From: IN%"rre@weber.ucsd.edu" 2-SEP-1996 22:33:17.31 [The new welfare bill in the US has profound privacy implications and will require major new identification systems and databases. See the article on the front page of today's (9/2/96) New York Times for some details. (There's a bunch of useful Internet stuff in the business section too.) This issue of the Privacy Forum, which I've abridged and rearranged, includes three items on Social Security Numbers and another on fingerscanning. This is really it: pressures for universal identifiers are growing exponentially from a hundred directions as we speak. I wish I knew how to communicate the magnitude of it. If half the stuff currently being launched in this area really happens then the world is going to be completely different a year from now -- give it two if the system development projects choke as per usual on their overambition. I hope you're not sick of this topic, because you'll be hearing lots more about it this autumn. Educate, agitate, organize. Please. Speaking of which, I've also enclosed a note about a Privacy International web page on national identification cards.] =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= This message was forwarded through the Red Rock Eater News Service (RRE). Send any replies to the original author, listed in the From: field below. You are welcome to send the message along to others but please do not use the "redirect" command. For information on RRE, including instructions for (un)subscribing, send an empty message to rre-help@weber.ucsd.edu =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Date: Sun, 1 Sep 96 18:14 PDT From: privacy@vortex.com (PRIVACY Forum) Subject: PRIVACY Forum Digest V05 #16 PRIVACY Forum Digest Sunday, 1 September 1996 Volume 05 : Issue 16 ---------------------------------------------------------------------- Date: Fri, 30 Aug 1996 10:51:45 -0700 (PDT) From: jd@scn.org (Janeane Dubuar) Subject: NCSL ALERT: Driver's Licenses and Birth Certificates This alert came by mail from the National Conference of State Legislatures in Washington, D.C. I added an update which includes the names of House-Senate conferees. The federal immigration bill (H.R. 2202) is expected to emerge from conference committee some time during the first week of September. Now is the time to act. TOWARD A NATIONAL IDENTIFICATION CARD AND MORE RED TAPE: CONGRESS MANDATES CHANGES TO DRIVER'S LICENSES AND BIRTH CERTIFICATES On May 2, 1996, the U.S. Senate passed S. 1664 (now called H.R. 2202 - Senate version), a bill to reform illegal immigration, that proposes monumental changes to all driver's licenses and birth certificates (section 118). These changes will force most U.S. citizens to obtain and pay for new driver's licenses and birth certificates; compromise each citizen's right to privacy; violate state and local control over driver's licenses and birth certificates; and invite discrimination against minorities. The Congressional Budget Office estimates that the federal driver's license mandate alone will shift up to $20 million in costs to states and localities. The House also passed an immigration bill, H.R. 2202. The House bill does not contain the driver's license and birth certificate mandates. Both House and Senate immigration staff are currently reconciling the two bills in an informal conference committee. Phone calls to House and Senate Leadership are urgently needed to demand that the driver's license and birth certificate mandates be deleted from the final bill. What Does the Senate Version of H.R. 2202 Require? 1. Driver's Licenses - State driver's licenses and identification cards MUST CONTAIN THE APPLICANT'S SOCIAL SECURITY NUMBER. The federal government will also create new federal standards for the application process and design of all driver's licenses and ID cards. States that currently retain and verify an applicant's social security number but do not place the number on the cards are initially exempt from the social security number mandate. According to the American Association of Motor Vehicle Administrators, of the 38 states that do not require the social security number to be on their driver's licenses, only Massachusetts would qualify for this exemption; all other states would be required to place social security numbers on driver's licenses and ID cards. All states are required to conform to the other federal standards. States with cycles of renewal longer than six years must start October 1, 2006. After October 1, 2006, NO ONE may use a driver's license or ID card for identification purposes that does not meet these federal standards. 2. Birth Certificates - All birth certificates must be printed on federally-approved safety paper and be certified by the issuing agency. The federal government will also issue additional provisions requiring other security features in the future. Starting in 1999 (three years after the bill's enactment), birth certificates that do not meet these federal standards cannot be accepted by any federal agency or by any state or local agency that issues driver's licenses or ID cards. Who Needs a New Driver's License? Anyone who wants to use their driver's license as a valid form of identification after October 1, 2006. If you need to use a driver's license to vote, to apply for a passport, to qualify for a federal school loan, license, contract or public assistance program or to meet any other federal, state or local requirement you will need a new driver's license. Will I Have to Put