[House Hearing, 107 Congress]
[From the U.S. Government Publishing Office]
DOES AMERICA NEED A NATIONAL IDENTIFIER?
=======================================================================
HEARING
before the
SUBCOMMITTEE ON GOVERNMENT EFFICIENCY,
FINANCIAL MANAGEMENT AND
INTERGOVERNMENTAL RELATIONS
of the
COMMITTEE ON
GOVERNMENT REFORM
HOUSE OF REPRESENTATIVES
ONE HUNDRED SEVENTH CONGRESS
FIRST SESSION
__________
NOVEMBER 16, 2001
__________
Serial No. 107-118
__________
Printed for the use of the Committee on Government Reform
Available via the World Wide Web: http://www.gpo.gov/congress/house
http://www.house.gov/reform
U. S. GOVERNMENT PRINTING OFFICE
82-171 WASHINGTON : 2002
___________________________________________________________________________
For Sale by the Superintendent of Documents, U.S. Government Printing Office
Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; (202) 512-1800
Fax: (202) 512-2250 Mail: Stop SSOP, Washington, DC 20402-0001
COMMITTEE ON GOVERNMENT REFORM
DAN BURTON, Indiana, Chairman
BENJAMIN A. GILMAN, New York HENRY A. WAXMAN, California
CONSTANCE A. MORELLA, Maryland TOM LANTOS, California
CHRISTOPHER SHAYS, Connecticut MAJOR R. OWENS, New York
ILEANA ROS-LEHTINEN, Florida EDOLPHUS TOWNS, New York
JOHN M. McHUGH, New York PAUL E. KANJORSKI, Pennsylvania
STEPHEN HORN, California PATSY T. MINK, Hawaii
JOHN L. MICA, Florida CAROLYN B. MALONEY, New York
THOMAS M. DAVIS, Virginia ELEANOR HOLMES NORTON, Washington,
MARK E. SOUDER, Indiana DC
STEVEN C. LaTOURETTE, Ohio ELIJAH E. CUMMINGS, Maryland
BOB BARR, Georgia DENNIS J. KUCINICH, Ohio
DAN MILLER, Florida ROD R. BLAGOJEVICH, Illinois
DOUG OSE, California DANNY K. DAVIS, Illinois
RON LEWIS, Kentucky JOHN F. TIERNEY, Massachusetts
JO ANN DAVIS, Virginia JIM TURNER, Texas
TODD RUSSELL PLATTS, Pennsylvania THOMAS H. ALLEN, Maine
DAVE WELDON, Florida JANICE D. SCHAKOWSKY, Illinois
CHRIS CANNON, Utah WM. LACY CLAY, Missouri
ADAM H. PUTNAM, Florida DIANE E. WATSON, California
C.L. ``BUTCH'' OTTER, Idaho STEPHEN F. LYNCH, Massachusetts
EDWARD L. SCHROCK, Virginia ------
JOHN J. DUNCAN, Jr., Tennessee BERNARD SANDERS, Vermont
------ ------ (Independent)
Kevin Binger, Staff Director
Daniel R. Moll, Deputy Staff Director
James C. Wilson, Chief Counsel
Robert A. Briggs, Chief Clerk
Phil Schiliro, Minority Staff Director
Subcommittee on Government Efficiency, Financial Management and
Intergovernmental Relations
STEPHEN HORN, California, Chairman
RON LEWIS, Kentucky JANICE D. SCHAKOWSKY, Illinois
DAN MILLER, Florida MAJOR R. OWENS, New York
DOUG OSE, California PAUL E. KANJORSKI, Pennsylvania
ADAM H. PUTNAM, Florida CAROLYN B. MALONEY, New York
Ex Officio
DAN BURTON, Indiana HENRY A. WAXMAN, California
J. Russell George, Staff Director and Chief Counsel
Darin Chidsey, Professional Staff Member
Mark Johnson, Clerk
David McMillen, Minority Professional Staff Member
C O N T E N T S
----------
Page
Hearing held on November 16, 2001................................ 1
Statement of:
Gingrich, Hon. Newt, former Speaker of the U.S. House of
Representatives; Hon. Alan Simpson, former Majority Whip of
the U.S. Senate; and Hon. Bill McCollum, former chairman,
Permanent Select Committee on Intelligence, Subcommittee on
Human Intelligence, Analysis and Counterintelligence,
former chairman, Judiciary's Subcommittee on Crime, U.S.
