A California Assembly bill targets the use of contactless and RFID identification documents.
It’s called the Identity Information Protection Act of 2005. It’s a California State Assembly bill. And it’s working its way to the “Govanator’s” desk.

The aim of the legislation is to set in place certain requirements for identification documents using contactless integrated circuit or other radio wave approaches created or issued by California-based public entities. It would also set punishments for a person or organization that knowingly or willfully remotely reads or attempts to read the ID without the person’s permission.

The act fits into the state’s right of privacy that’s itself part of the California Constitution. It also plays off the growing identity theft concern roiling through the state and country.

The author of Senate Bill 682, Joe Simitian, believes that more than 43,000 Californians reported being victims of identity theft in 2004. He feels that there are current and future threats from bad folks or out-of-control government officials who would intercept and misuse personal information flying from an identification document to a reader. It is important to also note that analysis of past and current national identity theft incidents shows that most are really old-fashioned credit card events.

If signed into law as it now exists, the act would cover California driver’s licenses and ID cards; ID cards for government employees and contractors; ID cards issued by state educational institutions; health insurance and benefits cards; and even library cards.

It also requires shield devices, unique identifier numbers, encryption and mutual authentication, among other protections.

It is no surprise that electronics and security industry leaders are working with the California Assembly concerning further amendments to the bill as well as educating legislators to the advantages and protections inherent in contactless and RFID approaches. There also is no doubt that the California action could influence other states, especially those with privacy rights included in their state constitutions.

According to Holly Sacks of HID, Irvine, Calif., security and technology firms in the state have been working to educate about the misconceptions and erroneous information about the use of contactless and RFID technologies. “Legislating against technology is not useful. Legislating against misuse of technology is appropriate,” she told the Zalud Report.

Also playing an education role related to SB 682, AeA, formerly the American Electronics Association. The group is a nationwide non-profit trade association that represents all segments of the technology industry.

At the time of the writing of this Zalud Report, it is unclear as to the final destination of SB 682.

But the discussion mirrors a national debate between crime prevention and privacy rights. States and schools need to better identify folks coming into their facilities and into their networks. The U.S. government needs to better identify people entering the country. Law enforcement and home security officials see a valid need to view and review security video images from cameras at seaports, in airports and even on city streets.

Most U.S. citizens are reassured when seeing electronic security in action.

“Big Brother” still is a powerful phrase, of course. But in today’s world of terrorism, identity theft and child molestation, among other threats, it’s as obvious that most folks – excepting some legislators and media talking heads – look at security as more essential than privacy. And that the proper application of security, in fact, can better provide privacy protection.