Real Id Regs Still Indefensible

Eric T. Schneiderman

March 03, 2008

The long-awaited regulations to implement the federal "Real ID Act" fail to solve any of the fundamental flaws in the Bush administration’s catastrophic plan to force state governments to pay billions of dollars to create a dangerous, intrusive national ID card.

Department of Homeland Security (DHS) has produced transparently false estimates of the cost of the Real ID program, now claiming it has reduced the cost to state governments from $14.6 billion to $3.9 billion. DHS has a history of understating the cost to the states to implement Real ID. The United States Government Accountability Office (GAO) actually estimated the cost at $23 billion.

There is nothing in the new regulations to support the agency’s claim for additional reductions. Furthermore, DHS acknowledges that it is only providing a total of $80 million in dedicated "Real ID grants" to help states implement the program, which falls short of even covering DHS’s newly estimated cost to states.

The new regulations also fail to adequately address the privacy and securities concerns raised by organizations across the political spectrum about Real ID. DHS would still mandate that all driver’s licenses contain a "machine-readable zone" that would enable government agencies and private sector corporations to track our daily activities, creating a Fahrenheit 451 big brother state.

In addition, the new DHS regulations clearly demonstrate that Real ID lacks any sort of comprehensive security system and simply imposes a massive unfunded federal mandate on our state to develop its own security system. On page 88 of the proposed regulations, it states:

Section 37.41 of the final rule…calls for states to prepare a security plan including providing reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of the personally identifiable information stored and maintained in DMV records and information systems. The rule specifically points out the need to include access control measures to prevent unauthorized access to the information.

This mandate will impose an enormous financial burden on New York State. But worse, it would mean that our vital personal data would be protected by a patchwork of state systems vulnerable to abuse, breaches and identity theft.

Governor Spitzer and the New York State Legislature need to take a long, hard look at the new DHS regulations before proceeding to implement any aspects of the intrusive, abusive, expensive and indefensible Real ID Act.