Are new passports [an] identity-theft risk?

R.A. Hettinga rah at
Thu Oct 21 18:59:46 EDT 2004



Thursday, October 21, 2004

Are new passports
 identity-theft risk?
Privacy advocates warn data chips can be 'seen' by anyone with reader
Posted: October 21, 2004
5:00 p.m. Eastern

 While the U.S. State Department prepares to switch over to passports that
include embedded data chips, privacy experts worry the new technology will
open Americans to identity theft and fraud.

 New passports will be fitted with chips using RFID, or radio frequency
identification, technology. Reader devices at borders and customs
checkpoints will be able to read the information stored on the chip,
including the person's name, address and digital photo.

 Kelly Shannon is a spokesperson for the State Department.

 She told Wired News: "The reason we are doing this is that it simply makes
passports more secure. It's yet another layer beyond the security features
we currently use to ensure the bearer is the person who was issued the
passport originally."

 RFID technology has been used for tracking everything from store inventory
to family members visiting an amusement park. It is also used in the
Digital Angel human implant that recently was approved by the FDA for
storing medical information.

 Wired reports civil libertarians and some technologists say the passport
chips are actually a boon to identity thieves, stalkers and commercial data
collectors, since anyone with the proper reader can download a person's
biographical information and photo from several feet away.

 "Even if they wanted to store this info in a chip, why have a chip that
can be read remotely?" Barry Steinhardt, who directs the American Civil
Liberty Union's Technology and Liberty program, asked Wired. "Why not
require the passport be brought in contact with a reader so that the
passport holder would know it had been captured? Americans in the know will
be wrapping their passports in aluminum foil."

 Last week, the government contracted with four companies to develop the
chips and readers for the program. The report stated diplomats and State
Department employees will be issued the new passports as early as January,
while others applying for new passports will receive the new version
starting in the spring.

 Electronic Frontier Foundation attorney Lee Tien told Wired RFID chips in
passports are a "privacy horror" and would be even if the data were
encrypted, which it isn't.

 "If 180 countries have access to the technology for reading this thing,
whether or not it is encrypted, from a security standpoint, that is a very
leaky system," Tien said. "Strictly from a technology standpoint, any
reader system, even with security, that was so widely deployed and
accessible to so many people worldwide will be subject to some very
interesting compromises."

 An engineer and RFID expert with Intel claims there is little danger of
unauthorized people reading the new passports. Roy Want told the newssite:
"It is actually quite hard to read RFID at a distance," saying a person's
keys, bag and body interfere with the radio waves.

R. A. Hettinga <mailto: rah at>
The Internet Bearer Underwriting Corporation <>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list