My Social Security Number on My Driver's License? Yes. While most states currently give applicants the option of not using this number on their driver's license or prohibit its use outright, the new federal requirements will force almost every American to put their social security number on their license or ID card. Many citizens are concerned by laws that increase the circulation of their social security number. The social security number is a key which provides access to vital personal information, which could be misused if it fell into the wrong hands. Others believe that proposals making driver's licenses uniform, including social security numbers, are a significant step toward a national ID card. Finally, many minorities contend that they will be disproportionately affected by the new requirements because they will be asked to show their documents more often than other Americans. Who Needs a New Birth Certificate? Anyone who wants to use their birth certificate as a valid form of identification after October 1, 1999. If you need to use your birth certificate to establish citizenship, apply for or renew a driver's license, passport or other identification documents, obtain a marriage license, register to vote, change your name, or many other purposes you will need a new certificate. No matter how old you are, if you need to use your birth certificate it must conform to the new federal standards, otherwise it is invalid. Fees will almost certainly be charged for new birth certificates to pay for the new federal requirements. This will impose a significant hardship on elderly and low-income Americans. THE DRIVER'S LICENSE AND BIRTH CERTIFICATE MANDATES IN ILLEGAL IMMIGRATION BILL H.R. 2202 (Senate) WILL... ...INCREASE SOCIAL SECURTY NUMBER FRAUD. H.R. 2202 (Senate version) will require the vast majority of automobile drivers in the U.S. to put their social security numbers on their driver's licenses. In the future, whenever someone shows their driver's license they will also be exposing their social security number. With the social security number accessible to so many people, it will be relatively easy for someone to fraudulently use your social security number to assume your identity and gain access to your bank account, credit services, utility billing information, driving history, and other sources of personal information. This new federal law will compound and exacerbate a disturbing trend reported by banks and credit card companies that social security number-related fraud is already on the rise. ...INVADE PRIVACY AND THREATEN CIVIL LIBERTIES. According to the Privacy Rights Clearinghouse, when social security numbers were first issued in 1936, the federal government assured the public that use of the numbers would be limited to social security programs. The driver's license and ID card provisions in H.R. 2202 (Senate version) violate this promise, and will dramatically increase the circulation of the social security number and its use as a national identifier. Now more corporations, creditors, insurance companies, government officials and others will be able to get easier access to vast amounts of personal information that can be used to support marketing schemes, determine insurance and loan eligibility, gain an advantage in a lawsuit, etc. ...PREEMPT STATE LAWS AND SHIFT COSTS TO STATES AND LOCALITIES. According to the Automobile Association of America, 38 states do not require drivers to put their social security numbers on their driver's licenses. Legislation has been introduced in a number of states (including Mississippi and Hawaii) that require social security numbers on their driver's licenses to take the numbers off the card because of fraud and privacy problems. The new federal law would require all but Massachusetts to change their laws, taking this option away from the majority of the nation's drivers and limiting state authority to decide whether this policy is appropriate for their residents. The bill also gives the federal government wide latitude to develop new and more costly requirements for state driver's licenses, ID cards and birth certificates in the future. According to the Congressional Budget Office, the new unfunded federal mandates in the law will shift up to $20 million in costs to states and force states and localities to increase fees for birth certificates to pay for new federal requirements. ...LEAD TO A NATIONAL ID CARD THAT DISCRIMINATES AGAINST MINORITIES. By requiring states to tie the social security number to state-issued identification documents, the proposal marks a dramatic shift toward using the number as an identifier. Today's mandate that the states follow federal requirements in their identification documents will lead to tomorrow's mandate: that the federal government issue the identification documents itself to ensure uniformity and reliability. Make no mistake: this provision is a key building block for national identification documents, and the national ID card. If such an ID card is mandated, Latinos, Asians, and other Americans who "look foreign" or speak with an accent will be expected to produce this document far more often than other Americans, especially if they live in border areas. Increasing discrimination against our own citizens is no way to deal with the problem of illegal immigration. ...TANGLE CITIZENS IN GOVERNMENT RED TAPE. The federal bill requires any citizen that needs to use their birth certificate for official identification to get a reissued birth