Topic: Telecom, Internet & Information Policy

Australian National ID Card Abandoned

This somewhat cryptic blog post at Wired reflects the delight of Roger Clarke that the Australian national ID card has been dropped by the incoming government. Clarke wrote an article in 1994 that is probably fairly regarded as the foundation of identification theory. I expanded on his thinking in my book, Identity Crisis.

In related news, Montana Senators Max Baucus and Jon Tester put language prohibiting the expenditure of federal funds for development of a national ID card in the omnibus spending bill Congress passed last week. Because the Department of Homeland Security denies that REAL ID is a national ID, this language is probably hortatory during the current administration.

Government ID Card Program Off the Rails

“The Internal Revenue Service paid a contractor $188,000 to provide one person to do clerical work over 11 months.”

That’s the opening line from an AP report on waste in the implementation of a Bush Administration federal worker identity card.

Here’s a little more:

The IRS was responsible for developing and implementing the program to provide identification cards to about 150,000 employees at the Treasury Department. The projected cost of the program was $421 million over 14 years.

Check my math: Is that $2,800 per card?

Virginia’s National ID Tax

The Washington Post had a story yesterday on whether Virginia would implement the REAL ID Act, the national ID law that has been rejected by other states across the country. They object to its formidable costs, bureaucratic burdens, insoluble privacy problems, and ineffectiveness as a security tool. Why might Virginia go along?

“The vast majority of 9/11 terrorists used Virginia licenses,” Gov. Timothy M. Kaine (D) said. “I think that’s why you haven’t seen as much of a push back.”

It’s the hairshirt theory of policymaking - never mind whether making the driver’s license into a national ID will add to our protections.

Noting the governor’s proposal for a $10 increase in the fee to renew a Virginia driver’s license, the Roanoke Times editorializes today with a little more clarity:

Americans should not have to wait weeks for a driver’s license. They should not have to worry about a massive database tracking their every move. They should not have some wannabe national ID card sloughed onto states.

If you think a national ID tax and all this nonsense somehow adds to the country’s protections, then, yes, Virginia, there is a Santa Claus.

Lipstick on a Pig

The Fair, Accurate, Secure and Timely Redress Act of 2007 is a recently introduced bill that would establish a dedicated agency within the Department of Homeland Security to coordinate and streamline the appeals of people who believe they have been wrongly watch-listed by DHS or the Department of Justice. This office would maintain a “Cleared List” of names that have been identified as not representing a risk.

This is not an answer. As I’ve written before, watch-listing is alien to our system of justice and law enforcement. And because of the potential for opening holes in the pseudo-security watch-listing provides, getting “cleared” by this office would be a bureaucratic nightmare.

This proposal is lipstick on a pig. The pig is watch-listing.

More Cost-Ineffective Security: Criminalizing Tourism

I’ve written in the past about the costliness of the Western Hemisphere Travel Initiative compared to its small security benefit.

Here’s more cost-ineffective security: Fingerprinting visitors to the U.S.

The Department of Homeland Security announced this week that it would begin collecting 10 fingerprints from foreign visitors to the United States, an extension of the US-VISIT program. This looks like another self-injurious overreaction to the threat of terrorism.

I don’t think collecting ten fingerprints in the US-VISIT program violates civil liberties. People have a diminished right against search and seizure at our international borders. But it is a serious privacy concern for visitors to the U.S.

Their biometrics are entered into a U.S. government database and they have no idea what may be done with that information in the future. DHS keeps that data for 75 years. Yes, lawful visitors to this country, who come to snap pictures of the Statue of Liberty and teach their kids about the United States, go into a U.S. government database for the rest of their lives. It’s just insulting to the millions of good people who want to visit us.

With that, let’s do a rough cost-benefit analysis of collecting 10 fingerprints from foreign visitors to the U.S. It appears to be another security program whose costs outweigh its benefits.

On the costs side of the ledger:

- First, it treats international visitors to the U.S. like criminals. This erodes the goodwill that the United States enjoys in the world, meaning we are less able to convince foreign governments to work with us on all kinds of very important issues. That cost is not easily quantified, but it is substantial. If we can’t get cooperation from Russia on Iran’s nuclear program, for example, that could cost us hundreds of billions or more in the next decade or two.

- More easily quantified is the reduction in lawful trade and travel: The findings of a House bill meant to encourage foreign tourism recite a 56,000,000, or 17 percent, drop in international visitors to the U.S. versus what was expected from 2001 to 2006. Let’s say 10% of this is caused by fingerprinting in the US-VISIT program – people don’t want to come here if we insult them on arrival. The Commerce Department estimates that these visitors would have spent $98,000,000,000 (valued in 2007 dollars) in the U.S. Ten percent of that is $9.8 billion in lost revenue – a significant loss to the economy caused by our harsh treatment of visitors.

- Then there are the costs of running the program – I don’t know what they are, but they’re probably in the tens of millions to $100 million+ per year in Americans’ tax dollars.

Is it worth it? Let’s look at the benefits:

The DHS release says that since 2004, collecting fingerprints in the US-VISIT program has been used “to prevent the use of fraudulent documents, protect visitors from identity theft, and stop thousands of criminals and immigration violators from entering the country.” It gives no hard numbers, but it would have said “tens of thousands” if it was in that range, so let’s say it’s 10,000 violators they’ve caught. ($9.8 billion/10,000=$980,000) Each violator would have had to do almost a million dollars in damage for this security measure to be cost-effective. The average document fraudster, ID fraudster, and immigration violator does nothing near that much harm.

But perhaps the program prevented a single terrorist, or a small group of them, from entering the country, people who would have done $10 billion in damage. This could only be true if we knew in advance exactly which terrorists were coming into the country. But terrorists are fungible. A terrorist organization can select people to send to the U.S. that have no prior participation in terrorism, people who can pass through US-VISIT. With two exceptions, this is what Al Qaeda did for the 9/11 attacks – sent people without any history of terrorism.

US-VISIT can’t prevent a terrorist organization from infiltrating the country – at best, it might delay their activities a couple of weeks while they select the right people to send. Delaying a terrorist attack that causes $10 billion in damage by a month is worth about $42 million. Obviously, spending $9.8 billion to avoid $42 million in damage is not cost-effective security.

My conclusion is that US-VISIT does more harm to the country than it prevents. I welcome suggested refinements to these numbers. Again, this is very back-of-envelope.

Now, should we pass the legislation to make people feel better about us? I’m not sure that’s the solution. The Senate version of legislation to improve our esteem in the world costs $1.80 per person in the United States - $5.64 per U.S. family.

Why spend this money to make people feel better about us when we could make people feel better about us by spending less! US-VISIT doesn’t significantly add to our protections. Given its costs, we should drop it.