« Ears and Noses Will Be the Trophies of the Day | Main | Open Thread: Expanded Quotable Comedies Edition »

April 30, 2010

Comments

Why is this bad from a civil liberties perspective? I'm honestly unclear.

I mean, when I start a new job, I need to bring with me my passport or birth certificate during the first few days to prove that I can legally work in the US. If I had to instead bring with me a special electronic authentication token, I don't think my life would be much harder. So what am I missing?

I can see some technical problems with the system, but I doubt they're the same problems that you're imagining.

Lilu Dallas Multipass!

Love the reference.

Turb, do you need to bring your passport and/or birth certificate with you everyday on the job?

Would you be comfortable if you did, and then had to show it with some degree of frequency?

Not to mention the slippery slope - I mean, if you have to carry it while working at all times, which is already a large portion of most people's lives, why not all the time?

Turb, do you need to bring your passport and/or birth certificate with you everyday on the job?

No, I don't. What makes you think that you'd have to do that under the proposed system?

I have to say that I found this from the originally article to be shockingly dumb:

“Creating a biometric national ID will not only be astronomically expensive, it will usher government into the very center of our lives. Every worker in America will need a government permission slip in order to work. And all of this will come with a new federal bureaucracy — one that combines the worst elements of the DMV and the TSA,” said Christopher Calabrese, ACLU legislative counsel.

We already require a government permission slip in order to work in this country. That's what I-9 forms are all about.

Requiring "every worker" to have a biometric ID card is close enough to requiring every American to have a fool-proof ID card that I might as well ask:

What is the downside of a national ID card?

One upside would be a certain clarity about who is a "real American". If you and I and Sarah Palin were all card-carrying Americans, her "real American" BS would be even more contemptible than it is now.

Another upside would be a cheaper, easier, and more accurate census. If everybody in the country has a government-issued ID card, and assuming the government can keep track of the cards it issues, counting up all Americans would be a piece of cake.

Note that I talk about everyone "having" a national ID card, not necessarily carrying an ID card everywhere.

--TP

The national ID program would be titled the Believe System

Presumably based on a Transferable Belief Model.

Wasn't it Republicans who proposed some kind of National ID, last time?

My point is: I don't have to bring my passport to work every day right now because that doesn't make sense. Once an employer has verified that I'm eligible to work, they don't need to keep re-verifying it everyday because they know what I look like; they would call the cops if some other guy showed up at my desk claiming to be Turbulence. So why would I have to bring my super-secure-social-security card to work every day? What threat would that address?

The only scenario I can imagine that being useful in would be one where an illegal space alien killed me, altered its appearance to look just like me, started doing my job while pretending to be me, but somehow was unable to find my secure social security card. That doesn't seem like a major concern.

My point is: I don't have to bring my passport to work every day right now because that doesn't make sense. Once an employer has verified that I'm eligible to work, they don't need to keep re-verifying it everyday because they know what I look like; they would call the cops if some other guy showed up at my desk claiming to be Turbulence. So why would I have to bring my super-secure-social-security card to work every day? What threat would that address?

Well, if your birth cert and passport are good enough now, why have a different ID card?

Anyway, this paragraph led to my assumption, which could be incorrect (but, again, if incorrect, this seems like an unnecessary addition to the system already in place):

It would require all workers across the nation to carry a card with a digital encryption key that would have to match work authorization databases.

Ultimately, the problem is not fake ids from workers. It's employers looking the other way to hire illegals

Well, if your birth cert and passport are good enough now, why have a different ID card?

Because birth certificates are easy to forge and don't contain sufficient biometric identifiers to validate anything?

Ultimately, the problem is not fake ids from workers. It's employers looking the other way to hire illegals

How would you prove in court than an employer knowingly hired someone with a fraudulent birth certificate? I'm happy to step up enforcement, but since the current authentication is so broken, it seems that employers would have a get out of jail free card.

Provided it's a work-eligibility document as Turbulence says and not a gotta-carry-around ID, I don't necessarily think it's a problem. The current employment eligibility system is unreliable and baroque and - for all that everyone always talks about punishing employers for employing illegal workers, without a reliable method for checking paperwork it's hard for them to actually do so (or provides plausible deniability when they intentionally fail to do so).

You need some form of - let's not use the A word - er, parole of immigration violators if you are to bring in such a system, for the simple reason that millions of people work illegally in this country, frequently without their employers knowledge, and it would be enormously disruptive and destructive to suddenly throw all those people out of work, not just for them but for their employers.

Since it's a card for "workers" and not for "citizens" I don't see that a requirement to carry it or produce it or possess it for voting (e.g.) could happen as a consequence, or at least, any more than is already the case for driver's licenses.

(I already have a biometric ID like the one they're talking about, in the form of a green card. I'm not sure what is especially scary about the government having retinal scans and fingerprints on file, when they already have photos, names, dates of birth, and so on.)

It's remarkably stupid. Putting biometrics on the card only enables forgery, since whoever is fabricating a forged card will have access to the biometrics of the person who will be carrying the card. There's simply no way to make an unforgeible card, short of having the Arisians manufacture them for you. And do we want anything that critical to national security being manufactured by aliens?

If you want a secure ID system, you don't need a card AT ALL. You need a central biometrics database, and people just remember their SS#. You want to verify somebody's identity, they give their SS#, you enter it, and then compare them to the picture and biometrics that come up.

And you already, theoretically, have to provide your SS# to get a job here, even if you ARE a citizen. So that wouldn't be one bit more intrusive.

Ultimately, the problem is that the enforcement mechanism is being run by people who are under orders not to enforce. No system will work under those circumstances. No card is going to fix that.

What about us self-employed people? I can just see how much fun it would be to ...

Oh, never mind.

The passages Eric quotes say twice that workers would have to "carry" the id. That sounds like it means, well, "carry" -- not just produce it when you change jobs.

What about citizens who don't have jobs? Do they have to "carry" the card anyhow? What about kids?

For the green card, I think the biometrics are linked to the database, so local forgery isn't very useful - the data on the card is a duplicate, there to make sure it keeps working if the main database is unavailable. Of course, there are ways to forge entries in databases too, or to hijack a legitimate entry, especially when you have to bootstrap 200 million or so secure ID cards from insecure source documents - this is another reason you need some sort of amnesty, because you're going to wind up accepting a lot of fake docs in the process of bootstrapping the ID system.

(And "secure" is a marketing term, as any programmer will tell you. But there are degrees of security, and the biometric IDs are certainly harder to forge than birth certificates and social security cards.)

What about us self-employed people? I can just see how much fun it would be to ...

Did you have to fill out an I-9 form? I'm guessing not, so I imagine you wouldn't have to do anything.

What about citizens who don't have jobs? Do they have to "carry" the card anyhow? What about kids?

I imagine that people without jobs don't need to do anything; the point of the system is work eligibility. Kids might need to get the cards when they start working though....

JanieM: "The passages Eric quotes say twice that workers would have to "carry" the id."

That's an article about the bill, not the bill itself. I'm too lazy to find the relevant text of the bill right now but I will later if someone else doesn't. I would be very (very) surprised if it said you had to "carry" the document as opposed to "produce it at the times you currently have to produce work eligibility documents" - and even the article says "workers", not "all citizens".

Certain corporate interest groups will be very opposed to this provision because they love the status quo, where they can employ large numbers of undocumented workers under the pretext that they "checked" their fake documents, in the full knowledge that the workers will never complain about labor law violations for fear of being caught for immigration violations (or, even if they are legal, of having their coworkers caught for the same thing).