House of Representatives................................... 19
Turley, Jonathan, Shapiro professor of public interest law,
the George Washington University Law School; Roy M.
Goodman, chairman, Investigations Committee, New York State
Senate; Katie Corrigan, legislative counsel on privacy,
American Civil Liberties Union; Rudi Veestraeten, Counselor
and Consul, Embassy of Belgium; Tim Hoechst, senior vice
president of technology, Oracle Corp.; and Ben Shneiderman,
professor, Department of Computer Science, University of
Maryland, College Park, fellow, Association for Computing
Machinery.................................................. 60
Letters, statements, etc., submitted for the record by:
Castle, Hon. Michael N., a Representative in Congress from
the State of Delaware, prepared statement of............... 12
Corrigan, Katie, legislative counsel on privacy, American
Civil Liberties Union, prepared statement of............... 115
Goodman, Roy M., chairman, Investigations Committee, New York
State Senate, prepared statement of........................ 107
Hoechst, Tim, senior vice president of technology, Oracle
Corp., prepared statement of............................... 140
Horn, Hon. Stephen, a Representative in Congress from the
State of California, prepared statement of................. 3
Maloney, Hon. Carolyn B., a Representative in Congress from
the State of New York, prepared statement of............... 17
McCollum, Hon. Bill, former chairman, Permanent Select
Committee on Intelligence, Subcommittee on Human
Intelligence, Analysis and Counterintelligence, former
chairman, Judiciary's Subcommittee on Crime, U.S. House of
Representatives, prepared statement of..................... 34
Schakowsky, Hon. Janice D., a Representative in Congress from
the State of Illinois, prepared statement of............... 7
Shneiderman, Ben, professor, Department of Computer Science,
University of Maryland, College Park, fellow, Association
for Computing Machinery, prepared statement of............. 150
Simpson, Hon. Alan, former Majority Whip of the U.S. Senate,
prepared statement of...................................... 26
Turley, Jonathan, Shapiro professor of public interest law,
the George Washington University Law School, prepared
statement of............................................... 65
Veestraeten, Rudi, Counselor and Consul, Embassy of Belgium,
prepared statement of...................................... 129
DOES AMERICA NEED A NATIONAL IDENTIFIER?
----------
FRIDAY, NOVEMBER 16, 2001
House of Representatives,
Subcommittee on Government Efficiency, Financial
Management and Intergovernmental Relations,
Committee on Government Reform,
Washington, DC.
The subcommittee met, pursuant to notice, at 10:01 a.m., in
room 2154, Rayburn House Office Building, Hon. Stephen Horn
(chairman of the subcommittee) presiding.
Present: Representatives Horn, Miller, Schakowsky, Owens,
and Maloney.
Also present: Representative Castle.
Staff present: J. Russell George, staff director and chief
counsel; Bonnie Heald, deputy staff director; Darin Chidsey and
Earl Pierce, professional staff members; Mark Johnson, clerk;
Jim Holms, intern; David McMillen, minority professional staff
member; and Jean Gosa, minority assistant clerk.
Mr. Horn. A quorum being present, the hearing of the
Subcommittee on Government Efficiency, Financial Management and
Intergovernmental Relations will come to order. Only 2 months
after the devastating terrorist attacks of September 11, this
Nation is just beginning to understand the dimensions of a
dramatically changing world. Preserving the American way of
life requires adaptation and sacrifice. It means using this
Nation's unique strengths to address the vulnerabilities that
terrorists exploited at an enormous human toll.
Technology is one of America's greatest strengths. In
recent weeks, some have called for using that technology to
combat terrorism by developing a national identification
system. Proponents of such a system argue that a high-tech
national identifier system linking Federal and State data bases
would allow authorities to spot terrorists before they attack.
Some of the September 11th terrorists were in the country
illegally. Supporters say had such a system been in place,
airline personnel would have been able to cross-check passenger
lists against various watchlists. The airlines would have known
the men should not have been in the country, let alone on an
airplane.