certificate from their place of birth by October 1999. Senior citizens that intend to apply for Medicare will need to obtain a new birth certificate. Couples engaged to be married will need new birth certificates for a marriage license and to change their names. Professionals traveling internationally for business or families going on vacation overseas will need new birth certificates to obtain passports. With millions of citizens requesting new birth certificates, lines and waits for federally-approved birth certificates will be long. All recipients will be charged a fee for their new birth certificates. ------------------------------- UPDATE: To study the full text of the Senate's version of H.R. 2202, go to http://thomas.loc.gov and look up S.1664, section 118. Write or call conferees and your own member of the House. As of Thursday, 8/29/96, 4:30 pm EDT, Senate conferees on the immigration bill were: Feinstein, Dianne - California Grassley, Chuck - Iowa Hatch, Orrin - Utah Kennedy, Edward - Massachusetts Kohl, Herb - Wisconsin Kyl, Jon - Arizona Leahy, Patrick - Vermont Simon, Paul - Illinois Simpson, Alan - Wyoming Specter, Arlen - Pennsylvania Thurmond, Strom - South Carolina Likely House conferees include: Becerra, Xavier - California (30) Berman, Howard - California (26) Bono, Sonny - California (44) Bryant, Ed - Tennessee (7) Bryant, John - Texas (5) Conyers, John, Jr. - Michigan (14) Frank, Barney - Massachusetts (4) Gallegly, Elton - California (23) Goodlatte, Bob - Virginia (6) Hyde, Henry - Illinois (6) McCollum, Bill - Florida (8) Smith, Lamar - Texas (21) Please do not wait to contact House conferees. The conference report could be issued within as little as 24 hours of their final selection. To be most effective, letters should be postmarked by Saturday, August 31st, or faxed early the following week. Members' offices also may be reached by phone through the Capitol Switchboard (202) 224-3121. Thanks for your help. ------------------------------ Date: Fri, 16 Aug 96 15:24 EST From: Robert Ellis Smith <0005101719@mcimail.com> Subject: Alternatives to Social Security Numbers [ From Risks-Forum Digest; Volume 18 : Issue 35 -- MODERATOR ] Last spring, I asked readers of RISKS for suggestions on alternatives to Social Security numbers in organizations with large data bases of information about individuals. Many such organizations find they do not need to use SSNs, and avoid privacy problems associated with using them. For a copy of all of the responses, send a request to us and specify whether you want hard copy or electronic edition of our August issue, and provide postal address or e-mail address. Robert Ellis Smith, Publisher, Privacy Journal newsletter, Providence, RI, 401/274-7861, e-mail 5101719@mcimail.com. Excerpts from the suggestions follow: * FROM WASHINGTON, D.C.: Maryland uses Soundex (of name and birth date concatenated [linked in a chain]) both for driver and vehicle registrations. * FROM CAMBRIDGE, MASS.: "Against Universal Health-Care Identifiers" in the JOURNAL OF THE AMERICAN MEDICAL INFORMATICS ASSOCIATION 1:316-319, 1994, by Dr. Peter Szolovits of MIT and Dr. Isaac Kohane of Children's Hospital in Boston, discusses a number of ways in which cryptography- based health care identifiers can be used to preserve privacy while remaining manageable for typical medical purposes. This is publication #49 (in Postscript format) at http://medg.lcs.mit.edu/people/psz/publications.html. * FROM YARDLEY, PA.: One way is to use a simple scheme like three letters from last name, the first initial, and some digits; another is just to use sequential numbers. Another is an MD5 hash of the full-name string [a one-way mathematical function as a stand-in for the name that makes translation back to the original name impossible]. This is always unique for a unique string, so you might need to add some numbers. * FROM MADISON, WISC.: When I was working on the development of the Wisconsin Student Data Handbook - we tried to develop what we called an "SSN surrogate," also of nine bytes per individual. It involved an algorithm which combined year, month, and date of birth with sex and two consonants each extracted from the first and middle names. * FROM CYBERSPACE: I worked with a banking software company that set up employee records simply by exact hire date and time. Since they never hired anyone at exactly the same time, it gave each person a unique number. You could do the same for any data base in which records are added gradually one at a time - just number them based on exact date and time added. * FROM PALO ALTO, CAL.: At Stanford University we made a decision long ago not to use SSN for identification except where required by law (payroll taxes, for example). We use a unique Stanford University ID (SUID), which is a lifetime number and applies to all students, alumni, faculty, staff, and patients. It serves all the same purposes that the SSN would do if it were used. ------------------------------ Date: Sat, 24 Aug 1996 00:25:15 -0400 From: Monty Solomon <monty@roscom.COM> Subject: SSN and Welfare Legislation Excerpt from EPIC Alert 3.15 ======================================================================= [3] Welfare Legislation Signed by Clinton ======================================================================= On August 22, President Clinton signed the Personal Responsibility and Work Opportunity Reconciliation Act of 1996. The bill includes a number of sections that expand the use of the Social Security Number