The status quo is basically that we pretend that there are laws that prevent the employment of undocumented immigrants, and employers pretend to obey them, while in fact undocumented immigrant workers are employed in huge numbers with massive violations of labor law. Doing something about that is going to require providing employers with a verifiable and reliable method of checking employment eligibility, as the current system is not verifiable or reliable. If anyone has a better idea, I'd be curious to hear it.

Seems to me they'd have had a much easier time of this if they'd just used the existing system. That is, if it's as Jacob hypothesizes (ie not something you need to always carry), then just bill it as a reformatting of the SS card. Now, your SS card will have biometric data that can be confirmed on a government DB- not nearly as threatening as "new national ID card", which automatically got my hackles raised.

short of having the Arisians manufacture them for you

Brett, kickin it old skool.

If I thought it was a must-carry ID or even a must-have ID (regardless of whether you work) I'd be strongly opposed. I don't like the law that says that foreigners have to carry ID around, either, because I think the right to walk around without official documentation is an important guard against government harassment for citizens and aliens alike, which is also why I really dislike the Arizona law. Walking around should never be sufficient cause for a police officer to demand something of you. (The Arizona law is dangerous because the existing federal requirement that foreigners carry ID is never enforced, which is a pretty good argument for it being taken off the books.)

We are in this mess because of the fact that a state-issued driver's license is all but useless.

Take the state of Maryland, for example. When I switched to a Maryland license, I had to bring documentation to the site where they process that sort of thing. I had to provide a birth certificate, proof of residence, a previous license from another state, and, even then, I had to jump through hoops. They made the process seemingly foolproof, but, alas, a Maryland license is worthless as a form of ID because so many of them are falsified and issued to people who shouldn't have them.

Should an illegal alien have a driver's license? Yes, but one that clearly identifies them as such. There's a public safety issue here, and I acknowledge that, but I abhor a system whereby someone can falsify or buy or game themselves into getting a driver's license as if they already are a citizen. That's broken. That's what needs fixing. Establishing a new bureaucratic obstacle on top of that is wrong. Fix what's there.

If you standardized the state driver's license--as in, made it one format, one standard, one comprehensive process to obtain one--that would be your ID card. I would make it biometric, and I would then allow control of this information to revert to the state where the license was issued.

For legal purposes, I may be an American citizen, but I am also a resident of Maryland. With one comprehensive standard for issuance, let's not worry if I'm an American citizen; let's ensure that I am a resident of Maryland (or whatever state) and try to keep a "national" ID card out of the discussion.

The discussion should be--do you have a valid driver's license? Yes? Then whether or not you are an American citizen is no one's business.

Carleton Wu: just bill it as a reformatting of the SS card

The draft summary of the proposed bill:

http://www.politico.com/static/PPM154_proposal.html

"Not later than 18 months after the date of enactment of this proposal, the Social Security Administration will begin issuing biometric social security cards ... It will be unlawful for any person, corporation; organization local, state, or federal law enforcement officer; local or state government; or any other entity to require or even ask an individual cardholder to produce their social security card for any purpose other than electronic verification of employment eligibility and verification of identity for Social Security Administration purposes ... Under no circumstances will any other information, including medical information or position-tracking information, be contained within the card ... Prospective employees will present a machine-readable, fraud proof, biometric Social Security card to their employers, who will swipe the cards through a card-reader to confirm the cardholder’s identity and work authorization ... the fraud-proof social security card will serve as the sole acceptable document to be produced by an employee to an employer for employment verification purposes."

That does not sound like a national ID card to me. That sounds like a Social Security card that would be significantly harder to forge than the current card, and could substitute for other easily-forged and non-standard work-eligibility documents that are currently required.

It will be unlawful for any person, corporation; organization local, state, or federal law enforcement officer; local or state government; or any other entity to require or even ask an individual cardholder to produce their social security card for any purpose other than electronic verification of employment eligibility and verification of identity for Social Security Administration purposes.

From http://voices.washingtonpost.com/ezra-klein/Conceptual%20Outline%20of%202010%20Bill%20%28R-S-M%29.pdf

No carry, just verification that the government decrees you're eligible to work. I, however, am a definite believer in the slippery slope argument here.

Jacob,
Thanks- I was too lazy to look anything up. :) So perhaps they've followed that line of thinking, and the "national ID card" hysteria is just a Luntz-ish attack angle. And a really effective one, unfortunately, seeing how many civil liberties-types on the left are upset by it.
Would that truth were Kyrptonite to bullcrap; who could genuinely get excited about making SS cards and the SS system harder to fake out?

Of course, Im still reserving judgment until they actually get a bill to vote on.

Somewhere out there, Bruce Schneier is dreaming of the same government that brought us "secure" RFID passports proposing a single point-of-failure ID card, and waking up screaming.

There's simply no way to make an unforgeible card, short of having the Arisians manufacture them for you.

Oh, sweet Jeebus. I'm in partial agreement with Mr. Bellmore on this, and I recognize his "Doc" Smith reference. Time to sneak out of work and start drinking heavily. Everyone enjoy their weekend.

It will be unlawful for any person, corporation; organization local, state, or federal law enforcement officer; local or state government; or any other entity to require or even ask an individual cardholder to produce their social security card for any purpose other than electronic verification of employment eligibility and verification of identity for Social Security Administration purposes ...

If I'm not mistaken, it has always been unlawful for anyone to ask for your social security number for any purpose other than tracking your income for tax purposes.

That has not stopped doctor's offices, universities, etc. etc. etc. -- anyone who thinks that that particular unique id number is a dandy id for database purposes -- from asking anyhow.

And I am not talking just about recently, when there is often an excuse (tracking tuition for the sake of the tuition credit; preventing Medicare/aid fraud, etc.), I am talking about decades ago.

The SSN is already well on its way to being a national id, verbiage in bills notwithstanding.

http://www.politico.com/static/PPM154_proposal.html>Correcting Jacob's link (from his 4:06 comment). For which, by the way, thanks.

We are in this mess because of the fact that a state-issued driver's license is all but useless.

No. It really makes no sense to couple federal work eligibility to state-issued driving permits. Overloading drivers' licenses with more unrelated functionality is just absurd.


Somewhere out there, Bruce Schneier is dreaming of the same government that brought us "secure" RFID passports proposing a single point-of-failure ID card, and waking up screaming.

Huh? How is this a single point of failure? Like other crimes, employers who act in good faith are not generally liable. If I start a new job and the verification system is down, my employer won't be liable as long as they verify my eligibility later on when the system is back up. If some data snafu occurs and the system says I'm not eligible, I'll bring a whole bunch of paper to the company and they'll let me work with the understanding that I'll sort things out with the SSA and verify when the data error has been corrected.

It will be unlawful for any person, corporation; organization local, state, or federal law enforcement officer; local or state government; or any other entity to require or even ask an individual cardholder to produce their social security card for any purpose other than electronic verification of employment eligibility and verification of identity for Social Security Administration purposes.

Suppose hypothetical state of Zrizona passes the following law:

All residents of Zrizona must obtain an identification card from the state that meets the following requirements [insert BELIEVE act ID requirements]. The fee for such an identification card shall be $10,000. Such card must be presented upon demand by any authorized representative of the state of Zrizona. Alternatively, upon such demand the resident may present the federal equivalent of the state identification card.

JanieM: If I'm not mistaken, it has always been unlawful for anyone to ask for your social security number for any purpose other than tracking your income for tax purposes.

http://cpsr.org/issues/privacy/ssn-faq/#IsItIllegalToAsk

Not the case. Government officials are limited, private citizens & corporations not.

