Calif. DMV tried to sneak in biometrics for driver’s licenses, groups claim

by Jaikumar Vijayan, Computerworld

Consumer rights groups in California are protesting what they claim is an attempt by the state Department of Motor Vehicles to sneak in via the backdoor a fingerprint and facial-recognition system for issuing driver’s licenses in the state.

The groups claim that the use of such biometric technology has been opposed by state legislators in the past, and that the DMV was trying to do an end-run around opposition by hiding its plans in a seemingly innocuous vendor contract.

If unchallenged, the contract would allow the DMV to establish a new government biometric database containing facial and fingerprint information on more than 25 million Californians over the age of 16, without first giving legislators and technology experts a chance to vet the proposal.

The DMV did not respond to a request for comment.

Among the groups trying to stop the DMV from going ahead with its plans are the California chapter of the American Civil Liberties Union, the Consumer Federation of California, the World Privacy Forum and the Electronic Frontier Foundation (EFF). The groups are calling on state legislators to quickly stop the planned vendor contract from moving ahead.

The DMV’s proposal to introduce new biometric technologies was contained in an application for a new vendor contract for the production of state driver’s licenses and ID cards starting in June. The application, a copy of which was obtained by Computerworld, was forwarded to the state’s Joint Legislative Budget Committee via the California Department of Finance on Jan. 14.

The application detailed the DMV’s plans to implement thumbprint and facial-recognition technology for verifying the identity of applicants for new driver’s licenses and state ID cards. During the process of obtaining a license, a driver’s thumbprint would be taken at the DMV office to verify the identity of the applicant, according to the document.

In addition, "the facial-recognition software has the ability to compare an individual’s new photo against the latest photo for all other records on the database and identify those records that may be the same individual," the DMV application stated.

The automated image-verification process will reduce errors and the number of fraudulent driver’s licenses issued by the state, it said. The application noted that more than 1,200 files are matched to the wrong individual every year.

The DMV said that its plan would cost the state roughly $63 million over the next five years. It also noted that several other states, including Texas, New Mexico, Oregon and Georgia, had implemented facial-recognition technology and were reporting success with it.

Plan raises privacy, security issues

The problem is that the DMV’s plan has not been vetted by anyone and no analysis has been made of the potential security and privacy implications, said Richard Holober, executive director of the Consumer Federation of California.

"We believe that important policy changes should be determined by elected officials, but that’s not what is happening here," Holober said. "This is an attempt to slip something through that really should have been vetted in a hearing process in the legislature," with the public and technologists given a chance to comment on it, he said.

Although thumbprints and facial-recognition software can be useful in deterring crime and fraud, they also pose serious privacy and security risks, he said.

The information contained in the California DMV databases, for instance, is accessible by law enforcement and other government agencies. Without guidelines for access, there’s nothing to prevent the biometric data from being used for other purposes, including surveillance, Holober said.

"What if someone goes to a picket line or a protest rally, and someone were to use the DMV repository to profile and track them down because they spoke out on issues?" he asked. "We are not saying this is the intent of the DMV. We are just saying that there are other uses" for biometric data, he said.

The consequences of a data breach involving biometric information are also significantly higher compared with a breach involving nonbiometric identifiers, said Pam Dixon, executive director of the World Privacy Forum in San Diego. "What happens if the data gets compromised and falls into the wrong hands?" she said.

Unlike other forms of identification, such as a driver’s license number, a biometric identifier such as a facial image or thumbprint, cannot be changed in the event of a data breach, potentially resulting in lasting problems for victims, added Lee Tien, a senior staff attorney at the EFF. "Basically, any kind of biometric is a piece of information that is uniquely linked to you and cannot be revoked," he said.

Such issues explain the need for "a robust public debate," Dixon said. Academic and security experts need to first study all of the privacy and security implications involved in the collection, storage, use, sharing and protection of biometric data, she said.

"This was sneaky, there’s no other way around it," Dixon said. "California has said no to this type of technology with no proper safeguards in the past," she said. Various bills on the use of biometric technology with driver’s licenses have been proposed, including

California is one of several states that has refused to implement the federal Real ID Act which requires DMVs around the nation to adopt new verification standards for vetting the identities of driver’s license applicants.

The act, which also calls for the use of biometric identifiers, was approved by Congress and signed into law by President Bush in 2005. Since then, it has faced a maelstrom of protest from states that see it as an attempt by the U.S. Department of Homeland Security to force unwanted ID standards down their throats, while also making the states pay for the program.