I have been surprised not to hear more about this aspect of the immigration reform laws. Unfortunately the alert which Tim forwarded is out of date, and I believe the reforms did pass in some form. I view biometric identification as a very disturbing development and I'd like to hear more about the wording of the bills as finally passed. If they really want to give people a card which proves their legal residence in the US, a less intrusive approach is possible. Rather than set up a database of all employees, and/or give each person an official identity card, instead have people come and prove their residency, then give them a card with the biometric information and a blind signature. No other information goes on the card, no information goes into a database. The signature is a certificate testifying that the person with the particular thumbprint is legal to work in the US. The card can't be transferred since no one else has that thumbprint. But no identifying information is recorded. There is no advantage in people coming in twice to get more than one card since their print will be the same each time, so no database is needed. A simpler approach dispenses with the blind signature and just issues a regular signature on the thumbprint or other biomarker. This is about as good since proving residency will probably require at least an incidental display of identity papers, so you are already trusting the agency not to log you, and you can just as easily trust them not to log the signature. This is an approach which accomplishes the goal with a minimal intrusion into people's privacy. I don't know how it compares with current biometric concepts - maybe this is similar to what they are proposing, minus the database. But there is a general principle that government regulations should use the least restrictive means where they violate people's rights, such as the seriouss privacy violations in the current proposals. So I think it should be possible to make a strong argument that privacy protecting alternatives which accomplish the objective must be considered. The key concept is to unlink identity from the credential. That is the crucial idea of credentials, one which has not yet pentrated the popular consciousness. Maybe we need to start pushing it more. You don't have to prove your identity to prove you have certain qualifications. There is no need to tie everything to a central identifier. A system of dispersed, stand-alone credentials will be far better at protecting privacy. Blind signatures can help protect against cheating, but policy can work too, especially when credentials are issued by a public agency on a large scale, so systematic and secret record keeping is impractical since so many people are involved. I know a lot of people will oppose even this form of biometric information, which is not tied to identity. Perhaps we could have some discussion on the degree to which people see this kind of system as a privacy threat. If the credential concept is new we could discuss that, too. Hal