(SSNs actually make exceptionally poor unique identifiers, because 1) they're not unique, 2) you cannot prove identity with one, 3) not everyone has one, and 4) because a bunch of people are confused about point 2) they are sensitive information and unless you absolutely have to have them, you really don't want them in your database waiting for someone to abuse them. That doesn't stop people using them all the time, but a well-designed system that does not interact with the credit history system or with tax systems should not gather them, and even those systems should use a different unique ID as the primary key - and most systems now do.)

I think there's a pretty big difference between asking for a number - which is inherently copyable and not tied to a particular physical object - and asking for physical examination of a card, especially if in the latter case the card is one that people do not routinely carry with them, and where the law specifically says that corporations cannot ask to see it.

My Social Security card lives in file at home, along with my passport and other documents that I don't need on a daily basis.

If I was designing this I think I'd avoid putting a photograph or fingerprint on the card itself specifically to avoid the possibility that it would be useful as an everyday ID card. You can encode those things on the card in a way that requires a specific, non-standard type of card reader to extract, which combined with the law against asking for the card, and the single-purpose nature of government requests for it, should head off any enterprising attempt to use it as a primary ID.

The RFID passports are a disaster and I don't believe in unforgeable documents either. But there are degrees of difficulty in forging, and a card like my green card with an optically encoded section on the back (I believe it's basically like a CD-R) and a live link to a national database would be much harder to forge than a birth certificate.

If you want a secure ID system, you don't need a card AT ALL. You need a central biometrics database, and people just remember their SS#. You want to verify somebody's identity, they give their SS#, you enter it, and then compare them to the picture and biometrics that come up.

Not a bad way to go- only downside is what happens when the system is offline. And, of course, both systems are vulnerable to db error- I've had my wife's SSN and mine swapped in one system, and years later we still haven't got it untangled... pity if that stopped me from working for half a decade.

But Im thinking that the real vulnerability in either of these proposals is *getting* the SSN/improved card. If all it takes to get your biometric data validated in the system is a birth certificate & a drivers license/military ID/School ID, then we're just as vulnerable to forgery as before. And we'll also be importing all of the existing fraud. What we really need to do is have the step of acquiring the new card be the same as for a new applicant, and have that process be relatively thorough.
Real PITA for Joe Taxpayer though.

Putting biometrics on the card only enables forgery, since whoever is fabricating a forged card will have access to the biometrics of the person who will be carrying the card.

Not if you do it with good public key encryption. The data on the card would be encrypted using the government's private key, while the public key would be available on the Social Security web site. Anyone could use the public key to decrypt the biometric information, but only somebody with the private key could create new cards. The only way of getting an illegitimate card would be to get somebody within Social Security to cooperate.

Employers could keep a copy of their employees' encrypted data as proof that they had checked their credentials. As long as the data checked out, it would make an airtight affirmative defense against knowingly hiring somebody without a proper work permit.

"The only way of getting an illegitimate card would be to get somebody within Social Security to cooperate."

IOW, the mean time to failure of the system would be a few days, at most. That government key would leak so fast your heads would spin. Unless every individual had a different key combination, in which case you might as well skip the card, and use my system.

Given the availability of freaking huge storage capacities on the cheap, you could, I suppose, find some advantage in a physical card which had nothing but the public key to unlock only the bearer's biometric data, when used in combination with their SS or resident alien id number. This would allow employers to locally check against a recent copy of the central database, while still not permitting the sort of forgery actually storing the biometrics on the card would enable.

But, as I said above, the central, unavoidable problem we face, is that it is government policy not to enforce immigration laws. And no system works if the people running it are under orders to make sure it doesn't work.

The world is going to end. I agree with Brett's 10:49 post ;-)

We probably agree on more than you realize: I happen to enjoy a good argument, so I mostly comment where I know I'm going to be disagreed with.

Though perhaps it could be fun to comment occasionally where I agree with Jes, just to watch heads explode...

Eric is also right about the politics of this. When DEMOCRATS propose requiring everyone to present a card with a biometric chip as a condition for getting a job, that sends the fundamentalist paranoia meter off the charts. OMG, the Mark of the Beast! No one could buy or sell without it! The final proof that Democrats are the Antichrist!

Go ahead and laugh. It may seem ridiculous from our liberal bubble. But fundamentalists have been obsessing on this for years. It the goal is to trip their paranoia meters, this is the way to do it.

Dude, everything makes them paranoid. They are paranoid, there isn't anything you can do to stop that, and there isn't any way you can appease them. You have to do things based on whether they're a good idea, not based on how you imagine they might appear to one particular group of lunatic conspiracy theorists.

Whether teabaggers or anti-government conspiracy theorists approve is not a useful guide to policy. Surely we have learned that over the last few years?

First of all, let me say that Jacob has been rocking this whole thread.

Eric is also right about the politics of this.

Well, most of Eric's substantiative concerns have been shown to be...wrong, so I'm not sure we should give too much credence to his instantaneous political assessment.

When DEMOCRATS propose requiring everyone to present a card with a biometric chip as a condition for getting a job, that sends the fundamentalist paranoia meter off the charts.

Maybe. But so what? Fundamentalists aren't exactly Dem voters, so Dems are not going to lose many votes. And given that some fundamentalists already believe that Obama is the anti-christ, I'm not sure this will convert many more people. It might motivate fundie voters to go to the polls on election day, but since those voters seem to be already screaming about health care, wall street, and immigration, I'm not sure it will matter. What will republicans do, become obstructionist and oppose everything Obama does? Oh no!

Finally, note that the media often dramatically overstates the number and political influence of fundamentalists in the US. There really aren't that many of them. And when politicians talk about the mark of the beast, they sound nutty to most people.

It the goal is to trip their paranoia meters, this is the way to do it.

It is also good wedge politics. It helps split up the anti-immigrant conservatives from the pro-business conservatives. And it is easy to explain: paper credentials are easy to forge, electronic credentials will be better and we need to reduce forgery in order to stem illegal immigration. This is a credential that doesn't work if you hand it to someone else: it only works if it is in your hand. Seems like a win to me provided that its handled correctly.

After reading a bit of the draft, I don't really like the technology they seem fixated on. In fact, I'm not even sure they can actually build a moderately secure system that meets these specs. I'd be much happier if they insisted on online authentication and rethought their whole approach to biometrics.

The discussion should be--do you have a valid driver's license? Yes? Then whether or not you are an American citizen is no one's business.

What if you're blind? Or have epilepsy, or any of the other medical conditions preventing you from getting a drivers licence? While a licence works well for quite a large number of people there's still a substantial group that are ineligible and would therefore need some other form of ID.

I have to agree with everyone who is saying this is a de facto national ID card. We already have hospitals pushing very hard to make sure that newborns get SS#s as soon as they are born. Obviously it's not for work purposes (at least not for another 14 years).

I can't imagine why a hypothetical new beefed-up SS card wouldn't see the same stampede toward universal adoption (and every corporation and their cousin demanding to use it as ID, too).

Another major "why not" from me is on a practical standpoint. Not only would the new card not be secure, for all the reasons listed above, but the semi-recent scandals of British civil servants accidentally leaving laptops or disks full of citizen data on the subway or in the back of a taxi should remind us that human error is inevitable. Nationalizing a database just makes the data loss all the more catastrophic when it occurs.

Nationalizing a database just makes the data loss all the more catastrophic when it occurs.

