A Moratorium on Stupidity

California’s new RFID bills, which prevent the introduction of the technology in driver’s licenses and student IDs for three years, will needlessly slow adoption in a state that has long been an incubator of new technologies.
Published: June 19, 2006

It’s hard to figure out exactly what they are smoking in the California legislature, but it appears to be pretty strong stuff. In a state that’s home to more technology companies than any other, and that has prospered from incubating new technologies, legislators would like to ban the use of radio frequency identification in most government-issued documents for at least three years. The two bills approved by the California Assembly Judiciary Committee last week—SB 433 and SB 1078—were watered down a lot (New RFID Bills Moving Through Calif. Assembly). But they are still bad bills and should be rejected by the legislature.

SB 433 would put a three-year moratorium on the use of RFID in driver’s licenses, while SB 1078 would do the same for student identification cards. SB 433 is now headed for the Assembly’s Transportation Committee, while SB 1078 goes to the Education Committee. If approved by these committees, they will be sent to the Assembly for a floor vote within the coming weeks.

The Senate had previously approved both bills, but they had no mention of RFID at the time. So the Senate and Assembly versions would have to be reconciled and then the final bill would have to be voted on by Aug. 31, the end of the legislative term. If all that happens, which is unlikely, Gov. Arnold Schwarzenegger could sign it into law or veto it.

California Democratic Senator Joe Simitian authored both bills, which originally sought to prohibit RFID use in driver’s licenses and ID cards. The judiciary committee changed the blanket ban to a three-year moratorium. Simian also introduced a bill last year, known as the Identity Information Protection Act of 2005, which initially would have outlawed RFID in a long list of identity documents carried by Californians—from driver’s licenses and school IDs to health insurance and benefit cards issued by state agencies. The act, which was amended to put a moratorium on the use of RFID in these documents for three years, has not been up for vote this year.

I’m sensitive to the argument that people should not be forced to carry an RFID tag if they don’t want to. A retailer can give me the choice to keep an RFID tag functioning, kill it off or remove it from my clothes. But I can’t turn off the tag in my driver’s license if the state doesn’t want me to. So I might feel that I am being forced to carry something that could be used to invade my privacy.

The moratorium on RFID is designed to give legislators more time to evaluate how the technology will be used and how well security measures, such as data encryption and authentication between interrogators and cards, could address concerns over privacy protections. But I doubt that busy legislators are going to spend the next three years boning up on all the different types of RFID systems, encryption algorithms, authentication procedures and air interface protocols.

If the government plans to introduce RFID tags in licenses and IDs, it would make more sense for the legislature to investigate the specific solution being used and potential problems. If there are legitimate concerns, these should be raised and the government should be forced to address them before introducing the technology. But frankly, the issue could be solved as easily as giving each person Skim Black. This credit card-size piece of material blocks 99.99 percent of electromagnetic radiation. It was developed by a Japanese company called the Orient Instrument Computer. Put Skim Black in your wallet, and you won’t have to worry about someone “skimming”—surreptitiously reading—data off your RFID-enabled license. And there are other ways to protect the public, as well.

What offends me about the California bills is the idea that delaying the use of a new technology with enormous potential benefits to both consumers and businesses in California is a good thing. What would have happened if some California legislator had realized in 1994 that the Internet would be a threat to privacy because you could track what pages people looked at and had convinced his colleagues to put a moratorium on the Net for three years? I can tell you what: Some place other than San Francisco would have led the Internet boom, and Californians would have suffered far more harm than they might have from the infringement of their privacy by online advertisers.

Today, as the California legislature debates what could be called the “Let’s Give Up Our Technological Leadership Role Act of 2006,” governments in China, Hong Kong, Japan, Malaysia, Singapore and South Korea are funding RFID research and development, and encouraging the technology’s use domestically so that their countries can lead the next stage of the information technology revolution. They’d be more than happy to prosper from the development and deployment of RFID technologies. California’s technology leaders should be calling for a three-year moratorium on stupidity in their state’s legislature.

Mark Roberti is the founder and editor of RFID Journal. If you would like to comment on this article, click on the link below.