RFID NEWS
Text size:
T
T
T
New RFID Bills Moving Through Calif. Assembly
"They are trying to call a three-year ban a 'time-out,' but a prohibition is a prohibition. A three-year sunset might seem better than a three-year ban, but it still demonizes the technology without [acknowledging] the security protections that are available today," she says.
Opposition groups claim the use of RFID technology in identity documents such as driver's licenses and school IDs could bolster security rather than weakening it. Supporters of RFID-enabled school IDs say the ability to account for the location of each student is a security tool, and that using RFID-enabled IDs in an automated attendance-taking system would allow teachers to concentrate more on education and less on administration. In its opposition to SB 433, the groups note that the California Department of Motor Vehicles (DMV) has publicly stated it is not planning on embedding RFID tags in driver's licenses any time soon.
Meanwhile, another California bill, sponsored by the AEA and the Information Technology Association of America (ITAA), an IT trade association, and introduced by Democratic Assemblyman Alberto Torrico, is seeking to bridge concerns from Simitian and the supporters of his bill: an eclectic group includes the American Civil Liberties Union (ACLU), the Gun Owners of California and RFID industry members.
The bill, AB 2561, calls for the California Research Bureau (CRB) to "submit a report to the Legislature on security and privacy for government-issued, remotely readable identification credentials." It also calls for the creation of an advisory board, composed of government and industry representatives, that would assist the bureau in drafting the report and describe the "strengths and weaknesses of potential approaches to security and privacy proposals for government-issued, remotely readable identification credentials."
Nowhere does the bill specify RFID as the technology that would power remotely readable identification credentials, but Torrico's office says the report resulting from its passage would cover the use of RFID technology. Sponsors of AB 2561, approved by the full Assembly and now awaiting assignment to a Committee in the Senate, have met with Simitian to discuss whether the bill would provide an alternative to the RFID bills he is pushing, and if he would cosign AB 2561.
Carol Henton, vice president with the Information Technology Association of America, says Simitian showed a willingness to back off on a moratorium on RFID in identity documents if three major interim privacy protections on the use of RFID were written into Torrico's bill. These include requiring that tamper-evident tags be used, that any RFID system employ mutual authentication (wherein both the reader and the tag must be authenticated before an ID is transmitted) and that the tag data be encrypted.
AB 2651's sponsors, however, say mutual authentication—though possibly appropriate for some high-security applications—is too expensive and too complex for many applications. As such, they would not endorse something requiring such authentication across the board, opting for single authentication instead.
Simitian and sponsors of his bill plan to meet with AB 2651's backers on Thursday to continue ongoing negotiations toward devising legislation both sides find amendable.
"I'm looking for meaningful privacy protection, and sooner rather than later," says Simitian. "That's it in a nutshell."
Opposition groups claim the use of RFID technology in identity documents such as driver's licenses and school IDs could bolster security rather than weakening it. Supporters of RFID-enabled school IDs say the ability to account for the location of each student is a security tool, and that using RFID-enabled IDs in an automated attendance-taking system would allow teachers to concentrate more on education and less on administration. In its opposition to SB 433, the groups note that the California Department of Motor Vehicles (DMV) has publicly stated it is not planning on embedding RFID tags in driver's licenses any time soon.
Meanwhile, another California bill, sponsored by the AEA and the Information Technology Association of America (ITAA), an IT trade association, and introduced by Democratic Assemblyman Alberto Torrico, is seeking to bridge concerns from Simitian and the supporters of his bill: an eclectic group includes the American Civil Liberties Union (ACLU), the Gun Owners of California and RFID industry members.
The bill, AB 2561, calls for the California Research Bureau (CRB) to "submit a report to the Legislature on security and privacy for government-issued, remotely readable identification credentials." It also calls for the creation of an advisory board, composed of government and industry representatives, that would assist the bureau in drafting the report and describe the "strengths and weaknesses of potential approaches to security and privacy proposals for government-issued, remotely readable identification credentials."
Nowhere does the bill specify RFID as the technology that would power remotely readable identification credentials, but Torrico's office says the report resulting from its passage would cover the use of RFID technology. Sponsors of AB 2561, approved by the full Assembly and now awaiting assignment to a Committee in the Senate, have met with Simitian to discuss whether the bill would provide an alternative to the RFID bills he is pushing, and if he would cosign AB 2561.
Carol Henton, vice president with the Information Technology Association of America, says Simitian showed a willingness to back off on a moratorium on RFID in identity documents if three major interim privacy protections on the use of RFID were written into Torrico's bill. These include requiring that tamper-evident tags be used, that any RFID system employ mutual authentication (wherein both the reader and the tag must be authenticated before an ID is transmitted) and that the tag data be encrypted.
AB 2651's sponsors, however, say mutual authentication—though possibly appropriate for some high-security applications—is too expensive and too complex for many applications. As such, they would not endorse something requiring such authentication across the board, opting for single authentication instead.
Simitian and sponsors of his bill plan to meet with AB 2651's backers on Thursday to continue ongoing negotiations toward devising legislation both sides find amendable.
"I'm looking for meaningful privacy protection, and sooner rather than later," says Simitian. "That's it in a nutshell."