The federal government already has a database containing names, social security numbers, citizenship status, and more.

I can't imagine why a hypothetical new beefed-up SS card wouldn't see the same stampede toward universal adoption (and every corporation and their cousin demanding to use it as ID, too).

Because it is specifically against the proposed law? See Jacob's excerpt above. Right now, it is illegal for government agencies to require SSNs for non social security purposes, but it is legal for corporations and individuals to require them (although the government frowns on it).

The federal government already has a database containing names, social security numbers, citizenship status, and more.

Yes, but the SSA database doesn't have photos and biometrics (nor does it even include all lawfully-present noncitizens), and the several different DHS databases cover at *most* 11% of the living U.S. population.

Moreover, DHS doesn't have its records in "a" database -- it has them in a hodge-podge, grown-over-the-years "system" of paper files plus several different overlapping but not identical databases.

Because it is specifically against the proposed law? See Jacob's excerpt above.

In ascending order of importance:

1. Because FDR promised the original SS card wouldn't be used for anything else, and it was - almost immediately. And that was in a smaller, less mobile, way less technological world.

2. Because the "proposed law" is really just a set of policy proposals. It's not even draft legislation. I'm somewhat doubtful that a robust provision on this issue would even survive the legislative process.

3. Because I think it's virtually unenforceable even if they do make it into a law. Someone upthread already gave an example of how a state government could coerce participation.

3. Right now, it is illegal for government agencies to require SSNs for non social security purposes, but it is legal for corporations and individuals to require them (although the government frowns on it).

I don't disagree with this, but that's not the concern I was raising. Look, at various times in my life I have had to give my SSN to:

- Enroll in college (it was even used as my student identifying number on my photo ID!)
- Open a bank account
- Get a landline
- Open accounts with utilities (electric, gas, water)
- Sign a cell phone contract
- Get taken OFF of the family plan for the cell phone contract
- Purchase health insurance
- Purchase disability and life insurance
- Get reimbursed for charges under my health insurance
- Get a job
- Pay income taxes
- File a wage-tax return with my local municipality (involving no exchange of money)
- Get a driver's license
- Buy a house
- Get a mortgage
- Get a credit check

and on and on. I'm pretty sure I had to have one to buy my auto insurance, too, and I know for a fact that in my state you can't legally register your vehicle unless you have a driver's license, which absolutely requires a SSN unless you are here on a special student visa or the like.

The culture is just saturated with this stuff, and it's almost impossible to imagine how we could go through all the upheaval of creating a new national biometric card and then not have it be used for more than just work. At the very least, we'd be showing it to get on airplanes, don't you think?

"Right now, it is illegal for government agencies to require SSNs for non social security purposes,..."
State DMV's require ssn's to obtain, update and renew drivers licenses.

Yes, but the SSA database doesn't have photos and biometrics (nor does it even include all lawfully-present noncitizens), and the several different DHS databases cover at *most* 11% of the living U.S. population.

I'm pretty sure that passport photo and state drivers' license databases have long since been integrated somewhere in the government so that photos actually are included. As for biometrics, well, it would break my heart to learn that American citizens get treated the same way non-citizens get treated right now. That would be awful beyond imagining. Really, I'm shedding a single solitary tear contemplating it.

Moreover, DHS doesn't have its records in "a" database -- it has them in a hodge-podge, grown-over-the-years "system" of paper files plus several different overlapping but not identical databases.

How is this relevant to the discussion?

1. Because FDR promised the original SS card wouldn't be used for anything else, and it was - almost immediately. And that was in a smaller, less mobile, way less technological world.

I think you're confused on one vital point. We're not talking about introducing a new identifier, we're talking about introducing a new certificate. That new certificate would still have the SSN. Any entity that has your SSN now wouldn't get any additional information under this proposal.

2. Because the "proposed law" is really just a set of policy proposals. It's not even draft legislation. I'm somewhat doubtful that a robust provision on this issue would even survive the legislative process.

This is ridiculous. Policy drafts come before legislative drafts come before legislation. Obviously, if Congress passes legislation radically different from this proposal, our comments will no longer apply. But that's true of all legislation.

As for your doubts, I can't really asses them since I have no idea how competent you are at predicting legislative outcomes. Given the furor from both liberals and conservatives over this point, I suspect you are incorrect.

3. Because I think it's virtually unenforceable even if they do make it into a law. Someone upthread already gave an example of how a state government could coerce participation.

I didn't respond to Ugh's comment because I assumed it was a joke and too ridiculous to justify a response. If you really think that states can so easily blow off congress without any consequences, especially in an area that terrifies people on the left and right, well, I don't think I'll be able to convince you of anything.

Look, at various times in my life I have had to give my SSN to....

Under the proposed law, I imagine you'd still be asked for your SSN. But in many cases, there's no way to actually verify the information with the secure SSN card, so it wouldn't make sense to ask for the card. Say I buy a cellphone and activate at home on the internet: there'll be no way to verify what the secure SSN card is showing. And because of that, phone companies will not make in-store phone buyers present their card either. After all, there's no point to instituting a security mechanism that can easily be bypassed. For the rest, I don't see why they wouldn't just require standard identifying documents like a passport or drivers' license. Future drivers' licenses may incorporate similar technology. For many uses of the SSN, they don't really need your SSN per se; they just need something unique that you won't forget. Because they don't have an interest in accurately knowing your SSN, it doesn't make any sense to spend time and money trying to verify it.

The culture is just saturated with this stuff, and it's almost impossible to imagine how we could go through all the upheaval of creating a new national biometric card and then not have it be used for more than just work. At the very least, we'd be showing it to get on airplanes, don't you think?

I guess I don't see why it would be such a major upheaval compared to not doing it. I mean, there are real problems right now with the current system. Just because you don't usually consider them doesn't mean that they don't cost lots of real money right now. I kind of doubt they'd be used on airplanes because there is no objective threat justifying that and frankly, I don't think the government cares enough.

I'm not quite sure if we're arguing at cross-purposes or if I'm just tired or what, but I'll try to clarify my perspective once more before bed:

I'm pretty sure that passport photo and state drivers' license databases have long since been integrated somewhere in the government so that photos actually are included.

First, I didn't mention the Dept. of State (which is the entity that issues passports). I was talking about SSA and the Dept. of Homeland Security.

Second, there was substantial litigation between the states and the feds over Real ID, and I'm fairly certain that no, the states *aren't* connecting photos from state DMV records to federal passport records. I'm very willing to be corrected on this issue if you or anyone have any empirical data or citation, though.

Third, millions and millions of Americans do not have passports. So even if all of the passport records are linked up with the state DMV records, that still leaves many people not included. Back to my original point, one of my concerns about a national ID system is the sheer scale of the consequences of any data breach or human error. The SSA database has basically every living American and many foreign-born residents. The passport database does not.


As for biometrics, well, it would break my heart to learn that American citizens get treated the same way non-citizens get treated right now.

I don't have a strong philosophical reason that people shouldn't be treated equally -- in general I love and appreciate that our country holds up equality as the ideal. Nevertheless, an argument can be made that: a) if you want them to be equal, you could just as easily collect *less* information on the foreign-born, rather than collect *more* about the native-born, or b) we have a long enough history in the law of differentiating between citizen and non-citizen that this is merely a continuation of that.

Please note that I don't support Option B strongly enough to make much of an argument for it.

How is this relevant to the discussion?

