Home Internet of Things Aerospace Apparel Energy Defense Health Care Logistics Manufacturing Retail

A Moratorium on Stupidity

California’s new RFID bills, which prevent the introduction of the technology in driver’s licenses and student IDs for three years, will needlessly slow adoption in a state that has long been an incubator of new technologies.
By Mark Roberti
Jun 19, 2006It’s hard to figure out exactly what they are smoking in the California legislature, but it appears to be pretty strong stuff. In a state that’s home to more technology companies than any other, and that has prospered from incubating new technologies, legislators would like to ban the use of radio frequency identification in most government-issued documents for at least three years. The two bills approved by the California Assembly Judiciary Committee last week—SB 433 and SB 1078—were watered down a lot (New RFID Bills Moving Through Calif. Assembly). But they are still bad bills and should be rejected by the legislature.

SB 433 would put a three-year moratorium on the use of RFID in driver’s licenses, while SB 1078 would do the same for student identification cards. SB 433 is now headed for the Assembly's Transportation Committee, while SB 1078 goes to the Education Committee. If approved by these committees, they will be sent to the Assembly for a floor vote within the coming weeks.

The Senate had previously approved both bills, but they had no mention of RFID at the time. So the Senate and Assembly versions would have to be reconciled and then the final bill would have to be voted on by Aug. 31, the end of the legislative term. If all that happens, which is unlikely, Gov. Arnold Schwarzenegger could sign it into law or veto it.

California Democratic Senator Joe Simitian authored both bills, which originally sought to prohibit RFID use in driver’s licenses and ID cards. The judiciary committee changed the blanket ban to a three-year moratorium. Simian also introduced a bill last year, known as the Identity Information Protection Act of 2005, which initially would have outlawed RFID in a long list of identity documents carried by Californians—from driver's licenses and school IDs to health insurance and benefit cards issued by state agencies. The act, which was amended to put a moratorium on the use of RFID in these documents for three years, has not been up for vote this year.

I’m sensitive to the argument that people should not be forced to carry an RFID tag if they don’t want to. A retailer can give me the choice to keep an RFID tag functioning, kill it off or remove it from my clothes. But I can’t turn off the tag in my driver’s license if the state doesn’t want me to. So I might feel that I am being forced to carry something that could be used to invade my privacy.

The moratorium on RFID is designed to give legislators more time to evaluate how the technology will be used and how well security measures, such as data encryption and authentication between interrogators and cards, could address concerns over privacy protections. But I doubt that busy legislators are going to spend the next three years boning up on all the different types of RFID systems, encryption algorithms, authentication procedures and air interface protocols.

If the government plans to introduce RFID tags in licenses and IDs, it would make more sense for the legislature to investigate the specific solution being used and potential problems. If there are legitimate concerns, these should be raised and the government should be forced to address them before introducing the technology. But frankly, the issue could be solved as easily as giving each person Skim Black. This credit card-size piece of material blocks 99.99 percent of electromagnetic radiation. It was developed by a Japanese company called the Orient Instrument Computer. Put Skim Black in your wallet, and you won’t have to worry about someone “skimming”—surreptitiously reading—data off your RFID-enabled license. And there are other ways to protect the public, as well.

What offends me about the California bills is the idea that delaying the use of a new technology with enormous potential benefits to both consumers and businesses in California is a good thing. What would have happened if some California legislator had realized in 1994 that the Internet would be a threat to privacy because you could track what pages people looked at and had convinced his colleagues to put a moratorium on the Net for three years? I can tell you what: Some place other than San Francisco would have led the Internet boom, and Californians would have suffered far more harm than they might have from the infringement of their privacy by online advertisers.

Today, as the California legislature debates what could be called the “Let’s Give Up Our Technological Leadership Role Act of 2006,” governments in China, Hong Kong, Japan, Malaysia, Singapore and South Korea are funding RFID research and development, and encouraging the technology’s use domestically so that their countries can lead the next stage of the information technology revolution. They’d be more than happy to prosper from the development and deployment of RFID technologies. California’s technology leaders should be calling for a three-year moratorium on stupidity in their state’s legislature.

Mark Roberti is the founder and editor of RFID Journal. If you would like to comment on this article, click on the link below.
  • Previous Page
  • 1
  • Next Page


DAVID HELMICK 2006-06-23 06:50:15 AM
RFID and the public In regards to the decision to wait 3 years for ID's and Licenses to hold RFID, there seems to be some logic. The internet gives us access to data, it does not actually seek the data, so not a good comparison. The key is education. Why not make a grass roots effort to inform those in the decision making capacities the true benefits vs. the issues on privacy. Use the next 3 years to bring people together (not downgrade), remember this is America. I agree, RFID technology has proven it's value in many arena's, so why not use these examples to educate, instead of criticizing busy people for not educating themselves. David Helmick
Dan Dobkin 2006-06-30 09:18:06 AM
details of California action I must admit I haven't seen the final version but the draft legislation (SB768) included features specifically designed to create the social presumption that individuals should have control over access to their personal information. Specifically, uses that are allowed must provide remediation in the form of encryption and/or mutual authentication, and access control must be present so that the user can control when the RFID information on the card is read. Access control can consist of a physical shield attached to the card, a switch to activate the RFID tag, or a bar code that has to be scanned before the card information can be accessed. Ideally this will create the presumption in the public that they should always have control over tagged information, and that presumption will then carry over to later use in required documents such as driver's licenses. This is in strong contrast to the Federal RFID-enabled passport program, in which State Department personnel disseminated incorrect information about the read range of the devices used (claimed 10 cm vs. actual of several meters) and originally proposed a passport with all information unencrypted. Given such irresponsible behavior on the part of the Federal government, it is not unreasonable to seek a moratorium in which a consensus on the balance between privacy, security, and disclosure can be sought. [My thanks to Steven Colby for discussions on this issue.]

Login and post your comment!

Not a member?

Signup for an account now to access all of the features of RFIDJournal.com!

Case Studies Features Best Practices How-Tos
Live Events Virtual Events Webinars
Simply enter a question for our experts.
RFID Journal LIVE! RFID in Health Care LIVE! LatAm LIVE! Brasil LIVE! Europe RFID Connect Virtual Events RFID Journal Awards Webinars Presentations
© Copyright 2002-2016 RFID Journal LLC.
Powered By: Haycco