[Forwarded] RealID: How to become an unperson.

Jörn Schmidt joern2473 at yahoo.com
Wed Jul 6 12:15:24 EDT 2005 

--- Jonathan Thornburg <jthorn at aei.mpg.de> wrote:

> hadmut at danisch.de wrote:
> > - In Germany we have an ID card and I have it in my pocket all the
> >  time. But actually it is rarely used, I do need it not more than
> >  maybe three times a year. [[...]]

I think this has a lot to do with the fact that Germany and the US have
different standards of liability. The legal drinking age in Germany is
16 for beer and wine and 18 for distilled alcoholic beverages. A minor
under the age of 16 may consume alcohol with parental consent, as long
as that parent or a legal guardian is present. A violation is a mere
misdemeanor and may result in a fine but, in reality, hardly ever does.


The consequences of selling alcohol to a person who is not of legal age
are far more severe in the US. Aside from losing your liquor license
(and hence very likely your main source of income), you can expect
both, criminal prosecution and a civil suit, in most places. That's why
establishments in the US err on the side of caution and card their
customers. Most bars, liquor stores and gas stations even have zero
tolerance policies. It's not unusual for a twenty-something year old to
be carded for a pack of cigarettes or a single beer can.  People would
never put up with something like that in Germany.

Another factor is that the German ID card is mainly used by government
agencies. There are severe restrictions for non-government uses.
Private businesses may, for instance, not use the unique ID numbers as
identifiers or store them in a database. That makes them pretty much
useless for most non-official purposes. In the US, businesses are
pretty much free to request your SSN whenever they please.

> As a Canadian living and working in Germany, my legal "ID card" is
> my (Canadian) passport.  (I don't have a German (or Canadian!)
> driver's
> license.)  When I bought a cellphone calling plan the cellphone store
> asked for this (I guess the police want to make sure an identifyable
> person can be found for each cellphone number).

They actually have to verify your identity. There is a ruling from
RegTP, which is a governing body in many ways similar to the FCC, that
stipulates that carriers have to retain the complete name, date and
place of birth and current address of anyone who buys a GSM SIM card.
Failure to do so usually results in hefty fines. That's why the
carriers make sure that the ruling is actually enforced.

On a slightly unrelated note: contrary to popular belief, there is no
German law that requires you to have your ID card or passport on your
person. You are required to give your name and date of birth to a law
enforcement officer or authorized agent of the state - but only upon
request. They may even take you into custody until they can positively
verify your identity but you do have to carry ID.
 
> It was clear from our conversation that very few (if any) Canadians
> had ever bought cellphone calling plans from this employee before.
> (Not surprisingly -- there aren't that many other Canadians living
> or travelling here.)  Indeed, I rather suspect mine may have been 
> the first Canadian passport this particular employee had ever seen.

That's indeed quite likely. The original purpose of the RegTP's ruling
was to discourage theft though. There usually is little to no
resistance to giving up your personal data to the government in
Germany. In fact, there's federal law that requires anyone residing in
the country to keep their current address on file with their county's
record office. And this seems perfectly normal to most Germans. If
Congress tried to pass a law that required US citizens to register
their current address with the federal government, people would scream
bloody murder (despite the fact that it would be easy to get anyone's
address from the IRS, individual state's DMV databases or Google, for
that matter).

A terrorist, however, would have no reason to register their real
address or to show a real ID card when purchasing a cell phone. After
all, there are plenty of easier options available (theft, eBay, fake
ID, using public pay phones, etc).

Exactly the same applies to driver's licenses. A terrorist could just
fake one or use fake documents to obtain a real one. I think it's safe
to assume that if high school graduates have the means to obtain a
decent fake ID, terrorists do as well. The only way to tell if a
driver's license is real or not is by checking if the data on it
matches what's in the DMV's database. And that doesn't help if a
terrorist just decides to fake a birth certificate and marriage
license. I would be surprised if your average county clerk or DMV
worker actually managed to check if a document that's maybe fourty
years old is in fact the real deal.

   -J.


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list