The REAL ID Act of 2005 is a $17 billion privacy and civil rights nightmare that requires all fifty states to issue standardized ID and drivers license cards. Luckily, it has been stuck in bureaucratic limbo. Congress mandated the cards, passed off the strategy to Homeland Security and stuck the states with the tab for actually paying for all of this.
Not much has actually happened to push the REAL ID Act forward since it was passed, mostly because no funding has been allocated.
Seven states have passed laws refusing to implement the law and another ten have passed resolutions asking Congress to revisit the issue. The ACLU has a website called Real Nightmare that tracks the progress of the legislation (and opposes it). Cato Institute Director of Information Policy Studies Jim Harper has written a book called Identity Crisis which outlines the reasons why it will hurt our country and its citizens. There are House and Senate bills before Congress now that would repeal the Act.
So why are Microsoft, AOL, Yahoo, Red Hat and many other large technology organizations that are members of the ITAA calling for the government to fund the program immediately and push it forward?
Probably because they stand to gain a lot of money from lucrative government contracts outsourcing the technology and security aspects of the program. The estimated direct costs of the program are $11 billion (with another $6 billion in estimated compliance and opportunity costs to the country) – much of that money would end up in the hands of the ITAA members who would bid for the work.
If the REAL ID Act becomes reality, U.S. citizens would be forced to provide copies of their birth certificate, social security card and other identification documents to the government to get the card. All of that data would be scanned and entered into fifty interconnected databases, one for each state. That would be a prime target for hackers, either through a direct attack or by attempts to compromise DMV employees for access. Jim Harper, who wrote the book linked above, says our identity theft problems today would be nothing compared to what would happen when (not if) that database was hacked. He also wrote about the ITAA issue yesterday, and the ACLU chimed in today.
The fact is that the REAL ID Act will cost billions, will do nothing to protect the country from terrorists, and no one stands to gain anything except for the technology and security companies who land the big contracts to build and maintain the system.
It is a shame to see these companies beg for handouts from the government, at the expense of their real customers (all of us).