Those who oppose such a system are concerned about the
impact a national identifier system would have been on the very
precepts of America's freedoms. Given the vast amount of
personal information that could be placed in a national
identification system, there is legitimate cause for concern
over its potential abuse or mismanagement. In the event that
such a system were adopted, it must incorporate sufficient
safeguards to prevent the abuse of power by those who would
have access to the information and those with the authority to
demand an individual's identification.
The technical issues involved in a data base project of
this magnitude must also be considered. Is it possible to
develop a system that is both fraud resistant and secure?
Freedom is the most precious gift to Americans. The terrorists
knew it and took good advantage of it. Freedom itself was the
target of the September 11th attacks. If that freedom is lost
in the pursuit of justice, the terrorists will have won even if
they themselves are punished. Although holding firm to
America's freedoms, we must also be open to new ideas. The
survival of this great Nation may depend on it.
[The prepared statement of Hon. Stephen Horn follows:]
[GRAPHIC] [TIFF OMITTED] 82171.001
[GRAPHIC] [TIFF OMITTED] 82171.002
Mr. Horn. I welcome our witnesses today and I look forward
to their testimony, but before giving you the oath, I will
yield time for the ranking member, the gentlewoman from
Illinois, Ms. Schakowsky, for an opening statement.
Ms. Schakowsky. Thank you, Mr. Chairman, and I want to
thank this panel of witnesses for coming here today. In the
wake of September 11th we're faced with an enormous challenge
of balancing the need for enhanced national security with a
need for protecting civil rights of the public. In the past
some efforts in the name of national security, in my view, have
gone too far and have endangered those liberties. We've learned
that once that kind of harm is done, it's difficult to repair.
During World War II, we uprooted thousands of Japanese
Americans and placed them in internment camps.
It is generally recognized today over 50 years later that
the internment was a mistake. In fact, it was clear at that
time there was no danger of sabotage from those individuals.
As historian Margo Anderson points out, in November, 1941,
in response to a request by Franklin Roosevelt, John Franklin
Carter wrote to the President ``There is no Japanese `problem'
on the coast. There will be no armed uprising of Japanese.''
Nonetheless, thousands of Japanese Americans, many of whom were
citizens, were surrounded, rounded up and placed into camps.
Today we have a monument to those that were mistreated just
north of the Senate office buildings and our government has
officially apologized. However getting to that apology and the
monument was extremely difficult and did not repair the harm
done. The liberty and sense of security lost by those interned
cannot be given back. We must be careful not to repeat the
mistakes of the past.
Last week on Thursday, before Veterans Day, I went to the
floor of the House to pay tribute to those who have served our
country in the defense of freedom. We have fought hard
throughout our history to maintain a free and open society. We
must not sacrifice those freedoms in the name of war. If we
sacrifice our freedom, we lose the war no matter what the
military outcome. The security measures we propose in response
to terrorism must pass three tests. Are they effective? Can
they be applied without discrimination? Can they be implemented
without sacrificing our fundamental freedoms of due process,
privacy, and equality? The proposal for a national
identification system is not new. It has failed in the past
because it cannot pass these fundamental tests.
The Congress passed the Immigration Reform Act in 1996
which contained a number of provisions that would have led to a
national identification system. Since that law was passed,
those provisions have steadily been paved back. One provision
was repealed and another modified to the point where it could
not be administered at the land border between the United
States and its neighbors. In the Patriot Act, the House
reaffirmed those provisions knowing that they had no teeth. The
events of September 11th show us that systems like national
identification cards will not deter crazed terrorists from
their mission. Those terrorists all had driver's licenses,
credit cards and Internet accounts.
I urge all of us and each of you to pay close attention to
the effects your proposal will have on the fundamental freedoms
on which this country was founded, freedom of speech and
religion, freedom to assembly and freedom of the press, freedom
from unreasonable search and seizure and freedom from
imprisonment without due process. Those freedoms cannot be
ignored in the name of homeland security.
As Members of Congress, we must evaluate any proposal
offered in the name of enhanced security. Does it do what it
claims to do? What is the burden on the public in terms of time
consumed and freedom lost? Do the benefits outweigh the costs,
is there an incremental gain in security and does it justify
the loss of freedoms?
I look forward to hearing the testimony today and hope our
witnesses will help us answer these important questions and I
thank you, Mr. Chairman.
