[House Hearing, 107 Congress]
[From the U.S. Government Publishing Office]



 
                DOES AMERICA NEED A NATIONAL IDENTIFIER?
=======================================================================

                                HEARING

                               before the

                 SUBCOMMITTEE ON GOVERNMENT EFFICIENCY,
                        FINANCIAL MANAGEMENT AND
                      INTERGOVERNMENTAL RELATIONS

                                 of the

                              COMMITTEE ON
                           GOVERNMENT REFORM

                        HOUSE OF REPRESENTATIVES

                      ONE HUNDRED SEVENTH CONGRESS

                             FIRST SESSION

                               __________

                           NOVEMBER 16, 2001

                               __________

                           Serial No. 107-118

                               __________

       Printed for the use of the Committee on Government Reform


  Available via the World Wide Web: http://www.gpo.gov/congress/house
                      http://www.house.gov/reform








                       U. S. GOVERNMENT PRINTING OFFICE
82-171                          WASHINGTON : 2002
___________________________________________________________________________
For Sale by the Superintendent of Documents, U.S. Government Printing Office
Internet: bookstore.gpo.gov  Phone: toll free (866) 512-1800; (202) 512-1800  
Fax: (202) 512-2250 Mail: Stop SSOP, Washington, DC 20402-0001











                     COMMITTEE ON GOVERNMENT REFORM

                     DAN BURTON, Indiana, Chairman
BENJAMIN A. GILMAN, New York         HENRY A. WAXMAN, California
CONSTANCE A. MORELLA, Maryland       TOM LANTOS, California
CHRISTOPHER SHAYS, Connecticut       MAJOR R. OWENS, New York
ILEANA ROS-LEHTINEN, Florida         EDOLPHUS TOWNS, New York
JOHN M. McHUGH, New York             PAUL E. KANJORSKI, Pennsylvania
STEPHEN HORN, California             PATSY T. MINK, Hawaii
JOHN L. MICA, Florida                CAROLYN B. MALONEY, New York
THOMAS M. DAVIS, Virginia            ELEANOR HOLMES NORTON, Washington, 
MARK E. SOUDER, Indiana                  DC
STEVEN C. LaTOURETTE, Ohio           ELIJAH E. CUMMINGS, Maryland
BOB BARR, Georgia                    DENNIS J. KUCINICH, Ohio
DAN MILLER, Florida                  ROD R. BLAGOJEVICH, Illinois
DOUG OSE, California                 DANNY K. DAVIS, Illinois
RON LEWIS, Kentucky                  JOHN F. TIERNEY, Massachusetts
JO ANN DAVIS, Virginia               JIM TURNER, Texas
TODD RUSSELL PLATTS, Pennsylvania    THOMAS H. ALLEN, Maine
DAVE WELDON, Florida                 JANICE D. SCHAKOWSKY, Illinois
CHRIS CANNON, Utah                   WM. LACY CLAY, Missouri
ADAM H. PUTNAM, Florida              DIANE E. WATSON, California
C.L. ``BUTCH'' OTTER, Idaho          STEPHEN F. LYNCH, Massachusetts
EDWARD L. SCHROCK, Virginia                      ------
JOHN J. DUNCAN, Jr., Tennessee       BERNARD SANDERS, Vermont 
------ ------                            (Independent)


                      Kevin Binger, Staff Director
                 Daniel R. Moll, Deputy Staff Director
                     James C. Wilson, Chief Counsel
                     Robert A. Briggs, Chief Clerk
                 Phil Schiliro, Minority Staff Director

    Subcommittee on Government Efficiency, Financial Management and 
                      Intergovernmental Relations

                   STEPHEN HORN, California, Chairman
RON LEWIS, Kentucky                  JANICE D. SCHAKOWSKY, Illinois
DAN MILLER, Florida                  MAJOR R. OWENS, New York
DOUG OSE, California                 PAUL E. KANJORSKI, Pennsylvania
ADAM H. PUTNAM, Florida              CAROLYN B. MALONEY, New York

                               Ex Officio

DAN BURTON, Indiana                  HENRY A. WAXMAN, California
          J. Russell George, Staff Director and Chief Counsel
                Darin Chidsey, Professional Staff Member
                          Mark Johnson, Clerk
           David McMillen, Minority Professional Staff Member














                            C O N T E N T S

                              ----------                              
                                                                   Page
Hearing held on November 16, 2001................................     1
Statement of:
    Gingrich, Hon. Newt, former Speaker of the U.S. House of 
      Representatives; Hon. Alan Simpson, former Majority Whip of 
      the U.S. Senate; and Hon. Bill McCollum, former chairman, 
      Permanent Select Committee on Intelligence, Subcommittee on 
      Human Intelligence, Analysis and Counterintelligence, 
      former chairman, Judiciary's Subcommittee on Crime, U.S. 
      House of Representatives...................................    19
    Turley, Jonathan, Shapiro professor of public interest law, 
      the George Washington University Law School; Roy M. 
      Goodman, chairman, Investigations Committee, New York State 
      Senate; Katie Corrigan, legislative counsel on privacy, 
      American Civil Liberties Union; Rudi Veestraeten, Counselor 
      and Consul, Embassy of Belgium; Tim Hoechst, senior vice 
      president of technology, Oracle Corp.; and Ben Shneiderman, 
      professor, Department of Computer Science, University of 
      Maryland, College Park, fellow, Association for Computing 
      Machinery..................................................    60
Letters, statements, etc., submitted for the record by:
    Castle, Hon. Michael N., a Representative in Congress from 
      the State of Delaware, prepared statement of...............    12
    Corrigan, Katie, legislative counsel on privacy, American 
      Civil Liberties Union, prepared statement of...............   115
    Goodman, Roy M., chairman, Investigations Committee, New York 
      State Senate, prepared statement of........................   107
    Hoechst, Tim, senior vice president of technology, Oracle 
      Corp., prepared statement of...............................   140
    Horn, Hon. Stephen, a Representative in Congress from the 
      State of California, prepared statement of.................     3
    Maloney, Hon. Carolyn B., a Representative in Congress from 
      the State of New York, prepared statement of...............    17
    McCollum, Hon. Bill, former chairman, Permanent Select 
      Committee on Intelligence, Subcommittee on Human 
      Intelligence, Analysis and Counterintelligence, former 
      chairman, Judiciary's Subcommittee on Crime, U.S. House of 
      Representatives, prepared statement of.....................    34
    Schakowsky, Hon. Janice D., a Representative in Congress from 
      the State of Illinois, prepared statement of...............     7
    Shneiderman, Ben, professor, Department of Computer Science, 
      University of Maryland, College Park, fellow, Association 
      for Computing Machinery, prepared statement of.............   150
    Simpson, Hon. Alan, former Majority Whip of the U.S. Senate, 
      prepared statement of......................................    26
    Turley, Jonathan, Shapiro professor of public interest law, 
      the George Washington University Law School, prepared 
      statement of...............................................    65
    Veestraeten, Rudi, Counselor and Consul, Embassy of Belgium, 
      prepared statement of......................................   129












                DOES AMERICA NEED A NATIONAL IDENTIFIER?

                              ----------                              


                       FRIDAY, NOVEMBER 16, 2001

                  House of Representatives,
  Subcommittee on Government Efficiency, Financial 
        Management and Intergovernmental Relations,
                            Committee on Government Reform,
                                                    Washington, DC.
    The subcommittee met, pursuant to notice, at 10:01 a.m., in 
room 2154, Rayburn House Office Building, Hon. Stephen Horn 
(chairman of the subcommittee) presiding.
    Present: Representatives Horn, Miller, Schakowsky, Owens, 
and Maloney.
    Also present: Representative Castle.
    Staff present: J. Russell George, staff director and chief 
counsel; Bonnie Heald, deputy staff director; Darin Chidsey and 
Earl Pierce, professional staff members; Mark Johnson, clerk; 
Jim Holms, intern; David McMillen, minority professional staff 
member; and Jean Gosa, minority assistant clerk.
    Mr. Horn. A quorum being present, the hearing of the 
Subcommittee on Government Efficiency, Financial Management and 
Intergovernmental Relations will come to order. Only 2 months 
after the devastating terrorist attacks of September 11, this 
Nation is just beginning to understand the dimensions of a 
dramatically changing world. Preserving the American way of 
life requires adaptation and sacrifice. It means using this 
Nation's unique strengths to address the vulnerabilities that 
terrorists exploited at an enormous human toll.
    Technology is one of America's greatest strengths. In 
recent weeks, some have called for using that technology to 
combat terrorism by developing a national identification 
system. Proponents of such a system argue that a high-tech 
national identifier system linking Federal and State data bases 
would allow authorities to spot terrorists before they attack. 
Some of the September 11th terrorists were in the country 
illegally. Supporters say had such a system been in place, 
airline personnel would have been able to cross-check passenger 
lists against various watchlists. The airlines would have known 
the men should not have been in the country, let alone on an 
airplane.
    Those who oppose such a system are concerned about the 
impact a national identifier system would have been on the very 
precepts of America's freedoms. Given the vast amount of 
personal information that could be placed in a national 
identification system, there is legitimate cause for concern 
over its potential abuse or mismanagement. In the event that 
such a system were adopted, it must incorporate sufficient 
safeguards to prevent the abuse of power by those who would 
have access to the information and those with the authority to 
demand an individual's identification.
    The technical issues involved in a data base project of 
this magnitude must also be considered. Is it possible to 
develop a system that is both fraud resistant and secure? 
Freedom is the most precious gift to Americans. The terrorists 
knew it and took good advantage of it. Freedom itself was the 
target of the September 11th attacks. If that freedom is lost 
in the pursuit of justice, the terrorists will have won even if 
they themselves are punished. Although holding firm to 
America's freedoms, we must also be open to new ideas. The 
survival of this great Nation may depend on it.
    [The prepared statement of Hon. Stephen Horn follows:]


    [GRAPHIC] [TIFF OMITTED] 82171.001
    
    [GRAPHIC] [TIFF OMITTED] 82171.002
    
    Mr. Horn. I welcome our witnesses today and I look forward 
to their testimony, but before giving you the oath, I will 
yield time for the ranking member, the gentlewoman from 
Illinois, Ms. Schakowsky, for an opening statement.
    Ms. Schakowsky. Thank you, Mr. Chairman, and I want to 
thank this panel of witnesses for coming here today. In the 
wake of September 11th we're faced with an enormous challenge 
of balancing the need for enhanced national security with a 
need for protecting civil rights of the public. In the past 
some efforts in the name of national security, in my view, have 
gone too far and have endangered those liberties. We've learned 
that once that kind of harm is done, it's difficult to repair. 
During World War II, we uprooted thousands of Japanese 
Americans and placed them in internment camps.
    It is generally recognized today over 50 years later that 
the internment was a mistake. In fact, it was clear at that 
time there was no danger of sabotage from those individuals.
    As historian Margo Anderson points out, in November, 1941, 
in response to a request by Franklin Roosevelt, John Franklin 
Carter wrote to the President ``There is no Japanese `problem' 
on the coast. There will be no armed uprising of Japanese.'' 
Nonetheless, thousands of Japanese Americans, many of whom were 
citizens, were surrounded, rounded up and placed into camps. 
Today we have a monument to those that were mistreated just 
north of the Senate office buildings and our government has 
officially apologized. However getting to that apology and the 
monument was extremely difficult and did not repair the harm 
done. The liberty and sense of security lost by those interned 
cannot be given back. We must be careful not to repeat the 
mistakes of the past.
    Last week on Thursday, before Veterans Day, I went to the 
floor of the House to pay tribute to those who have served our 
country in the defense of freedom. We have fought hard 
throughout our history to maintain a free and open society. We 
must not sacrifice those freedoms in the name of war. If we 
sacrifice our freedom, we lose the war no matter what the 
military outcome. The security measures we propose in response 
to terrorism must pass three tests. Are they effective? Can 
they be applied without discrimination? Can they be implemented 
without sacrificing our fundamental freedoms of due process, 
privacy, and equality? The proposal for a national 
identification system is not new. It has failed in the past 
because it cannot pass these fundamental tests.
    The Congress passed the Immigration Reform Act in 1996 
which contained a number of provisions that would have led to a 
national identification system. Since that law was passed, 
those provisions have steadily been paved back. One provision 
was repealed and another modified to the point where it could 
not be administered at the land border between the United 
States and its neighbors. In the Patriot Act, the House 
reaffirmed those provisions knowing that they had no teeth. The 
events of September 11th show us that systems like national 
identification cards will not deter crazed terrorists from 
their mission. Those terrorists all had driver's licenses, 
credit cards and Internet accounts.
    I urge all of us and each of you to pay close attention to 
the effects your proposal will have on the fundamental freedoms 
on which this country was founded, freedom of speech and 
religion, freedom to assembly and freedom of the press, freedom 
from unreasonable search and seizure and freedom from 
imprisonment without due process. Those freedoms cannot be 
ignored in the name of homeland security.
    As Members of Congress, we must evaluate any proposal 
offered in the name of enhanced security. Does it do what it 
claims to do? What is the burden on the public in terms of time 
consumed and freedom lost? Do the benefits outweigh the costs, 
is there an incremental gain in security and does it justify 
the loss of freedoms?
    I look forward to hearing the testimony today and hope our 
witnesses will help us answer these important questions and I 
thank you, Mr. Chairman.
    [The prepared statement of Hon. Janice D. Schakowsky 
follows:]
[GRAPHIC] [TIFF OMITTED] 82171.003

[GRAPHIC] [TIFF OMITTED] 82171.004

    Mr. Horn. I thank you and before I call on Mrs. Maloney, we 
have two Members of Congress which will be before us, and 
without objection, we'll have Mr. Castle and Mr. Miller. And 
Mr. Castle.
    Mr. Castle. Thank you very much, Mr. Chairman, I know I'm 
an interloper here today and I appreciate you and the ranking 
member allowing me to appear. I wanted to share some thoughts I 
have on this and some legislation I've been working on with 
Congressman Jeff Flake of Arizona with respect to this issue. 
But I must comment first, this is a very distinguished, but 
even more so, a very interesting panel. I look forward to what 
they have to say.
    Many of the issues that are involved in the subject matter 
of today of national identification cards, in my judgment, 
should first be addressed in managing foreign visa holders in 
the United States of America. While I understand that the issue 
of national ID cards is extremely important in the times we are 
living in, and I imagine somewhat controversial if I had to 
place a wager on it, I believe that we must first begin with 
the tracking of foreign guests in our country, and I don't 
think this should be controversial.
    I would like to share a few statistics with you. In 1998, 
the Immigration and Naturalization Service [INS], reported that 
30.1 million foreign people came to the United States on a 
temporary basis. Of those 30.1 million, there are an estimated 
5 to 8 million illegal immigrants living in the United States, 
40 percent of which were listed as overstays by the INS. That 
means they stayed beyond the time of their visa. I believe very 
strongly, and Mr. Flake does as well, that we need to be able 
to monitor all foreign visitors and track in real-time, that 
is, the actual knowledge on a computer screen in real time who 
they are, what their background is, and what they are doing in 
our country.
    Congress is actually--probably in the time of the gentlemen 
that are on this panel--has actually, taken steps on this, but 
none of this has really been implemented. Six years ago the 
Congress directed the INS to gather the arrival and departure 
date of most foreign visitors to make sure they do not remain 
in the United States after the expiration of their authorized 
stays, however, to this day the INS passenger accelerated 
service system, INSPASS is its acronym, remains only a pilot 
project used in only four airports, but not in any land or 
seaport points of entries.
    Another example of an innovative idea which has been put in 
place but not fully used, is a border crossing card which is 
used by Mexican and Canadian nationals who seek admission as 
border crossers, but again, this program has been plagued by 
difficulties and delays. I think such examples illustrate the 
lost opportunities inherent in the poor management of tracking 
systems. To address immigration challenges, Representative 
Flake, Representative Deal of Georgia and I did introduce an 
act called the ISA, Integrity and Security Act, to strengthen 
the immigration system and to improve the ability of the INS to 
track all these temporary visa holders.
    A number of the key provisions in this legislation were 
actually included in the Patriot Act, which you might know as 
the Antiterrorism Act, which passed very recently in the 
Congress of the United States.
    But there is still a lot of work to be done. We do need to 
be able to track and locate temporary foreign visitors to the 
United States to ensure they are here for their stated purpose, 
which could be anything from being a student to working, to a 
visitor, and to know when they have come and when they have 
left. A student tracking system that has been under development 
since 1997 needs to be improved and fully implemented. The 
Patriot Act does call for the implementation of the student 
tracking system and it's authorized $36 million, which is a 
good start toward its deployment. However, we must advocate 
that the INS incorporate key provisions in any future student 
tracking system. We need to know if foreign students actually 
enroll in classes and whether they drop out.
    There are over 500,000 foreign students in the United 
States now. We also need to know their family history, course 
of study, and date of enrollment. And second, we need to know 
if a temporary worker holding an H1B visa, which has been the 
subject matter of many an hour here in the Congress, is still 
working at the company that hired that person. A crucial aspect 
of any effective system that tracks foreign visitors is the use 
of technology to foil would-be counterfeiters; of which there 
are many, I might add.
    A smart card visa for foreign visitors would be much more 
difficult to forge than traditional visas. It would hold a copy 
of the fingerprint biometric and typical visa information, or a 
pupil of the eye or whatever biometric one would want to use. 
This is not a new idea either, by the way. It just has not been 
implemented particularly well. U.S. citizens across the border 
frequently are able to participate in a voluntary program that 
registers a fingerprint biometric. We just think in certain 
instances it should be automatic that it be done as opposed to 
being a voluntary program. The holders of frequent travelers 
passports pass more quickly through Customs by showing their 
fingers for identification at a Customs station.
    The use of biometric technology is encouraged in the 
Patriot Act. These tamper-resistant bases could eventually be 
linked to an integrated computerized entry/exit system and the 
INS, Customs, consulates, universities and other law 
enforcement agencies would all work off the same information to 
monitor and track students, tourists and other visa holders. 
I'm sure I'm not telling anybody here the difficulty of some of 
the information exchange, even among governmental agencies 
today, much less sort of computer in real time in terms of the 
various places, the Embassies, the points of entry where that 
information would be useable. All this technology is available, 
by the way, although at a cost, and programs could be more 
effectively utilized to track our foreign guests.
    The lessons learned from tracking foreign visitors can lend 
important insight to the pros and cons of enacting a national 
identification card for U.S. citizens, which we may or may not 
be ready for now, but I think we are ready for a visa system at 
this point if we put our minds to it and go about it.
    Let me just say in conclusion, in no way am I advocating 
limiting, in this particular program, what we are doing with 
respect to visas or visitors to our country. We just want to 
make sure we know who's coming into this country, and if they 
should not be coming into this country, preventing them from 
being here and while they are here, they are doing what they 
are supposed to be doing.
    I appreciate the time, Mr. Chairman. Again, I realize I'm 
an interloper, and you have been very generous and I yield back 
to the balance of my time.
    Mr. Horn. Thank you very much.
    [The prepared statement of Hon. Michael N. Castle follows:]
    [GRAPHIC] [TIFF OMITTED] 82171.005
    
