Jul 07, 2005California's proposed Identity Information Protection Act, introduced in February by Senator Joe Simitian (D-Palo Alto), was approved by the Assembly Judiciary Committee last week in a 6-3 vote. However, a new amendment to bill SB 682 removed a ban on RFID in some identification documents and replaced it with a three-year moratorium. All six committee members who voted for the bill are Democrats; all three who voted against it are Republicans. The amendment was proposed by the Assembly Judiciary Committee and approved by Senator Simitian. The bill will now go to the Assembly Appropriations Committee, where it will be voted on either this month or next. If it passes, the bill will then go to the assembly for a floor vote.
A spokesperson for the senator expressed hope that this moratorium will ensure the most advanced security measurements will be incorporated into any future applications of RFID in California. These would include the addition of RFID tags to driver’s licenses, IDs issued to students (kindergarten through 12th grade) in public schools, public library cards and government benefit cards. At this time, however, the state has no plans to use RFID in driver’s licenses or benefits cards, nor have any public schools or libraries announced plans to issue RFID-enabled cards. (The Judiciary Committee's amendments removed IDs for students at state colleges and universities from the group of documents under the moratorium. Therefore, if the bill passes, state-run colleges and universities will be able to add RFID tags to student IDs as long as security measures are enacted to protect the data on the RFID chip.)
Simitian introduced the bill to the state senate in February, and it was approved by a vote of 29 to 7 on May 16 (see Calif. Senate Approves RFID Bill). Within days of the bill’s approval by the senate, Simitian met with members of the High-Tech Trust Coalition, an RFID industry group opposing the bill. The coalition includes representatives from the American Electronics Association, the Association for Automatic Identification and Mobility and EPCglobal. Its members also include such vendors of RFID products as Oracle, Philips Semiconductors, Symbol Technologies and Texas Instruments.
In an attempt to address their concerns, the senator rolled back the bill late last month to allow the use of RFID in certain identification documents issued by the state or local governments in cases where specific security controls were applied to the RFID chip to safeguard it from being read surreptitiously. These documents included government employee ID cards, door access cards, mass transit passes and hospital patient ID bracelets. However, driver's licenses, student IDs, government health and benefit cards and public library cards did not fall under that exception (see Calif. Bill Allows RFID in More IDs). Until the Assembly Judiciary Committee's amendment was made, the proposed bill still prohibited the use of RFID in these items.
Assuming the bill passes the assembly and is not vetoed by California Governor Arnold Schwarzenegger, RFID will be permissible, starting Jan. 1, 2009, in state-issued driver's licenses, student IDs, government health and benefit cards and public library cards. However, the bill spells out security measures to be applied wherever RFID is used, so as to safeguard the data from being read by unauthorized parties.
If passed, the bill would permit the continued use of existing RFID applications by California government agencies, including RFID transponders for automated bridge toll payments and for the identification of prison inmates, patients in mental institutions and children in hospitals operated by the state or by a county or municipal government. Early versions of the bill called for the elimination of existing uses of RFID (such as for access cards) in state, county or municipal government buildings in California by the year 2011, but those stipulations have been removed.
