see the card."
"Even without a national card, people are always being asked to show identification," he said. "The existence of a national card need not change the rules about when ID can properly be demanded."
Airport Security Needs
The new enthusiasm for ID cards is not the only example of a changed attitude toward privacy issues. Face recognition systems that link computers and cameras to watch passing crowds spurred so much controversy last summer that many public officials refused to consider using the technology. Now airports across the country are clamoring to test and install such systems. Congress in October approved a sweeping anti-terrorism bill that gives authorities much broader powers to monitor e-mail, listen to telephone calls and secretly gather records. And the Bush administration, led by Attorney General John D. Ashcroft, has proposed a series of other measures with wide public support.
In a recent Washington Post-ABC News poll, almost 3 of 4 people said they support government eavesdropping on telephone conversations between terrorist suspects and their lawyers. For the first time, there is also strong support for secret tribunals for terrorist suspects and more government wiretapping. On the specific question of a a national ID card, about 70 percent of those recently polled by the Pew Research Center said they favor a system that would require people to show a card to authorities who request it.
"We're willing to accept this immense flow of data to law enforcement and their proxies to make sure we feel safe and secure," said Marty Abrams, an information technology specialist at the law firm Hunton & Williams and former senior credit bureau executive. "The equilibrium point shifted. It was a massive movement by society."
Abrams, privacy advocates and some lawmakers wonder whether all the implications are being considered. "We haven't really looked at what this means in the long run," Abrams said. "In our rush to make ourselves feel safer, have the appropriate due processes been worked out?"
To be sure, the political hurdles to a national ID card remain huge. President Bush has publicly downplayed their benefits, saying they're unnecessary to improve security. Bush's new cyberspace security chief, Richard Clarke, recently said he does "not think it's a very smart idea."
Logistical problems and the potentially enormous costs make it unlikely that a mandatory, national ID system could soon be adopted. In recent testimony before Congress, former Wyoming senator Alan Simpson, a supporter of more secure identification methods, warned against using the phrase "national ID" at all because of the political sensitivities. "That's a diversion for people who like to talk about . . . Nazi Germany," he said.
But a range of steps now underway could lead to a de facto national ID system that could accomplish many of the same goals.
The American Association of Motor Vehicle Administrators, for example, a group of state officials, is devising a plan to create a national identification system that would link all driver databases to high-tech driver's license cards with computer chips, bar codes and biometric identifiers.
Technology specialists at the Justice Department and General Services Administration have acknowledged they are working with motor vehicle officials and commercial vendors to develop a standard for some sort of ID system, mandatory or not.
The Air Transport Association, meanwhile, has called for the creation of a voluntary travel card for passengers that would include a biometric identifier. They proposed linking the card to a system of government databases that would include criminal, intelligence and financial records. Passengers who agree to use the card would have easier access to airplanes.
A bill introduced in Congress by Rep. Stephen Horn (R-Calif.), would establish a Commission on Homeland Security to study the federal government's efforts to protect U.S. security, including the use of national identification systems.
"This commission is not intended to resolve the national identification issue," said Horn. "It is merely to advance the debate in light of the September 11 attacks and the changed world in which we now live."
Much of the momentum for a card has been generated by the fact that five of the 19 terrorists involved in the attacks on New York and at the Pentagon were able to obtain Social Security numbers, even with false identities. The other 14 probably made up or appropriated other numbers and used them for false identification, according to Social Security officials.
At least seven of the hijackers also obtained Virginia state ID cards, which would serve as identification to board a plane, even though they lived in Maryland motels. "If we can't be sure when interacting that someone is who they purport to be, where are we?" said James G. Huse Jr., the Social Security Administration's inspector general.
Over the years, the government has found myriad ways to get involved in the identity business -- passports, for one, or state-issued driver's licenses. A Social Security number is a ubiquitous identifier, now used far beyond its original purpose.
Still, there is broad recognition that existing forms of identification are inadequate, an awareness that has been fueled by an explosion in the number of financial crimes in which fraud artists adopt the identity of their victims.