[The prepared statement of Hon. Janice D. Schakowsky
follows:]
[GRAPHIC] [TIFF OMITTED] 82171.003
[GRAPHIC] [TIFF OMITTED] 82171.004
Mr. Horn. I thank you and before I call on Mrs. Maloney, we
have two Members of Congress which will be before us, and
without objection, we'll have Mr. Castle and Mr. Miller. And
Mr. Castle.
Mr. Castle. Thank you very much, Mr. Chairman, I know I'm
an interloper here today and I appreciate you and the ranking
member allowing me to appear. I wanted to share some thoughts I
have on this and some legislation I've been working on with
Congressman Jeff Flake of Arizona with respect to this issue.
But I must comment first, this is a very distinguished, but
even more so, a very interesting panel. I look forward to what
they have to say.
Many of the issues that are involved in the subject matter
of today of national identification cards, in my judgment,
should first be addressed in managing foreign visa holders in
the United States of America. While I understand that the issue
of national ID cards is extremely important in the times we are
living in, and I imagine somewhat controversial if I had to
place a wager on it, I believe that we must first begin with
the tracking of foreign guests in our country, and I don't
think this should be controversial.
I would like to share a few statistics with you. In 1998,
the Immigration and Naturalization Service [INS], reported that
30.1 million foreign people came to the United States on a
temporary basis. Of those 30.1 million, there are an estimated
5 to 8 million illegal immigrants living in the United States,
40 percent of which were listed as overstays by the INS. That
means they stayed beyond the time of their visa. I believe very
strongly, and Mr. Flake does as well, that we need to be able
to monitor all foreign visitors and track in real-time, that
is, the actual knowledge on a computer screen in real time who
they are, what their background is, and what they are doing in
our country.
Congress is actually--probably in the time of the gentlemen
that are on this panel--has actually, taken steps on this, but
none of this has really been implemented. Six years ago the
Congress directed the INS to gather the arrival and departure
date of most foreign visitors to make sure they do not remain
in the United States after the expiration of their authorized
stays, however, to this day the INS passenger accelerated
service system, INSPASS is its acronym, remains only a pilot
project used in only four airports, but not in any land or
seaport points of entries.
Another example of an innovative idea which has been put in
place but not fully used, is a border crossing card which is
used by Mexican and Canadian nationals who seek admission as
border crossers, but again, this program has been plagued by
difficulties and delays. I think such examples illustrate the
lost opportunities inherent in the poor management of tracking
systems. To address immigration challenges, Representative
Flake, Representative Deal of Georgia and I did introduce an
act called the ISA, Integrity and Security Act, to strengthen
the immigration system and to improve the ability of the INS to
track all these temporary visa holders.
A number of the key provisions in this legislation were
actually included in the Patriot Act, which you might know as
the Antiterrorism Act, which passed very recently in the
Congress of the United States.
But there is still a lot of work to be done. We do need to
be able to track and locate temporary foreign visitors to the
United States to ensure they are here for their stated purpose,
which could be anything from being a student to working, to a
visitor, and to know when they have come and when they have
left. A student tracking system that has been under development
since 1997 needs to be improved and fully implemented. The
Patriot Act does call for the implementation of the student
tracking system and it's authorized $36 million, which is a
good start toward its deployment. However, we must advocate
that the INS incorporate key provisions in any future student
tracking system. We need to know if foreign students actually
enroll in classes and whether they drop out.
There are over 500,000 foreign students in the United
States now. We also need to know their family history, course
of study, and date of enrollment. And second, we need to know
if a temporary worker holding an H1B visa, which has been the
subject matter of many an hour here in the Congress, is still
working at the company that hired that person. A crucial aspect
of any effective system that tracks foreign visitors is the use
of technology to foil would-be counterfeiters; of which there
are many, I might add.
A smart card visa for foreign visitors would be much more
difficult to forge than traditional visas. It would hold a copy
of the fingerprint biometric and typical visa information, or a
pupil of the eye or whatever biometric one would want to use.
This is not a new idea either, by the way. It just has not been
implemented particularly well. U.S. citizens across the border
frequently are able to participate in a voluntary program that
registers a fingerprint biometric. We just think in certain
instances it should be automatic that it be done as opposed to
being a voluntary program. The holders of frequent travelers
passports pass more quickly through Customs by showing their
fingers for identification at a Customs station.
