Critics wary about biometric smart cards

Federal workers and privacy advocates are worried about a presidential directive requiring all federal employees and contractors to carry biometric smart cards to access federal buildings and computer systems.

At a Jan. 19 public meeting in Washington, D.C., they expressed fears that the new identity card mandate could mean greater personal surveillance and even loss of employment.

Policy officials will address those concerns as they write the rules for issuing and using the new federal ID cards, Karen Evans, administrator for e-government and information technology at the Office of Management and Budget, told an audience of more than 150 at the meeting.

"We want to make sure we adequately protect the information of employees," she said.

Officials have received

1,900 written comments from the public about a proposed governmentwide standard for the biometric smart cards, indicating a high level of interest among federal employees, IT vendors, and security and privacy advocates, Evans said.

She acknowledged critics' concerns that the smart card mandate imposes difficult demands. Those demands include the possibility that agencies would need to shift funds to pay for the cards and rush to be prepared to issue them by October. "We will be here to help you make those deadlines," Evans said.

Officials at agencies that have already issued smart cards to employees and companies that have developed cards to meet those agencies' standards worry that they may need to scrap their current systems and start over.

The presidential directive, Homeland Security Presidential Directive 12: Policy for a Common Identification Standard for Federal Employees and Contractors, requires National Institute of Standards and Technology officials to develop the biometric smart card standard for governmentwide federal identity cards. Critics say NIST's proposed technical standard is incompatible with the Government Smart Card Interoperability Standard that several large federal agencies and their smart card vendors have adopted.

But some of the greatest concerns involve the potential intrusion into employees' privacy. For those reasons, Evans said, "we want to build privacy technology into the card."

Privacy advocates say the president's smart card directive is unusual and ambitious in seeking to create a uniform

card standard and policies suitable for employees because agencies — such as the Defense Department compared to the Railroad Retirement Board — are so diverse, said Ari Schwartz, associate director of the public interest group Center for Democracy and Technology.

Schwartz said government officials made a mistake by issuing a proposed technical standard for the cards before writing and publicizing the policies for using them. "Agency employees and the public are confused," he said. "Is this part of a bigger plan?" Without knowing all the ramifications of using the cards, he added, "everyone is going to assume the worst."

Some policy experts at the meeting advised OMB officials to incorporate generally accepted principles of information privacy into their policies. Such principles include disclosing to employees and contractors how personal information collected and stored on the cards will be used and how they can appeal authorities' decisions to revoke or refuse to issue an identity card, said Dan Chenok, vice president and director for policy and management strategies at SRA International.

Some of the privacy fears smart card critics raise are unfounded, said Robert Atkinson, vice president and director of the Technology and New Economy Project at the Progressive Policy Institute. But legitimate concerns should be addressed, he added.

For example, Atkinson said the standard that government officials must complete by late February should not permit personal data, such as the credential identifier associated with each card, to be sent unencrypted to the card reader.

But Atkinson disagreed with privacy advocates who want to limit the uses of the federal ID cards. The cards, he said, should be designed to accommodate new applications such as a pass for federal employees who ride the subway to work.

For others, expanding use of the cards beyond their original purpose poses a serious threat to cardholders' privacy. Pam Dixon, executive director of the World Privacy Forum, suggested that Congress may need to pass legislation to limit the uses of the cards to accessing federal buildings, computer networks and information systems.

Dixon also favors policies that restrict any analysis of the card systems' back-end data that could trace the movement of employees in federal buildings. Federal employee union officials are concerned that data collected on card usage could be misused to punish employees for visiting the employee union office, for example.

A National Treasury Employees Union representative said new policies should permit employees who use authorized pseudonyms for their personal safety to have their cards issued under their pseudonyms. IRS employees, for example, many of whom have been threatened or assaulted, have a statutory right to use a pseudonym. n

Who's who in the federal government

The federal government's planned personal identity verification system will be based on smart card technology with embedded biometric identifiers and will include the following elements:

Law enforcement fingerprint checks.

Personal identity background checks.

Personal identity smart cards.

Smart card readers at access points to federal buildings and computer systems.

Biometric readers at those access points.

Identity registration repositories.

Public-key infrastructure and certificate status servers.