Because it goes to the security risk. One of many reasons to oppose a national database is ease of access to records. Currently if a crazy ex-husband convinces a DMV clerk to let him look up his ex-wife's details, there's a limit to how far he can search -- one state at a time. If he's got access to a national database, her ability to start over and feel safe is severely limited. Plus, again, a lot of records are on paper. For better and worse, tracking down paper records is a lot slower and more cumbersome.

I think you're confused on one vital point. We're not talking about introducing a new identifier, we're talking about introducing a new certificate. That new certificate would still have the SSN. Any entity that has your SSN now wouldn't get any additional information under this proposal.

I do understand that this is being pitched as a more robust version of the SS card that most of us already have. However, "any entity that has my SSN now wouldn't get any additional information" seems like a supposition to me. There are already many private entities that exist to compile data, link it to unique identifiers, and sell it to other private companies.

I was recently rather creeped out when UPS delivered a package that had originally been addressed to my PO box, and it was clear from the labeling that they had figured out what they thought was my home address, and delivered it there instead. My home address is not listed online, my phone is unlisted, and the only way I know that a private citizen could easily get my home address is to make an educated guess about which county I live in and look up the Recorder of Deeds records. So they must have been using a proprietary database compiled by somebody or other. (To be clear, I'm not holding the federal government responsible for that data mining.)

Obviously, if Congress passes legislation radically different from this proposal, our comments will no longer apply. But that's true of all legislation.

We agree on this. However, we apparently have different assessments of the likelihood that this provision will survive the transition from policy proposal to legislative draft. Time will tell, I guess.

I didn't respond to Ugh's comment because I assumed it was a joke and too ridiculous to justify a response. If you really think that states can so easily blow off congress without any consequences, especially in an area that terrifies people on the left and right, well, I don't think I'll be able to convince you of anything.

I'm confused. In addition to CharlesWT's link, state governments routinely require SSNs for things like food stamp applications, state-funded health insurance, etc. Either you are mistaken about it being illegal for them to do so, or I am misreading your definition of "non-SSN purposes," or we already have a whole lot of states thumbing their nose at the feds.

Under the proposed law, I imagine you'd still be asked for your SSN. But in many cases, there's no way to actually verify the information with the secure SSN card, so it wouldn't make sense to ask for the card. Say I buy a cellphone and activate at home on the internet: there'll be no way to verify what the secure SSN card is showing. And because of that, phone companies will not make in-store phone buyers present their card either.

I can imagine it happening this way. I guess in that case, the big three credit bureaus would come up with some unique identifier to use for all the things a SSN currently gets used for.

I mean, there are real problems right now with the current system. Just because you don't usually consider them doesn't mean that they don't cost lots of real money right now.

I think we're assessing costs very differently. I am keenly familiar with the immense costs to people of delays in verifying identity and immigration status. I work regularly with people who are in danger of losing jobs, travel opportunities, medical care, the ability to see a dying parent, the ability to adopt a particular child, etc. because the current system of identity verification and work authorization is so complex.

But it is my very awareness of the costs and challenges of tracking identity that *itself* makes me so skeptical of pie-in-the-sky assurances (I'm not saying you're making them, but others are) about how great it would be if we just had everything in One Big Database.


I kind of doubt they'd be used on airplanes because there is no objective threat justifying that and frankly, I don't think the government cares enough.

??? We currently have to go through ludicrous security theater exercises to fly on an airplane, and there is no objective threat justifying THAT.

PublicData

No carry, just verification that the government decrees you're eligible to work. I, however, am a definite believer in the slippery slope argument here.

For some people, though, it will be must-carry in practice. When the ICE agents sweep through the meat packing plant, and you are legal but not carrying your card, how long will you be held before they get around to taking your biometric data and comparing it against the database? Will you be released soon enough to pick up your child at day care? If I were a meat packer operating within the law, I might request/require my workers to carry their cards, so that such an ICE sweep could be dealt with quickly.

IOW, the mean time to failure of the system would be a few days, at most. That government key would leak so fast your heads would spin

Then you lop off the heads of everyone who had access to the government key, establish a new key, and say "ok, let's try that again...."

What I really wanted to say about this law is this: if you want control of immigration policy (at whatever level of immigration), you need to get serious about what it takes to have control of immigration. If you want it in some abstract sense but you're not willing to do the things required to make it happen, you don't really want it, or at least, you'd better get used to not getting it.

As an immigrant myself, I hesitate to make definitive-sounding comments on whether immigration is a good idea or not. I think the current system is inhumane and ineffective at achieving its stated goals, but that's a different question to the one of how much - and what type - of immigration should be permitted.

I very much dislike immigrants who say "I worked hard to come here the legal way and so I think those who don't should be kicked out!" - although I think this is a sentiment more common in newspaper quotes than in reality. But then, I also don't grant unlimited moral authority on the question to the descendants of white settlers. We all wound up on this planet in particular countries through no virtue of our own, and morally speaking, I don't know what right anyone has to tell anyone else where to live; practically speaking, it's another matter.

But anyway, back to what I was saying about getting serious about immigration control. If you want it, you have to accept that having it means doing nasty things to nice people. It means doing nasty things to the parents of American citizens. That in itself does not make it unique: the tax system doesn't care whether you're nice or not, or whether you have kids who will be hurt, you still have to pay your taxes or get fined or go to jail.

Now there are all kinds of nasty things you can do, with differing consequences for the person you're doing them to, and different amounts of collateral damage to everybody's civil rights. Arrest & deportation is the harshest, the most dangerous, the most prone to error; at practical levels of enforcement, it is also going to touch no more than a tiny fraction of illegal immigrants. And in order to check whether someone is here legally, you need to demand identification from them and threaten arrest if they don't comply - so it has major civil rights damage on the side. This is the Arizona method.

A different nasty thing is to prevent access to public services, but that's very problematic with families that have a mixture of non-citizens and US citizen children, and similarly so at ERs. It's actually very difficult for any organization, including the government, to determine whether someone is here legally or not or is the person they claim to be.

And it's the difficulties with actually doing those kinds of nasty things that mean that they don't really get done. They're not very effective, they're very harsh, they hurt citizens, they damage civil rights, and when you ramp them up to levels that could make a difference you find yourself running a system of family prison camps.

So the other option for nasty, discouraging things is denial of employment. There are good reasons why this is more humane: it demands proof of legality at a point where you are already interacting with the government, and it means that it happens at a time & place of the person's own choosing, rather than being picked up off the street or denied care in an ER or whatever. It means that people can walk around on the street without fear of detention, it means that tourists can visit without a lot of paperwork, and if it were effectively enforced, it would be a real deterrent against the idea of heading to the US to work. At some level the cash economy is unavoidable, but it's mass employment using fake documents that is the reliable source of work here. It's still a "nasty thing" to prevent someone from working, but unlike deportation, lack of access to work allows the decision to leave to be at the time of their own choosing and not through a process involving imprisonment. It is also scalable in a way that arrest & deportation is not, and it has far smaller risks of catching people by accident, since proving employment eligibility if you are a citizen is not that hard.

So Democrats, understanding this, and being good populists, like to say "Let's punish the employers, not the workers!" Great. I agree, in theory. Unfortunately, there are lots of ways of punishing the employers that wind up doing a lot of damage to workers and especially legal Hispanic workers, which is related to the real difficulty for employers in actually verifying employment eligibility. You may have a pretty good idea that 25% of your workforce is illegal, but which 25%? Do you fire all the Hispanics just in case? "Punish the employers" is a slogan, not a plan.