The use of biometric technology is encouraged in the
Patriot Act. These tamper-resistant bases could eventually be
linked to an integrated computerized entry/exit system and the
INS, Customs, consulates, universities and other law
enforcement agencies would all work off the same information to
monitor and track students, tourists and other visa holders.
I'm sure I'm not telling anybody here the difficulty of some of
the information exchange, even among governmental agencies
today, much less sort of computer in real time in terms of the
various places, the Embassies, the points of entry where that
information would be useable. All this technology is available,
by the way, although at a cost, and programs could be more
effectively utilized to track our foreign guests.
The lessons learned from tracking foreign visitors can lend
important insight to the pros and cons of enacting a national
identification card for U.S. citizens, which we may or may not
be ready for now, but I think we are ready for a visa system at
this point if we put our minds to it and go about it.
Let me just say in conclusion, in no way am I advocating
limiting, in this particular program, what we are doing with
respect to visas or visitors to our country. We just want to
make sure we know who's coming into this country, and if they
should not be coming into this country, preventing them from
being here and while they are here, they are doing what they
are supposed to be doing.
I appreciate the time, Mr. Chairman. Again, I realize I'm
an interloper, and you have been very generous and I yield back
to the balance of my time.
Mr. Horn. Thank you very much.
[The prepared statement of Hon. Michael N. Castle follows:]
[GRAPHIC] [TIFF OMITTED] 82171.005
[GRAPHIC] [TIFF OMITTED] 82171.006
[GRAPHIC] [TIFF OMITTED] 82171.007
Mr. Horn. And now I yield to the ranking member over the
years and the gentlelady of New York, Mrs. Maloney.
Mrs. Maloney. Thank you. And I would first like to thank
you, Mr. Chairman, and the ranking member, for tackling yet
another complicated and controversial issue. Also I'd like to
extend my appreciation to the very interesting panelists you
have assembled here today for taking the time to be here. We
have taken a hard look at the way our great Nation operates
since September 11th.
The hard cold truth is that we have been very lax in many
years of safety and security. I believe the most difficult fact
for us as a Nation to face is that there is a group of
individuals who hate us and want to do harm to the citizens of
America. As an elected official, I must do everything that I
can to protect my constituents and the constituents of our
country. In this new world, I am not exactly how sure we can
accomplish this; however, I am eager to learn and understand
more as we will today.
In the month of October alone, we had 17 million people
travel across the borders of the United States. We welcome all
travelers. Our Nation's economy depends in part on these
visitors. However, we have to face the cold hard truth that not
everyone entering our borders enters with good intentions.
Access to the United States must be looked upon as a privilege,
not a right. Our country's founders provided many safeguards to
protect our freedom while ensuring our safety. One of the
beauties of our democracy is that it is not static, but a
robust living thing that can change, and times have
dramatically changed.
Daniel Webster, one our Nation's former great leaders once
stated, ``God grants liberty only to those who love it and are
always ready to guard and to defend.'' Today we must guard and
defend it. We must not be afraid of new ideas. We need to
protect not only the rights of individuals but their life. We
pride ourselves in the many freedoms we have in the United
States. However, in order to protect these freedoms we need to
protect our safety and our Nation's security. I commend
President Bush for taking the bold step yesterday to begin to
require stricter regulations regarding the granting of visas.
Fear has struck the core of the community I represent in New
York. I lost well over 600 constituents, and it has struck the
core of the American people.
The freedom to travel freely about our Nation has taken a
devastating blow. We now have armed guards on several flights
with implementation of complete coverage for all flights
ongoing. We look to our law enforcement to protect and to
serve; however, we need to arm them with the tools to
accomplish this mission. A more thorough and smarter green card
for non-U.S. persons, I believe, is a beginning.
I also believe that we need to tie one's State driver's
license to their visa expiration date. During a hearing held in
New York on terrorism, Governor Jeb Bush provided testimony
that in his State of Florida, one's driver's license expires
the same date as their visa. Does this not provide yet another
way of tracking non-U.S. persons?
I believe we need to take other steps, and one could be
that an individual's bank account could be frozen also at the
time of a visa expiration date. All non-reclaimed funds could
revert to the State's escrow account to fight terrorism. We
have seen how our banking industry has been contaminated by the
terrorist community again and we need to reclaim it. As I have
stated earlier, I do not have all the answers; so I'm very much
looking forward to our panelists to help me and other members
of this committee uncover all the pros and cons of this
important issue. Thank you very much and I yield back Mr.