    [GRAPHIC] [TIFF OMITTED] 82171.006
    
    [GRAPHIC] [TIFF OMITTED] 82171.007
    
    Mr. Horn. And now I yield to the ranking member over the 
years and the gentlelady of New York, Mrs. Maloney.
    Mrs. Maloney. Thank you. And I would first like to thank 
you, Mr. Chairman, and the ranking member, for tackling yet 
another complicated and controversial issue. Also I'd like to 
extend my appreciation to the very interesting panelists you 
have assembled here today for taking the time to be here. We 
have taken a hard look at the way our great Nation operates 
since September 11th.
    The hard cold truth is that we have been very lax in many 
years of safety and security. I believe the most difficult fact 
for us as a Nation to face is that there is a group of 
individuals who hate us and want to do harm to the citizens of 
America. As an elected official, I must do everything that I 
can to protect my constituents and the constituents of our 
country. In this new world, I am not exactly how sure we can 
accomplish this; however, I am eager to learn and understand 
more as we will today.
    In the month of October alone, we had 17 million people 
travel across the borders of the United States. We welcome all 
travelers. Our Nation's economy depends in part on these 
visitors. However, we have to face the cold hard truth that not 
everyone entering our borders enters with good intentions. 
Access to the United States must be looked upon as a privilege, 
not a right. Our country's founders provided many safeguards to 
protect our freedom while ensuring our safety. One of the 
beauties of our democracy is that it is not static, but a 
robust living thing that can change, and times have 
dramatically changed.
    Daniel Webster, one our Nation's former great leaders once 
stated, ``God grants liberty only to those who love it and are 
always ready to guard and to defend.'' Today we must guard and 
defend it. We must not be afraid of new ideas. We need to 
protect not only the rights of individuals but their life. We 
pride ourselves in the many freedoms we have in the United 
States. However, in order to protect these freedoms we need to 
protect our safety and our Nation's security. I commend 
President Bush for taking the bold step yesterday to begin to 
require stricter regulations regarding the granting of visas. 
Fear has struck the core of the community I represent in New 
York. I lost well over 600 constituents, and it has struck the 
core of the American people.
    The freedom to travel freely about our Nation has taken a 
devastating blow. We now have armed guards on several flights 
with implementation of complete coverage for all flights 
ongoing. We look to our law enforcement to protect and to 
serve; however, we need to arm them with the tools to 
accomplish this mission. A more thorough and smarter green card 
for non-U.S. persons, I believe, is a beginning.
    I also believe that we need to tie one's State driver's 
license to their visa expiration date. During a hearing held in 
New York on terrorism, Governor Jeb Bush provided testimony 
that in his State of Florida, one's driver's license expires 
the same date as their visa. Does this not provide yet another 
way of tracking non-U.S. persons?
    I believe we need to take other steps, and one could be 
that an individual's bank account could be frozen also at the 
time of a visa expiration date. All non-reclaimed funds could 
revert to the State's escrow account to fight terrorism. We 
have seen how our banking industry has been contaminated by the 
terrorist community again and we need to reclaim it. As I have 
stated earlier, I do not have all the answers; so I'm very much 
looking forward to our panelists to help me and other members 
of this committee uncover all the pros and cons of this 
important issue. Thank you very much and I yield back Mr. 
Chairman.
    Mr. Horn. Thank you.
    [The prepared statement of Hon. Carolyn B. Maloney 
follows:]
[GRAPHIC] [TIFF OMITTED] 82171.008

[GRAPHIC] [TIFF OMITTED] 82171.009

    Mr. Horn. And we now yield to Mr. Miller from Florida, the 
chairman of the Census Subcommittee of Government Reform.
    Mr. Miller.
    Mr. Miller. Thank you, Mr. Chairman. Thank you for calling 
this hearing. I'm delighted with the two panels and I will be 
very brief because I heard the Speaker talk about this briefly 
at a breakfast about 2 weeks ago, and ever since, September 
11th has raised a lot of issues as to the direction this is 
going to go--civil liberties issues, and I know this will be 
addressed by the panel, the privacy issue, which Mr. McCollum 
has worked on a lot, technology, which the Speaker has talked 
about all the time, and just to make sure our country can 
function after post-September 11th, our economy. So there's a 
lot of challenges and interesting comments and I'm really here 
to listen and learn. So I yield back.
    Mr. Horn. Thank you very much.
    And any other statements that come in will be filed for the 
record. We now start with our first panel, and I think you know 
the routine, that this is an investigating committee, and so if 
you raise your right hands and if you have any assistants 
backing you up, get them and the clerk will get their names 
too.
    [Witnesses sworn.]
    Mr. Horn. The clerk will note that all the witnesses have 
affirmed, and we start with the Honorable Newt Gingrich, former 
Speaker of the U.S. House of Representatives.
    Mr. Speaker.

 STATEMENTS OF HON. NEWT GINGRICH, FORMER SPEAKER OF THE U.S. 
 HOUSE OF REPRESENTATIVES; HON. ALAN SIMPSON, FORMER MAJORITY 
    WHIP OF THE U.S. SENATE; AND HON. BILL McCOLLUM, FORMER 
     CHAIRMAN, PERMANENT SELECT COMMITTEE ON INTELLIGENCE, 
       SUBCOMMITTEE ON HUMAN INTELLIGENCE, ANALYSIS AND 
COUNTERINTELLIGENCE, FORMER CHAIRMAN, JUDICIARY'S SUBCOMMITTEE 
            ON CRIME, U.S. HOUSE OF REPRESENTATIVES

    Mr. Gingrich. Thank you very much, Mr. Chairman, and I want 
to thank you and the ranking member for holding this hearing. I 
also want to take this opportunity to commend you for your 
consistent leadership on the issue of cybersecurity and the 
fact that this subcommittee has been very far ahead of events 
in looking at the need for effective technology in the security 
area. I also want to begin with Mrs. Schakowsky's, I think, 
absolutely correct point, which is that we have to design--the 
challenge to the Congress and the President is to design--the 
system which both provides civil liberties protection for the 
innocent and protection of the innocent.
    In the past, with things like fingerprinting, wiretapping 
and other technologies, we've worked very hard to make sure 
that while we were strengthening law enforcement we were never 
infringing on the innocent, and I think this has to be thought 
through in a very careful way. The fact is, we already have a 
primitive inefficient, easily cheated system of identification. 
I flew out of Reagan National yesterday, and three times I 
produced an ID card.
    Now, I just want to point out every audience I've talked to 
around the country, I've asked them how many of them know 
someone who in high school had an access to an ID card that 
might not have been their own for reasons we won't go into. And 
while no one personally had ever used an ID card for an 
inappropriate purpose, it always amazed me the number of people 
who seem to find, at 16 or 17, access to an ID card.
    So I want to be very clear. I think we have already 
indicated at airports, we've indicated at government buildings, 
we've indicated in a variety of places that asking for 
identification is legitimate. The question now is can we design 
a system which has an effective ID style while protecting the 
innocent? I think that it has to be an American model of 
security, which means a high technology capital intensive 
system that provides security, speed, efficiency, and 
convenience.
    That's the model we've always set for ourselves, and I 
think, frankly, the current lines at airports are a sign we 
don't have a system that meets that test. It's necessary for 
the world economy to have a parallel system for freight, 
whether it's in trucks or container cargo that is secure, fast, 
and efficient, or we will literally break down the world 
economy and add a substantial amount of cost to everybody's 
life.
    I would suggest to this subcommittee that as you look at 
these, that you look very seriously at outsourcing as much 
production as possible because most of the great breakthroughs 
that are high technology and capital intensive occur in the 
private sector and occur in entrepreneurial businesses. I 
particularly would recommend Clayton Christiansen's, the 
Innovator's Dilemma, as a study of new technologies that work, 
and Nathan Merival's recent writing, particularly in USA Today, 
on the concept of exponential industries and the ability to 
develop really dramatic new technologies in the next 5 to 10 
years.
    I personally think we are going to want to end up with a 
biometric solution that involves either a retinal or iris scan, 
which I think is harder to cheat than the thumbprint, and 
frankly, is as easy to measure in real time. It's simply a 
picture, and any of us who are being filmed for television or 
still photographers are having exactly the same experience 
you'd have for a retinal scan.
    I want to distinguish also civil liberties for American 
citizens from foreign visitors. I believe that all foreign 
visitors should be scanned as they enter the country. We ought 
to have a data bank either of their iris or retina. I think 
that's the technical decision of which one you're using. But we 
ought to be able to know who you are. We ought to be able to 
match you up against a system that would indicate whether you 
were a known drug dealer, a known terrorist, etc., and that 
would basically indicate and attach to an identity that had a 
biometric on the identity card, so we knew that the person 
we're talking to didn't just buy this for $11 in Los Angeles on 
a street corner as can currently be done.
    For Americans, I think it's fairly simple to have the 50 
States go to a biometric measure on the driver's license and 
simply ensure that all of the States--50 States plus D.C. have 
their data bases linked. That means an investment in wireless 
high-speed connectivity with very high-speed computing, but 
literally it's no harder for a policeman standing and talking 
to you beside your car within seconds to verify who you really 
are, if we design a system that does it, and I think you can do 
that with civil liberties protected.
    I would not insist on a national ID card because I think 
you do get into civil libertarian issues, but I would suggest 
to you that the simple act of having two lines in airports, one 
biometric where anybody who's a frequent flyer who wanted to be 
able to literally walk through the line, verify who they are, 
and pickup their ticket at security as they're going through, 
while we'd have a long line that may take an hour and a half 
for people who prefer to avoid that kind of convenience.
    I think you'd find a natural migration of over 90 percent 
of the American travelers within a year or less to the higher 
speed line. Let me also suggest that the committee look at the 
emerging technology at MIT and elsewhere, that for somewhere 
between 1 and 30 cents per suitcase you could literally have an 
embedded wireless system that would enable you to track 
literally every suitcase, and if you introduced it as a 
manufacturing process now, you would, within 5 or 6 years, have 
an overwhelmingly tagged and identified highly secure system.
    As I said earlier, this kind of thinking, I think, has to 
also apply to trucks and to container cargos. And if you look 
at what UPS and FedEx already do, you can see the beginnings of 
a model that given the high--the new breakthroughs and the new 
technologies can be even more sophisticated and even more 
accurate. Let me just close by going back to the exactly 
correct warning that Mrs. Schakowsky made. There is no question 
in my mind that we can design, just as with medical records, an 
ability to have personal privacy and access to information that 
may save our lives, but that probably requires a Federal law 
that makes it a felony to use that medical record 
inappropriately.
    Similarly I think you can design a system which allows you 
to track a person who is generally out to do something bad 
without, in that process, either dramatically inconveniencing 
or harming those who are innocent, and in fact, I would argue 
that if the American people knew that every employee who walked 
on an airport had some means of checking to make sure they were 
really the person they claimed to be, if we knew that our FBI, 
CIA, FAA computers worked, the notion--I just want to close on 
this notion, because what you're doing on this subcommittee is 
so vital.
    Six weeks before September 11th, the Central Intelligence 
Agency told the Federal Bureau of Investigation two terrorists 
had entered the United States. Six weeks later, they had still 
not be able to get that information into the airline computers, 
and two of the terrorists on September 11th in Boston boarded 
the airplane under their own names, 42 days after the U.S. 
Government officially knew they were in the United States and 
they were very dangerous.
    Now, I simply suggest going to a mandatory regular ID card 
won't help much because with desktop printing they will learn 
how to buy cards that are false, but if we had a high-speed 
computing system and we had an ability to have very high speed 
access, I think we could design a system where we would have 
found those two people, they would have been stopped at Logan, 
and we would have had a very significant understanding of what 
was going on. I think this committee's moving in the right 
direction. If it does it right, the system will be very secure, 
it will be very safe and it will protect our civil liberties 
while also protecting us.
    Mr. Horn. We thank you very much for those pertinent views 
which I'm used to and it's very useful. We now turn to the very 
distinguished ex-Senator and one of the great public servants 
of this country, namely Alan Simpson, who spent more time on 
immigration I think than probably all the rest of us put 
together. So I'm going to turn it over to you----
    Ms. Schakowsky. Mr. Chairman, if I could just inquire, 
apparently you're going to proceed through the vote?
    Mr. Horn. No. We're going to go now and when Mr. Miller 
returns, he will be presiding and then I will come back. We're 
in this less-than-seamless operation known as the vote.
    Mr. Simpson. We know that.
    Mr. Horn. And we'll be back----
    Mr. Simpson. I will just proceed, then. Thank you.
    Mr. Horn. Proceed, and then I will try to be back in 6 or 7 
minutes.
    Mr. Simpson. Thank you, Chairman Horn. I come in here with 
a very eerie feeling as Jack Brooks is staring at me there. He 
would look at me with that smouldering cigar and say Simpson, 
I've got a deal for you. God, I'd lose my shirt and my 
underwear and everything else in here. Well, that was Jack 
Brooks. What an amazing man.
    It is a pleasure to be here to discuss this serious issue 
of how we might strengthen domestic security. I was 
particularly moved by Congresswoman Schakowsky's remarks where 
I met Norm Mineta at the Hart Mountain Relocation Center when 
we were 12-year-old boys. He was behind wire and I lived in 
Cody, and our scoutmaster took us to the Jap camp, is what it 
was called, 11,000 people there.
    And Norm and I struck up a friendship of curiosity and 
juvenile development that has lasted 70 years. He is a very 
dear and special friend, but we'll want to remember at that 
time, Attorney General Warren, Earl Warren of California, 
signed the order to evacuate them, and the unanimous decision 
of the U.S. Supreme Court by William O. Douglas said that it 
was proper. So I think let's keep that into perspective and not 
think of how it is 50 years from then as to the fact that the 
Japanese submarine lobbed a couple of shells into an oil field 
off of California in the Spring of 1942, and it kind of 
startled people. Just thought I'd pitch that in. Just thought 
I'd throw it in there.
    Anyway, you're on track. I was impressed by what Newt is 
saying because you're all being led astray by a single term, 
and the term is national ID. I never used it. I put it in the 
bill that we are now talking about a national ID, and you do a 
disservice to the country when you use the phrase national ID. 
We're talking about a more secure identifier system. It could 
be many things, and if anyone believes there is intrusiveness 
in what we are suggesting, all of us, Newt, myself, what Bill 
will say, what Democrats and Republicans--what Rodino and I 
said, what Mazzoli and I said.
    And in the bill, it said we're not talking about a national 
ID. That's a diversion for people who like to talk about 
tattoos and Nazi Germany and don't let them get away with it. 
We're not talking about that. Every time we tried to do 
something in this area, it was filled with emotion, fear, 
guilt, and racism. The Select Commission on Immigration and 
Refugee Policy said we ought to do something in this area. We 
tried to do that, got shot out of the saddle by arguments about 
tattoos and Nazi Germany. Then we tried it again and we had a 
biometric activity in one of them, and in a conference 
committee in the middle of the night when on the floor of the 
House passed, the Senate, there was an emotional, highly 
emotional argument about, again, Nazi Germany and tattoos. It 
was pulled out and dear old Joe Moakley took it out and we 
passed it in the middle of the night without anything in it.
    The House always had an aversion to that kind of thing. The 
Senate would pass it. And I can only share with you that 
everything we did in this area was bipartisan. Mazzoli, 
Democrat from Kentucky, Rodino, the chairman of the Judiciary 
Committee from New Jersey, still living, and a magnificent man, 
we did these things--Hamfish, and Newt knows him well and so 
did Bill. You have to do something, and the something is not 
intrusive any more than what you get when you go to the airport 
now or what you get when you go into a store and have to give 
your slide card or when you file for credit or whatever it may 
be----
    Ms. Schakowsky. Senator Simpson.
    Mr. Simpson. Yes, indeed.
    Ms. Schakowsky. I'm afraid I have to go vote, which would 
leave no Members here. And so I'm going to grab this gavel 
while I can and recess this committee at least until someone 
returns. All right?
    Mr. Simpson. Well, that's very kind. Thank you. I'll just 
keep going though. No.
    [Recess.]
    Mr. Miller [presiding]. The subcommittee will come back to 
order. Mr. Horn will be back shortly and asked me to proceed 
with the presentation. I think, Senator Simpson, would you 
continue?
    Mr. Simpson. Thank you, Congressman Miller, and I see you 
have new devices which are very clearly, which aren't on yet, 
so I will speed ahead--I was just kind of reviewing things and 
speaking to Congresswoman Schakowsky's comments. Let me just 
give us a very brief summary of past efforts. The Select 
Commission came into being 1979 to 1981. I was a member of that 
bipartisan commission. Father Ted Hesburg was chairman, and we 
did a lot of things. We recognized that no system attempting to 
control anything would be effective without a more secure 
method of confirming a person's identity and immigration 
status.
    So we recommended, the Commission recommended--it was a 
narrow vote, substantial improvement. Then we had the 
Immigration Reform and Control Act of 1986. When that first 
passed, it had a provision in it that the executive branch 
would implement a system that would reliably determine identity 
again and authorization of all persons. That was weakened by 
the Senate and stripped by the House. I think it was a 
conference committee and that's often the history of conference 
committees as I recall them here in this Chamber, especially 
with Brooks with the gavel.
    But anyway, that's an aside. The enacted version of IRCA 
had a pilot program in it, and then we had telephone 
verification. We couldn't get much done because, again, the 
background noise was always national ID. The initial conference 
committee version of the Immigration Act of 1990 where we 
broadened legal immigration a great deal, contained a pilot 
program using biometric data to make State driver's licenses 
more secure, and it was then to the amazement of Democrats and 
Republicans alike that issue demagogued in the most grotesque 
way one evening in this House body, and the House rule was 
defeated and Joe Moakley brought it back from the dead, and we 
got it out but it was stripped again.
    Then Barbara Jordan came to the fore, the most amazing 
woman, and she did the Jordan Immigration--Commission on 
Immigration Reform. She recognized it was too susceptible, the 
present system was too susceptible to discrimination against 
foreign-looking or foreign-born or foreign-sounding workers; so 
she commended a computerized registry using data provided by 
Social Security and the INS and suggested pilot programs for 
employers to use these data bases to be conducted in States 
with the highest immigration rates.
    Then along came the 1996 bill. I had little to do with that 
because we did nothing to do anything to curb illegal 
immigration--or legal immigration, rather, as Barbara Jordan 
recommended, but we did get a pilot program in there to--where 
you could access by computer modem. In 1997, it was used by 
approximately 2,000 employers who were voluntarily using it. 
While it's a helpful deterrent to certain instances of fraud, 
it is not a good one. An unauthorized alien submits a card with 
an invalid number or submits a card where the name does not 
match a number, it does not prevent aliens who falsely assume 
the identity of another person from using the other person's 
valid Social Security number, and this is often referred to as 
identity theft or true identity fraud and it is endemic in 
America.
    Talk to your credit card people. So I doubt that there is 
any full support for a national ID card. I never suggested it 
and I just have to pack that in one more time. And if that's 
going to be the word, you're going to all fail. You will do 
nothing. Get away from it. It's a phony baloney. What we're 
talking about is--and when we were talking about it then--some 
type of new document to establish work authorization or 
identity. We were talking about perhaps a card that would not 
be carried on your person, not be used for law enforcement, 
have the maiden name of your mother on the back of it, and the 
birth date. And then you know always would come the George 
Orwellian aspects of that.
    Here's what I suggest respectfully. A few positive 
benefits, I think. I therefore would respectfully suggest that 
you improve the safe--the State driver's licenses. That's the 
principal identity document in our country. We must eliminate 
the ability of people to falsely assume the identity of 
another. Some of the September 11th terrorists facilitated 
their actions through easy access to Virginia driver's 
licenses. Now, the only way to prevent identity fraud is to 
improve biometric data on the card. I agree with Newt 
completely, such as a fingerprint. It is also--in California, 
it is done with a retina scan in California for commercial 
driver's licenses. You'll want to take a look at that.
    Minimum nationwide issuance standards could be imposed by 
the Congress or agreed upon by the States. I think it would be 
minimally intrusive. Expanded access would be another one to 
INS and Social Security data bases, extend the basic pilot 
program, not just California, New York, Texas, Florida or 
Illinois. Include other States; have access to that base. Of 
course, that would require more funding for the Social Security 
Administration and directing to improve the accuracy of the 
data base. And here's the one that everybody misses, there are 
about 2,000 agencies of the United States that issue a birth 
certificate. They love it. They're little old ladies. They do 
things, little old men, and they issue them and they love it. 
They don't want anybody to mess with me giving--because I know 
the mother and the father and when little twinkle toes was 
born, I signed that.
    The vulnerability of the birth certificate system allows 
aliens to bypass all immigration systems altogether and 
impersonate U.S. citizens. The Jordan Commission said if we 
reduce the fraudulent access to the breeder documents, start 
looking at the breeder documents, ladies and gentlemen of the 
Congress, particularly birth certificates that can be used to 
establish an identity of this country and the specific steps 
recommended by her commission were, and I conclude, regulation 
of requests for birth certificates through standardized 
application forms, a system of interstate and intrastate 
matching of birth and death.
    We don't do that in America. We don't match birth and 
death. How can you ever get a handle on it? Requiring a Federal 
agency only accept certified copies of birth certificates and a 
standard design and paper stock for all certified copies and 
encouraging the States to computerize birth records 
repositories. I think these recommendations are sensible, 
practical, and should be enacted and it is time. Thank you very 
much.
    Mr. Horn [presiding]. Thank you, Senator. As usual you have 
the common people's touch and you also know how to get through 
the bureaucracy and everything else. I am glad to say to you 
the commissioner yesterday told a number of us that he will 
split up the agency so that you've got an enforcement operation 
and you've got a service operation and a lot of us have wanted 
that over the years. So a little progress is being made there.
    [The prepared statement of Hon. Alan Simpson follows:]
    [GRAPHIC] [TIFF OMITTED] 82171.010
    