The documentation requirements for the I-9 are pitiful: a Social Security card or a birth certificate, both of which are trivial to forge and can be knocked off by anyone with a color printer and a copy of Photoshop. So now we come to the heart of the problem: the best way of enforcing the agreed-upon immigration restrictions is through denial of employment. But at present, employment eligibility documents are so easy to forge that this is completely ineffective. So as I said earlier: do you have a better plan?

Even if you don't care for the current immigration restrictions, the status quo only allows for a very fraught, very uncertain, very stressful method of immigration above quotas. This system also hurts both legal and illegal workers by damaging enforcement of labor laws and preventing workers from organizing. It does nothing to hurt those large employers that rely on the threat of deportation to keep wages and organizing activity down, and no change in enforcement can fix that, although more workplace enforcement will mean more arrests and deportations for individual workers, which is something that people who claim to be speaking for immigrants should keep in mind when demanding more punishment of employers.

Now introducing a system that actually worked for enforcing employment restrictions would instantly throw about 5 million people out of work and be enormously disruptive. It'd also be, I believe, rather unfair to people who have come here under the current wink-and-a-nod enforcement regime, as sudden rigorous enforcement of any neglected law is likely to do. So as pretty much all sane people agree, some kind of amnesty (sorry, "path to citizenship") is necessary to avoid mass inequity. And anyway, when introducing a new system like this one, there will be some number of people who bootstrap a secure ID using bad source documents, so you might as well just accept that and move on. In the future you can check more thoroughly because the number of new documents issued will be smaller.

In order to get that past those who are anti-immigration - this being a democratic country & all - even those who are pro-immigration need to figure out a way to make the actual laws on the books enforceable in the future, because those who oppose immigration will not support an amnesty without effective enforcement.

I wish that some of this was acknowledged on the left-ish blogs that have talked about this card. There is a good reason for wanting a system of checking employment eligibility that works whether or not you support immigration. So again: what's the alternative plan? Do you like the status quo? Because unless you come up with a more effective employment eligibility check, nothing is going to change.

And yes, there are certain hazards to all databases, but the SSA already has a lifetime employment record and all of your personal details; State already has some of your biometric information if you have a passport; individual states have both tax information and photos and so on if you have a driver's license. This is not a revolutionary change. And there are good reasons why a Social Security card in particular won't become a de facto ID: firstly, almost everyone already has some other photo ID they already carry; secondly, SSNs are sensitive and people won't want to carry them around or freely show them to strangers; thirdly, the features that make it reliably verifiable ought to be ones that only the federal government can use.

And last of all, I am dubious about slippery slope arguments. How long has the US had compulsory driver's licenses with photographs? And has the feared state of affairs where you can't walk around without an ID transpired? In those situations where you do have to have an ID, has any gross violation of liberty resulted? Has the issuing of Social Security numbers and their use in all sorts of systems resulted in an Orwellian society? No, no, no.

I worry more about grasping websites or search engines, than I do about the government. You want collections of sensitive information that reveal more than you want to reveal about yourself, logs of browsing activity are much worse than a stupid government ID. And unlike the government, you can't vote a corporation out of office if they misuse your data, nor do they even claim to have your best interests at heart. I'm not saying concern for one excludes concern for another, but I fail to see what is such a great concern about the federal government having a photo of you, or your fingerprints. They have my photo, my fingerprints, my retinal scan, and I have to carry an ID card around with me. B.F.D.

you lop off the heads of everyone who had access to the government key, establish a new key, and say "ok, let's try that again...."

Doesn't work that way. Possession of a once-valid private key implies the ability to retroactively forge signed documents. In other words, if the government uses a key for 6 months, then loses it, I can forge documents as if they came from that 6 month period until the end of time.

The only way around that is key revocation: saying that not only is the key not valid, but any documents signed with that key are not valid. If those documents happen to be government IDs, that's a big problem.

But I actually think that a reasonably secure system can be built that incorporates public-key encryption, it's just that it is not a simple matter, or some kind of silver bullet. The data that gets signed has to get into the system from somewhere, and that means opportunities for bad data to get in and get signed. I think it's plausible that the government could hold onto their keys quite effectively - the military does mass-scale public-key encryption and key management - and there are key-management plans that could make it fairly secure - for instance, using each key for only a week, using a bunch of different keys at a time, and permanently destroying the private key after it's been used, which means that in the event of a loss only a small number of signed documents need to be revoked, and the risk of loss is small and temporally constrained.

The federal government already does a pretty good job at State and DHS of issuing documents that are desirable targets for forgery. Scaling that to 200 million workers would be a challenge, but I can't see it being impossible.

" So as pretty much all sane people agree, some kind of amnesty (sorry, "path to citizenship") is necessary to avoid mass inequity."

I'm not generally impressed with any argument based on declaring a super-majority of the population insane. But, sure, let's have an amnesty: We deport them with no additional penalties.

After all, an amnesty doesn't imply you get to keep the ill-gotten goods. It just gets you off without punishment. And if you're not a citizen, deportation isn't a punishment.

Excuse me, to clarify: If you're not here legally, deportation isn't a punishment. Anymore than if you steel a car, depriving you of it is a punishment.

By all means, eject them from the country without penalty. We can reserve punishment for any who subsequently return.

Doesn't work that way. Possession of a once-valid private key implies the ability to retroactively forge signed documents. In other words, if the government uses a key for 6 months, then loses it, I can forge documents as if they came from that 6 month period until the end of time.

The only way around that is key revocation: saying that not only is the key not valid, but any documents signed with that key are not valid. If those documents happen to be government IDs, that's a big problem.

Not quite.

It's true that you can't trust the timestamps in signed documents once the signing key is compromised, but there actually are reasonably good mechanisms for providing digital timestamps that allow for independent verification of the time when a given document was produced. These mechanisms don't rely on public key cryptography and so aren't susceptible to attack by leaked keys. The general technique is called "hash chaining". (The original paper here is How to Timestamp a Digital Document by Haber and Stornetta.)

Actually, come to think of it, there are probably mechanisms for designing a system like this that barely require public key crypto at all. For instance, take all the cards for a day, combine them into a Merkle hash tree, and then publish the daily root of the tree in the congressional record.

Jacob, that's probably the most comprehensive, pragmatic, and practical analysis of immigration I've read in a year. And I read a lot on this topic.

A few things I would add: First, not only do we not have a conversation about what level of immigration we as a country really want, we also have next to no public acknowledgment of the role our country plays in creating the conditions that make people want to immigrate.

Whether it's trade policies, wars, drug policy, support of foreign governments, or disaster management, we tend to carry out our plans without virtually zero mention of the immigration impact.

Then we wind up having a narrow public debate between whether we take "too many" refugees already, or whether we owe a moral obligation to the tiny subset of Iraqis who worked as military interpreters, among the 2 million displaced. But there is no public discussion at all of whether the fact that we launched a war of choice and directly caused the displacement of those 2 million people means that we should take, oh, a half-million or so.

I very much dislike immigrants who say "I worked hard to come here the legal way and so I think those who don't should be kicked out!" - although I think this is a sentiment more common in newspaper quotes than in reality.

I've heard it many times in reality, and the overwhelming majority of cases, the person genuinely doesn't understand that other people often CAN'T come to the U.S. the way they did.

So for example, you get someone from the Philippines who (quite justly) is upset that they had to wait 10 years for a green card through family. Or a Korean MBA who points out that he had to stay with an employer for six years while his petition wound its way through the system, instead of job-hopping for better salary the way his US-born classmates did.

