AOH :: PT-1436.HTM

Real ID Act regulations: a critique by Steven Adler

Real ID Act regulations: a critique by Steven Adler
Real ID Act regulations: a critique by Steven Adler

Previous Politech message: 

-------- Original Message --------
Subject: Re: [Politech] Real ID Act regulations finally released by 
Homeland	Security [priv]
Date: Wed, 7 Mar 2007 09:20:15 -0500
From: Steven Adler  
To: Declan McCullagh  


The current rulemaking proposal has several key features:

1.  It establishes federal standards in document authentication for
drivers licenses:

2.  Jurisdictional control will remain at the state and county level, as
it is today, but data will be shared via remote query nationally and

3.  There will be a machine-readable zone (MRZ) on the back of each
license in the form of a 2D-barcode

Privacy Issues:

Current privacy debate centers on the MRZ because it will provide the
first common electronic means to verify a drivers license.  MRZ readers
are cheap and common.  Law enforcement would like the full data set on the
front of the card to be written in the MRZ.

Only the drivers license ID# and Zip Code are necessary, and the data
should be encrypted.  Law Enforcement might use that minimum data set to
perform remote queries on the jurisdictional dataset and return different
kinds of information based on the business purpose of the transaction and
role of the requester.  Businesses might also use the MRZ for ID
verification and could have context-sensitive restrictions on access to
the PII.  For example, bars could swipe the MRZ and send remote queries to
verify drinking age and a return dataset might only indicate green for
above age, red for below.  They might still photocopy the contents on the
front of the card (a common practice), but electronic data gathering
opportunities would be minimized.

If the MRZ data is not minimized and encrypted, your drivers license will
become a new form of EZpass: a convenient method for electronic
authentication that will be easily linked to video and audio surveillance,
creating electronic records of all your activities far beyond anything
possible today.


Steven B. Adler, CIPP
Program Director, IBM Data Governance Solutions 
(516) 944-2598 Work
(516) 643-1157 Mobile
(610) 956-2598 eFax

IBM Data Governance: 
Politech mailing list
Archived at 
Moderated by Declan McCullagh ( 

Make REAL money with your website!

The entire AOH site is optimized to look best in Firefox® 2.0 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH
We do not send spam. If you have received spam bearing an email address, please forward it with full headers to