State Department traveling in RFID vanguard
- By Alice Lipowicz
- Oct 27, 2005
The State Department is moving forward on its controversial plan to require Radio Frequency Identification chips on all American passports issued after October 2006.
RFID chips are tiny computer chips containing data. Also known as contactless chips, they hold microprocessors that store and wirelessly transmit data to a reader via a radio frequency. In the passport version, the State Department said the RFID chips would be readable at a distance of a few inches.
Final regulations, issued by the department this week, order that the RFID chips be embedded in U.S. passports used by some government employees as a pilot project, beginning in December. It will expand to all passports within a year.
Many privacy advocates, including the American Civil Liberties Union, have opposed using RFID technology in identification cards. They warn that it may result in unauthorized reading of the chips from a distance, resulting in privacy loss and possibly identity theft and the ability to track people's movements.
A State Department official acknowledged
in May that in some cases, if the RFID chips are unprotected, data from the chips could be skimmed at distances up to two feet.
To address the privacy and security concerns, U.S. passports will contain an anti-skimming material covering the RFID chips, as well as Basic Access Control protocols, which use encryption and Personal Identification Numbers, the State Department said in its final rule issued Oct. 25. That material is likely to be a form of metal, according to industry sources.
As an additional protection, the 64-kilobyte RFID chips also are to be "passive," which means readers must activate them in order for information to be transmitted by radio wave.
The RFID chip will contain the name, nationality, sex, date and place of birth and a digitized photograph of the passport holder. It also will contain the passport number, issue date, expiration date and type of passport.
"The chip will not contain home addresses, social security numbers or other information that might facilitate identity theft," the final rule said.
Extra storage capacity was included in the chip in the event that biometric data, such as fingerprints or iris scans, are added in the future.
The State Department said it has received 2,335 comments on the RFID passport proposal since the initial rule was published in February. Nearly all ? more than 98 percent? were negative comments, primarily raising privacy and security concerns.
Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.