But they don't grasp that if you're don't already have family in the US, or a rich family in your home country able to pay cash for your tuition and support you through years of college or grad school (since you won't have a work permit), you can't even get in line to immigrate via those paths.

We can debate how many low-skilled workers we need and how those visas ought to be allocated. But my overwhelming experience of people who want other people to "just follow the rules" is that they have no idea that there is more than one set of rules -- and for a very large group of people, there is no rule at all except "No."

And there are good reasons why a Social Security card in particular won't become a de facto ID: firstly, almost everyone already has some other photo ID they already carry;

ID requirements are on a continuing escalating trend. In the '80s and even '90s you could enter a college building or go for an outpatient X-ray without needing to produce government ID.

In my lifetime, the trajectory from no ID-->informal ID (such as a school ID) --> government-issued ID has vastly sped up, to the point that now it sometimes even stretches NON-EXPIRED government-issued ID. As if a US passport that expired two years ago is somehow not proof of identity.

secondly, SSNs are sensitive and people won't want to carry them around or freely show them to strangers;

That's emphatically the case now, and yet the number of demands to provide your SSN just keeps growing. I have zero faith that these incentives are going to change.

thirdly, the features that make it reliably verifiable ought to be ones that only the federal government can use.

I agree completely, but there will be immense, immense pressure otherwise.

Just start with military contractors. Imagine the lobbying that the Lockheed Martins or the Boeings of the world will do to ensure that *their* HR departments or far-flung offices can have special remote access (or classified onsite storage) to the verification data. After them it will be the universities doing military research, and then it will be the hospitals who want it for public health and safety reasons, and then it will be local and state governments...okay, Montana won't, but the rest of them will probably be jumping up and down.


And last of all, I am dubious about slippery slope arguments. How long has the US had compulsory driver's licenses with photographs? And has the feared state of affairs where you can't walk around without an ID transpired?

Well, Supreme Court upheld Nevada's law that a police officer has the right to demand your ID. Wikipedia claims 23 other states have similar laws.

In those situations where you do have to have an ID, has any gross violation of liberty resulted?

I guess that depends on your definition. If I did not have a government-issued photo ID, I would literally not be able to do my nonprofit-sector job, which regularly requires entering public schools (metal detector and government photo ID required), staying at hotels (credit card is not sufficient; they always want to see photo ID and it can't be nongovernmental, because I have a work-related one and they won't accept it), cashing a check (I recently had to do this for petty cash for my office, but because I wasn't an account holder at the bank they require it), etc.

There's no gross violation of my liberty as such, but there's a cumulative effect of constantly having to justify my presence; the constant jeopardy that if I forget my ID or am mugged, I can't do my job; the undercurrent of fear/humiliation when I am forced to give my distinctive name and home address to nosy or creepy security guards...it's certainly nothing like going to prison, but it nibbles away at liberty for sure.

Has the issuing of Social Security numbers and their use in all sorts of systems resulted in an Orwellian society? No, no, no.

Well, that's somewhat of a subjective question, and I suspect my subjective opinion is different than yours.

Yes, we should definitely join that group of countries that import large numbers of low-wage workers while it is convenient, deny them the protection of labor laws, and deport them when they decide they're done with them.

I think we've all had that dream that one day, if we work hard enough, if we really concentrate on doing what is moral and just, the United States could finally join that hallowed club of Middle Eastern dictatorships and colonial plantation states.

As for supermajorities opposing any type of amnesty - even if that is the word used - that is far from clear: http://www.pollingreport.com/immigration.htm

Proposals that combine legalizing the illegal population while bringing in measures that would dissuade further illegal immigration generally poll very well, 60-70% - because most people are sane: that is, they have a sense of empathy and compassion, and they have sufficient common sense to understand that deporting a large section of the labor force and tearing apart millions of families would probably not be a proportionate and just response.

Anyway, as far as the card goes, I kinda doubt that a significant proportion of the population is going to object to a more secure Social Security card if the purpose of it is explained to them. But I guess I'm an optimist.

To the question of whether it is practical to deport 12 million people, I will point out three clear problems:

1. Expense. DHS itself guesstimated it would cost $94 billion.

2. Newly created additional expenses. If you deport the undocumented breadwinner from a household whose other four residents are legally documented -- let's say two teenagers, a disabled adult, and an elder -- what is likely to happen? At a guess, they'll be more dependent on public benefits.

3. Impact on citizens and documented immigrants. The US has millions of so-called "mixed-status" families. If you're a teenager born in the US and your father is getting deported back to a country he fled after his brother was murdered, do you stay in the US because it's your country, or go try to protect your father in a country you've never seen? Is it important that your father filed legal papers to get asylum as soon as he arrived in the US, but it wasn't granted due to an irreversible screwup?*

These discussions always seem to presume that all undocumented people walked across a border. Best estimates are that about 40 percent originally had a legal visa and then fell out of status. Given the complexity of our immigration laws, any mass deportation effort is going to have a similarly massive effect on people who were born here, people who we invited here as legal immigrants, or people we actively *gave refuge to* as refugees or asylees.

As Jacob points out, we can't just throw up our hands and refuse to enforce any immigration laws (unless we want to totally open the borders, which I can't imagine more than .01% of Americans would support). But supporting pie-in-the-sky fantasies like mass deportation with no regard for what it would mean to actually carry them out is no kind of policy stance.

*Trust me that these happen regularly; there's a reason that asylum is often described as "death-penalty decisions in a traffic-court setting."

In case Jacob at 6:50 was directed at me -- to be clear, I think a big new guestworker program would be the worst of both worlds. My observation of multi-generational institionalization of "second-class citizens" in places like Austria, Germany, France, etc. makes me think our current mess is pleasant in comparison.

Regarding whether a lot of Americans would object to a SSN card on steroids -- I completely agree. Very, very few people would care. But the fact that they don't care is not a reason to say that the privacy concerns do not exist.

Right, and it would help if I could spell "institutionalization"! Sorry about that.

/end serial commenting

ID requirements are on a continuing escalating trend. In the '80s and even '90s you could enter a college building or go for an outpatient X-ray without needing to produce government ID.

Um, I've visited both my old university and gotten outpatient x-rays in the last few months and I didn't need to show ID. Have you done the same?

Maybe some universities do require ID, I don't know. But you should bear in mind that things change. Over the last few decades, R&D schools have seen their government funding in real terms decline significantly from postwar highs. They've tried to make it up with tuition increases, but they've also been forced into more direct commercial research to pay the bills, both in partnership with corporations and on their own. MIT earns a very large amount of money from patent royalties. If your bio department's research is vitally important for the university's financial future, then its labs WILL be secured just as well as Genzyme's or Novartis' labs. Which means IDs and locked doors and security guards. But that change didn't happen because of creeping fascism: it happened because of economics.

In my lifetime, the trajectory from no ID-->informal ID (such as a school ID) --> government-issued ID has vastly sped up, to the point that now it sometimes even stretches NON-EXPIRED government-issued ID. As if a US passport that expired two years ago is somehow not proof of identity.

The reason expired documents are not accepted is that they're easier to forge. Newer documents have newer anti-forgery features. If everyone accepted expired documents, then they might as well not require documents at all.

That's emphatically the case now, and yet the number of demands to provide your SSN just keeps growing. I have zero faith that these incentives are going to change.

SSNs are used by the government as tax identifiers as well. But outside of such transactions, what do you think happens if you either refuse to give your SSN or give them a made up one? Do you really think the police will arrest you because you gave some random phone company the wrong SSN?

