By Bob Sullivan Technology correspondent
msnbc.com
updated 9/10/2004 9:14:00 PM ET 2004-09-11T01:14:00

Imagine being told you'd never been born. Or rather, that records of your birth were no longer valid.

Last month, thousands of Hudson County, N.J., residents got that unnerving news, after hearing that their birth certificates had been declared invalid because of an ongoing fraud investigation at the Hudson County Clerk's office, just across the river from Manhattan. The U.S. State Department had shut down passport operations at the clerk's office after an investigation uncovered alleged document fraud at the office -- specifically, sale of fraudulent birth certificates. The investigation is ongoing.

And so is America's document problem.

There is little disagreement among experts that America's identification systems are in shambles. Corruption, including the sale of forged documents by inside employees, is rampant. Driver's licenses are easy to fake; motor vehicle agencies easy to fool. Passports and visas, both those issued by the United States and those by foreign countries, cannot be trusted. Whether screening airplane passengers, providing medical treatment, or trying to guard the border, experts agree: Today, there is no reliable way to identify people.

The Sept. 11 attacks brought this problem squarely into focus. The report issued last month by the 9/11 Commission identified document forgery as a key security issue, saying: "For terrorists, travel documents are as important as weapons." 

But while the problem is clear, solutions are not.

"What we have right now, we're just playing games, just fooling ourselves," said identity theft expert Rob Douglas, who operates PrivacyToday.com.  "But we may be looking for solutions that don't exist."

Passport changes
The document problem is really two issues. First, it's a domestic problem: forging driver's licenses, Social Security cards and birth certificates is relatively easy. Second, it's a matter of border security, as the U.S. government tries to keep track of who enters and leaves the country.  In both arenas, attempts to improve identity documents is meeting with severe technical and logistic problems, along with thorny privacy issues.

The most immediate changes will be seen in travel documents. Next year, both U.S. passports and foreign visitor passports will be issued with a special computer chip woven into the cover.  The chip will include a photograph of the traveler, and face recognition technology will be used to make sure the passport presenter is the same as the person who applied for the document.

This change will be gradual in the United States. All new passports will include the chip by next year, but those holding valid passports won't be required to upgrade until their current ones expire.

On the other hand, citizens of countries in the U.S. visa waiver program, such as Britain and Spain, will have to arrive on U.S. shores with a biometric chip in their passport beginning in October of next year. Congress has already extended that deadline from the initial October 2004 date mandated in a 2002 law.

The program is hardly without controversy. Facial recognition is notoriously inaccurate, with some studies suggesting error rates as high as 50 percent. Simple changes in lighting, or beard growth, can foil it. But Rick Norton, who works at the government-funded National Biometric Security Project, says inclusion of the technology is a good first step. It prevents people from just splicing their own picture onto a stolen passport, for example.

"is it a flawed technology? Sure," Norton said. "But used properly it's an important new tool."

The State Department has been criticized for not insisting on obtaining fingerprints from new passport applicants when the program begins in the United States next year. Fingerprinting is a much more mature technology, and generally has a far better accuracy rate.  But the agency has said in the past that it is simply following standards approved by the U.N.'s International Civil Aviation Organization, which last year opted for facial recognition over fingerprints, saying the technology was far less intrusive. Frank E. Moss, deputy assistant secretary of state for passport services, declined an interview for this story.

Fingerprint controversy
Fingerprinting stirred controversy at U.S. borders anyway earlier this year, when the US-VISIT (United States Visitor and Immigrant Status Indicator Technology) program took effect.  Foreign visitors must now submit two fingerprints and have their photographs taken upon entering the country. Initially, holiday travelers were exempt, but beginning this month, even visitors from countries in the U.S. visa waiver program who plan to stay for less than 90 days must submit the biometric information. 

The US-VISIT launch sparked harsh criticism from international privacy advocates and foreign governments. Brazil, in retaliation, began fingerprinting U.S. visitors.

But fingerprinting is now so commonplace that the technology should be used to enhance identity verification systems, argues Rep. John Carter, R-Texas. He's even in favor of using the biometric to solve the country's other major document dilemma: ineffective driver's licenses.

Carter points out that he's sometimes asked for fingerprints now when he cashes checks at the grocery store.

"This is the kind of thing we've got to do," he said. "We've got to make it harder for the bad guys to imitate the documents we have."

The thorny issue of national standards for driver's licenses and other documents was taken up by the 9/11 Commission and by the McCain-Lieberman bill introduced just this week in the Senate. Both urge sweeping reforms, such as mandated federal standards for license formats.

"The driver's license framework is broken and is in need of repair," said Jason King, spokesman for the American Association of Motor Vehicle Administrators. "Especially if America wants to continue using it as their ID of choice. ... In it's current state, it can't even keep unsafe drivers from getting multiple licenses."

But standardization, and perhaps even biometrics, will hardly provide a quick solution, said Ari Schwartz, Associate Director of the Center for Democracy and Technology.

The same kind of fraud now dogging that New Jersey county clerk's office is also rampant at DMVs around the country, Schwartz said. He looked study that included only publicly reported crimes from 2003, some 20,000 to 30,000 licenses were sold by corrupt DMV employees, he said.

"It's usually covered as a local story, but it's a nationwide problem," Schwartz said.

Yes, things could be worse
Privacy experts worry that the cure may be more dangerous than the disease.  National standards that require states to add a fingerprint to driver's licenses might effectively create a national ID card.  The premise stirs fears of Nazi Germany, and an era when citizens needed to "present their papers" to move around the country.

But even outside the complex privacy issues involved, Schwartz noted that fingerprints aren't foolproof either. There's always the issue of initial authentication: an imposter could fool an ill-designed system and get a license under a fake name but with his own fingerprints, for example. 

"There is something that worse than what we have today: a flawed national ID card is worse than a system people know is broken," he said.  "A fingerprint is not a bulletproof answer."

Considering that the ID world is necessarily one of incremental solutions, Norton said he believes fingerprinting on both passports and licenses would still help. At least the use of a biometric locks a person into a particular identity at a particular time.

"It is a valid starting point for any good identity program, as long as it's accompanied by controls that reassure everyone that information will not be abused," he said. "But the identity world is a strange one. You end up clamping down in one place and funneling your problem in another direction."

And there is still another hurdle for those trying to design intelligent paperwork systems to keep America safer. There's no point in knowing who someone is unless there's a list of suspects to check their name against. The 9-11 Commissioners made clear in their report that a system to positively identify travelers is only half the problem, and would do no good unless developed simultaneously with a reliable watch list of terrorist suspects.

As for the difficulty of doing that, just ask the senior senator from Massachusetts, who was repeatedly stopped and questioned at airports because he shared the same name as someone on a watch list: T. Kennedy.

The complexity of the document problem generally renders identity experts speechless when offered the chance to construct a comprehensive solution to the problem.

"I sympathize with Homeland Security. It is mindboggling," said identity theft expert Douglas. "But I don't think it means we just throw up our hands in frustration. ... It is certainly not the kind of a problem we are going to solve on a fixed date, even in the next five to 10 years."

© 2013 msnbc.com Reprints

Discuss:

Discussion comments

,

Most active discussions

  1. votes comments
  2. votes comments
  3. votes comments
  4. votes comments