Home » Members Posts » Florida Legislature Takes Another Step Towards a National ID Card- RFID Alert

Florida Legislature Takes Another Step Towards a National ID Card- RFID Alert


Florida Legislature Takes Another Step Towards a National ID Card- RFID Alert

The House Transportation and Highway Safety subcommittee just passed unanimously a bill (CS/HB1223) to further dismantle our Fourth Amendment rights to privacy and furthers the goal of a National ID card that we call “Dangerous ID”. The federal REAL ID Act gives the DHS Secretary unlimited authority as to the purposes for which a REAL ID can be required. These could include banking, buying online, buying groceries, etc. There is no prohibition against any purpose being authorized by this one individual. REAL ID came to us in Florida as four of 40+ sections of a 2008 omnibus Highway Safety bill (CS/SB 1992).

Florida House Bill CS/HB 1223 (2012) as amended has numerous sections, 66 of them in fact (the original had “only” 62). That’s a lot of reading. This paper will narrow those down to two, section 49 and 51 of the bill as amended and passed by the House Transportation and Highway Safety subcommittee.

Section 49 mandates electronic authentication of all Florida licenses starting in July 2013. What is electronic authentication? Any one of several very vague items. These items include (definitions from Wikipedia):

  • Public key infrastructure: Public Key Infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates.
  • Symmetric key algorithms: Symmetric-key algorithms are a class of algorithms for cryptography that use trivially related, often identical, cryptographic keys for both encryption of plaintext and decryption of ciphertext.
  • Security tokens: A security token (or sometimes a hardware token, hardbad token, authentication token, USB token, cryptographic token, or key fob) may be a physical device that an authorized user of computer services is given to ease authentication. This can include RFID.
  • Mediametrics: No definition found. An extended search failed to reveal what this term means. Why are we using a term in law that has no definition?
  • Biometrics: Biometrics (or biometric authentication) consists of methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In computer science, in particular, biometrics is used as a form of identity access management and access control. It is also used to identify individuals in groups that are under surveillance.

Section 51 allows for the optional (for now) use of enhanced driver licenses. These licenses will take the place of a passport per the Western Hemisphere Travel Initiative (WHTI). The WHTI, another reaction to the 9/11 attacks, does not cover any of the nations from which the attackers originated. Four other states, Michigan, New York, Vermont, and Washington, have an enhanced driver license for this purpose. All use a Radio Frequency ID (RFID) chip in the licenses, as it is a common and low-cost method to achieve this purpose. U.S. Passports have used an RFID chip since 2004.

Both of these sections have one thing in common: They will likely use an RFID chip to either “authenticate” the document or the document holder. RFID technology has been in use for several years, and is able to be implanted under the skin. One example used the palm of a hand. The FDA approved implantable RFID in 2004. It was discovered within 3 years the implant caused cancer in lab animals15 and implantable RFID was discontinued in 2010.

Here is why RFID is a bad idea, and why the Florida Campaign for Liberty among others across the political spectrum oppose RFID chips or any electronic authentication for any Florida driver license:

In 2009, a hacker purposefully collected RFID data in the San Francisco area from US passports and other documents. The people it was collected from had no idea he was collecting the data. He was able to clone two passports.

In 2008, a hacker obtained RFID data from a United Kingdom national ID card and changed the status to “entitled to benefits” and added a message readable by law enforcement: “I’m a terrorist, shoot me on sight.”

RFID scanners now sell for as little as $12 on eBay. A market has sprung up with cases to prevent RFID chips from being read. This places an added financial burden on the citizen.

Do you think it can’t happen now since technology and security have been increased? Proponents will tell you all the card will generate is a number, which by itself means nothing. Nothing unless you crack the database, which all law enforcement must have access to in order to utilize RFID. Do you think the database is secure? That’s what the Department of Defense thought right up until their systems were hacked by foreigners and fighter technology stolen in 2011. Even if no database is cracked, cloning the RFID will allow ID theft.

Reference material:

1. CS/HB 1223, Florida Legislature as of 1/29/12.

2. HB 1223, Florida Legislature as of 1/29/12.

3. Public key infrastructure: https://secure.wikimedia.org/wikipedia/en/wiki/Public_key_infrastructure

4. Symmetric key algorithms: https://secure.wikimedia.org/wikipedia/en/wiki/Symmetric_key_algorithms

5. Security token: https://secure.wikimedia.org/wikipedia/en/wiki/Security_tokens

6. Biometrics: https://secure.wikimedia.org/wikipedia/en/wiki/Biometrics

7. Enhanced driver licenses: https://secure.wikimedia.org/wikipedia/en/wiki/Enhanced_Driver%27s_License#Enhanced_driver.27s_licenses

8. WHTI defined: https://secure.wikimedia.org/wikipedia/en/wiki/Western_Hemisphere_Travel_Initiative

9. List of WHTI nations covered: https://secure.wikimedia.org/wikipedia/en/wiki/Western_Hemisphere_Travel_Initiative#Nations_and_territories_covered

10. RFID chips defined: https://secure.wikimedia.org/wikipedia/en/wiki/Rfid

11. U.S. Passports using RFID (2004): http://www.wired.com/politics/security/news/2004/10/65412

12. RFID origin: http://web.ecs.baylor.edu/faculty/newberry/myweb/Ethics/Web%20Pages/Shih%20test/rfid_1_def_origin.htm

13. RFID implanted in a human hand: http://en.wikinews.org/wiki/Entrepreneur%27s_RFID_chip_implant_to_open_doors,_start_car

14, 16. FDA approval for implanted RFID: https://secure.wikimedia.org/wikipedia/en/wiki/VeriChip

15. Implanted RFID linked to cancer: http://www.washingtonpost.com/wp-dyn/content/article/2007/09/08/AR2007090800997_pf.html

17. Backlash against RFID is growing: http://money.cnn.com/2007/05/21/technology/rfid/

18. Hacker clones RFID passports in San Francisco: http://www.engadget.com/2009/02/02/video-hacker-war-drives-san-francisco-cloning-rfid-passports/

19. Hacker clones and alters national ID card: http://www.dailymail.co.uk/news/article-1204641/New-ID-cards-supposed-unforgeable–took-expert-12-minutes-clone-programme-false-data.html

20. ID Stronghold: http://www.idstronghold.com/

21. Department of Defense hacked, data stolen: http://www.cbsnews.com/stories/2011/The Bible, Revelation 13:16 and 17.

22. USA Patriot Act section 326 verification of ID: http://www.fincen.gov/statutes_regs/patriot/index.html?r=1&id=326#326

23. HR 1268 (2005) Title II, Section 201. (3).


Subscribe to our e-mail newsletter to receive updates.