After them it will be the universities doing military research, and then it will be the hospitals who want it for public health and safety reasons, and then it will be local and state governments...

This makes no sense. I've done work with the military at a major university. And my wife has done work on security for large hospital networks. Neither would have any interest in offline access. Most hospitals are not mobile. Ditto for university labs, even the ones that deal in classified work. They're housed in large permanent buildings with internet connections. Administrators don't want to have access to secret data that would be a nightmare for them to secure and they already have online access anyway, so it doesn't even make sense....

Let me ask you something: most people have more than one card in their wallet...why do you think that is? I mean, theoretically, I should only need one card in life that both identifies me and gives me access to my locked office doors and acts as a credit card. All my cards are just different ways of identifying Turbulence. So why all the duplication? Because organizations don't trust each other. Everyone is desperate to have complete control of certification and revocation. That's why my drivers' license has an ID number on it, but that number is totally different from my SSN. And that's why my subway pass can't be used to unlock my office door, even though they're both cards with an RFID chip. If you don't really understand the organizational dynamics that drive the profusion of different authentication tokens, then you can't hope to correctly predict the impact of a new biometric SS card.

There's no gross violation of my liberty as such, but there's a cumulative effect of constantly having to justify my presence

How does that compare with the gross liberty of having your bank account emptied because someone walked up to a bank teller and claimed to be you? We require lots of authentication because we wish to reduce theft and fraud and we wish to allow people to travel widely in society. Formal authentication doesn't really matter much in a small town where everyone knows everyone. We don't live in that world anymore.

Yea this is stupid. I can understand why organizations like the ACLU oppose warrant wiretaps, but this is a sensible solution. I don't understand it. I really like this blog, keep up the good work. I also run a moderate blog at politicalcartographer.blogspot.com

Check it out, and thanks for good posts :)

Certainly not aimed at you! And thanks for the nice comments. I feel strongly about the enforcement mechanisms even though I don't have a strong opinion pro- or con- immigration. I just think that at whatever level you're allowing, the system should work - so you don't wind up with millions of people ignoring the law - and should treat people fairly, and minimize the inevitable damage that enforcement brings.

You make reasonable points about the new card and of course we're just speculating about how it would play out.

I'm not sure I see where the demand for other uses for this card would come from, though. It wouldn't replace a driver's license so almost everyone would continue to have a license as their primary ID. It wouldn't do anything one way or another about the use of the SSN as a unique identifier - after all, those places don't currently ask you for your Social Security card even when they ask for your SSN. I don't see why a military contractor would want it - they have their own means of doing biometric identification.

The Hiibel case didn't actually say that the police had the right to demand ID. The case said that the police had the right to ask you your name, and you had to tell them, but specifically not that you had to produce ID to prove it. Which I think is a reasonable line to draw that does not compel a physical search of someone just to prove who they are.

Um, I've visited both my old university and gotten outpatient x-rays in the last few months and I didn't need to show ID. Have you done the same?

Yes; that's why I cited them as examples. And no, it wasn't a science lab, it was a business school, a university library, and an English building. Yes, they all have electronic equipment that could get stolen, and yes, I take your point that we don't live in small towns where everybody knows each other. Yet somehow in 1995 it wasn't necessary for me to prove my identity every second I wanted to go somewhere on my university campus, and now it basically is.

The reason expired documents are not accepted is that they're easier to forge. Newer documents have newer anti-forgery features. If everyone accepted expired documents, then they might as well not require documents at all.

That sounds plausible enough in theory (and in fact is plausible enough in terms of US work authorization). But I regularly go in and out of (non-government) buildings that require government ID to enter. They'll accept a foreign passport, though, and you cannot convince me that every $11-an-hour security guard at these places has been trained to recognize what an authentic Polish or Haitian passport looks like.

But outside of such transactions, what do you think happens if you either refuse to give your SSN or give them a made up one? Do you really think the police will arrest you because you gave some random phone company the wrong SSN?

No, I think I will not be able to participate in the activity or partake of the product or service. AT&T is not legally required to allow me to purchase a cell phone and my utility company is not required to sell me gas and electricity. The question was about how it affects liberty. The "liberty" of being able to heat my house in the winter is rather dear to me, optional though a libertarian extremist might say that it is.

This makes no sense. I've done work with the military at a major university. And my wife has done work on security for large hospital networks. Neither would have any interest in offline access... Administrators don't want to have access to secret data that would be a nightmare for them to secure and they already have online access anyway, so it doesn't even make sense....

I agree that administrators don't want to take on additional liability, and probably a lot of them wouldn't want to store the data onsite either. I was replying to Jacob's contention that the features that make it reliably verifiable ought to be ones that only the federal government can use.

And I guess I disagree with you, because I think the economic and path-of-least-resistance incentives will be sufficiently strong that entities like the military, universities, etc. will indeed want to piggyback on the work the government has already done in verifying identity.

Let me ask you something: most people have more than one card in their wallet...why do you think that is? ... If you don't really understand the organizational dynamics that drive the profusion of different authentication tokens, then you can't hope to correctly predict the impact of a new biometric SS card.

It's funny; I think I understand and agree with your entire paragraph. But all of that can be true and yet at the same time, we don't carry around 5 different wallet cards allowing us to board US Airways, United, or Delta planes.

We carry a driver's license or a passport, because the airlines have outsourced the identity-verification work to our government. And that's an entirely sensible thing to do. (And it doesn't preclude them from also having their own preferred travelers/rewards program.) That's the kind of thing I'm talking about.

How does that compare with the gross liberty of having your bank account emptied because someone walked up to a bank teller and claimed to be you? We require lots of authentication because we wish to reduce theft and fraud and we wish to allow people to travel widely in society.

Except that we're wildly uneven in when and how we require authentication. Look, I completely understand why authentication makes sense sometimes. I just think we've carried it over into a realm of wanting/expecting that risk be entirely abolished.

What that does is wind up punishing people who have trouble getting ID documents -- people who are poor, or homeless, or have severe untreated mental illness, or are elderly and have Alzheimer's disease, or who have tangled official identities through no fault of their own. (E.g. born abroad to non citizen mother and US citizen military father who were not married to each other; or born in a place for which official records are unavailable due to earthquake, fire, war, flood, etc.)

So when we start talking about further escalation of the baseline for expected ID documents, then I get a little bristly.

I'm not sure I see where the demand for other uses for this card would come from, though. It wouldn't replace a driver's license so almost everyone would continue to have a license as their primary ID.

At the very least, keep in mind that in every state I know, a physical SS card *PLUS* other ID *plus* proof of residence are required just to get a driver's license. So if everybody has a SS card, then only a subset of "everybody" is going to get their act together enough (/be motivated to/be able to, etc.) get a driver's license or non-driver ID.

I don't see why a military contractor would want it - they have their own means of doing biometric identification.

To save money and liability. Look, here's a stupid, petty example: The TSA was having huge turnover of its security screeners. There were a number of potential reasons, but one of them turned out to be that because the job is stressful and doesn't pay very well, after a few months, screeners were quitting and going to work at the Starbucks in the same airport. Starbucks was saving a fortune on the criminal background checks and ID verification that are required for working in an airport, and the screeners were graduating to a job that paid only a little less and was much more pleasant. There you go: Private industry piggybacking on to government authorization of workers (although in this case they didn't need to have any access to databases to do it).

The Hiibel case didn't actually say that the police had the right to demand ID.

Mea culpa. I mis-remembered the details.

The comments to this entry are closed.

Blog powered by Typepad