    [GRAPHIC] [TIFF OMITTED] 82171.011
    
    [GRAPHIC] [TIFF OMITTED] 82171.012
    
    [GRAPHIC] [TIFF OMITTED] 82171.013
    
    [GRAPHIC] [TIFF OMITTED] 82171.014
    
    Mr. Horn. We now go to Mr. McCollum, who during my years in 
the House, no one was a better legislator than he was, and 
we're glad to have you back here. Mr. McCollum.
    Mr. McCollum. That's a high compliment, Mr. Chairman, and 
I'm very glad to be back here too today with you, and 
especially pleased to be with this distinguished panel, my 
friends, Speaker Gingrich and Senator Simpson, with whom I've 
served a number of years, and on a topic that really is very 
timely and very important. I know like everybody here, that we 
all were affected terribly by this tragedy on September 11th, 
the attacks on us that I think most of us envisioned was 
unimaginable.
    Even many of us who served in the arenas that I did in 
Congress knew that sooner or later we were going to have a 
terrorist attack of some magnitude, we could not have expected 
nor anticipated the horror that came with this particular one, 
and now we're having a reaction to that. Having been chairman 
of the Crime Subcommittee and, having chaired the Subcommittee 
on Human Intelligence, founded the Terrorism Task Force, been--
18 of the 20 years served on the Immigration Subcommittee, many 
of those years with Senator Simpson's work and mine, together 
with the fellow up there you mentioned, Brooks and others. I 
come to this with a perspective of absolute conviction about a 
couple of things.
    One of those is that there is no need for a national ID 
card and I'm very much opposed to one, but I think it's 
important to identify what a national ID card is. What do we 
mean by that? Mr. Chairman, I mean by that, a uniform system, a 
uniform card that every American would be required to carry to 
produce to law enforcement employers, various government 
agencies for identification purposes. Such a card would 
contemplate a national data base, access by a computer for 
verification purposes. It might contain a strip on the back 
like your Visa card does. It has data and information already 
built in it or accessible through a computer. A photograph, a 
fingerprint, possibly even a national data base that every 
American had a fingerprint in. I don't favor that. I don't 
think that's right. I think that's an insult to our system of 
government, the privacies and those that our great freedoms 
that our founding fathers envisioned. It's a Big Brother-type 
system.
    But we do need to make some of the identifiers we already 
have work, and that's what all of us are testifying about 
today. I have not heard a word that either of my colleagues 
said that I took umbrage with, but I do have a perspective on a 
couple of these a little bit differently.
    First of all, I believe that the Social Security card 
desperately needs to be made more secure. There's been great 
resistance to doing much with that card over the years but back 
in 1996 or, excuse me, 1986 when the Simpson-Mazzoli, and then 
more in the amendments of 1996 in the immigration world for 
employer sanctions, and when you go to get a job, the two 
principal identifiers became narrowed down to your driver's 
license and your Social Security card.
    So if you can produce them fraudulent or otherwise today, 
they essentially get you a job and the Social Security card, as 
well as the driver's license, is commonly used for a whole host 
of other identification purposes today. Yet it is probably the 
most fraudulently produced document in America. It is a 
document that has been flimsy in paper for years.
    In recent years, the Social Security Administration has put 
a few fibers in it but by no means made it tamper resistant or 
counterfeit-proof. And I encourage this committee and other 
Members to really take a look at a proposal that I have in as a 
legislative matter for a good number of Congresses.
    One that was--is attached and submitted to this testimony 
today, H.R. 191, and a bill in the last Congress, Mr. Chairman, 
that you were an original cosponsor of. That is a proposal that 
would require the Social Security Administration to make the 
Social Security card as secure against counterfeiting as a $100 
reserve notice with a rate of counterfeit detection comparable 
to the $100 reserve notice and as secure against fraudulent use 
as a U.S. passport. We're not talking about putting pictures on 
the card, we're not talking about any of that, but it's all 
those interwoven things that you can use, use ultraviolet 
lights and so forth to determine.
    I also would encourage the same type of activity that has 
been discussed here today with regard to the driver's license. 
I think that driver's licenses at least the general standards 
for what they are should be uniform throughout the country, and 
I don't think we have to mandate that. I don't think Congress 
should preempt the States, but I think that there should be an 
effort to encourage that from Congress and I think that it 
should be done in a way that does have either a uniform 
standard proposed or you get the States together to do that or 
whatever. All driver's licenses should certainly have 
photographs on them, they should have the signature on them. 
They should have a fingerprint or another biometric identifier 
on them, and they should have holograms and other types of 
devices built into those driver's licenses just like I 
suggested for the Social Security card so they cannot be easily 
reproduced and so that when you take it somewhere to an 
employer or to a person who's law enforcement, they can be 
quickly checked. You know, we have a little machine that's been 
around for a number of years on fingerprints. You put it on 
this desk--I've had it come when I was chairman before my 
committee. You probably have too, Mr. Chairman.
    And it's not--doing nothing more than saying if you put 
your finger on that machine and you put the card that you have 
with your preexisting fingerprint on it, it matches it or it 
denies it, and it doesn't have to go to some central data base 
to do that. And at least that will tell me biometrically 
whether the person I'm looking at is the same as what's on that 
card. I also concur with the view that we need to do something 
about birth certificates. One of the great, great problems in 
this country are the breeder documents that Senator Simpson has 
talked about and that's important.
    Last, I want to comment on one aspect of the Immigration 
Service because I do believe that the focus rightfully should 
be there, as Congressman Castle stated in his opening. There is 
a great, great opening right now in this country for people to 
come here and not be identified. We need a tracking system. We 
need to be--we need to find people so we don't have visa 
overstays, and we need to shore up so many things. A number of 
things have been mentioned, but one has not been. Today when 
somebody goes before a formal proceeding of an immigration 
tribunal or to the Immigration Service or whatever, they're 
usually released on their own recognizance or maybe on a cash 
bond. The Immigration Service has the authority to have a 
security bond, much like a bail bond, but they don't do that, 
and I believe that it would be extremely helpful to get people 
to show up when they're supposed to before immigration 
proceedings. If there was a general policy that a security bond 
be used and then have the private sector, bail bondsman, if you 
will, like they do in criminal law, be responsible for bringing 
them in, making sure they do show up because people can come 
not only to this country and get here too easily because of the 
visa system and visa fraud if we don't track them, but then 
when they do show up to a proceeding and they're supposed to 
come back in 90 days or 6 months or whatever, we have no system 
to bring them back in. We have no way of knowing where they are 
and we don't have nearly enough police or immigration officers 
that will ever be able to do that.
    So why aren't we using the private sector the same way that 
we do in criminal law? It's not being done today. So I would 
encourage that this committee and your members look very 
strenuously at not only making these identifiers more secure 
and finding ways to track visa overstays and people who come in 
here, but making sure that when they're here, that is, those 
who are aliens, show up when they are supposed to at the end of 
whatever period of time that there is.
    Thank you, Mr. Chairman.
    Mr. Horn. Thank you for your testimony.
    [The prepared statement of Hon. Bill McCollum follows:]
    [GRAPHIC] [TIFF OMITTED] 82171.015
    
