Privacy Experts Scoff at Governments Plans to Secure E-Passports

By Lisa Vaas  |  Posted 2005-05-03

Privacy Experts Scoff at Governments Plans to Secure E-Passports

Security experts and civil libertarians reacted with skepticism to the governments recent decision to reconsider data protection measures for new RFID passports. The "e-passports," as theyve been nicknamed, were originally slated for spring release in the Los Angeles Passport Agency but are now planned for issuance in August beginning with diplomatic passports, according to a spokeswoman for the Bureau of Consular Affairs.

Frank Moss, deputy assistant secretary for passport services at the U.S. State Department, on Monday told news outlets that the rollout of proposed radio frequency identification technology for passports will be delayed until RFIDs privacy and security vulnerabilities are resolved.

The State Department has previously claimed that the data on the 64-bit RFID tags—name, date of birth, place of birth (a datum that the ACLU claims is a key to identity theft), a digital photograph and a digital face recognition template—can only be read at a distance of 10 centimeters. That has been disproved by a demonstration in April at the Computers, Freedom and Privacy conference in Seattle and by studies that prove that the radio tags readable distance is as far away as 30 feet.

The question, privacy advocates say, is why the RFID technology is needed at all. "Why do they feel they need to use an RFID chip?" asked Ari Schwartz, an associate director at the Center for Democracy and Technology, in Washington. "Theyre saying [e-passports] can be read 3 to 4 inches away. To me, why be 3 to 4 inches away? When you could just have [a chip that required reader] contact?"

The State Department is now considering two means of protecting data: encryption and metal threads in the passport booklet cover that would hamper data reading unless the booklet were to be opened. Data would be encrypted as its transmitted from the radio chip to a reader. In addition, the reader would be required to provide a key or password before being enabled to read data on the RFID chip.

In other words, privacy advocates said, the government is opting to render hands-free radio technology into hands-on technology.

"Whereas before they had this wonderful dream of people being able to walk along and ping people as they walked along through airports and other areas and suck information off passports—which would be fine and wonderful, [because thats] what RFID is for; its radio frequency—now theyve moved away, and theyre putting little tin cover hats on the covers of passports and encrypting the data on the chip," said Bill Scannell, a publicist, freelance privacy activist and former government intelligence officer who recently launched an Internet campaign called RFID Kills to stop the government from deploying RFID in passports.

"In order to get access, theyll scan the [machine readable code on the passport cover], which is what they do now, and take off a number, and beam that at the chip, and it would dump information back to you," he said.

Next Page: An "inappropriate use of the technology."

Privacy Experts Scoff at Governments Plans to Secure E-Passports - Page 2

"Whats bad about this?" Scannell said. "Its a completely inappropriate use of the technology. The purpose of RFID is you dont have to touch or have contact with anything. Now you have to have contact. Youre adding more time to the procedure, to make it do stuff its not meant to do."

At issue is the potential for data skimming, where identity thieves carry scanners in, for example, briefcases, passing close by travelers and snatching their personal information.

Some security experts scoff at the idea of thieves wasting their time fishing for personal data in airports when there are bigger payloads available in databases.

"Im not that worried about RFID," said Pete Lindstrom, research director of Spire Security LLC. "Youre at the wrong end of the spectrum. Its on the read end. If someones going to do a [big data theft], theyll go to the database and do a massive snag."

But privacy advocates classify such thinking as naïve: If it can be done, it will be done, they say. And as far as the governments acquiescence to look at data encryption, such a security practice wont help for most of the problem, said Bruce Schneier, founder and chief technology officer of Counterpane Internet Security Inc., since RFID tags require anti-collision protocols and a unique identification number.

The unique ID would still be broadcast and couldnt be encrypted, lest yammering tags all talk at once and say the same thing. "The problem we worry about is tracking," Schneier said. "Its still a unique number. You can still track people but you cant identify someone."

Whats wrong with that, if the unique identifier doesnt reveal personal information? They would create, in effect, a global identification number.

"People get worried about national ID numbers," Scannell said. "What about an international number? Your own, unique identification number. Thats what youd end up with in the machine-readable part of the passport. A hash of the crypto thats unique and becomes a national identifier number. That would be scanned and beamed to the chip.

"I think thats truly frightening," he said. "For the first time in history, together with some 40 other countries, wed have a unique identification number. You dont have to go into the mark of the beast world to find this awful."

Check out eWEEK.coms for the latest database news, reviews and analysis.

Rocket Fuel