I cannot say it any better than it was said in today’s issue of EFFector:
The US State Department is pushing for what may be the most misguided and dangerous travel “security” plan ever proposed: putting insecure radio-frequency identification (RFID) chips in all new US passports. These chips would broadcast your name, date of birth, nationality, unique passport number, and any other personal information contained in the passport to anyone with a compatible RFID reader. That’s right — anyone, not just passport control.
“The upshot of this is that travelers carrying around RFID passports are broadcasting their identity,” observes security expert Bruce Schneier. “It means that anyone with a reader can learn that information, without the passport holder’s knowledge or consent. It means that pickpockets, kidnappers, and terrorists can easily — and surreptitiously — pick Americans or nationals of other participating countries out of a crowd.”
Astonishingly, the State Department proposal abandons even the most fundamental security protections. Why broadcast passport data at all? With machine-readable travel documents that require physical contact between passport and reader, you can rest assured that your passport will only be read when you intend to show it, eliminating any risk of surreptitious reading. But the State Department isn’t only endorsing contactless RFID technology for passports — it wants to broadcast your personal information *in the clear.* In other words, it wants to use digital signatures for authentication, but doesn’t want to encrypt or otherwise protect passport data, claiming that the information isn’t worth protecting and that encryption would interfere with “global interoperability.”
This is especially disturbing in light of the fact that safer options are readily available; the government already uses a line-of-sight LaserCard optical memory card that can’t be read from your wallet or purse for multiple-entry visa Border Control Cards (“LaserVisas”).
Privacy advocate Bill Scannell calls RFID-embedded passports “terrorist beacons” — and that’s precisely what they’ll become if we allow the State Department to move ahead with this plan. The Department is soliciting the public’s input on the new passports, and the time to act is now — the deadline for submitting comments is this coming Monday, April 4. Follow the links below to learn more and submit your comments today:
- US State Department Notice of Proposed Rule Making
(Federal Register; please note that all comments must include the Regulatory Identification Number, RIN 1400-AB93, in the message subject line.)
- Bruce Schneier: “RFID Passports”
- Bill Scannell’s website: “RFID Kills”
- Edward Hasbrouck: “Deadlines Loom for RFID Tracking Chips in USA Passports”
Also in this issue are updates about the Grokster case, more about the TSA’s flagrant disregard for privacy, a bit about Florida election Officials — “People in Leon County would rather vote on paper than on vapor” — and more about the Grokster case.