    [GRAPHIC] [TIFF OMITTED] 82171.016
    
    [GRAPHIC] [TIFF OMITTED] 82171.017
    
    [GRAPHIC] [TIFF OMITTED] 82171.018
    
    [GRAPHIC] [TIFF OMITTED] 82171.019
    
    [GRAPHIC] [TIFF OMITTED] 82171.020
    
    [GRAPHIC] [TIFF OMITTED] 82171.021
    
    [GRAPHIC] [TIFF OMITTED] 82171.022
    
    [GRAPHIC] [TIFF OMITTED] 82171.023
    
    [GRAPHIC] [TIFF OMITTED] 82171.024
    
    [GRAPHIC] [TIFF OMITTED] 82171.025
    
    [GRAPHIC] [TIFF OMITTED] 82171.026
    
    [GRAPHIC] [TIFF OMITTED] 82171.027
    
    [GRAPHIC] [TIFF OMITTED] 82171.028
    
    [GRAPHIC] [TIFF OMITTED] 82171.029
    
    Mr. Horn. And we'll now go to questioning. It's going to be 
5 minutes per person because of the travel schedules, and we 
will alternate between the majority and the minority, and I 
will start it off. And if Mr. Chief Counsel will get the 
technology here, we're in business.
    In my opening statement, I cited a Pew Research Center 
study that showed overwhelming support, 70 percent of those 
polled for a national identity system, and are all of these 
people just misguided? How do you feel? Do you think from what 
you have seen of just the average citizen when you get into a 
debate like this? And I would take it with this particular 
three of you, would you have, say, a hardened, if you will, 
Social Security or would you take the license which, in my case 
with California, they have a photo and they have a thumbprint, 
and not all of them do it, but that's pretty good 
identification.
    So any other types you're talking about than simply 
hardening up the Social Security card and then putting a 
picture on it or a thumbprint. I remember the supervisors of 
Los Angeles County, which is a county of 10 million people and 
they started with the photo on the welfare situation and a few 
thousand people got off the rolls because they were going two, 
three, four places to get money, and that was one way to do it.
    Mr. McCollum. Well, Mr. Chairman if I might respond to 
that, I don't believe that, for example, in the Social Security 
card, you want to go to put a picture on it, I don't think you 
need to. I think you can stay paper. Its purpose is to make 
sure that the number that's on that card and the name on that 
card are the bearers. When you take that card and produce it 
for whatever purpose, that simple fact can be verified.
    I also think, by the way, that it would present problems in 
reissuance. The Social Security card, one of the great reasons 
why that's been a problem in getting it corrected is the Social 
Security Administration wanted to go to the cost of reissuing a 
lot of cards. They don't have to reissue all of them. But I 
think they do need to reissue those with those younger age 
groups and that would be an added expense I don't think you'd 
want to encounter. And again I don't think we need a national 
ID card as such, a separate card, if you have a driver's 
license and a Social Security card; one with a picture, one 
without it are more secure, more tamper-resistant and 
counterfeit-proof.
    Mr. Horn. Mr. Simpson.
    Mr. Simpson. It's interesting, Mr. Chairman, that polls 
throughout the Select Commission back in the 1980's, 1985, 
1990, if you'd asked the American people, Gallup, whatever, if 
they favor restrictions on immigration, 70 percent do. It just 
stays that way. Not illegal or--I mean, I'm talking about legal 
and illegal immigration. Interesting. But when you come to the 
Congress, it doesn't get done that way because the Statue of 
Liberty suddenly enters the phrase and all of us are children 
of immigrants. Mine are from Holland, orphans. If my granddad 
hadn't killed a guy in the middle of the main street, we'd have 
had a better reputation there in our State, but that's another 
story and I won't go into it.
    Nevertheless, you can't continue to talk about the Statue 
of Liberty again. You must talk about reality and all three of 
these--all three of us I think are, all of you are, but I think 
the one that surprised me was when they put the examination 
into California for the retina exam on truckers, guys just 
stood outside the building because they didn't want to go 
through any part of that because they'd been using fake ID's 
and all the rest of it. It was a very serious problem, and I 
think you ought to look into that California commercial 
driver's license issue retinal exam.
    Mr. Horn. Thank you.
    Mr. Gingrich. I think that what you have to recognize is 
that the people most opposed to a national ID card are 
dramatically more passionate than the people who have some 
vague general support for a national ID card. And that's why I 
think Senator Simpson was right early on in saying that if we 
go down that road, it's a dead end. It won't happen. On the 
other hand, most Americans, I think, can be led to agree that 
having an efficient transfer of information so you know that 
your driver's license is real, that it's valid, so you can 
check it across State boundaries, and for specific purposes.
    Foreign visitors, I think most Americans would agree, you 
could have a nationwide system of identifying--because that's 
not part of what we think of as our civil liberties. People 
that have very important security jobs, whether it's on 
airports or elsewhere, people would agree you ought to have a 
pretty high standard of security because they understand that's 
a function of your job, it's not an infringement on civil 
liberty, but I would encourage you to be minimalist in this. 
You want to get to a highly secure system that is across the 
whole country, that is ideally mostly decentralized in terms of 
States implementing it, but with information able to flow 
across State boundaries and you want to do everything you can 
to minimize the threat to those whose primary concern is civil 
liberties.
    Mr. Horn. Thank you. My time is up.
    Five minutes to Ms. Schakowsky, the ranking member.
    Ms. Schakowsky. Thank you, Mr. Chairman.
    Following up on that minimalist approach and using your 
example, Speaker Gingrich, of what happened before September 
11th, that the CIA actually transmitted information to the FBI 
and it never got through, what I am wondering is are there not 
systems in place were we to have the proper technology for 
sharing that system--that information that could provide the 
kind of security we need?
    That is the question, but let me just say that in many, 
many hearings that we have had since September 11th, what we 
have found is that information was all over the place, and that 
had it only been shared and gotten to the right place, that we 
could have done this or that to prevent what happened. And so I 
am just wondering if it isn't a matter of looking at our 
systems, adding new technologies where we need to, but not new 
authorities to gather that information; if it is just a matter 
of making more efficient what we already have.
    Mr. Gingrich. I think you are 90 percent right, but the 10 
percent is missing, I think, could kill us, and let me describe 
what I mean. First of all, whatever system we build, we ought 
to have a competitive team try to break and find out how 
rapidly can you buy a counterfeit. How rapidly can you figure 
out a way to work around it, because we have active opponents 
who study what we do and who could spend 2 or 3 years trying to 
penetrate our systems. And if we are really serious about 
security, then we ought to be serious about learning what its 
weaknesses are.
    Second, as Senator Simpson said a minute ago, we discover 
that whether it is illegal aliens or it is people who are for 
one reason or another using a false identity, that there are--
even in the current system, even if you had 100 percent 
accuracy of sharing the information, some of the information 
going into the system is false, and we don't have today the 
kind of identifiers and the kind of structure to make sure that 
the information you put in is accurate information. I think 
that would be the other zone where I think there has to be 
serious work done.
    But I yield to my colleagues.
    Mr. Simpson. Congresswoman Schakowsky, you are right on 
track. One of the most frustrating things for me and I know for 
Peter Rodino and Ron Mazzoli and all the rest of us was the 
absolute stubbornness of the agencies to share information. The 
one that appalled me was Customs and INS--oh, there is a real 
internal--it was bizarre. It was childish. Customs--Customs can 
pick up a lot of stuff. They know what is going on, and they'd 
share it, and they'd say, we handle that. The Border Patrol and 
the INS and the Justice Department and the CIA and FBI and 
oftentimes their arrogance and the CIA's secret arrogance, I 
mean, this is where you have to smash the big bug right here. 
And I think that is what I hear the President saying that he's 
going to give Ridge all the authority to do that, and he's 
going to make him do it. Well, we have all been here a long 
while. Merry Christmas. We will see what happens.
    Mr. McCollum. I know that's a big problem. What Senator 
Simpson just said, and we joked about it, it's so true. If Tom 
Ridge can do it--I see the other day where he's talking about 
maybe merging the Border Patrol, Customs and the Coast Guard. I 
think that is going to be an awfully big hill to climb. And 
you'd be better off using the energies you have got to do 
things like forcing the Social Security Administration to 
really go out and make the card tamper-resistant; make it like 
the $100 bill; take the driver's license and make it more 
secure; take the ideas that Newt Gingrich just said about 
putting a data base together nationally to talk to each other 
on these things technically and then cajole, continue to 
cajole, the agencies to do this.
    Ms. Schakowsky. Let me ask one quick other question. One of 
the problems created by drivers' licenses becoming de facto 
national identification systems is the privacy protection of 
those records is very poor. We know that States often sell that 
information to--along with the person's address, and it becomes 
out there in the public. How can we make sure that any 
particular system we use doesn't mean that information is sent 
out? And should Congress stop the validation of Social Security 
numbers until the States institute--a State instituted privacy 
protection for drivers' license records, because they often 
check those drivers' licenses against Social Security cards?
    Mr. McCollum. Well, Ms. Schakowsky, I don't think we should 
stop the validation system as it exists because we have a 
security problem right now, and we need to let these things 
happen as best we can. But I do believe that Congress should be 
concerned and should encourage States to make the right 
decisions to protect the privacy of the data that is in the 
data base. That is the real point I made about not wanting a 
national ID and trying to define it for you. The thing the 
American public may say when they say, ``We are all for a 
national identification card,'' is one thing, but when they 
really get down to it, nobody that I know of favors a Big 
Brother data base somewhere, whether it is in the State or the 
Nation, where other people can get access to your personal 
information. And there is a huge difference between providing a 
chance, for example, for somebody who is an employer or law 
enforcement to call up or do whatever we can on the computer to 
a data base and say, if you walk in, that this is my name and 
this is my Social Security card, and verify that they both 
match electronically. There is a big difference between that 
and somebody walking in and saying, ``OK, I have got a name, 
now let me go find out what is the Social Security number, tell 
me,'' or the other way around. ``I got a Social Security 
number, you tell me the name that goes with it.''
    We don't want that information shared publicly, and that's 
the kind of thing that you need to discriminate, in my 
judgment, against. But you are not going to mandate that in one 
big piece of legislation. It is going to take a lot of work to 
get understanding on the part of each person or group in the 
States that are making those decisions to make them be aware of 
what they're doing and be more secure to educate.
    Mr. Simpson. May I add one thing? Newt Gingrich is a wizard 
of the keyboard, and I am not adept in technical prowess of the 
electronic age, but I do share with you, I believe totally, 
there really is no such thing as privacy anymore because of the 
information technology. They have got you in every data base in 
this country, Social Security, driver's license, organ donor, 
blood type, you name it, FBI reports. I used to read them. And 
with what's happened with information technology in this 
country, I think privacy is gone.
    Mr. Horn. And now I yield 5 minutes to the gentleman from 
Florida Mr. Miller and then Mrs. Maloney.
    Mr. Miller. Let me followup on what Senator Simpson brought 
up, and that's the issue of privacy. And I know Speaker 
Gingrich and Mr. McCollum worked this issue when they served 
here in financial privacy and medical privacy, and I know you 
wrestled with trying to get legislation through. Would you 
comment on that experience and what the experience has been 
that you are aware of controlling that kind of privacy, because 
we are all public figures, and you were public figures when you 
served here in this institution, but that is really one of the 
core concerns here is privacy. And when you wrestle with it, 
and we pass legislation on financial, medical in particular, is 
it working, and what can be done to assure privacy if we move 
to some type of ID?
    Mr. Gingrich. I think this is an extraordinarily important 
issue in the way big computers is a much bigger danger than Big 
Brother. It is so seductively convenient. You use a credit 
card. It doesn't occur to you how much information you are 
building on that credit card every week when you charge things, 
what it tells somebody who is clever about your habits, your 
interests, your taste, etc. Then you go and use telephones, 
which have records, and then you go and pump gasoline. And then 
you go and you get a driver's license--I mean, by the time you 
are done with all this, if you were to accumulate all the 
information that currently exists about you, you'd be stunned 
at how much you are a public person in ways you did not intend.
    And I think there are two very different layers of this. We 
badly need to think through an integrated privacy policy in 
terms of law. As I said earlier, I am a passionate believer in 
electronic medical records, but I'm also a passionate believer 
in a Federal law that would make inappropriate misuse of that 
information a felony and have very stiff penalties. We have to 
have the information, but we want to protect people from having 
it exploited to hurt them.
    Similarly, I think that it is important to recognize, and 
as I stated in my own testimony earlier, I want to commend the 
subcommittee again, you know, for your report issued last week 
that the Federal Government agencies have security levels that 
in many cases are so laughable that any really competent sixth-
grader could break into them. And even the ones that are 
relatively secure, except for the top two or three, a 
relatively competent junior-high-schooler could break into 
them.
    And I think it's really important to understand--and I met 
recently with the National Association of State Chief 
Information Officers, and we talked about the fact that we need 
to set a whole new standard against hacking, against organized 
crime, against terrorists, against foreign governments that 
want to try and break in, and recognize that is going to take a 
sharing of technical knowledge. It's just not writing laws, but 
understanding how to write these security systems. And we have 
to recognize how much of our code is now written outside the 
United States. And I think we have to have a project between 
the Department of Defense, the National Science Foundation and 
the National Security Agency to really figure out a way to 
literally scan all the code we now rely on, because we don't 
know how many various back doors have been built in, because 
you are talking about millions of lines of code that routinely 
now enter the U.S. system from overseas.
    Mr. Simpson. May I say, too, sir, and to the panel, who 
knows more about the loss of privacy than all of us? You? Me? 
All of us who are in public life have none--and maybe that's 
all right. It's all right with me. I laid it out there, all the 
peccadillos and all the goofy things I ever did. But there is 
no privacy for a public figure. So I think it is very important 
to realize that as we do these things, the media loses a lot of 
sleep about us because when we get active, they go into 
everything we've ever done: first grade, high school, college, 
the whole works, and we get the whole load. When you come back 
to them and say, aren't you intruding on our privacy? And they 
say, well, you are public figures, and we are not. I say, more 
guys know you on that tube than know us--all of us in Congress, 
so don't give me that. I think we ought to know a little bit 
about your private life.
    It's a sick idea, I know. It's about the first amendment. 
It belongs to me, too. We are the ones that suffered the slings 
and arrows. And I am ready to do that at any time, in fact, in 
anything, anything--and the woman I have been living with for 
47 years is sitting back here--in anything they couldn't dig up 
on Al Simpson, but let me tell you, they sure as hell tried.
    Mr. McCollum. I would like to make a distinction, Mr. 
Miller. You asked about privacy, and I think what is a person's 
reasonable expectation, what are the Constitutional protections 
for that, and there are some. And we live in a different age 
when it comes to the computer, but we need to divide up what 
people should reasonably expect in the way of privacy, with 
respect to privacy and their government intrusion into that, 
and what they can reasonably expect when they go out and take 
certain steps on their own in the world of business and with 
data that they freely yield to someone. Two different things.
    The privacy that is protected in the Constitution clearly 
is there when it comes to the government coming into your 
house, not just from a criminal law standpoint, but an 
unreasonable search and seizure or eavesdropping or whatever, 
and we have all kinds of checks on that, and they should always 
exist. When it comes to the computer, when you use the 
computer, you need to be aware you are opening up whatever you 
put in there for other people to look at. And we can talk about 
trying to restrict that all we want, and it is very difficult 
to do. On the other hand, when you give up data to a bank, 
which is where we first met the privacy issue in the last 
Congress and it created a lot of hullabaloo, I don't think 
people were even thinking about the privacy question so much 
there, but the reality is prior to the enactment of the big 
bank bill last Congress, banks could share data they had with 
anybody. There were no restrictions, and we put the first 
restrictions--Congress did in the law. And those restrictions 
said that since we allowed the merger of the operations of 
banks and security companies and insurance companies, that if 
you were in the same holding company, you know, the same group, 
within that group, financial information that you as a citizen 
gave to that bank could be shared. But if they wanted to go out 
and give that information out to somebody that wasn't a party 
to their company, to their holding company, they had to seek 
your permission. And those are the kinds of things we need to 
think about at each stage.
    You give up your rights when you go and do a certain 
business transaction, but you should be informed what you are 
giving up. And before information that is given by you to a 
business or third party is given away to somebody else, you 
should have a right to say yes or no. But absolutely you should 
have a reasonable expectation that the government won't intrude 
your privacy. That is sort of the broad guidelines. It is a 
huge subject, but that is the guideline.
    Mr. Horn. Thank the gentleman, and now 5 minutes for the 
gentlelady from New York Mrs. Maloney.
    Mrs. Maloney. Thank you, Mr. Chairman.
    Speaker Gingrich, you mentioned that you are not supportive 
of a national ID card, but you support a more sufficient 
transfer of information. Since all of the known terrorists were 
visitors with visas here either legally or illegally, it 
appears that a good place to start would be with a more 
thorough tamper-proof green-card; would you agree?
    Mr. Gingrich. I did say earlier that I drew a very sharp 
distinction between the need for a national system for non-
citizens, which I think should be administered by the Federal 
Government, run across the whole system; should have a clear 
identifier that is biometric; and should have a data base that 
can be accessed by a variety of agencies. And that should be a 
condition of being here.
    I also said, and I think you get real controversy about 
this, but I think we are much better to go to some kind of 
guest worker program and accept the legality of people who are 
here for the purpose of working and get them identified. I 
think when you have a pool of--I think the numbers are 3 to 5 
to 7 million people who are illegally here, but are here to do 
legal things--they are not here to be drug dealers or 
terrorists, that pool of people who are outside the system 
causes, I think, a real challenge for security purposes. So I 
think it would be much healthier to have an identifiable guest 
worker program and simply have a requirement that everybody who 
is a non-citizen have some kind of an identifier and a 
sophisticated greencard with a central data base. That should 
be national. And my guess is overwhelmingly the American people 
would support that.
    I am also suggesting if you come here as a visitor as part 
of the transit point, then we ought to have some biometric, an 
iris or retina scan, so we can determine whether or not you are 
a person who is a threat to the United States at a point of 
entry, even for visitors who are here on business or here for 
tourist purposes. And my guess is that most people on the 
planet--people who come for business or vacation want to be 
safe, and they want a safe system, and as long as it is not too 
intrusive, I think they would be very accepting of that kind of 
safety.
    Mrs. Maloney. Building on that base of a non-citizen data 
base that is national, who should maintain this data base? 
Where would you put it in government? Would you put it in the 
INS? Would you put it in the FBI? Would you put it in the new 
Homeland Security?
    Mr. Gingrich. I am going to yield to my two colleagues. I 
haven't thought about it where in the Federal Government you 
would house it. I would probably outsource a great deal of 
management of it, because I think it is very, very hard for the 
Federal Government to get first class----
    Mrs. Maloney. It has to be maintained by the Federal 
Government.
    Mr. McCollum. It is the Immigration Service you are talking 
about.
    Mrs. Maloney. You say INS.
    Mr. Simpson. It was my experience, Congresswoman Maloney, I 
met some of the finest people in both parties who were 
Commissioners of the INS. It is an absolutely unwieldy agency. 
Doris Meissner did her best. There's nothing you can do with 
them. The regional people are tough. The district people, they 
are all--it has got to be done there. If you go ahead with the 
legislation that is being proposed, then it would be the INS, 
which would be logical, not Social Security.
    Mrs. Maloney. This is only for non-citizens.
    Mr. Simpson. Yes. And many non-citizens hold Social 
Security cards.
    Mrs. Maloney. I would also like to ask our panelists, who 
do you believe should have access to that data base, assuming 
it is in INS with oversight by----
    Mr. Gingrich. For verification purposes, it is reasonable 
to ask people to prove who they are when they apply for a job 
if they are a non-citizen, and I think I would allow law 
enforcement people to have access to the proof that they are 
who they are. Beyond that basis, it would have to be carefully 
screened--law enforcement, Federal law enforcement basis. But I 
think if a highway patrolman pulls you over, and this is part 
of your proof of who you are, it ought to be reasonable for 
them to have at least the negative access that says, yes, this 
is a real person.
    Mrs. Maloney. The other panelists?
    Mr. McCollum. I think what--Newt Gingrich is very clear, 
but I want to amplify it, and that is the key to all of this in 
identification and certainly in the area of these aliens who 
are coming here is the proof that they are who are they are. 
That verification, that is, that the whole idea if you have a 
biometric and take your fingerprint and put it here, maybe that 
goes back to some data base where you corroborate and say, 
``Hey, that is Joe,'' but I don't think the general public 
should have access to it. And I don't think that anybody but 
law enforcement for very specific purposes, probably 
Immigration Service and key law enforcement people, should have 
access to the full information, presumably the data on that 
alien about where they are born, how many times they have been 
married, that sort of thing.
    Mrs. Maloney. My time is up.
    Mr. Horn. I thank the woman from New York, and now the only 
librarian in the history of Congress, Major Owens, the 
gentleman from New York, 5 minutes for questioning.
    Mr. Owens. Thank you, Mr. Chairman.
    What this distinguished panel seems to agree, that the 
national identification card will not be a silver bullet. We 
can put the debate to rest once and for all and focus instead 
on another problem that I think most of them would agree we 
have, and that is the problem of monumental mismanagement in 
our agencies; you know, the kind of mismanagement which allows 
us to have a worldwide electronic surveillance system where we 
can pick up all kinds of information, but they didn't have 
enough Arab translators in the FBI and CIA to deal with the 
translation of vital information. I could not believe that when 
I heard it, you know.
    Right now we have a recent airplane crash in New York, and 
it appears that turbulence of a jet that took off just before 
is probably the cause of the accident that took place. If after 
all these years of flying and jets we don't know about 
turbulence and what it might do to an airplane, or, you know, 
the mismanagement is such that decisionmaking within these 
vital agencies like the CIA and FBI is off to the point where 
Aldrich Ames could sit there for 10 years on the payroll of the 
Soviet Union and Robert Hansen could be on the payroll of the 
Soviet Union for 14 years, maybe your prestige and influence 
could be put to work on a crusade to improve the management--
technology is excellent and way ahead of our capacity to use 
it, including INS computers always breaking down, and there is 
always a problem. If INS maybe had some of the budget of the 
CIA--$30 billion plus and trying to maintain enough staff--
maybe we could--I will conclude and you can comment--maybe such 
a crusade of people of your caliber would get to the heart of 
the matter and all these other things would fall into place.
    The companies that issue credit cards are very familiar 
with ways, and you can develop a foolproof card. Even if 
there's no foolproof card, there's a certain degree of fraud 
they put up with, but they are pretty much on top of that. And 
there are various ways of doing it, and some identification 
cards, consolidation would be very convenient for most of us.
    But the real problem, I think, is monumental mismanagement. 
I think the history of the fall of the American cyber-
civilization might be written 1 day, and the cause will be 
human error. That is what we ought to address.
    Mr. McCollum. One of the greatest frustrations I had in the 
last couple of years in Congress was the fact--is that over the 
years I had been one of the those people who was beating up on 
the CIA and others to get more language speakers of Farsi and 
Pashto and all those languages that we're now seeing we don't 
have. And we kept pouring money at it, and they kept reporting 
to us, and they kept not getting the numbers and telling us 
they just weren't available.
    Mr. Owens. They had a lot of people who spoke Russian. A 
lot of good librarians work for the CIA.
    Mr. McCollum. But my point to you, and you know this 
because you served with me in a number of these capacities, is 
that you sit there, and you are only as good as the product or 
the effort of the person who is right in charge at the moment 
and the vision they have. And the vision in the case of some of 
these things, including the language issue you are talking 
about, had to be to go out and be creative and get that 
language more quickly in place. The same thing is true about 
the immigration stuff we're talking about here today. That is 
why we all hope that some of the ideas being batted here today 
will really be enacted and that Ziglar and others will go out 
and do it, and we won't be talking about it.
    Mr. Owens. We had a problem with Arab terrorism since the 
Beirut bombing when President Reagan was President. There have 
been Arabs--why after all these years don't they have 
translators who can translate documents from Arabs?
    Mr. Gingrich. Let me just say, in your 5 minutes, you put 
your finger on the heart of the American challenge in the sense 
that is what Senator Simpson said when he wished Tom Ridge luck 
as part of his Christmas present. And it goes to the core of 
whether we are a comfortable system or we're a serious system. 
The difference is a comfortable system accepts any innovation 
that doesn't require it to change. A serious system says, 
``This is what has to happen.'' If you watch Jack Welch of 
General Electric--probably the best modern CEO--he said for GE 
to be successful it has to go and become X, and that means we 
are going to change in the following ways, and he drove the 
changes.
    There are three problems: rivalry, bureaucratism and 
acquiring new capabilities. Rivalry, the CIA doesn't want to 
share with the FBI, and the FBI doesn't want to share with 
anybody. I mean, it is an absurdity, and it should be a 
national scandal that the watch list didn't get through to 
Logan Airport after 42 days. The one that Senator Simpson 
mentioned, the Border Patrol and the Customs agents standing 
next to each other, have different computers. Now, that's just 
a level of deliberate bureaucratic turf-guarding that shouldn't 
be tolerable, and that should be shameful.
    Second, bureaucratism. I had my staff pull this up the 
other day. There are 51,000 Pashtuns in the United States. Now, 
if the Central Intelligence Agency can't find Pashtun speakers, 
they should assign someone to go to National Airport and wait 
for the taxis to come in. The idea that you couldn't hire a 
translator--you don't have to go through the process of vetting 
somebody to be an FBI agent or vetting them to be a CIA agent 
with secrets in order to have them as a translator. The notion 
that you couldn't find an Arab translator in the FBI is that it 
tells you how bureaucratic they were, how lacking in drive and 
seriousness, and how unwilling to confront reality.
    Third, I mentioned earlier before you got here--as a 
librarian, you will appreciate that I am pushing books. I 
mentioned Clayton Christenson's book on, the Innovator's 
Dilemma, because he really makes the key point. Really big 
breakthroughs tend to come in really small companies, just the 
nature of how breakthroughs occur. Government is peculiarly 
slow at finding those. Government procurement makes it almost 
guaranteed not to acquire the newest technologies.
    And so I think you put your finger on a profound challenge 
for the American Government. I wish President Bush well and 
Director Ridge well in trying to get this thing solved, but I 
think you have absolutely described the core problem of us 
becoming an effective country in the next decade.
    Mr. Simpson. May I say a word to my friend Major Owens, who 
I have enjoyed very much through the years? We have had some 
nice sessions together and traveled together. You are 
absolutely correct when you are talking about mismanagement, 
and then you are talking about the thing that all of us never 
do well when we are here, and it is called oversight hearings. 
We have an oversight hearing. We bring in an agency. They 
prepare for it. Oh, man, do they get ready for it. And then you 
beat them up. And everybody just beats their brains out from up 
on the panel. And they all say, don't worry, we recognize that. 
We are going to correct it. In fact, we are so thrilled that 
you see, too, this is a problem for us.
    So after pounding their brains in all day, and after them 
slip-sliding along like that old play, the Best Little 
Whorehouse in Texas, where the guy just slid all over the 
place, we don't do anything. I couldn't do anything. I had 
oversight hearings with the INS, and they told me the most 
magnificent things for 18 years, and nothing was ever done. It 
was with violin music in the background and tympany and bells. 
But it is oversight, and that is the tough one.
    Mr. Horn. I am going to give you one more question. And in 
his testimony--for the panel, too--Professor Turley will 
propose that a commission be established to study the 
feasibility of a national identification system. What do you 
think of that proposal? You have been on these commissions. 
Should they do it, whoever they are, Presidential and 
leadership in both Chambers, or have legislators go up to the 
trough and see what they can do?
    Mr. Simpson. I think that a national commission--I speak 
from experience. The Select Commission did two reports on legal 
and illegal immigration, by the chairman, Ted Hesburgh, and 
both of the commission reports were enacted into law--the 
essence of the legislation. So I do think it's good. I do think 
that it has to be--it has to be not called a national 
identifier. It should be called how to make more secure the 
systems of identification and work recognition in America, or 
something like that. If you use national ID, it's over.
    Mr. McCollum. I believe, as Senator Simpson does, that the 
commissions do form the nucleus and sometimes the initial 
impetus to get legislation enacted when you need to get a 
consensus together. And I share his concern. The whole idea of 
the national ID, as I described it in my statement to you, Mr. 
Chairman, is a nonstarter, and we don't want to talk about it. 
Not that we don't want to recognize that people could call 
something that, but I don't want a national ID with a national 
data base with Big Brother. But I do want to see improvements 
that a commission could recommend and make things more secure 
and an identification that really works in this country.
    Mr. Gingrich. Let me be a doubter for just a second. I'm 
not opposed to a commission, but I think we know an awful lot 
of what needs to happen. And the Congress, I think, could move 
expeditiously early next year on an awful lot of stuff 
particularly as it relates to non-citizens. We really know how 
much we have to improve that system, and I am not sure that we 
need to have more people tell us. I suspect if you had your 
staff go to the Library of Congress and pull up all the 
commissions on this topic in the last 20 years and simply print 
out the summary of recommendations, you'd be astonished how 
much already exists and how many smart people have already 
worked the issue. And I think it is important to move while the 
public is paying attention and cares about this topic, and that 
would be in the next session of Congress, not 3 years from now.
    Mr. McCollum. And by the way, I'd echo that. I think he's 
absolutely right about that point.
    Mr. Horn. Well, I thank you all for coming. I know when the 
three of you get together, it's going to be a lively session. 
So we wish you well. Thank you.
    We will go to the second panel now. Mr. Turley, Mr. 
Goodman, Ms. Corrigan--would you all stand, please, to be 
sworn.
    [Witnesses sworn.]
    Mr. Horn. Didn't see too many other assistants. So let us 
start, then, with Mr. Turley, Shapiro professor of public 
interest law at the George Washington Law School. Mr. Turley.

  STATEMENTS OF JONATHAN TURLEY, SHAPIRO PROFESSOR OF PUBLIC 
INTEREST LAW, THE GEORGE WASHINGTON UNIVERSITY LAW SCHOOL; ROY 
M. GOODMAN, CHAIRMAN, INVESTIGATIONS COMMITTEE, NEW YORK STATE 
    SENATE; KATIE CORRIGAN, LEGISLATIVE COUNSEL ON PRIVACY, 
AMERICAN CIVIL LIBERTIES UNION; RUDI VEESTRAETEN, COUNSELOR AND 
CONSUL, EMBASSY OF BELGIUM; TIM HOECHST, SENIOR VICE PRESIDENT 
 OF TECHNOLOGY, ORACLE CORP.; AND BEN SHNEIDERMAN, PROFESSOR, 
DEPARTMENT OF COMPUTER SCIENCE, UNIVERSITY OF MARYLAND, COLLEGE 
       PARK, FELLOW, ASSOCIATION FOR COMPUTING MACHINERY

    Mr. Turley. Thank you very much, Mr. Chairman. First of 
all, let me express my thanks for appearing again before this 
subcommittee and also to appear before you, perhaps for my last 
time, as chairman of this subcommittee. We owe you a great 
debt, and your retirement is a real loss to this institution. I 
want to be one that thanks you for it.
    Mr. Horn. Remember you are under oath now.
    Mr. Turley. Obviously this is a subject where generally 
more heat than light is generated. And in a rare display of 
academic modesty, I will say that I will not resolve the 
questions surrounding this debate. I would, however, like to 
offer a Constitutional historical foundation perhaps to move 
the debate from what is often kinetic rhetoric to a more stable 
basis for discussion.
    It is certainly not enough to dismiss national 
identification systems as opposed to a card as unprecedented. 
The framers gave us a system that is--was certainly at the 
time--unique because it is the most nimble and versatile system 
in the world. As in nature, nations that fail to evolve are 
least likely to survive. The world is not static, and so our 
responses have to be as dynamic as the world around us. So this 
is a hearing that is looking at a question that is very much a 
question for our times.
    Whether you consider the national identification system to 
be a necessary security measure or Big Brother's little helper, 
we need to reach some type of consensus, and so it is an honor 
to offer my views on those lines. Now, today's debate is part 
of a long unbroken debate that has raged about the relationship 
between the government and the governed. We as Americans have a 
virtual hereditary suspicion of government. As Oliver Wendell 
Holmes said, ``The life of law has not been logic, it's been 
experience.'' And our experience with the government and 
systems of this kind has not been good. It has been long and 
painful.
    We have learned that government authority operates along 
the same principles as a gas in a closed space. As you expand 
that space, government authority will expand as well to the 
full extent of the expansion. And from Biblical times, and I 
have laid this out in my written testimony, through the Ottoman 
Empire and Henry VIII, nations have tried to create national 
registries not for oppressive reasons, but for necessary 
reasons, but those systems have, as we know, been used for 
great harm.
    Now, we also need to get away from a habit of talking a 
good game about national identification systems. We are very 
proud as Americans that we don't have human license plates. But 
the fact is we have a national identification system, it just 
happens to not be a very good one. We have allowed the Social 
Security number to mutate into a national identifier. That is 
ironic since, as I mention in my testimony, the Congress was 
quite clear that the Social Security number was not to be used 
as a source of identification. This Congress has repeatedly 
said that it should not be used and that it's opposed to a 
national identification. And so the question is why in my 
wallet do I have a driver's license, a smart university card, 
an athletic card and credit cards that are all based on my SSN? 
Why do I have two kids, one is 3 and one who is 1\1/2\, have 
their own cards? They're already being tracked.
    The human serialization that we fear is here in some 
respects, but the reason it is here and the reason we failed in 
our efforts to control the SSN is because the market had a 
need. It created a vacuum that, in the absence of congressional 
involvement, it filled that vacuum. The SSN was inevitable 
because the market needed it.
    I happen to have a great deal of problems with national 
identification systems. I tend to fear government, quite 
frankly. I tend to like the least of it as I possibly can have. 
But we also have to be concerned that if we do not act, that 
the market will act for us. We have to be concerned that if we 
remain passive, there will be efforts to fill that vacuum, and 
they are happening right now. At this moment, the heads of the 
Department of Motor Vehicles have already moved toward what's 
called a de facto national identification card. The airlines 
are working on a fast track card of their own that will 
effectively have a national footprint. Now, I don't know the 
heads of the Department of Motor Vehicles, quite frankly. Maybe 
I should. But I don't think they are the ones who should make 
this decision. I think you are the ones who should make this 
decision. And it is important for you, I believe, not to be 
repelled by the idea, to the extent, of being absent.
    I happen to believe, and I may disagree with our earlier 
panel, that we may want to discourage the development of those 
cards. We may want to try to exercise some degree of control as 
to what is happening in the country in terms of 
identifications, if nothing else, to avoid the creation of 
redundant systems where we suddenly have a whole bunch of cards 
that become barriers to travel.
    In the review of identification cards around the world, you 
have over 100 nations with different cards, but to use the term 
``national identification system,'' let alone ``national 
identification card,'' is virtually meaningless. These systems 
are unbelievably diverse. Some of them are really better than 
our SSN system. Others are incredibly detailed and are attached 
to data banks and probably would make most Americans feel 
uneasy. But using the reference to Nazi Germany and to the 
abuses, I think, is a little bit overblown, but it is relevant. 
It is overblown in the sense that we have a Nation that has its 
own safeguards, Constitutional safeguards, cultural safeguards, 
that makes those types of abuses historical, but not 
contemporarily relevant. Many of our friends around the world 
like Belgium, France and Germany are great democracies, and yet 
they have these cards. So I think we need to look at this with 
the appropriate amount of passion, but also with an open mind.
    Now, the cards differ, of course, dramatically. Britain had 
a national identification system that was discontinued in the 
1950's when they had a negative ruling by the lower Chief 
Justice. They are now considering a new card, and they range--
we can look at, for example, the Belgium identification card, 
which is one of the most developed of systems. And in Belgium, 
you are required to have a card at age 12, and then you are 
required to carry it by age 15. It is not an internal passport 
system in the most negative sense, but it is a potential 
barrier in the sense that when you go to an airport in Belgium, 
you do have to show the card. Obviously Belgium has not used 
that card for oppressive means. They have a large data base 
that the police have access to.
    Germany also requires the carrying of a card, and it has a 
great deal of information. It is incorporated into a data base 
which is accessed from multiple sources, like Belgium it is a 
stand-alone system. Other countries like, for example, for the 
Dutch, they have the SoFi number, which is a more developed 
system than our Social Security system. It is sort of a hybrid 
between these various options. And you can go through country 
to country to look at these options.
    As we move toward a national identification system, if we 
are going to move toward that, then we need to look at the 
Constitutional and legal parameters for that system, because we 
are all talking about so far a system more of authentication. 
It seems we are mainly talking about here--and the Members have 
already indicated they are interested in authenticating 
people--is to make sure they are the people that they say they 
are.
    So we have to distinguish between what we are trying to 
achieve. Are we trying to get a ready identification that is 
reliable for the cop on the beat so he can take a look, and the 
card has biometrics and other elements that make it hard to 
tamper with? If that is the case, the card can be largely 
contentless. It simply requires those biometric elements to be 
reliable as authentication. If we are talking about, as has 
been discussed in the past, a Smart Card attached to a data 
base, we are talking about far more significant issues in terms 
of Constitutional and legal questions.
    One of the most important Constitutional questions that has 
to be dealt with is the right of travel. The Supreme Court has 
said that the right of travel is virtually unconditional in the 
United States. And when we develop national identification 
systems, we have to be concerned not just in drift, but that 
those systems can create barriers to travel that will impinge 
upon that right. And I go into that in my testimony.
    We also have to be concerned about creating a national 
identification system that will fall into the trap of the Brady 
law. To some extent, any national identification system will 
require the integration of State and Federal systems. To the 
extent that we commandeer the State agencies, we are moving 
into a separate area where Constitutional concerns would be 
heightened.
    And finally, privacy protections, which I talk about in my 
testimony. What I would like to propose is that Congress 
consider--one thing that I think is clear, and clarity in this 
matter is truly valuable. It should not necessarily be clear 
how we should proceed, but it should be clear how we should not 
proceed. We need to look at the SSN experience and not repeat 
it. That's not how we do national policy.
    We allowed the SSN to be propelled into a national 
identifier without any vote of this body. There were a couple 
of laws in which Congress embraced the SSN. Franklin Delano 
Roosevelt wanted to use the SSN, but for the most part this has 
been done with little foresight and control. And as we see 
these de facto identification cards in the making, it seems 
that history is repeating itself. So that is the reason I 
recommended the creation of a Federal commission, and God knows 
this town does not require another commission. I have been on a 
Federal advisory group. I was on it for 3 years, and at the end 
I wanted to take a ball-peen-hammer to my head. They are 
frustrating. There's too many of them, but, unfortunately, I 
think this is an area that deserves a commission unlike the 
ones we have seen in the past.
    Newt Gingrich is right. We have had commissions in this 
area, but none have been given the specific task of looking at 
whether we are going to have a national identification system. 
Whether or not we act or not, that is important. We need to 
have a commission that looks at the question of whether there 
is inevitability. Whether in this information age we are going 
to have this Cosean problem where the market is going to 
dictate those conditions unless you do something.
    So we have to deal with reality, and if that reality is 
that businesses and agencies need a national identifier, I 
would rather have you involved in it than the hidden hand of a 
market which may take us away from privacy.
    The commission can look at some questions I've laid out in 
my testimony. The first one is what the function, utility of a 
national identification card is. I have already mentioned that, 
but there are vast differences, and when you look at what 
people have said about national identification systems, they 
are as different as you can possibly be. Some of them talk 
about massive data bases, and some of them talk about immediate 
authentication. I don't know which one we need, but we need to 
look at that before we do anything.
    Second, we have to look at the utility of the system. Part 
of the problem with a national identification card is that you 
can have a sleeper agent from Al Qaeda or an espionage agent. 
In the United States, one of the most effective ways to 
penetrate a nation is to have a sleeper, and he or she comes 
into the country. She has a wonderful life, is a wonderful 
neighbor, goes to PTA meetings, and then about 9 years down the 
road, Al Qaeda activates her. She's got a wallet for every 
possible card from the PTA to a fasttrack card to a national 
identification card.
    Finally, we need also--second, we need to look at what 
technology is to be used for the system. We have everything 
from iris recognition to DNA fingerprinting to facial 
recognition systems. We need to look at those technologies. If 
we are going to embrace the technology, embrace one that is 
going to be good 10 years from now, that is going to be 
accurate and reliable.
    We need to look at the system of hacking, because if this 
is going to be a system like Belgium's where you need to get it 
on a plane, then, frankly, it is dangerous to have the usual 
Government error rate with data bank and data bases.
    Finally, we need to look at what type of protections we 
need to put in place. As you know, the Census Bureau 
information is supposed to be private, but it was used to round 
up Japanese Americans. We know information from States have 
been sold to private companies.
    And then finally, I have suggested that we consider the 
need for a Constitutional amendment. I have never supported a 
Constitutional amendment until this year, but there is a trend 
that needs to be arrested, and that trend is the diminishment 
of privacy. It's chilling to hear a person like Simpson, who I 
have a huge amount of respect for, saying privacy is dead, 
because if privacy is dead, we have allowed something that is 
uniquely American to die with it.
    So in conclusion, the test for the moment is to try to 
protect our society without changing it in the way that we lose 
the object of our defense. The Framers never said it would be 
an easy road, they simply said it was the only road for a free 
people. And so I suppose the charge of the Framers is this: How 
to keep us safe from harm, but to pass along our system to the 
next generation in the condition it was passed to us. I think 
that is a subject that deserves some thought and 
circumspection.
    I thank you very much for your time today.
    Mr. Horn. We thank you very much for your presentation.
    [The prepared statement of Mr. Turley follows:]
    [GRAPHIC] [TIFF OMITTED] 82171.030
    
    [GRAPHIC] [TIFF OMITTED] 82171.031
    
    [GRAPHIC] [TIFF OMITTED] 82171.032
    
    [GRAPHIC] [TIFF OMITTED] 82171.033
    
    [GRAPHIC] [TIFF OMITTED] 82171.034
    
    [GRAPHIC] [TIFF OMITTED] 82171.035
    
    [GRAPHIC] [TIFF OMITTED] 82171.036
    
    [GRAPHIC] [TIFF OMITTED] 82171.037
    
    [GRAPHIC] [TIFF OMITTED] 82171.038
    
    [GRAPHIC] [TIFF OMITTED] 82171.039
    
    [GRAPHIC] [TIFF OMITTED] 82171.040
    
    [GRAPHIC] [TIFF OMITTED] 82171.041
    
    [GRAPHIC] [TIFF OMITTED] 82171.042
    
    [GRAPHIC] [TIFF OMITTED] 82171.043
    
    [GRAPHIC] [TIFF OMITTED] 82171.044
    
    [GRAPHIC] [TIFF OMITTED] 82171.045
    
    [GRAPHIC] [TIFF OMITTED] 82171.046
    
    [GRAPHIC] [TIFF OMITTED] 82171.047
    
    [GRAPHIC] [TIFF OMITTED] 82171.048
    
    [GRAPHIC] [TIFF OMITTED] 82171.049
    
    [GRAPHIC] [TIFF OMITTED] 82171.050
    
    [GRAPHIC] [TIFF OMITTED] 82171.051
    
    [GRAPHIC] [TIFF OMITTED] 82171.052
    
    [GRAPHIC] [TIFF OMITTED] 82171.053
    
    [GRAPHIC] [TIFF OMITTED] 82171.054
    
    [GRAPHIC] [TIFF OMITTED] 82171.055
    
    [GRAPHIC] [TIFF OMITTED] 82171.056
    
    [GRAPHIC] [TIFF OMITTED] 82171.057
    
    [GRAPHIC] [TIFF OMITTED] 82171.058
    
    [GRAPHIC] [TIFF OMITTED] 82171.059
    
    [GRAPHIC] [TIFF OMITTED] 82171.060
    
    [GRAPHIC] [TIFF OMITTED] 82171.061
    
    [GRAPHIC] [TIFF OMITTED] 82171.062
    
    [GRAPHIC] [TIFF OMITTED] 82171.063
    
    [GRAPHIC] [TIFF OMITTED] 82171.064
    
    [GRAPHIC] [TIFF OMITTED] 82171.065
    
    [GRAPHIC] [TIFF OMITTED] 82171.066
    
    Mr. Horn. I have had the opportunity last night to read all 
of them. And we will first get all the presentations in, and 
the Members will have a question and answer with you and 
dialog.
    Now, my next witness here, we deeply are euphoric, Roy M. 
Goodman, State senator from New York. You joined us on such 
short notice. We thank you very much. You flew down here from 
New York this morning after our invitation yesterday afternoon. 
So you get things done very fast.
    And I look at this background. Any legislator that has 
1,200 of his bills become law, that is impressive. So we are 
lucky around here if we can get five to be presented. And we 
thank you, because you are also in the same business we are, as 
chairman of the Senate committee on investigations, taxation 
and government operations. And looks like you have had a lot of 
fun. So, thanks for coming.
    Mr. Goodman. Mr. Chairman, thank you very much indeed for 
that warm welcome. I am grateful to you and the members of the 
committee for an opportunity to appear before you today, albeit 
on relatively short notice.
    I would like to make at the outset a comment of warm salute 
to my former colleague in the State Senate in New York, Major 
Owens, one of our more esteemed Members who has risen to the 
heights of the U.S. Congress. Major, I can see just from the 
height of the ceiling in this room that we have pygmy 
proportions compared to the stature which all of you possess. 
And I am very proud to know you.
    And also Mrs. Maloney, who happens to be my own 
Congresswoman, and I very much hope that she will be around in 
a few moments so I can salute her personally. A much esteemed 
and good friend, although on the other side of the aisle I must 
confess.
    May I say, Mr. Chairman, that once upon a time on the 
matter of personal identity, there was a gentleman who entered 
his men's club, an elderly chap with mutton-chop whiskers, 
typical of an old Peter Arnaud personality, and he sunk into a 
deep chair and rang a little bell next to it on the table by 
which he hoped to summon the club steward so he could order his 
usual martini. Nothing happened. And he rang the bell again. 
And finally after ringing it four times, he was outraged, and 
someone came by and he said, ``Great God, man, do you know who 
I am?'' And he spoke to one of the employees in the club. And 
the chap looked at him and said, ``No, sir, I don't, but if 
you'll go down, I'm sure the gentleman at the front desk will 
be able to tell you.'' So this was an indication of an identity 
crisis that occurred under slightly different circumstances.
    May I say, sir, that on a much more serious note, 
unfortunately, I appear before you at a moment when the Nation 
is plunged into a war which it did not seek and which was 
visited upon us in a most astonishing fashion on September 
11th. The trauma of that is simply indescribable. I might just 
tell you that on my first trip down to Ground Zero, I had a 
chat with the fire commissioner, who was describing some of his 
experiences on that particular day. Let me say, that he said a 
chap came up to one of his fireman and said, ``I have a helmet 
here, sir.'' And he said, ``Why are you bothering me with that? 
We're trying to save lives.'' He said, ``The reason I'm 
bothering you with that is there is a human head in the 
helmet.'' Alas, the gentleman had been decapitated. And this is 
one of the horrific, horrendous things that occurred on that 
day.
    And needless to say this is something which has embedded 
itself in all of our minds most profoundly and with a sense of 
deep grief and outrage that we appear before you to discuss the 
problems relating to the identity card matter. And I have to 
tell you my whole view of it is heavily tainted by the fact 
that we are at war. I spent 3 years in the Navy during the 
Korean War and wore about my neck at that time an ID tag with a 
thumbprint engraved upon it, so that the idea of having a 
fingerprint identification is certainly nothing new. My 
officer's identification card had a full set of prints on it. 
Military service is fully familiar with it.
    I thought it would be useful just to take a moment to 
review with you the contents of my own wallet in regard to 
cards. I confess I haven't thought to do this until I sat down 
here this afternoon, but I notice that I have a few of them. 
And just to give you some idea to the extent to which privacy 
is invaded, let me give you a quick inventory of my cards. I 
will make it very brief.
    On top is a picture card identifying me as a New York State 
Senator; driver's license, which also has a picture of me upon 
it; my Citibank Visa card, which has a picture on it; my MTA, 
that is to say Metropolitan Transit Authority subway card, 
which has my picture on it; a Sam's Club card, Sam's Club being 
a retail establishment where I have credit, which has my 
picture on it. And we go through a series of others, American 
Express, New York Society of Securities Analysts, my Medicare 
card, my New York Public Library card, my Wyoming Public 
Library card where I go in the summertime, my Barnes and Noble 
credit card, my New York government employee benefit card, my 
Automobile Club of America card, my Metropolitan Museum 
identification card, my Whitney Museum card and my Museum of 
Modern Art card. Those are just a few of the things I carry 
with me to be sure that I am at all times able to identify 
myself as I go about my daily routine.
    I think this gives you a little idea of the extent of the 
lack of privacy which we have. Even with the best of 
intentions, we are certainly photographed widely, and our data 
is on file in many different places. I am sure anyone in the 
room could produce a wallet with somewhat similar credentials 
and make the point that we are today certainly an 
identification card society on a very broad level.
    And may I say to you, sir, it had been my opportunity as 
chairman of the investigations committee in 1993 when the World 
Trade Center was bombed--you may recall that we had a dreadful 
incident in which there was a gigantic explosion--I went into 
that hole and found a tremendous crater five stories deep and 
three stories high and at that time felt it important to 
examine the matter of how we have achieved security in regard 
to the terrorist possibilities of future attack. And we 
prepared a report on that date stating that there were many 
vulnerabilities and thought it advisable to create a 
commission, which commission would have as its principal 
objective the eternal vigilance to try to prevent the 
recurrence of this type of terrorist attack.
    In so doing, I'm sorry to say that peoples' eyes quickly 
glazed over. And in our world as human beings, we fairly soon 
forgot that episode, and not until September 11th when we had 
this far graver problem arise with such unpredicted suddenness 
do we find ourselves in the position of having to once again 
reconsider this.
    And I did pull together a group of five former police 
commissioners, group from the FBI and Port Authority, police 
and a number of others to participate in an examination of 
potential terrorist targets and possible means of defending 
against them. That committee happened to have issued a report 
yesterday, which, if I haven't sent in advance to you, I won't 
attempt to touch on all aspects because it goes far beyond the 
subject of today's meeting. But let me say there are at least 
50 different ways in which we should be tightening up the 
security in the State of New York to prevent future 
occurrences, that cover such things as commercial airline 
safety, private airline safety, which is a thing that has 
loopholes the size of the Lincoln tunnel. Anyone can go to a 
private airport, get on a plane, any size, and load it with any 
cargo without any inspection whatsoever, proceed to fly over 
the United Nations building and fly into it, and destroy it in 
a matter of seconds in much the same fashion that the World 
Trade Center was destroyed. And the same would apply to the 
Empire State and others of our magnificent buildings in New 
York.
    This indicates the extent to which in this wartime 
environment we have not really risen to the concept that we 
must gird our loins and prepare ourselves with emphatic 
dedication. I think, as Herbert Spencer said, ``It is only by 
iteration and reiteration that we impress an alien conception 
upon an unreceptive mind, and it is only by iteration and 
reiteration that we must remind ourselves we are at war, and 
war is a very grim business in which we have to suspend values 
which we normally might wish to feel a repugnancy to us in 
other contexts.''
    I see my signal is to stop.
    Mr. Horn. Don't worry. Just keep going.
    Mr. Goodman. I will try to keep it as succinct as I can.
    Let me simply say to you that with regard to the matters of 
other emergency issues, we have looked at hospitals, we looked 
at the transit system and various matters relating to nuclear/
electric/gas supplies for the city of New York. There is a 
possibility that our power could be shut-off very simply by 
going to the point of convergence of electric lines.
    We want to emphasize the problems of biological and 
chemical warfare about which much has been, unfortunately, 
discussed in Washington in the wake of the anthrax scare and on 
and on.
    And let me say that I speak at the moment on behalf of my 
colleagues who are former police commissioners, as I said, 
including the new police commissioner designated by our new 
mayor. His name is Raymond Kelly, and he is an expert in the 
law, and indeed, I think, is a man of balanced judgment. It was 
the unanimous judgment of this group that there should be 
instituted a national identification card system. An open 
question is whether it should be voluntary or involuntary, and 
I am not prepared to give you any conclusion, and my own 
concerns at the moment are very great. As a civil libertarian 
of longstanding, I am very much concerned about the possibility 
that such a system could be misused.
    But let me just say that, we now have, as Mr. Ellison has 
pointed out, the means by which to create cards which can carry 
a tremendous amount of information and certainly establish 
beyond any reasonable doubt the identity of the individual 
holding the card. As you may be aware, in Israel, people 
seeking entrance to an airplane do not have to stand in long 
lines. They go to a kiosk and insert their card, insert the 
palm of their hand and stand in front of a camera, which does 
three things, I am told. One is to check whether the palm print 
coincides with the print on the electronic chip embedded on the 
card; to determine whether the facial characteristics are such 
to be that is the individual involved; and finally, to 
determine whether the retina of the eye, which is unique in 
every human being, can positively identify the individual. This 
tripartite identification concept is one which is now 
technologically feasible and is in effect in various countries 
around the world and has been used quite successfully, so that 
the question is not whether it can be done, nor is it 
necessarily the cost of doing it, because one could envision a 
system in which there are payments made as a service as we pay 
for easy pass cards in our cars going through the toll 
facilities in New York. So that I am simply here to say to you 
that the problem becomes one of the extent to which this could 
impinge on privacy.
    And I remind us all that the Supreme Court has stated 
unequivocally that there is clear protection in the law for 
privacy, but not for anonymity, and there's nothing about any 
Supreme Court dicta which I'm aware, and this point is fully 
emphasized by the distinguished civil libertarian lawyer Alan 
Dershowitz, who in a paper made it clear that in his judgment 
the time would come for the use of these cards. And I say to 
you, sir, it is my belief that in order to accomplish several 
objectives, the cards may serve a useful purpose, and I would 
like to quickly outline the objectives, and that will conclude 
my testimony.
    The principal purpose of the card would be to positively 
identify an individual to be certain that his identity has not 
been stolen. As you may know, identity theft is a matter that's 
now quite pervasive in our society. People's identities have 
been stolen, their bank cards have been lifted, they've been 
charged with purchases which they never made, telephone calls 
which they never placed and the like, so that there is a 
serious problem of finding a stable means of positive 
identification, which, as I've indicated, now exists. So that 
the question then becomes one of whether we are in a position 
to use the cards constructively.
    I would say to you that for the privilege of not having to 
wait 2 to 3 hours on an airline counter line, that might be 
worth a $25 payment for a lifetime, or 2 or 3-year subscription 
to a card. Similarly, I think it's quite clear that this would 
eliminate the need for profiling, an obnoxious thing based upon 
ethnicity, or the various other characteristics which have been 
used by police improperly to identify presumed suspects.
    By having a positive ID card, a man could walk in wearing 
all sorts of outlandish clothing, with a beard 3 feet long, and 
side burns and all the things which might normally be 
associated with someone who's an undesirable by virtue of easy 
thinking; and by simply presenting the card, he would exempt 
himself from the need of any special profiling-type 
examination.
    It strikes me that at this moment, because of the unique 
facial hirsuteness of the people with whom we are at war, that 
there is a problem; and as you recall, a Hindu was mistakenly 
taken for a Muslim and slaughtered early on, right after 
September 11th, which is the kind of tragedy we certainly wish 
to avert. An ID card would preclude that type of problem 
altogether, it's my judgment.
    Furthermore, there are various conveniences, if one wished, 
and wished to volunteer to have certain health aspects of one's 
existence on the card. If you dropped to the ground with a 
cardiac arrest and the card were in your possession, it could 
be put into a reader and quickly determine your condition of 
health and whether certain drugs that could or could not be 
administered to you; whether a defibrillator would be an 
appropriate thing to use in view of your heart rhythm pounding 
and the like, and this could be a very beneficial health aspect 
of the card system.
    So the point that I'm making is it's not simply an 
intrusion of privacy that's involved. There are various 
collateral benefits which should be weighed in a total 
consideration of whether these cards make sense.
    Mr. Chairman, let me just sum up by saying that it's a 
complex question, and because of my civil libertarian concerns 
I have thought long and hard about this. I do believe at this 
time that we have the sufficient sophistication and awareness 
of the types of problems that exist to formulate a decent 
judgment in the matter, and I would respectfully suggest to 
this committee to take a close look at least a volunteer use of 
such cards. I think at this time, in view of our war emergency, 
they've become very relevant in attempting to determine who is 
improperly in the United States at any given moment, tracking 
people who may be undesirable or have patterns of sabotage or--
or other behavior which needs to be properly overseen and 
tracked, and that without such cards it becomes exponentially 
much more difficult to accomplish this purpose.
    So with those thoughts in mind, I shall now subside with 
all due respect, and thank you very much for a chance to be 
heard.
    [The prepared statement of Mr. Goodman follows:]
    [GRAPHIC] [TIFF OMITTED] 82171.067
    
    [GRAPHIC] [TIFF OMITTED] 82171.068
    
    [GRAPHIC] [TIFF OMITTED] 82171.069
    
    [GRAPHIC] [TIFF OMITTED] 82171.070
    
    [GRAPHIC] [TIFF OMITTED] 82171.071
    
    Mr. Horn. I think you mentioned earlier that you had some 
recommendations out of your committee and once you're done with 
it, if you could, we will have a spot in this to get the whole 
document.
    Mr. Goodman. I will be glad to do that, sir.
    Mr. Horn. Thank you very much.
    Mrs. Maloney. Can I have a personal privilege? I would----
    Mr. Horn. He says he likes you now.
    Mrs. Maloney. Well, I would like to welcome----
    Mr. Goodman. While you were out of the room, Congresswoman, 
I took the liberty of saluting you most warmly.
    Mrs. Maloney [continuing]. Over the years, and we welcome 
your testimony. You've always tackled the hard problems and 
come up with good answers, and we appreciate your distinguished 
input into this committee. Thank you for coming and it's good 
to see you.
    Mr. Goodman. Thank you very much. It's very good to see 
you, too.
    Mr. Horn. We now go to Katie Corrigan, who is the 
legislative counsel on the privacy issues for the Washington 
National Office of the American Civil Liberties Union, and she 
has quite a background in terms of health, education, labor, 
pensions matters, and we're glad to have you here.
    Ms. Corrigan. Thank you. Thank you, Mr. Chairman, and thank 
you members of the subcommittee. I appreciate the opportunity 
to testify before you on National ID proposals on behalf of the 
American Civil Liberties Union.
    The ACLU is a nationwide nonpartisan organization with 
nearly 300,000 members dedicated to protecting the individual 
liberties and freedoms guaranteed in the Constitution and the 
laws of the United States.
    Like all Americans, the ACLU supports efforts to ensure our 
security from terrorist threat but we remain convinced that we 
need not sacrifice our liberties to protect our safety. We 
believe a national ID system in any form should be rejected.
    First, ACLU believes that the threshold question is whether 
or not a security measure would be effective at protecting us 
from terrorist threat. Since the terrible events of September 
11th, there have been numerous proposals to create a national 
ID system. The rationale is that we need to create a clear line 
between us--the innocent people--and them--the dangerous 
terrorists. Every one of us would like an ID card that would 
put us squarely on the right side of the line and exempt us 
from suspicion and heightened security when we board a plane or 
go to work.
    Unfortunately, none of the proposed ID systems would 
effectively sort out the good from the bad. An identity card is 
only as good as the information that establishes an 
individual's identity in the first place. It makes no sense to 
build a national ID system on a faulty foundation, particularly 
when possession of the ID card would give us a free pass to 
board a plane or avoid security checks at Federal buildings or 
other public places.
    No form of documentation is completely foolproof. The same 
people who are forging ID's today will forge them tomorrow. 
There are always ways to beat the system. Presumably an 
individual would obtain an identity card, using a document such 
as birth certificates or a driver's license. Anyone, including 
terrorists, could alter or obtain such documents.
    The Inspector General of Social Security testified last 
week that six of the hijackers obtained Social Security numbers 
through fraudulent means, and, as U.S. citizens, domestic 
terrorists like Timothy McVeigh would certainly qualify for an 
ID.
    Second, not only would a national ID create a false sense 
of security but it would be very, very expensive and divert 
resources from perhaps more effective counterterrorism 
measures. In 1998, the GAO reported that the Social Security 
Administration estimates no matter what material a card is made 
from or what type of technology, including biometrics, is used 
for security, issuing an enhanced card to all number holders 
using current procedures would cost a minimum of about $4 
billion or more. And even with the offer from Oracle and Larry 
Ellison for free software, the processing costs alone of 
issuing new ID's to Americans are estimated to be 90 percent of 
that billion dollar expense.
    Third, in addition to huge costs, a National ID would 
require a massive identification bureaucracy to support it. 
Thousands of government employees would be required to develop, 
implement, maintain, the supporting computer infrastructure and 
technology standards for the ID cards. The SSA's $4 billion 
estimate didn't even consider the cost of updating the picture 
or other identifiers on the card over a person's lifetime, or 
periodically replacing the magnetic strip on the back, or the 
simple cost of having to replace lost or stolen ID's.
    When setting up any new bureaucracies, simple questions 
need answers. What would happen if an ID card is stolen? What 
proof of identity would be used to decide who gets a card? What 
would happen if you lose your ID? Anyone who has had to correct 
an inaccurate credit history will understand how hard it could 
be to correct an error that has found its way into a government 
data base. Error rates and government data bases already tend 
to be especially high, and we heard that from members of our 
first panel. Then what happens if you are misidentified or one 
of the thousands of victims of identity theft? Even with a 
biometric identifier on each and every ID, experts say there's 
no guarantee that individuals will be identified or 
misidentified in error. A technology expert at the University 
of Pennsylvania recently said biometrics are fallible.
    Fourth, an ID system violates basic American values 
including, our privacy, our quality, and our right simply to be 
left alone. Day-to-day individuals could be asked for ID when 
they are walking down the street, applying for a job or health 
insurance or entering a building. This type of intrusiveness 
would be joined with the full power of modern computer and data 
base technologies. How long before office buildings, doctors' 
offices, gas stations, highway tolls, subways, and buses 
incorporate the ID card into their security or payment systems? 
The result could be a Nation where citizens' movements inside 
our own country are monitored through what would equivalently 
be internal passports. The data base supporting such an ID 
system would be massive and contain all sorts of highly 
personal information. Thousands and thousands of government 
employees and even private industries could have access to it.
    The scope of information accessible through a centralized 
data base as opposed to the many different data bases that are 
attached to the cards that Senator Goodman pointed to would 
magnify the risks of privacy violations. One mistake by a 
government employee could result in disclosure of personal 
information that could follow you around the rest of your life.
    This past month, a State university accidentally posted the 
psychological records of 62 children on the Internet, names, 
addresses, along with intimate details such as ``a boy prone to 
anger outbursts, gender identity issues and bed wetting.'' 
Disclosures could come back to haunt children later in life 
when they're trying to find a job or get a security clearance. 
With an ID system, one accidental keyboard stroke could put a 
person's most sensitive information into public distribution.
    And finally, Mr. Chairman, some people have argued that ID 
cards would end racial profiling and other discriminatory 
practices. Unfortunately, we believe that cards would provide 
new opportunities for discrimination and harassment of people 
who are perceived as looking or sounding foreign.
    The 1986 requirement that employers verify the identity of 
potential employees and their eligibility to work in the United 
States has resulted in widespread discrimination against 
foreign-looking American workers, especially Asians and 
Hispanics. A national ID card would have the same effect on a 
broader scale. Latinos, Asians, African Americans, and other 
minorities would become subject to more and more status and 
identity checks. This would have a stigmatizing and humiliating 
effect and undermine our right to equal treatment. The national 
ID system in any form could be expensive, require a cumbersome 
bureaucracy, and violate some of our fundamental American 
values, and it simply wouldn't work to stop terrorism.
    The ACLU urges the Congress to reject proposals for a 
national ID system. And I would be happy to answer any 
questions at the appropriate time. Thank you.
    Mr. Horn. Delighted to have your presentation.
    [The prepared statement of Ms. Corrigan follows:]
    [GRAPHIC] [TIFF OMITTED] 82171.072
    
    [GRAPHIC] [TIFF OMITTED] 82171.073
    
    [GRAPHIC] [TIFF OMITTED] 82171.074
    
    [GRAPHIC] [TIFF OMITTED] 82171.075
    
    [GRAPHIC] [TIFF OMITTED] 82171.076
    
    [GRAPHIC] [TIFF OMITTED] 82171.077
    
    [GRAPHIC] [TIFF OMITTED] 82171.078
    
    [GRAPHIC] [TIFF OMITTED] 82171.079
    
    [GRAPHIC] [TIFF OMITTED] 82171.080
    
    [GRAPHIC] [TIFF OMITTED] 82171.081
    
    [GRAPHIC] [TIFF OMITTED] 82171.082
    
    Mr. Horn. And we now move to Rudi Veestraeten, the 
Counselor and Consul at the Embassy of Belgium, and he's been 
in their Foreign Affairs Ministry in their home city, and he's 
had quite a career for his own country, and we're thanking you 
for telling us how that works.
    Mr. Veestraeten. Thank you, Mr. Chairman. Thank you, 
members of the subcommittee. It's an honor to be invited here 
today. I'll try to give some comments. A document which was 
distributed contains the basics about the system in Belgium.
    First of all, Belgium is--for those who doubt, is a 
democracy. It's a democratic country. We have a longstanding 
record of democracy and, specifically, we have a very 
longstanding record of registering people and issuing ID cards. 
We actually started issuing ID cards in 1919. We started 
registering people locally in towns and in cities in 1856. That 
is an existing system in Belgium.
    I think when we talk about ID cards, when we talk about 
registration, there are--and we talk about the events of 
September 11th and other threats in the society today, there 
are in fact three elements which are often mixed: First, there 
is the ID card as such. The ID card is just a document which 
allows somebody to identify who he is; 100 years ago, 50 years 
ago, people might still just know you or know who you are. Even 
today people in my village in Belgium, they know who I am. My 
neighbors here in McLean know who I am. But when I drive around 
in a car, people do not know anymore. The card is just a means 
to prove who you are, that you are who you say you are. That is 
the card.
    And then the second element in this discussion, the data 
base issue. We also have a quite sophisticated system in 
Belgium with a centralized data base which contains a limited 
amount of information you can find out in the documentation. 
The data base is a very powerful tool to quickly find more. If 
somebody shows up and has an identity card, you can then as a 
police officer, as a public servant, depending on what your 
duties are, you can find out about that person, what his 
background is. This data is not contained in the cards, not 
written on the cards, but there is a whole data base behind the 
card, a system where more information is available if needed, 
to those who need it.
    And then there is the whole issue of security, and I'm not 
going to talk about that.
    Of course, the fact of having a card, having a passport, 
having a travel document, having a driver's license, does not 
allow any police officers to determine whether a person is a 
terrorist or a genuine person. That's not the purpose of the 
cards, let's not mistake this. The purpose of the card is only 
to identify that this person does have this first name and that 
last name, and is probably registered at a particular address. 
That's a very important distinction to make, I think.
    If we discuss abuse of the cards, I mean the threats of 
having a card in a country like Belgium, the threat of having 
this system where everybody needs to carry the cards, well, in 
fact, you can say the same--this dates back from the German 
occupation. We were occupied by the Germans twice, in 1418 and 
in 1940-1945. We have been fighting the German system, the 
Nazism, the fascists in 1940-1945, and we are proud to have 
done that. I think we have a longstanding record of fighting 
authoritarian mechanisms, authoritarian regimes, and we are 
very proud of that.
    Now, the Germans, when they have occupied Belgium, they 
used police, they used military police, they used an army to 
occupy our country and to take away all our civil liberties. 
Now, this does not mean that we have decided after we are freed 
from the German occupation to abolish police, to do away with 
an army, to do away with military police. That's not to the 
point. What we should try to do is to keep steady democratic 
control over what police do in our country, keep steady 
democratic control about what the army is doing, what the army 
can do, what powers the army can be given. And that is the 
sense of the--it's not about having a police which can, of 
course, abuse its force; it's about control of the police.
    The same goes, in our view in Belgium, for the cards. It's 
not about the cards. It's about how you use the cards, what you 
allow people to do with the cards, what you control and so on. 
That is the essence of the debate in our country where it was 
taken.
    Now, if we want to see what the card means in our system 
today, what do we use it for, I think the best way to--and for 
the 2 minutes I have left, to explain--that is, to see, to 
imagine from my viewpoint, for me to imagine my country without 
the identity cards, what would be the difference if you would 
take away the identity cards in Belgium. I think, first of all, 
we would do what is the case in many other countries. We would 
probably see other documents being used instead of an identity 
card. This might be drivers' licenses, this might be Social 
Security cards. We have those cards in Belgium as well. The 
problem there--and that is why we have introduced the card in 
the first place.
    The problem is that those other cards contain data which 
are not meant to be communicated to other people. I mean, on a 
driver's license, there can be data which are not meant to be 
communicated to a bank employee. It can be medical data, like 
vision. It can be--it can appear to be not very important, but 
the vision is mentioned on the driver's license.
    The same goes for the handicapped, in some cases. I mean, 
drivers' licenses are meant for other purposes other than 
identification, and therefore contain other information which 
are not meant for public distribution and not meant for the 
bank employee.
    The same goes for security. The other cards, Social 
Security card here and in Belgium, those cards are not meant 
for identification purposes and so do not contain the proper 
security features which would be required for an identity card, 
which is a different issue. A passport is an identity, a travel 
document, so it's more similar to the identity cards.
    And then there is also the fact that some people might not 
have a particular type of card. They might not have a driver's 
license. I have colleagues, diplomats, who do not drive their 
own cars. They do not have a driver's license. So what do you 
do with those people if you would--in Belgium, if you would 
generalize the driver's license to be used instead of an 
identity? You would then have to find a system where you would 
issue driver's license with no rights to drive a car, for 
identification purposes, which is not really what it's about. 
So that is one thing.
    We have a feeling in Belgium that the inappropriate use of 
other identifiers affects the highly sensitive civil liberties 
issue, because you'd be abusing other cards and information 
contained in those cards in other systems; abuse of this 
information for just mere qualification and identification.
    What would also disappear if you would take away this 
card--and this is probably typical for Belgium and not for a 
country like the United States--is that it's very convenient 
for people. We can travel in Europe with the ID. We do not need 
passports to travel in Europe to countries like Turkey or other 
neighboring countries. We have agreements there. So if we would 
abolish the card in Belgium, many more people would need 
passports, and this would increase the costs, as well, for 
those people as for the administration to issue all these extra 
passports.
    In the case of police checks, if something happens and 
people are stopped in the street, in the car or whatever, the 
fact that we have the identity cards and a very efficient data 
base does save a lot of time. People can be released after only 
2 minutes, just checking if this person is really who he is. So 
it's also a method there, in our view of civil liberty, that we 
can release people immediately if there is no need to keep 
them. We do not need to take them to the office, to the police 
office.
    Another very convenient use of the card is the case of 
unfortunate accidents. When there is an accident with a person 
on a bicycle and he carries his card, it's very easy to 
identify him, to warn his family members. So it's also in the 
advantage of the citizens of Belgium that the card exists.
    And then alternatively, we also quite generally use 
identity cards to fight credit card fraud in Belgium. In many 
shops when you would want to pay with a credit card, you would 
want to need to show your identity card and--the way you would 
show your driver's license. Thank you.
    Mr. Horn. Thank you very much.
    [The prepared statement of Mr. Veestraeten follows:]
    [GRAPHIC] [TIFF OMITTED] 82171.083
    
    [GRAPHIC] [TIFF OMITTED] 82171.084
    
    [GRAPHIC] [TIFF OMITTED] 82171.085
    
    [GRAPHIC] [TIFF OMITTED] 82171.086
    
    [GRAPHIC] [TIFF OMITTED] 82171.087
    
    [GRAPHIC] [TIFF OMITTED] 82171.088
    
    [GRAPHIC] [TIFF OMITTED] 82171.089
    
    Mr. Horn. We're going to recess now because we have to get 
through the testimony, and I want to give them full rein, Mr. 
Hoechst, Mr. Shneiderman. So we're in recess until 12:45; in 
other words, quarter of 1. We have a motion on the floor to 
recommit with instructions and a passage situation. So we're in 
recess until 12:45.
    [Recess.]
    Mr. Horn. The subcommittee will be in order and the recess 
is adjourned, and we will start with Mr. Veestraeten, who might 
not have been completely finished; so you're certainly welcome 
if you want to give a few sentences.
    Mr. Veestraeten. Yes, sir, I was finished. Thank you so 
much.
    Mr. Horn. OK. We will then move to Mr. Hoechst, senior vice 
president of technology, the Oracle Corp. Thank you for coming.
    Mr. Hoechst. Thank you, Mr. Chairman, Representative 
Schakowsky, and members of the subcommittee. On behalf of 
Oracle, I would like to thank you for inviting me to 
participate in this discussion. I would also ask that my 
comments and written testimony be submitted to the record, 
along with an article written by our CEO, Larry Ellison----
    Mr. Horn. Without objection, that will be in.
    Mr. Hoechst. Thank you. The reason I ask to do that in 
particular is the article in its original form makes arguments 
about this issue that eventually were culled out during the 
endless number of editing processes that go on as the articles 
reach sound bites. And so I think many of the issues that are 
relevant to this discussion, which I'll address in my comments, 
were part of that original proposal as well.
    As we know, information is an incredibly powerful tool, and 
whether we're using it to make decisions in a boardroom or on a 
battlefield, whoever knows the most about their situation is 
the most well prepared to make competent decisions. And in the 
country today, whether we're in the government system or in the 
private sector we have countless data bases with all sorts of 
information being gathered as part of the everyday processes of 
modern life. And the challenges associated with providing 
broader access to this information is exactly what we've been 
working on for the last several years, but the reality is that 
knowledge which is culled from these data bases is not about 
the data itself, it's about the relationships that exist 
between data. And as was fairly thoroughly discussed, I think, 
in the prior panel, in our opinion the real challenge is not 
creating new data bases based on these various systems; it is 
coming up with a standard and secure a consistent means of 
establishing relationships between these data bases when it's 
relevant, sharing information across these organizations, 
whether they reside within a single agency or across agencies 
or even into the private sector.
    So when we talk about a national ID card, I really think 
what's important to remember is it's not about the card. The 
card may--we'll see in my comments in a few minutes--may have 
some interesting capabilities to make the process of securing 
our systems more convenient and more straightforward. But what 
we really want to focus on is the relationships between 
critical information systems. And in the example that was 
brought up earlier regarding what was sort of known about the 
people before September, the terrorists involved with the 
events of September 11th, before the fact versus after the fact 
point readily to this point.
    After September 11th the FBI was able to discover a great 
deal about the people that were part of this act. The challenge 
was not that data did not exist. We know the data existed, 
because we know they gathered it after the fact. The point was 
that we were unable to establish relationships between those 
pieces of information to make competent decisions.
    Now, we can make decisions after the fact, but this is the 
difference between investigation and prevention. And so if we 
are able to address the idea that through a common way of 
identifying people inside information systems and standards for 
sharing that information between systems is adopted, then we 
have a much greater opportunity of taking advantage of all the 
information that we're already collecting when it can still be 
used to make a difference.
    Now, if we think about the technical approaches with 
consolidating data bases in this fashion, there's lots of 
different things we can do. First is the idea of consolidation. 
We could start to bring together information systems from 
various organizations even inside agencies or, more 
importantly, across agencies, into huge monolithic government-
managed data bases of everything we know about people. This is 
not only a poor idea, it's not possible. Whether it's 
technically possible aside, it's socially not possible. The 
inertia that exists in information systems and inside 
organizations, and overcoming the challenges of getting those 
organizations to roll up their information into systems that 
they don't control is really a task that would be very 
difficult to accomplish. Not to mention the fact that the 
government ought not to be in the business of building huge 
consolidated data bases of information about people.
    Instead, we could decide that it's more important to keep 
these information systems separate and let them do what it is 
they do today--and they are already, like we said, gathering 
all sorts of information--but create some standard ways for 
them to share that information with one another, and this could 
very reasonably be aided by a common identifier of people. So 
if we said between system A and between system B, whether 
that's immigration and FBI or an airliner, airline company and 
FBI, to validate that we're both talking about the same 
person--having standards for doing that could be very helpful 
in making that sort of communication more facile.
    There are also other approaches which are not full 
consolidation or full distribution and connectivity, and this 
comes in the flavor of what I call sort of consolidated indexes 
of information. So, for example, when a police officer pulls 
over a speeding motorist and wants to check for outstanding 
arrest warrants, does it make sense for that officer's system 
to check every local and State law enforcement agency in the 
country, in real time, to discover whether there are 
outstanding arrest warrants? Of course not.
    Maybe it would be prudent for us to have a national system 
that points to outstanding arrest warrants; again, the 
government not managing them, but the government providing a 
more convenient way of checking across systems that really do 
the same thing. And, in fact, the Department of Justice has 
implemented just such a system for that problem.
    So the reality is all sorts of these approaches, when we 
talk about the consolidation and sharing of information, will 
be part of the ultimate solution. We will have the opportunity 
to consolidate systems that currently are duplicating efforts. 
We'll have the opportunity to teach systems that don't 
communicate with one another to do just that. And we'll have 
the opportunity to create hybrids, assuming of course that we 
come up with some standard methods for doing that.
    The challenges in this fall into two buckets. First, the 
technical challenges. The real challenge with an identification 
system like this is not just relating to people and to 
information systems, it is associating a human being with a 
given identity. How do I determine that this person standing in 
front of me is the same person I'm talking about inside this 
information system or collection of information systems? And 
that identity comes through many of the ideas discussed today. 
It may be in the form of a card. It may be in the form of 
biometrics, creating a secure and consistent biometrically 
enabled identification card that anyone could use to establish, 
to authenticate identity would be very difficult. Not only 
difficult socially, but difficult technically. The state-of-
the-art here is advancing, but it needs to advance further 
before we could turn such a system on in short-term.
    However, there is great opportunity for us to take 
incremental steps when attacking the technical challenges. 
First, in establishing standards for national identity, an 
identifier that uniquely identifies people and government, 
guidance that should be used when building information systems 
related to these issues could be done incrementally and systems 
could come on line as they choose to start to exploit such an 
identifier.
    We also talk about making the existing identification cards 
stronger rather than trying to establish a new one, and there I 
think that the driver's license is a good candidate for that 
because we've seen a lot of work already done there.
    And then finally, in introducing specific populations to 
this technology, rather than saying everyone has to 
participate, maybe we first focus just on critical jobs; 
people, for example, whose job requires that they are on the 
tarmac in an airport, or specific populations of people, be it 
non-citizens visiting the country, for example.
    From the technical perspective of a technology company and 
representative of that, I would like to suggest that with the 
competent use of existing technology, we can improve the 
security not only of identifying individuals but of 
establishing relationships between information systems that 
already exist today.
    On the social side it's not so clear. And as the debates 
have gone on today, the issues related with privacy and the 
whole idea that the government is getting into the gathering 
and establishing of large centralized data bases is an 
important debate. But honestly, I believe that it comes down to 
the difference between: Can we do something and should we do 
something? The ability to do this and strengthen security is 
there. The decision as to when this should be done falls in the 
hands of policymakers like yourselves.
    It's important to remember that a discussion of whether we 
should do that has to be built on top of the ability to say 
that we can do that and--but for that ``should'' particular 
part of the debate, I think it's most appropriate to leave it 
to policymakers to draw those lines of when such a system 
should be exploited.
    So, given that, I appreciate your time and your opportunity 
to let us comment in this debate. Thank you.
    Mr. Horn. Thank you.
    [The prepared statement of Mr. Hoechst follows:]
    [GRAPHIC] [TIFF OMITTED] 82171.090
    
    [GRAPHIC] [TIFF OMITTED] 82171.091
    
    [GRAPHIC] [TIFF OMITTED] 82171.092
    
    [GRAPHIC] [TIFF OMITTED] 82171.093
    
    [GRAPHIC] [TIFF OMITTED] 82171.094
    
    [GRAPHIC] [TIFF OMITTED] 82171.095
    
    [GRAPHIC] [TIFF OMITTED] 82171.096
    
    Mr. Horn. And our last presenter is Dr. Ben Shneiderman, 
professor, Department of Computer Science, University of 
Maryland at College Park; and he is also here as a fellow, on 
behalf of the Association for Computing Machinery. Thanks for 
coming.
    Mr. Shneiderman. Thank you, Chairman Horn, for the 
opportunity to testify at this timely and important hearing. I 
want to commend you, Ranking Member Schakowsky, the 
subcommittee members and your staff, for turning Congress's 
attention to proposals for a national identity card system. 
You've given some of my introduction already, and I will say 
for further purposes that my statement represents the 
Association of Computing Machinery's Committee on U.S. Public 
Policy.
    The ACM is a nonprofit educational and scientific society 
of 75,000 computer scientists, educators, and other competing 
professionals from around the world, committed to the open 
interchange of information. In the 2 months since the 
deplorable acts of terror were perpetrated against America, a 
number of legislative measures and regulatory actions intended 
to ensure the safety and security of our citizens have been 
proposed. While most proposals have been well intentioned, some 
have been misguided in that they overlook the potential for 
unintended consequences or underestimate the technical 
challenges and risks inherent in their implementation.
    Recently, information technology vendors have suggested 
that a comprehensive national identity card system could be 
created and implemented in as little as 90 days. Implementing 
such a complex system is a challenging systems engineering 
matter. Such a rapid construction of an effective and novel 
socio-technical system would be unprecedented. A constructive 
alternative may be focused efforts that build on existing 
systems such as State motor vehicle passports and visas. And as 
the last speaker, I have the luxury of being able to resonate 
with the many thoughtful comments that have been made already.
    The first panel made very clear the strong political 
concerns about a national system, and this panel has gone 
through in good detail about some of the challenges in the 
technical development. A national ID system requires a complex 
integration of social and technical systems. That's what I'm 
going to stress here is that combination, including humans to 
enter and verify data, plus hardware and software networks to 
store and transmit.
    Such socio-technical systems are always vulnerable to 
error, breakdown, sabotage, and destruction by natural events 
for any people with malicious intentions. For this reason, the 
creation of a single system of identification could 
unintentionally result in degrading the overall safety and 
security of our Nation because of unrealistic trust in the 
efficacy of the technology.
    The National ID card itself is only the most visible 
component of a system that would require supporting 
bureaucracies and elaborate data bases that would have to 
operate in everyday situations; again, as said by several 
members of this panel. In particular, a national ID system 
requires an extensive data base of personal information of 
every citizen. Who would enter the data? Who would update it? 
Who would verify it? Who would determine when the data is no 
longer trustworthy? Who would review audit trails and approve 
access?
    If a new and centralized approach is technically 
problematic, as again has been stated by many, and politically 
unpalatable, which seems quite well accepted here, then how 
might we work to increase security? Constructive first steps 
would be to define goals and develop the metrics of success. 
Let me repeat that. Constructive first steps would be to define 
our goals in a narrowly focused way, and develop the metrics of 
success. If improved air travel safety is our goal, and it has 
wide public support, then we need to develop the techniques to 
achieve that goal, with modest impact on personal rights and 
privacy. A realistic goal would be to make verifications of 
passenger identity more reliable, while limiting delay, 
intrusion, and inconvenience to citizens.
    Improving State motor vehicle identification cards might be 
accomplished by coordination among the States to determine best 
practices for issuing, replacing, verifying, and monitoring 
usage. Such efforts might be coordinated by the National 
Association of State Chief Information Officers, as mentioned 
by Newt Gringrich, or by the National Governors Association. 
Common practices or even national standards might be arrived at 
through public discussion. Adequate public discussion of 
proposals is essential to gain acceptance and to improve their 
quality.
    A socio-technical systems approach would include 
quantification of weaknesses and vulnerabilities of data base 
security and network access based on existing systems. Then 
realistic solutions to dealing with problems such as lost cards 
and mistaken identifications would have to be developed and 
tested. Special cases such as tourists, professional visitors, 
foreign students would have to be addressed. Any complex social 
technical system such as identity verification requires well-
trained personnel whose performance is monitored regularly. 
Effective hiring and screening practices, chances to upgrade 
their skills, and especially participation in the redesign of 
the system, are important contributors to success.
    Improvements for citizens could also lead to higher data 
reliability and system efficacy. Citizen confidence and data 
accuracy could be improved by system designs that provide 
greater transparency and greater openness, by allowing citizens 
themselves to inspect their contents and view a log of who uses 
their data.
    More constructive ideas could emerge by encouraging 
research by computer and information scientists in 
collaboration with social scientists. They would also be 
encouraged to build bridges with legal and policy groups so 
that their solutions are realistic and implementable.
    It's important that the Congress proceed cautiously on the 
issue of national identity card systems. They involve risks and 
a variety of practical organizational and technical challenges. 
Any effort to improve homeland security should begin with clear 
statements of goals and quantifiable metrics of success. 
Computer technology can do much, but it cannot see into the 
minds and hearts of people, nor can it replace the capability 
of vigilant citizens.
    Face-to-face security checks must be a vital component of 
airport and other security systems. On this point I also differ 
from Mr. Goodman's report about Ben-Gurion Airport, where it is 
not a biometric system, but it is repeated face-to-face 
encounters with security checkers who ask questions and are 
vigilant to the responses and the behavior of each person 
passing through that airport, as I did late in August of this 
year.
    Despite growing public and political pressures from 
perceived security enhancements, the risks and challenges 
associated with a national ID card system need to be identified 
and understood before attempting deployment. The problems 
cannot be solved overnight or in 90 days, as has been 
suggested, but constructive alternatives such as improving 
existing State motor vehicle registration and passports are 
promising possibilities that could bring benefits sooner than 
establishing an entirely new system. The emphasis must be on 
people first, then the technology.
    The Association for Computing Machinery and other leaders 
in the computing community are ready and willing to assist 
lawmakers in their efforts to enhance the safety and security 
of our Nation.
    Thank you for the opportunity to speak here.
    [The prepared statement of Mr. Shneiderman follows:]
    [GRAPHIC] [TIFF OMITTED] 82171.097
    
    [GRAPHIC] [TIFF OMITTED] 82171.098
    
    [GRAPHIC] [TIFF OMITTED] 82171.099
    
    [GRAPHIC] [TIFF OMITTED] 82171.100
    
    [GRAPHIC] [TIFF OMITTED] 82171.101
    
    [GRAPHIC] [TIFF OMITTED] 82171.102
    
    Mr. Horn. I have been very enlightened by your 
presentations. I had a chance to go through them all last 
night, except for the Senator, who just flew down here, and 
thank you again.
    I just ask all of you, would you object to a form of 
identification that contained only the person's name and 
confirmation that he or she is a U.S. citizen? How do you feel 
about that? That's getting down to essences.
    Mr. Shneiderman. I think the issue is not just the card--
again, the card is only the most visible form--but who issues 
the card, who certifies its correctness, and how it's handled. 
And my belief and my testimony suggests that strengthening 
existing systems such as State motor vehicle systems would be 
the most effective.
    We currently have accepted the practice of walking up for 
airline boarding to show a State motor vehicle card. I think 
that is the place of intervention where we could do most good 
to improve its efficacy. Simply creating a new card with 
whatever's on it I think will lead us down the wrong path.
    Mr. Horn. Any thoughts on this, Mr. Hoechst?
    Mr. Hoechst. Yeah. I would add that a card that just has a 
small amount of information, and really even perhaps less than 
you describe, which can only establish identity, is the only 
thing that's really feasibly possible to deploy practically. 
Any attempts to create cards that contain lots of information 
just opens the troublesome box of discussions about how that 
information is used. What's important is the information that 
will be used, once identity is established, is already managed 
by processes inside organizations, whether they're law 
enforcement organizations or commercial organizations. What the 
card only does is to help establish identity, authenticate that 
this person is this--represents this well-understood and 
standard identity.
    Mr. Horn. Mr. Veestraeten, how do you feel about that; get 
it down to the name, and are you a U.S. citizen or aren't you?
    Mr. Veestraeten. Yes, Mr. Chairman. That is exactly how it 
is organized in Belgium today. The cards only--I headed a 
company of--the only cards which I had at hand, which was my 
own, and with documentation which was disputed, and we only 
mentioned a limited number of data. This number is limited by 
law. So nobody can add any additional information. You will see 
on the back of the cards, there are two items mentioned, and 
this is on my explicit authorization. I had to sign the 
documents to approve those mentions. One is the name of my 
spouse, which I'm happy and proud to have there, and the other 
one is the number of the national register with this assembled 
data base, and I also approved in writing to have this item 
added to my card. If not, it would not have been there. So the 
only information we add is--we as a standard put on the card: 
name, first name, date and place of birth, address and 
nationality. And there is nothing else there.
    Mr. Horn. Ms. Corrigan.
    Ms. Corrigan. I think that in order to answer that 
question, the Privacy Act, which was enacted in the seventies, 
was rooted in a golden rule essentially, which is that 
information collected for one purpose should not be used for 
another purpose.
    And it's difficult to answer your question because 
information is rarely collected just to collect it. There's 
usually a reason that you want to have such a list. So, for 
example, a list of American citizens--and I think you yourself 
proposed something similar a few years ago--around a voter 
registry; you know, the difficulty there is, it was the same 
debate that came up around, No. 1, as Professor Scneiderman 
pointed out, you know, do we in fact have an accurate list that 
would reflect that? We do have a passport document when we 
leave the country, which establishes citizenship obviously? So 
there are documents that are shown to do that.
    Going back to my one of my original points is that to build 
any one of these data bases on a faulty system of documents is 
very problematic, particularly when it would deny you either a 
service or a right that you've got either under law or the 
Constitution.
    Mr. Horn. Senator Goodman.
    Mr. Goodman. I would like to reiterate once again the 
notion that in a wartime situation, you have criteria which I 
think differ materially from those in the halcyon days that we 
knew before September 11th. And in this instance, the purpose 
of the card would be to establish clearly and unequivocally the 
identity of the individual. But let me point out that at that 
stage of the game, we'd have linkages with various data bases 
which might ascertain the possible undesirability of that 
individual's behavior pattern which would require close 
tracking.
    For example, if someone enters the country in a situation 
where they're here to do mischief, which has all too often in 
the recent past proven to be the case, it's imperative that we 
have some means of tracking that individual. To have a society 
in which everyone can rattle around in a state of happy 
unanimity, when the assumption that the cool air of freedom 
must be the thing which we permit them to breathe continuously 
while we're at war, I think denies the exigencies of the war 
situation.
    Mr. Horn. Professor Turley.
    Mr. Turley. Well, I suppose I should be delighted with the 
opportunity to lie about my weight, but I don't think that this 
is an issue that will be solved by more cards. God knows, 
Senator Goodman's wallet couldn't hold another one. But I think 
my problem with it is simply that simply having a card issued 
on an expedited basis I think puts us on a track of where we've 
been. That is, there is a natural desire to rush into this room 
and put this fire out.
    But I think it needs more study than that, I think not just 
because of our traditions, but because we have decided on the 
technology, its use, its functions, it's appropriate functions. 
Any dangers of what's called authorized misuse, all those 
things we have to think about before we plunge into this.
    I do think that there is a basis, I say in my written 
testimony, issue a card relatively quickly for certain insular 
groups--those may be foreign nationals, they may be foreign 
students, but they would also be, for example, international 
truckers--that we do need a very fast system at our borders 
that's reliable; because we have a buildup at our borders 
that's going to get worse, particularly during times of crisis. 
We need to solve that right away and we can create a biometric 
card to try to do that.
    We may also want to use a card; for example, groups that 
handle material like anthrax. So you can have an immediate card 
issued.
    But what I think we should be careful not to do is to 
restrict it from drifting, not make it a national card. You 
focus on those areas we need one right away, and then study the 
issue of whether we need a national identifier.
    Mr. Shneiderman. Focus systems would be most effective and 
most prompt, I believe, in producing the benefits that we all 
seek. But whether it's airport personnel or truckers, we can 
go--and small groups can be approached and handled in a 
respectful way.
    Mr. Horn. I tried out on our first panel the idea of a 
commission, which was usually a Presidential commission, of 
picking the Chair, and then the Speaker of the House, and the 
Majority Leader of the Senate. And I'm inclined to put that 
into law and have my colleagues go with it. But what that does 
is delay things. On the other hand, what it does is try to 
build a consensus. So we had the Hesburgh one on immigration; 
we had Barbara Jordan as the Chair, and so forth.
    Now, we've been through this in terms of census material, 
where we wanted to put through a 5-year or so, and they blew it 
right out because they didn't want any part of it, and it 
became a jurisdictional argument.
    So I'd be interested in what your feeling is. Is it worth 
getting a commission that has those suggestions of the Speaker 
of the House and the Majority Leader of the Senate and the 
Minority Leaders of both houses and the President of the United 
States? So what do you think?
    Mr. Goodman. Mr. Chairman, let me respectfully suggest that 
it does seem to me that approach does take into account the 
concerns which we feel are increasingly evident, and I'm afraid 
if we are once again hit with another act of terrorism, which 
in my judgment is in all probability likely to occur sometime 
between now and Christmas, it's going to create the same 
reaction, only on an exacerbated basis, that we had after the 
World Trade Center and Pentagon episodes. And I must say to you 
that I think that it's extremely important that we move on with 
this fairly quickly and try to arrive at a conclusion. I would 
hope that some form of identification could be established 
promptly, so that we are protected to the extent possible 
against a recurrence of this type of an act.
    On the lighter side, I'm reminded of the couple at the 
Atlantic City Boardwalk: The gentleman got on the scale, put a 
quarter in, and one of those little tickets came out with his 
fortune on it. And his wife said, ``What does it say?'' And he 
said, ``It says that I'm a handsome, debonair fellow of extreme 
brilliance with the highest IQ in Atlantic City.'' And she 
said, ``Well, let me look at it.'' And she looked at it and she 
said, ``It got your weight wrong, too.''
    So that we do have occasional confusions in these 
mechanical devices, but I think that we're at the point where 
that type of thing is not likely to occur with any frequency.
    Mr. Horn. Ms. Corrigan.
    Ms. Corrigan. Well, it sounds like the legislation does not 
have the ACLU chairing the commission, so it would be much 
easier for us to come out in support of that.
    Mr. Horn. Well, we don't know. You're here and----
    Ms. Corrigan. Hey, I'm available.
    Mr. Horn. Yes, and there are minorities in both Chambers.
    Ms. Corrigan. I mean, I think the key is not whether there 
is a commission or whether it is staff on a committee 
developing a legislative proposal. I mean, the question is 
what's in it and is--you know, the ACLU would oppose an 
identification system either through the front door of calling 
it a national ID or through the back door of some other type of 
registry or integrated data base.
    Mr. Horn. Mr. Veestraeten, did Belgium ever have, say, a 
King's Commission or the Parliament, whatever, to get this 
moving?
    Mr. Veestraeten. No. This dates from long back in our 
country. So I don't know how it was discussed back in the 
beginning of the last century, but----
    Mr. Horn. And the First World War and the Second World War.
    Mr. Veestraeten. The card was introduced after the First 
World War.
    Mr. Horn. Yes.
    Mr. Veestraeten. Yes.
    Mr. Shneiderman. I think they have 80 years of history of 
evolution to develop their approach which fits with their 
national values. And I think we've got a history of evolution, 
and I support the idea of a continued evolution to refine 
existing mechanisms.
    Mr. Horn. Mr. Hoechst.
    Mr. Hoechst. Mr. Chairman, I would suggest that your 
concern about a commission--about delaying things, especially 
with an ID card, that there is an opportunity missed that could 
be done in the short-term. And so what I would suggest for 
identification cards, then something that studies it in the 
form of a commission would be valuable as long as it were given 
guidance that--along some of the ideas that were proposed 
today, that it not just study it, but that it is practiced, 
maybe in prototypical form; giving identification cards to 
different populations to see how it works, rather than just 
study it.
    But I would also suggest that there is short-term activity 
that can happen, that I would hate to see a commission cause us 
not to focus on, and that is on these goals of information 
sharing, especially between critical information systems in the 
area of law enforcement and immigration and the like where we 
do not--the technologies exist. We know they work. We need to 
choose to use them, and we need to set clear guidelines about 
when it is appropriate to use them and legal to use them.
    Mr. Horn. Thank you. Dr. Shneiderman.
    Mr. Shneiderman. I repeat my desire for the evolutionary, 
but I think also focused action, as I say, as we heard here; 
maybe specific interventions between--for information sharing 
between FBI, CIA. If our concern is aircraft, you know, 
boarding aircraft, then that kind of sharing of information is 
a possibility on a very short-term basis.
    And then I think focused populations, such as international 
truck drivers or airport personnel who have access to secure 
areas, immediate improvements could be made.
    But, again, I want to restate it's not just building some 
technology. It's providing the human infrastructure that builds 
trust and support for this rather than antipathy. It must be 
demonstrated that any intervention has broad support, and 
especially of those who are most directly affected; that it's 
implemented in a way in which people feel that this does 
contribute positively, and therefore they are most cooperative 
with it and they will point out--they'll be vigilant in 
pointing out those who are potentially in violation.
    Mr. Horn. I thank you and yield at least 10 minutes to the 
ranking member.
    Ms. Schakowsky. Thank you, Mr. Chairman. I think this has 
been a really important and a very useful hearing. I thank all 
the panel members. These are questions that we are going to 
have to seriously consider.
    I want to first play a kind of devil's advocate and--
because my proclivity is to be--as those of you who have heard 
my opening statement--is to be very, very skeptical of the 
notion of a national identification card. But the point that 
Mr. Veestraeten said, which is that we use identity cards, and 
all of you--we do that when you go on an airplane, when you 
cash a check, all kinds of places where we are asked and 
required to produce some sort of identification. It seems to me 
if the technology is available to improve on those systems, 
maybe not perfectly, but to improve on those systems. Then he 
asked the question or at least made the statement that since we 
do that anyway, why not have a universal card, a national card.
    So, Dr. Shneiderman.
    Mr. Shneiderman. Again, I think the supportive 
participation from citizens is necessary. If they see this as a 
universal card collected by a Federal agency, I think the 
resentment may--and the doubt and the questions, the 
interference with privacy would be very much in their mind, so 
you'd have a poor participation and, I think, disruption. 
People would be concerned.
    Whereas, if they apply for their State motor vehicle 
license, where they recognize that the benefit is they're 
receiving a card which enables them to drive, that it possibly 
takes care of health problems should they have an accident, and 
that there may be other specified focused, clear benefits to 
it, they will cooperate, and that those who take the 
information will have a clear sense of purpose and work as best 
as they can to ensure that the quality of the data is high and 
that customer satisfaction is high and that participation is 
broad. And, again, when someone is attempting to forge or 
bypass the system, there's likely to be stronger citizen 
participation in stopping such interventions.
    I think we have the interesting examples of computer 
viruses. Why is it that the Lenox communities or the Mack 
communities have less of this. There's a warm sense of 
participation. There's an active sense of pride. It's close to 
them. And so I think if we follow those models and we want to 
bring, as in this country, we have a long history of bringing 
things closer to people by having the States be the closest 
point of connection for such activities, we will be building 
the right kind of system. And thinking about the social 
dynamics of why someone offers their information and why they 
might try to deceive and how they might help to prevent others 
from deceiving, that's where we will go to build the strongest 
possible system. So again a diversified system and again a 
focused one that deals with special communities.
    Ms. Corrigan. I think here, whether it's a State level 
document like the driver's license or a Social Security number 
or a newly issued type of identifier like the biometrics, I 
think we have to go back to the purpose for which we are 
gathering this information. And the way that this debate has 
been framed since the terrible events of September 11th has 
been a national identification card or some sort of national ID 
system that would protect us from acts of terrorism. And based 
on the arguments I already made in my testimony, we can't build 
such a system on a set of faulty documents.
    Many of those terrorists on September 11th had fake Social 
Security numbers. Actually all 19, according to the Inspector 
General last week, had such security numbers, some of them 
legally and some of them not. You can't establish motive or 
intent simply on the basis of knowing who someone is. It makes 
me nervous to think by having a traveler's ID or national ID 
card I could just pass through security unchecked without much 
more, and that to me doesn't create more security. In fact, it 
creates a false sense of security, too much dependence on 
technology.
    If we are talking about State or Federal level efforts, we 
have to go back to the basic question, is this even an 
effective security measure to begin with?
    Ms. Schakowsky. Anyone else burning to respond because I do 
have another question? Let me ask you this, is there a place 
for these incredible new technologies, biometrics, palm, all 
those things? I mean, should we be looking for ways to utilize 
them more effectively or do those lead into problem areas for 
us as well?
    Anyone? Mr. Hoechst.
    Mr. Hoechst. I would suggest there is a great many places 
for using them, but not necessarily should we have an 
expectation that tomorrow, we could use them to uniquely 
identify anyone who is on our soil, American or visiting. And 
that partly comes in limitations of the technology in its 
current state, but it partly comes just in the broad ability to 
adopt any such technology like that.
    However, there are opportunities to use them where they are 
very effective. And this comes in, for example, authenticating 
yourself to secured areas. Perhaps we'd say you need to 
identify that you have certified--you need to identify 
biometrically that you are allowed to enter secured areas in an 
airport or whatever. And for that sort of smaller focus 
identification, we know there are a subset of people that are 
allowed to do this and we are going to confirm that you are one 
of that subset. They work quite well. For the general case of 
just saying, ``Hey, I got a person here, let me look through 
all people to determine whether this person is this person,'' 
they are still immature in that phase, I think.
    Mr. Shneiderman. I want to confirm that on the technology 
side. These are promising technologies, but do not offer short-
term hope for wide-scale dissemination. We've heard in the past 
voice recognition patterns and other technologies that might 
have been used, and these techniques are potentially 
interesting and they should be expanded and should be 
researched, but they are in the longer-term and should not be 
seen as a techno-fix in the short-term.
    Ms. Corrigan. Although we are not the technology experts 
that you've got at the end of the table, I think our mantra is 
not all biometrics are created equal and not all uses of 
biometrics are created equal. We supply the same tests to those 
measures that we would to a national identification card. In 
the security context, the ACLU came out in support of the use 
of strengthened identification cards for air employees that 
need access to secure areas, including the use of biometrics on 
those cards. The reason is that in those instances it's a 
limited and targeted use of the biometric, and also you're able 
to take the thumbprint or you're able to take the iris scan 
under very controlled conditions, which makes a difference in 
the effectiveness and error rates of biometric technology.
    Mr. Goodman. May I venture a comment? I'm not sure at the 
moment whether we realize the extent to which certain 
technologies are already in play. And in an attempt to achieve 
security, I would like to give you a couple of quick examples 
in this regard. As you may know, there is something called 
CAPS, which is an acronym for Computer Assisted Passenger 
Screening. This is a system under which information is obtained 
in the reservation process to screen out passengers who may 
require additional security checks. The airlines are fairly 
widespread in their use of such a system.
    Also manifests are at this time provided by airlines. A 
manifest is a list of the passengers on a flight which will be 
landing in due course at a given airport, and in that airport 
they receive an advanced copy of the list of the passengers on 
board to try to determine whether there is a possibility of 
either customs violations or immigration violations and the 
like. So already Big Brother, if you please, is watching very 
closely in certain instances to try to determine what's going 
on. In my judgment, these are both fully justified in the 
present circumstances of tension. And I would again repeat, in 
the context of a war situation, anything we can do to utilize 
current technology to assist us in making identification of 
high-risk individuals is helpful. Normally you would not wish 
to do that. And you'd say in a civil libertarian sense, ``Que 
sera sera,'' let it be and don't mess with this sort of thing. 
But I think it would be a great mistake when we know that we 
will probably be once again subject to a potential attack to 
allow ourselves to be in a solemn state to matters of this 
sort.
    Mr. Turley. Could I add something? Obviously, I suggested a 
commission because I think this deserves more study. And I 
think that it's not just a technological issue that needs more 
study, but we need to look at the efficiency and viability of 
the systems. And if you have a single unified card it has to be 
integrated very often with at least some level of data base 
that creates its own issues. But putting that aside, I just 
wanted to disagree with Senator Goodman in one sense. I happen 
to think we do need more security.
    But we have a long history of the government in times of 
crisis doing things that can only be described as moronic. And 
some of them are more than moronic, such as the internment of 
American citizens of Japanese origin. To simply say we are 
living in danger is not a justification for going boldly into 
these areas in the search for even a modicum increase in 
security. I think we have learned too much in terms of our 
history.
    So I agree with Senator Goodman. I know that he intends 
this in the best sense. But I don't agree that should be the 
reason or the time schedule for us to act. I don't even believe 
this is necessarily going to add security. I mean these 
hijackers on September 11th had wallets that were bursting with 
false IDs. Adding another one is not going to reassure me. I 
would rather be reassured for my sons that when they inherit 
this country and this system that it's going to be given to 
them in the same condition that it was given to me. And that's 
my greatest concern, because frankly the Taliban is today's 
flavor of threat, and tomorrow there's going to be another 
group of fanatics. But I am more concerned in how we respond to 
the threat than the threat itself at the moment.
    Mr. Goodman. May I remind us that had we taken a view that 
peoples' activities in the country are their own business 
unless they do something overtly wrong, that this possibly was 
what underlay the fact that we failed to realize that people 
are taking flying lessons, learning how to fly planes in 
midair, but neither to land them nor permit them to take off. 
And had we simply accumulated a little degree of intelligence 
data that indicated there were certain foreign nationals 
indulging in that type of flying lesson, it might have created 
a pattern of concern that would have possibly detected the 
advance notion of people plowing airplanes in tall buildings in 
our society.
    I use that as an example because it does seem to me that 
there was an earlier reference to an intelligence breakdown. 
The use of vigilant intelligence and the need for both the 
horizontal and vertical communication of intelligence agencies 
in the United States is an absolute imperative at this time, 
and it is rather regrettable that we have been informed that 
the FBI and CIA have not adequately communicated with one 
another and certainly not adequately communicated with local 
law enforcement to permit vigilance at a time when it could be.
    We want to practice preventive medicine. I don't want to 
wait until the next thing happens and say it's a pity it 
happened. Let's do something about it now. I would like to 
prevent it from occurring ever again, because anyone that lives 
in New York will be forever scarred by what's just happened, 
and that is why I am taking an intense view of these 
discussions at this moment.
    Ms. Schakowsky. Thank you to all of you. I want to comment 
on this important discussion that we have been having. I think 
the example of flying lessons conducted by a company that gave 
them--what turned out to be a terrorist is an example of ways 
in which our current infrastructure failed us and the ability 
to communicate information brokedown, and we certainly are all 
interested in making sure that we fill in the cracks and make a 
seamless flow of information to the extent that we can. But I 
have to say, Senator Goodman, that I, too, feel that 
particularly at this time when we're all in a state of 
reflection about what is most precious about the United States, 
what are the things that make us unique and are so worth 
protecting, that we must proceed very cautiously, perhaps even 
more cautiously than when things are just clicking along so 
smoothly, so that we don't make the kinds of overreaching 
mistakes that we did when we interned the Japanese. And I know 
that you are certainly not talking about that kind of activity, 
but I think it is somewhat of a slippery-slope in that we have 
to be very careful that we don't install permanent--one reason, 
for example, that I voted no on a bill that I thought had many 
good provisions, the bill, which I felt shouldn't have been 
called the Patriot Act, because I believe myself to be a 
patriot, but I voted no on that. So I think we have to be very, 
very careful as we proceed forward. And I think that this 
conversation today and all of the witnesses, both panels, 
contributed to the kind of thoughtful debate that we need to 
have, and I appreciate it very, very much.
    Mr. Horn. Well, I wanted particularly to appreciate what 
the ranking member did about the terrible breach of the 
Constitution with the Japanese Americans going into 
internments. I am proud to say my mother, who was director of 
welfare in her county, she opened up and said that is just 
wrong. And the only person I know of who was elected who was 
against that was Roosevelt and General DeWitt--just went ahead 
of everything, putting people in internment camps, even going 
with the Army to Peru, and so forth. But the only elected 
person was a very interesting gentleman named Harry Kane, the 
mayor of Tacoma, where many Japanese Americans were, and he 
later was a U.S. Senator and then President Eisenhower made him 
head of the Subversive, whatever board it was in those days, 
and he had the guts to stand it. And I had lunch with the Chief 
Justice Earl Warren just before he died, about 3 months before, 
and that was, he felt, the biggest mistake. And he was a 
wonderful man and very strong on civil liberties and--but one 
gets swept up in that and they do it. But it's wrong, and we 
don't want to see that happen again.
    So let me just ask one or two questions and we'll close it 
out. Mr. Hoechst, Mr. Ellison has offered to provide the data 
bases for free for Oracle. Does this include maintenance, 
technical support and upgrades? As long as you are in a Santa 
Claus mood, I just thought I'd----
    Mr. Hoechst. I would not venture to be able to speak for 
him on what's intended there. I would like to describe the 
nature of the intent of that offer, which was to take advantage 
of the resources and the enthusiasm that commercial 
organizations like Oracle and others have to facilitate action. 
So Larry's comments, I believe, were to try and remove any 
roadblocks required to facilitate action toward building 
systems that can share information. And if what we can do is 
provide free software or free maintenance on software or free 
services that can help us in a tactical way to stimulate action 
rather than be roadblocks that cause processes to languish, 
then we will do that.
    Mr. Horn. I have one question for Ms. Corrigan. How would a 
consolidated identity system invade the privacy of individuals 
any more than the current systems, Social Security, driver's 
licenses, passports and--we have that now.
    Ms. Corrigan. Actually, we also have something called the 
Privacy Act, which is rooted in one basic principle, and that 
is information collected for one purpose. So whether it's by 
the Museum of Modern Art in New York or whether it's by the 
Social Security Administration, information collected for that 
purpose shouldn't be used for another purpose unless subject to 
one of the exceptions outlined in the law. And we at the ACLU 
are very concerned about the misuse of Social Security numbers 
and privacy violations that go on everyday. But one of the 
biggest protections of privacy is actually the decentralized 
nature of the data. It is one thing for my doctor to have 
access to my personal health information. It's another thing 
for law enforcement to have my arrest record. But it's a 
completely different thing for people to combine those pieces 
of information and come up and marry them so you can come up 
with a whole profile of my life. And as I mentioned before, one 
accident, you know, in the Federal Government unfortunately has 
been subject to either accidents in terms of security on the 
Web or unfortunately employees who are corrupt and sell or use 
and misuse that information, that, again, there's a difference 
when you have separate data bases versus the marrying of the 
information.
    Mr. Horn. I'll tell you, every hearing we have had on 
privacy, and that is we wanted to make sure and the Speaker 
mentioned it this morning, you make a felony out of it. We had 
one of our colleagues when I came into the Congress, her 
medical file had been put in the papers. And why? A disgruntled 
employee or whatever. And that's why people have to be very 
careful of any files in a doctor's office in particular.
    Mr. Shneiderman. I would like to speak to that issue. 
There's a long history of attention between centralized and 
decentralized systems and there are two issues. One is as Ms. 
Corrigan described. The centralized facilities allow a single 
point of attack, single point of destruction, a single point of 
violation and therefore the magnitude of the violation is 
greater. The capacity of the computer to amplify power to do 
good also amplifies the power to do evil. And therefore someone 
can search across a much larger data set in that way.
    But the other interesting point about the multiple or 
diversified, decentralized approach, actually it stimulates 
creative designs by having independent explorations and 
involves much more effective best practices if they are then 
shared and copied by the others, which is again why I encourage 
the collaboration by the way of the National association of 
State CIOs so that the best practices of each of the 50 States 
can then be repeated and disseminated widely. And that's truly 
one of the strengths of the decentralized approach.
    Mr. Horn. I am going to thank the staff now and then have a 
closing bit of where I think this is going. And the person on 
my left is J. Russell George, the staff director and chief 
counsel for the subcommittee. And Bonnie Heald in the back is 
the deputy staff director. Darin Chidsey is a professional 
staff member. Mark Johnson, clerk. Earl Pierce, professional 
staff member. Jim Holms, intern. And then for the ranking 
member here, David McMillen, professional staff member. And 
Jean Gosa, minority clerk. Our court reporters, Lori Chetakian 
and Nancy O'Rourke, and we thank you.
    The hearing was not intended to resolve the national 
identification issue, but merely to advance the debate in light 
of the September 11th attacks and the changed world in which we 
now live. Our witnesses provided a variety of perspectives and 
brought a great deal of expertise to the discussion. We are 
only beginning to explore this complicated issue. But one thing 
is certain, the September 11th attacks, as horrifying as they 
were, have brought out the best in America.
    One small but important example of the Nation's strength is 
the ability to conduct this calm, civil but vigorous discussion 
of whether America needs a national identification system and, 
if so, how to go about creating it. Ultimately we can trust the 
American people and their representatives to make the right 
decision.
    And with that, we are adjourned.
    [Whereupon, at 1:50 p.m., the subcommittee was adjourned.]
    [Additional information submitted for the hearing record 
follows:]
[GRAPHIC] [TIFF OMITTED] 82171.103

[GRAPHIC] [TIFF OMITTED] 82171.104

[GRAPHIC] [TIFF OMITTED] 82171.105

[GRAPHIC] [TIFF OMITTED] 82171.106

[GRAPHIC] [TIFF OMITTED] 82171.107

[GRAPHIC] [TIFF OMITTED] 82171.108

[GRAPHIC] [TIFF OMITTED] 82171.109

[GRAPHIC] [TIFF OMITTED] 82171.110

[GRAPHIC] [TIFF OMITTED] 82171.111

[GRAPHIC] [TIFF OMITTED] 82171.112

[GRAPHIC] [TIFF OMITTED] 82171.113

[GRAPHIC] [TIFF OMITTED] 82171.114

[GRAPHIC] [TIFF OMITTED] 82171.115

[GRAPHIC] [TIFF OMITTED] 82171.116

[GRAPHIC] [TIFF OMITTED] 82171.117

[GRAPHIC] [TIFF OMITTED] 82171.118

[GRAPHIC] [TIFF OMITTED] 82171.119

[GRAPHIC] [TIFF OMITTED] 82171.120

[GRAPHIC] [TIFF OMITTED] 82171.121

[GRAPHIC] [TIFF OMITTED] 82171.122

[GRAPHIC] [TIFF OMITTED] 82171.123

[GRAPHIC] [TIFF OMITTED] 82171.124

[GRAPHIC] [TIFF OMITTED] 82171.125

[GRAPHIC] [TIFF OMITTED] 82171.126

                                   - 
