While doing some research on another story, I came across the US government’s website for the new electronic passports’ FAQ. Although factually accurate, many of the government’s answers led me to more questions and I decided to delve deeper into how my privacy will be affected under the new electronic passport system.
The very first question in the FAQ explains what an electronic passport is, but it fails to explain the details in order for a person to fully understand it.
An Electronic Passport is the same as a traditional passport with the addition of a small integrated circuit (or “chip”) embedded in the back cover. The chip will store the same data visually displayed on the data page of the passport, a biometric identifier in the form of a digital image of the passport photograph, which will facilitate the use of face recognition technology at ports-of-entry, the unique chip identification number and a digital signature to protect the stored data from alteration.
While the second question in the FAQ attempts to clarify the answer to the first question, it still does not explain that the integrated chip is an RFID chip, nor does explain why this information is necessary in the first place. The chip is storing the same data that is visible. The customs agent is still going to have to look at the picture to verify if it is really you. This does not matter if the customs agent looks at the actual photo on the passport or scans the chip to see the photo on a computer. Visual verification is still needed.
The new passports will use photo recognition as a biometric, though other forms, such as fingerprints and iris scans, can be added later. These will still need to be verified at each port of entry, which will still create lines.
Also in the FAQ are questions concerning security.
The special features of an Electronic Passport are:
- Securely stored biographical information and digital image that are identical to the information that is visually displayed in the passport; and
- Contactless chip technology that allows the information stored in an Electronic Passport to be read by special chip readers at a close distance.
- Uses digital signature technology to verify the authenticity of the data stored on the chip. This technology is commonly used in credit cards and other secure documents using integrated circuits or chips.
As mentioned before, securely stored information on the passport does not ensure that others cannot access your passport. It is merely a digital copy of what’s printed inside the passport. The chip itself, can, and has, been read from distances, leaving your passport open to cloning. A digital signature is included for verification of authenticity, however, if your passport is cloned, the digital signature does little to prevent identity theft.
The FAQ continues to proclaim the ease of travel by asserting that the electronic passport will facilitate travel by “Automated identity verification; Faster immigration inspections; and Greater border protection and security.”
As I have outlined above, faster immigration inspections do not seem likely since there still has to be visual confirmation that the passport being checked belongs to the person carrying it. If you want faster immigration inspections, you need to simply swipe and move on. That is less secure and, is also the most likely road we are headed down. The new electronic passports will automatically identify the passport but, if the customs agent does not actually look at the photo to see the person, then there is no way that it will provide greater protection and security.
The FAQ claims that the new passports are a good security measure by stating that the reason electronic passports have been issued is because Congress passed a law forcing countries who participate in the Visa Waiver Program to have these types of passports. Most of these countries did not want this type of technology in their passports and, when forced by the United States, they reciprocated by telling the United States that it has to do the same. No one, except the United States, wanted this type of passport.
While discussing the Electronic Passport logo, it is unclear whether there will be two separate lines for those entering the United States. Will those who do not have the new passports be forced into one line, while those with the chip be put in another? One must also consider the fact that the first US passports issued with the new chips was in August 2006, making it highly likely that there will be a disparity among Americans until 2016 when the last of the old passports finally expire.
A new caveat of the electronic passports is that they cannot be amended. If you change your name, which often happens when women get married, you must obtain a new passport. Under the old passport system, you mailed official proof of your name change with your passport and the passport agency would amend it and mail the documents back to you, free of charge. The new system will require you to return your passport as well and it is only free within the first year of issuance.
One of the most important aspects of the electronic passport is left until near the end of the FAQ, and covers the privacy issues of stealing the data off your passport without your knowledge. It explains how skimming and eavesdropping occurs and how it is extremely difficult to do successfully. There have been many stories over the past year of just how easy it is to obtain your data. The US government attempts to assure you that your data cannot be read while the passport is closed and not in use. The British government also assured their citizens of the same thing, yet it can be read before you even receive it in the mail. Australia has a similar problem with cloning of their new electronic passports.
The last item on the FAQ covers what might be the most commonly asked question. What happens if all this new technology fails. Rest assured, you can still use your passport because you are allowed to use the passport until its expiration date. You will just proceed as if you never had a chip in the first place. For me, this is a positive response to a major problem of my privacy. Sledge hammer meet my passport.
So, if all this technology fails, you revert to the system that is now considered antiquated but was, in essence, more secure because your information was only available to thieves if you lost your passport or it was stolen. You will no longer know if your information was stolen or cloned until it is far too late. Do yourself a favor and purchase a special wallet that will prevent surreptitious sniffing of your personal information and remember to keep fighting to repeal the law or actually make it secure.