Social Security cards contain no authenticating information, such as pictures, and they can be easily forged. Pilot licenses are often printed on paper. Driver's licenses, even those now designed to be tamper-proof, also are vulnerable to abuse because they can be obtained with fraudulent birth certificates, Social Security cards and other documentation.
Tamper-proof smart cards don't necessarily worry privacy advocates, who have made identity theft a banner issue in recent years. What does trouble them is the more complex question of whether a national ID system should go beyond simple authentication of an individual's identity.
Proponents argue that security can be achieved only with a smart card that can cross-check various storehouses of personal data to determine whether someone should be viewed with suspicion. That would mean, for example, that an airline ticket agent swiping a card would be warned, by law enforcement, intelligence and some private databases, about an individual who overstayed a tourist visa, is on a government watch list or who is wanted for a crime.
In the world before Sept. 11, a large majority of Americans expressed concerns about personal privacy in surveys, and those concerns focused on the increasing collection of data -- names, addresses, buying habits and movements -- by businesses interested in developing ever more sophisticated marketing campaigns.
At the same time, they also demonstrated a willingness to surrender personal information for discounts or conveniences, such as cheaper groceries, faster passage through toll booths and upgrades on airline travel, one reason for an enormous growth in databases in recent years.
"It's massive," said Judith DeCew, a Clark University professor and author of "In Pursuit of Privacy: Law, Ethics and the Rise of Technology." "It's financial information. It's credit information. It's medical records, insurance records, what you buy, calls you make. Almost every action or activity you participate in while living a normal life potentially generates a huge database about you."
State and federal governments also expanded their data networks and use of personal information. Nearly every time police make a traffic stop, for example, they tap into National Crime Information Center databases to check whether the driver is a known criminal or suspect. And as part of a new and aggressive effort to track down parents who owe child support, the federal government created a vast computerized data-monitoring system that includes all individuals with new jobs and the names, addresses, Social Security numbers and wages of nearly every working adult in the United States. Under the system, banks are obligated to search through lists of accounts for deadbeats, or turn the data over to the government.
Government agencies have also contracted with private companies for information. The Internal Revenue Service, for example, hired a data company called ChoicePoint Inc. to give about 20,000 employees instant access to 10 billion public records containing housing, financial and other personal information about individuals. ChoicePoint provides data to the FBI and other agencies as well.
Privacy groups are troubled by the evolving uses agencies, marketers and others find for the new databases. Law enforcement authorities and private attorneys, for instance, regularly use subpoena power now to gain access to grocery, toll and a bonanza of other kinds of privately collected data for use in civil and criminal cases. And many of the databases that grew so quickly in recent years are now being studied for their potential value to law enforcement authorities.
Acxiom Corp. is lobbying Congress to change a relatively new law that limits their use of driver's license numbers. Acxiom wants to use those numbers to create a new authentication system at airports, improving the ability of clerks to ask travelers personal questions about their lives that would help verify who they are.
A centralized ID database system would dramatically speed verification and make life more convenient for travelers, airlines and others. The disadvantage, according to civil liberties activists, is that agencies would gain access to unprecedented amounts of aggregated data. They also would have to be relied upon to ensure the database is current and accurate. Questions about who would maintain the database and gain access to it would be thorny ones.
An alternative would be to configure databases to allow certain pieces of information, or fields of data, to be accessed by the smart card. This approach would limit the amount of information contained in a single database.
"Any national ID system, regardless of who controls it, has a tremendous potential for misuse and abuse," said John Berthoud, president of the National Taxpayers Union in Alexandria.
Even a de facto national ID system, of the sort proposed by motor vehicle administrators, would dramatically ease the collection of sensitive personal information about individuals by linking it all to a single, unique identifier: A smart card with a fingerprint or other biometric.
Simon Davies, director of Privacy International, a London-based advocacy group that has studied national IDs, said the computers and networks in a centralized system would also become targets of hackers. In recent years, scores of private and government databases, containing financial, medical and other personal information, have been breached by hackers, some who publicized the data or used it in fraud schemes.