and create new databases of personal information. The bill requires that states obtain individuals' Social Security Numbers for many state documents. It provides that on "any application for a professional license, commercial driver's license, occupational license, or marriage license [the SSN] be recorded on the application." The new bill also creates a national database of every employee in the United States. States are also required to create databases of "new hires." The state databases would be uploaded to a federal registry and the Social Security Administration would verify the SSNs. The Commissioner of Social Security is required to develop "a prototype of a counterfeit-resistant social security card" made of tamper proof materials for proving citizenship, and to issue a report on the cost of issuing a new card to all citizens over a three, five or ten year period. More information on the welfare bill, the Social Security Number, and efforts to expand its use is available at: http://www.epic.org/privacy/ssn/ ------------------------------ Date: Fri, 30 Aug 1996 10:34:03 -0700 (PDT) From: jd@scn.org (Janeane Dubuar) Subject: fingerprinting by banks SEATTLE WEEKLY Copyright 1996 - used with permission July 24,1996 - "Quick and Dirty" column by Eric Scigliano Thumbprint, retinal or body-odor scan, sir? If you think those "Go to Jail" charity slumber parties are a scream, you may get a kick out of cashing checks after September 11. That's when US Bank will start requiring that non-customers cashing its checks consent to be finger--or, rather, thumb--printed. Other local banks are expected to join US Bank on the new security frontier in September, and at least one, Seafirst, plans to start taking thumbprints next year in step with its California parent, Bank America. The thumbprinting scheme is being pushed by the Washington Bankers Association, which wants all its members to take the plunge together. As Dan Doyle, regional manager over US Bank's Western Washington branches, notes, "I'm not sure any one bank wants to be the one to step out and do it--it probably sounds cold, hard, and not very customer-friendly." Indeed. "But it's really to protect customers." That protection is supposed to come from deterrence. Very few, if any, check forgers actually get caught via thumbprints in those states (most notably Texas, Nevada, and Arizona) whose banks already take them. Tellers can't (yet, anyway) check the prints for known forgers; the prints will merely be saved (on the checks themselves) for investigation in the event of a bounce. But Bruce Koppe, the Bankers Association's executive director, reports that bogus-check losses have declined by 40 percent in those states. Doyle says US Bank has charted 45 percent reductions in states where it's tried the system, and fewer than 1 percent of those asked decline to give prints. Some retailers, and reportedly at least one local credit union, are already taking prints on checks. Customers can at least be reassured that they won't have to bear the telltale black stains of traditional fingerprinting; the new "inkless" printing leaves no visible mark on the skin. Still, fingerprinting is, in the words of American Civil Liberties Union lobbyist Jerry Sheehan, "the archetypal metaphor of criminality, along with the mug shot and lineup." Some tellers are already grumbling at the prospect of having to do it. The banks take heart that they won't be demanding prints of their current customers. But the ill will may still come around to bite them; those are all potential customers they stand to infuriate, and account-holders may not like the idea of their checks being valid only when backed by thumbprints. And thumbprinting may be just the nose under the tent. That mixed bodily metaphor suits the brave new world of "biometric" identification in which we will, very soon, find ourselves. Down in Olympia, a working group of the joint Legislative Transportation Committee is considering what kind of biometric and/or computer technology to adopt in upcoming "smart" driver's licenses; its findings are due in December, preparatory to the next legislative session. Possibilities include a bar code or magnetic strip; a store scrutinizing your check or a cop writing a ticket could scan your full digitalized profile. All the drivers' license data that now fills a state warehouse could be consolidated in a single data base. And all those sci-fi and privacy-protectionist warnings about personal bar codes and instant snooping will come true. Transportation Committee staffer Jennifer Joly says that fingerprinting is still the most common form of biometric ID. But more exotic techniques are coming in: hand geometry scans, retinal scans, iris scans, computerized facial recognition, and (I am not making this up) body odor measurement. It seems unlikely that those who take IDs will stop at thumbprinting checks. Joly reports that bankers, retailers, and law-enforcement groups have joined in a coalition to weigh in on the new drivers' licenses. "We'll be pushing for legislation imposing severe restrictions" on fingerprinting, the ACLU's Sheehan vows. And they'll "continue to resist these pressures to create uniform identification papers from a document intended for driver's certification." [...] July 31, 1996 - "Quick and Dirty" column by Eric Scigliano [...] They want to know it all If you feel queasy about being fingerprinted by a bank, imagine how tellers feel about all the information they're supposed to disclose. US