Time to drop expensive, unrealistic National ID plan

Mercury News Editorial
Article Launched: 03/06/2007 @ 02:02:01 AM PST

The Department of Homeland Security has postponed the demand that states join in creating what amounts to a national identification card. Congress should use the time until January 2010 to reconsider what is likely to become a multibillion-dollar boondoggle.

The national ID is supposed to be tamper-proof, standardized driver's licenses. States would issue them, and the federal government would link state Department of Motor Vehicles information systems into a massive federal data base. It would be accessible to state, federal and law enforcement officials - and, more than likely, to identity thieves who'd breach the system. At a minimum, Americans would need them to board an airplane or enter any federal building.

The Real ID Act mandating a national ID was rushed through Congress two years ago as part of a military spending bill. There weren't even any hearings on it. Since then, states have balked at the costs, and civil liberties groups have challenged the threats to privacy.

The federal government has yet to answer critics' basic question: Would this expensive and intrusive system even work?

Last week, in finally issuing the regulations, Homeland Security admitted there was no way states could make the original May 2008 deadline. But delaying implementation doesn't solve the core problem.

Several states already have objected to the law and will challenge it as an unfunded mandate. California should join them.

Homeland Security acknowledged that states will have to spend $14.6 billion - at least $700 million in California - to comply. So far, Congress has appropriated only $40 million.

Security issues have not begun to be addressed. For example, what do states do about the millions of licenses that are lost or stolen every year?

A centralized database raises the odds that identity thieves will gain entry. The new regulations will not require that states encrypt biographical data on driver's licenses, so they will be vulnerable to unauthorized copying.

An ID system is only as reliable as the underlying documents establishing that you are who you say you are. To receive the new license, drivers will need to prove their address, birth date and legal status in the United States by submitting birth certificates and immigration records. But the databases needed to authenticate those documents either don't exist or can't talk to each other. It's a weakness that will be easy to exploit.

Most of the Sept. 11 hijackers used fake or forged driver's licenses to board airliners. Clearly, better systems to produce trustworthy identification are imperative. But Congress' solution appears to have irreparable flaws. It's time to retreat before more states revolt.