Experts Debate Utility, Safety of E-Passports

When privacy and security advocates met a government representative responsible for U.S. passports at the Computers, Freedom, and Privacy conference last week in Seattle, the mood was contentious. (If you want to hear for yourself, I've included audio clips from three panelists lower down in this blog.)

(New passports would contain flexible computer chips, which can be read at a distance, in an update planned by the government agencies responsible for passports. In addition, foreign visitors to the United States may be required to apply for a visa if their passport doesn't contain a digital photo and other data.)

What follows are summaries and mp3 audio recordings of the presentations given by some of the panelists.

Security Concerns

Among the issues raised by security expert Bruce Schneier (photo | web at left, with fellow panelist Deputy Assistant Secretary of State Frank Moss on the right) were the possibilities that the new passport technology might permit criminals to engage in skimming, or eavesdropping on the transmissions from the passports; cloning, where someone would duplicate the information for the purpose of fraud; or tracking, where someone with sophisticated equipment follows the radio signal from the passport.

But the problems are not universally insurmountable, he added.

"There's...the notion of shielding the passport. You can wrap your passport in tinfoil. I'm sure Coach will sell you a nice tinfoil passport holder. And there is even talk that when the passports are released, they will have shielding, so you have to open them [to read the data]," Schneier said.

"But when you travel overseas, you end up showing your passport a lot, so it moves the data thieves to hotel lobbies, instead of [skimming data] on the subway."

"Encryption [might] solve the problem,"of data mining by private businesses, Schneier said, but scrambling data isn't a magic bullet.

Encryption wouldn't prevent cloning the data--after all, even encrypted data can be copied--and wouldn't have any effect on the ability to track passport holders, even if the person doing the tracking might not know exactly who it is that they're following.

"I can track a random blob, that doesn't matter," he said.

And if businesses start tracking the passport number, "that linkage of the passport to me, even if it's a random number, will be sold to Choicepoint and be available to anybody for a dollar," Schneier said.

Audio from Panelist 1: Bruce Schneier

Warnings About Risks: 'Poppycock'

Advocating in favor of the new passports was Deputy Assistant Secretary of State Frank Moss (photo | web), who said the passport technology has been designed with the safety of the traveling public in mind. More importantly, the purpose of the chip is to help prove that "the person carrying the passport is the same person to which it was issued," he said.

Moss tried to allay concerns that the chip might contain additional personal information that could put the passport holder at risk if that information were disclosed. "We will write only the same data [on the chip] that appears on the data page on the passport," he said. "We're not writing your social security number, your fingerprint, or your address."

The government plans to include some form of countermeasures to foil tracking the passports, possibly by weaving a metallic fiber into the cover of the passports. And besides, he added, the technology only works from a maximum distance of 10 centimeters.

"This passport will not be released to the general public without introducing technology that will prevent the book from being read, as long as it's closed or mostly closed," Moss said.

"We would not use our own people as test populations if we thought there was any risk. We will not issue them until we address the issue of skimming," he added. "The fact that we would issue a document that would put Americans at risk is poppycock."

Audio from Panelist 2: Frank Moss

'An Identity Theft Wet Dream?'

Or, perhaps not. Barry Steinhardt (photo | web), director of the ACLU's Freedom and Technology Program, demonstrated how the technology is supposed to work--and challenged Moss' assertion about the technical limits of the chip's radio range. He attached a self-adhesive chip of the same type the government plans to use to his own passport, and rigged up a laptop and chip reader to a projector screen.

Placing the RFID reader on the floor next to the table at which he was seated onstage, he waved an open passport at the audience.

"I want to show you what your future is going to look like," he said. Then, holding the passport at the height of the table, or roughly three feet above the stage, Steinhardt triggered the reader to display a mockup of the kind of information a passport officer might see: His name and personal details, details about the passport, and a digital photograph.

A technical glitch caused the projector to interlace the display, which made the text hard to read, but you could clearly make out Steinhardt's photo.

"I urge you to think about whether you want to be walking around in the world with a document that can in fact be read from thirty feet," Steinhardt said. "Whether or not the State Department or Homeland Security buys a reader that can read [the chip] from 10 centimeters or, like mine, from three feet, you can be well assured that much more powerful equipment is out there. This is an identity theft wet dream."

Audio from Panelist 3: Barry Steinhardt

Also Seen At The Conference

The Electronic Privacy Information Center passed out packets containing what they called a passport privacy protector--it was a sheet of foil. Here's a photo: