New RFID Bills Moving Through Calif. Assembly

By Mary Catherine O'Connor

June 13, 2006—The California Assembly Judiciary Committee today approved two bills, SB 433 and SB 1078, which would put a three-year moratorium on the use of RFID in driver's licenses and student identification cards, respectively. Each received six yes votes, all from Democrats, as well as two no votes from Republicans.

Originally, the bills had nothing to do with RIFD (one involved regulating the collection of data from magnetic stripes on licenses; the other, funding for charter schools). But after the Senate approved both bills, Simitian stripped the bills of their original content and replaced it with language restricting RFID's use in licenses and ID cards. SB 433 is now headed for the Assembly's Transportation committee, while SB 1078 goes to the Education Committee. They could be approved by these committees and sent to an Assembly floor vote within the coming weeks. If the Assembly approves the amended bills, the Senate will need to vote on them again.

When introduced in the Assembly earlier this year, both bills sought to prohibit RFID use but were amended in committee. The ban was then switched to a three-year moratorium.

California Democratic Senator Joe Simitian authored both bills, which mirror parts of another bill he introduced last year, known as the Identity Information Protection Act of 2005. This act, which also seeks to regulate the use of RFID, had passed through the Senate and reached the Assembly floor before the 2005 legislative year ended.

Initially, the Identity Information Protection Act also outlawed RFID in a long list of identity documents carried by Californians, from driver's licenses and school IDs to health insurance and benefit cards issued by state agencies. However, that ban was softened to a three-year moratorium (see RFID Bill Assumes New Identity). The Act has not yet been up for vote this year. Simitian is in discussion with an RFID industry-based opposition group pushing for the removal of the moratorium from the bill.

The intent of the bills is to allow more time to develop and test exactly how the technology might be deployed, and to vet how well security measures, such as data encryption and authentication between readers and cards, could address concerns over privacy protections. All three bills would make it a crime to read data surreptitiously from an RFID tag in an identity document, but those opposed to the bills say today's security applications are robust and proven, and that by limiting the state's ability to use RFID, the bill limits innovation.

Opposition to SB 433, SB 1078 and the Identity Information Protection Act (which was initially SB 682 but changed to SB 768 late last year) is being spearheaded by a group of industry associations and corporations that manufacture RFID products.

Roxanne Gould, spokesperson for the opposition group and a senior vice president of government and public affairs for the American Electronics Association (AEA), says amending SB 433 and SB 1087 from a ban to a three-year moratorium on the use of RFID in driver's licenses and student IDs, respectively, does not change the group's position on the bills.