It also could make it easier for a successful forger or hacker to maintain a false identity, since authorities would be so trusting in a new, high-tech system. A lost or stolen card under such a system "will paralyze your card or your identity for days or weeks," he said.
"At this point, you created a huge technological infrastructure of such massive proportions it trips over its own shoelaces," he said.
More than 100 nations have a form of national identification and use them in a variety of ways to improve security, assist law enforcement and make the delivery of services more efficient.
In Spain, for example, an ID card is mandatory for all citizens older than 14, and they're required for many government programs. Argentinians must get a card when they turn 8 and then re-register at 17. Kenya requires its citizens to carry an ID at all times. Germany likewise requires all citizens over 16 to carry a card that's similar to a passport.
Belgium first used ID cards during the German occupation in World War I. Today every citizen older than 15 has to carry one, and it is used as proof of age and identity for an array of consumer and financial transactions. It also allows Belgians to travel to several countries without a passport. Police officers in Belgium can request to see the card for any reason, at any time.
Finland has one of the most sophisticated systems in the world, including a voluntary smart card that comes with a computer chip and serves as a travel card, or "mini-passport," in at least 15 European countries.
Much like the Defense Department card, which is officially called the Common Access Card, the Finnish ID enables users to electronically sign and encrypt online documents. Eventually, it would allow users to improve the security of cell phones by scrambling calls. To protect against fraud or misuse, officials limit the amount of personal information contained on the chip.
If a new ID card system is developed in the United States the initial users are likely to be immigrants and foreign visitors. Last month, Sen. Dianne Feinstein (D-Calif.) and Sen. Jon Kyl (R-Ariz.) introduced legislation that would require foreign nationals to use high-tech visa cards containing a fingerprint, retinal scan or other unique identifier. It also would create a centralized "lookout database" containing information about known terrorists and other U.S. visitors deemed threatening.
Larry Ellison, chief executive of Oracle Corp., the world's largest database software maker, favors a voluntary card for all citizens, much like what the Air Transport Association endorsed. But he agrees that such a system might ultimately serve the same purpose as a national ID, if people found that travel and other activity was too inconvenient without it.
To critics such a card would open the door to a host of difficult questions over when and where it would be used. Could Greyhound require it, even if a person wants to pay cash? A hardware store? A hardware store if you buy only certain things, such as large quantities of fertilizer? Who decides? How would an individual's name be shared? And what if a database is mistaken -- what kind of access and recourse would an individual have?
"Those are political decisions that need to be made," said Ellison, who was among the first to promote a national ID system and pledged to donate computer software to make it possible. "I just think people need to ask themselves who they trust more, terrorists or the government?"
The driver's license proposal stands as an alternative to a single national card. A technical standard would define the security features of the card, but it would allow states the freedom of creative design and put the burden on them for administering it. Proponents of this approach acknowledge it could easily assume all the features of a national ID card once other government agencies and private companies begin tailoring their computers to capture information from the card.
And even if it were approved today, proponents say, the card would take years to unveil, as motor vehicle administrators arranged funding and drivers reapplied for licenses.
Deirdre Mulligan, director of the Samuelson Law, Technology and Public Policy Clinic at the University of California at Berkeley, said she believes a single ID system would be overly intrusive and ineffective. She said any decision to adopt such a system should be made by elected officials, not motor vehicle bureaucrats or private companies. "The debate about a national ID card is not something that should occur in the darkroom of some administrative process," Mulligan said.
Robert Ellis Smith, a lawyer and privacy specialist, said the push for a national ID card is based on the false belief there can be a simple, high-tech solution to an immensely complex problem. "One way to predict the effectiveness of a national ID number or document is to look at environments where the true identity of all residents is known: prisons, the military, many workplaces, many college campuses," he writes in a new paper about national ID cards. "And yet these places are far from crime free."
A national identification system would raise privacy questions, said Tate Preston, vice president at Datacard Group, which creates high-tech IDs. But the need for a better identification system is beyond question.
"In the 19th century, it was sufficient to ask who you are," he said. "In the 20th century, it was sufficient to show who you are," he said. "In the 21st century, you will have to prove who you are."