- I wish they'd teach spelling in Minnesota--the bill talks of "principle residence" when they mean "principal".
- I don't have major problems with the aim, which is to tighten rules on issuing drivers licenses. As a technocrat, however, I wish we had a debate over identification, national standards, and data privacy.
- I do believe in encryption, both of the data contained on the card and the data in state databases. The occasions when the license needs to be swiped should be rare, and readability should be limited to authorized agents of the state. If private entities want to swipe the card, let them OCR it.
* we should be doing away with the social security number, not further embedding it into our systems (Unlike other data it often serves both to identify and authenticate the person, which violates good security logic.)
* the implementation of Real ID should be flexible. The Federal govt. has guidelines for e-authentication that agencies are in the process of implementing, but that seems to be a separate line of discussion/development from Real ID. It's going to be expensive to implement both; we ought to be doing them logically.
* RealID ought to include restrictions on the state databases, including provisions for audit trails and transaction logs, encryption of data, provision for review and access.
No comments:
Post a Comment