Security, privacy issues abound with enhanced driver's licences: Critics
Technology used in new enhanced driver's licences being adopted by B.C., Manitoba, Ontario and Quebec is ill-suited for use in identification and poses significant privacy and security risks, says a spokeswoman for the high-tech card industry.
What is RFID?
Radio Frequency Identification, or RFID, is a generic term for technology that uses radio waves to identify people or objects. Information ranging from a simple serial number to more complex data is carried on a microchip with an antenna that can be as small as a grain of sand.
A RFID system consists of a tag — made up of a microchip with an antenna — a reader and a database.
Some RFID tags have their own on-board power source, but the more widely used "passive" tags draw their power from the reader. The reader sends out electromagnetic waves, and when these waves hit a passive RFID tag antenna the microchip wirelessly draws power from them and uses it to activate its circuits. The chip then sends back its own set of signals containing information, which the reader converts into digital data.
Passive tags have a limited range, with a typical range of just a metre and a maximum range of around 12 metres. Larger "active" tags with their own battery power can be read from distances of 100 metres or more.
Catherine Johnston, CEO of the Advanced Card Technologies Association of Canada, said there are two kinds of radio-frequency identification (RFID) chips that can be used to store data and transmit it via radio waves:
One designed for identity management that must come in close contact with the reader in order to be read. The other, designed for applications like tracking pallets of goods through a warehouse, can be read at a distance.
"The problem is that we're using the pallet technology [for driver's licences]," Johnston said. "I can track you from a great distance and you're not going to know that I'm keeping track of you."
Scanners that could allow people to read the cards as they are passing by across the street can be purchased from places such as eBay for a few hundred dollars.
Due to privacy concerns about the technology, Alberta, Saskatchewan and New Brunswick have opted not to adopt it.
The fact that the cards can be read by anyone and not just border officials was a concern raised by Ontario's privacy commissioner, Ann Cavoukian, in a section of her annual report this week. Ontario is currently taking applications for the licences, which will start rolling out in Ontario on June 1.
On that date, the United States will start requiring Canadian visitors to show their passports at land and sea border crossings to the U.S. unless they have an enhanced driver's licence. The RFID chip is supposed to make the licence harder to duplicate for use in identity fraud.
U.S. laws allow data sharing
The chip contains an identification number that is linked to a North America-wide database that contains personal information about the licence holder as well as an image of his or her face that can be used by facial recognition software.
At least 16 agencies in the U.S. share the information in the database, said Roch Tassé, co-ordinator of the International Civil Liberties Monitoring Group, a watchdog coalition of non-profit organizations and other groups that has been arguing against the cards.
'Police will be really tempted to seek the authority to identify people in public spaces.'— Roch Tassé, International Civil Liberties Monitoring Group
Tassé noted that while Canada has privacy legislation restricting the use and sharing of such information, the U.S. does not.
"It can be cross-referenced with private sector databases for profiling, for data mining, so your information is not really secured at all once it's in the hands of Homeland Security in the United States," he said.
Neither is the licence a good substitute for a passport, Tassé added. For one thing, it can only be used to enter the U.S., not other countries. And it can only be used at land and sea crossings — you cannot enter the U.S. by air using the licence.
Could be deported to another country
In addition, a passport is an internationally recognized travel document that gives the holder certain rights, while a driver's licence is not, Tassé said. If the U.S. decides to deport a Canadian while she is carrying her passport, she must be deported back to Canada.
A Canadian carrying a driver's licence could be deported to anywhere in the world.
Tassé is also concerned that once enough people are carrying the cards, officials other than border guards may wish to take advantage of the ability to track and identify people at a distance.
"Police will be really tempted to seek the authority to identify people in public spaces. The temptation will be irresistible to use the technology," he said.
Provinces chose to use cards that could be read at a distance in order to improve speed and convenience at border crossings.
Sylvie Boulanger, a spokeswoman for Quebec's motor licensing bureau, said the cards are more convenient than a passport because they fit in a wallet and people will carry them all the time. They are also about $50 cheaper than a passport.
'The sleeve is not conferring the protective value that holders of the card would expect.'— Ari Juels, RSA Laboratories
There are already about 8,000 of the new licences in circulation in Quebec, and the province is currently accepting more applications.
Boulanger said there is little people can do with the identification number that is the only information on the driver's licence chip.
Johnston of the Advanced Card Technologies Association of Canada disagreed, arguing that each identification number is linked to an individual who can be tracked using the number.
"I'll know that it's you," she said, "and everywhere you go, when I find that PIN number, I can use that to further identify who you are, where you live, other things about you."
However, the provinces issuing the cards said they are also preventing that kind of tracking by providing a special sleeve of metal mesh called a Faraday cage, which prevents the cards from being read at a distance.
Ontario privacy commissioner Cavoukian expressed concerns that many people would discard the sleeve because driver's licences are used so frequently in so many different contexts.
Tests found sleeve leaky
Even if the sleeve is in place, however, researchers have found that the cards can still be read from as far as an arm's length away.
Boulanger said the sleeve used in Quebec is the same one used to protect enhanced driver's licences in the states of Washington and Vermont.
Ari Juels, chief scientist at the Boston-based computer security firm RSA Laboratories, tested the sleeve used by Washington State and found that even while inside the sleeve, an enhanced driver's licence can be read from half a metre away.
"So the sleeve is not conferring the protective value that holders of the card would expect," he said. In addition, the sleeve offers best protection when it is new. Additional tests showed that after two days of normal use, the sleeve became quite leaky, and it eventually stopped working.
Many problems may have been raised concerning the enhanced driver's licence, but the high-tech cards remain voluntary and Canadians can always use a passport instead at U.S. border crossings.
It will also soon be possible to get a secure electronic identification document without many of these issues, said Johnston of Advanced Card Technologies Association of Canada.
Canada plans to start using electronic passports in two years, using technology that allows passports to be read only while in close proximity to a reader.
"In 2011, I would be looking forward to getting my electronic passport," Johnston said. "In the meantime, my passport not only gets me across the border into the United States, but everywhere else I want to go."
With files from Evan Dyer