Bank asks employees to fill out an "extortion readiness card" listing all their cars (by number and "markings") and neighbors, the names, schools, and daily routes and schedules of their children, and any meetings they themselves regularly attend. US Bancorp spokeswoman Mary Ruble says taking such data is a longtime standard banking practice done for the employees' "own safety," to protect them in "hostage situations" and to help authorities "follow up if a claim of kidnapping is made." She adds that US Bank has never encountered such a situation, but believes other banks have. The cards are kept confidential in a central office, and filling them out is "voluntary for employees." But one bank worker who objected recalls being told to fill out the card anyway, and got the feeling, despite the explanation, that the intent was really to guard against crimes by, rather than against, employees. "The extortion readiness card has nothing to do with embezzlement," says Ruble. ----------------------------------------------------------------------------- The Internet PRIVACY Forum is a moderated digest for the discussion and analysis of issues relating to the general topic of privacy (both personal and collective) in the "information age" of the 1990's and beyond. The moderator will choose submissions for inclusion based on their relevance and content. Submissions will not be routinely acknowledged. All submissions should be addressed to "privacy@vortex.com" and must have RELEVANT "Subject:" lines; submissions without appropriate and relevant "Subject:" lines may be ignored. Excessive "signatures" on submissions are subject to editing. Subscriptions are by an automatic "listserv" system; for subscription information, please send a message consisting of the word "help" (quotes not included) in the BODY of a message to: "privacy-request@vortex.com". Mailing list problems should be reported to "list-maint@vortex.com". All messages included in this digest represent the views of their individual authors and all messages submitted must be appropriate to be distributable without limitations. The PRIVACY Forum archive, including all issues of the digest and all related materials, is available via anonymous FTP from site "ftp.vortex.com", in the "/privacy" directory. Use the FTP login "ftp" or "anonymous", and enter your e-mail address as the password. The typical "README" and "INDEX" files are available to guide you through the files available for FTP access. PRIVACY Forum materials may also be obtained automatically via e-mail through the listserv system. Please follow the instructions above for getting the listserv "help" information, which includes details regarding the "index" and "get" listserv commands, which are used to access the PRIVACY Forum archive. All PRIVACY Forum materials are available through the Internet Gopher system via a gopher server on site "gopher.vortex.com". Access to PRIVACY Forum materials is also available through the Internet World Wide Web (WWW) via the Vortex Technology WWW server at the URL: "http://www.vortex.com"; full keyword searching of all PRIVACY Forum files is available via WWW access. ------------------------------ End of PRIVACY Forum Digest 05.16 ************************ Date: 2 Sep 1996 13:52:18 -0500 From: "Dave Banisar" <banisar@epic.org> To: "Interested People" <interest@epic.org> Subject: National ID Card Web Pages EXTENSIVE NATIONAL ID CARD WEB SITE IS NOW ON LINE The London-based human rights watchdog Privacy International (PI) has just opened an extensive web page on National ID cards. The initiative comes in the wake of pending efforts in the United States, Canada and United Kingdom to implement national ID card systems. The page contains a 7,000 word FAQ (Frequently Asked Questions) on all aspects of ID cards and their implications. Also included in the PI documents is a paper describing successful campaigns opposing to ID cards in Australia and other countries. The page also has links to numerous other sites and documents. PI Director Simon Davies said he hoped the page would help promote debate about the cards, "ID cards are often introduced without serious discussion or consultation. The implications are profound, and countries planning to introduce them should proceed with caution." "The existence of a card challenges important precepts of individual rights and privacy. At a symbolic and a functional level, ID cards are often an unnecessary and potentially dangerous white elephant. They are promoted by way of fear-mongering and false patriotism, and are implemented with scant regard for serious investigation of the consequences." he said. The URL is : http://www.privacy.org/pi/activities/idcard/ PI has also set up an auto response function for the FAQ document. Its address is: idcardfaq@mail.privacy.org Privacy International is an international human rights group concerned with privacy and surveillance issues. It is based in London, UK. For further information contact the Privacy International Washington Office at +1.202.544.9240 or email pi@privacy.org. PI's web page is available at: http://www.privacy.org/pi/ _________________________________________________________________________ Subject: National ID Card Web Pages _________________________________________________________________________ David Banisar (Banisar@privacy.org) * 202-544-9240 (tel) Privacy International Washington Office * 202-547-5482 (fax) 666 Pennsylvania Ave, SE, Suite 301 * HTTP://www.privacy.org/pi/ Washington, DC 20003