Chairman.
Mr. Horn. Thank you.
[The prepared statement of Hon. Carolyn B. Maloney
follows:]
[GRAPHIC] [TIFF OMITTED] 82171.008
[GRAPHIC] [TIFF OMITTED] 82171.009
Mr. Horn. And we now yield to Mr. Miller from Florida, the
chairman of the Census Subcommittee of Government Reform.
Mr. Miller.
Mr. Miller. Thank you, Mr. Chairman. Thank you for calling
this hearing. I'm delighted with the two panels and I will be
very brief because I heard the Speaker talk about this briefly
at a breakfast about 2 weeks ago, and ever since, September
11th has raised a lot of issues as to the direction this is
going to go--civil liberties issues, and I know this will be
addressed by the panel, the privacy issue, which Mr. McCollum
has worked on a lot, technology, which the Speaker has talked
about all the time, and just to make sure our country can
function after post-September 11th, our economy. So there's a
lot of challenges and interesting comments and I'm really here
to listen and learn. So I yield back.
Mr. Horn. Thank you very much.
And any other statements that come in will be filed for the
record. We now start with our first panel, and I think you know
the routine, that this is an investigating committee, and so if
you raise your right hands and if you have any assistants
backing you up, get them and the clerk will get their names
too.
[Witnesses sworn.]
Mr. Horn. The clerk will note that all the witnesses have
affirmed, and we start with the Honorable Newt Gingrich, former
Speaker of the U.S. House of Representatives.
Mr. Speaker.
STATEMENTS OF HON. NEWT GINGRICH, FORMER SPEAKER OF THE U.S.
HOUSE OF REPRESENTATIVES; HON. ALAN SIMPSON, FORMER MAJORITY
WHIP OF THE U.S. SENATE; AND HON. BILL McCOLLUM, FORMER
CHAIRMAN, PERMANENT SELECT COMMITTEE ON INTELLIGENCE,
SUBCOMMITTEE ON HUMAN INTELLIGENCE, ANALYSIS AND
COUNTERINTELLIGENCE, FORMER CHAIRMAN, JUDICIARY'S SUBCOMMITTEE
ON CRIME, U.S. HOUSE OF REPRESENTATIVES
Mr. Gingrich. Thank you very much, Mr. Chairman, and I want
to thank you and the ranking member for holding this hearing. I
also want to take this opportunity to commend you for your
consistent leadership on the issue of cybersecurity and the
fact that this subcommittee has been very far ahead of events
in looking at the need for effective technology in the security
area. I also want to begin with Mrs. Schakowsky's, I think,
absolutely correct point, which is that we have to design--the
challenge to the Congress and the President is to design--the
system which both provides civil liberties protection for the
innocent and protection of the innocent.
In the past, with things like fingerprinting, wiretapping
and other technologies, we've worked very hard to make sure
that while we were strengthening law enforcement we were never
infringing on the innocent, and I think this has to be thought
through in a very careful way. The fact is, we already have a
primitive inefficient, easily cheated system of identification.
I flew out of Reagan National yesterday, and three times I
produced an ID card.
Now, I just want to point out every audience I've talked to
around the country, I've asked them how many of them know
someone who in high school had an access to an ID card that
might not have been their own for reasons we won't go into. And
while no one personally had ever used an ID card for an
inappropriate purpose, it always amazed me the number of people
who seem to find, at 16 or 17, access to an ID card.
So I want to be very clear. I think we have already
indicated at airports, we've indicated at government buildings,
we've indicated in a variety of places that asking for
identification is legitimate. The question now is can we design
a system which has an effective ID style while protecting the
innocent? I think that it has to be an American model of
security, which means a high technology capital intensive
system that provides security, speed, efficiency, and
convenience.
That's the model we've always set for ourselves, and I
think, frankly, the current lines at airports are a sign we
don't have a system that meets that test. It's necessary for
the world economy to have a parallel system for freight,
whether it's in trucks or container cargo that is secure, fast,
and efficient, or we will literally break down the world
economy and add a substantial amount of cost to everybody's
life.
I would suggest to this subcommittee that as you look at
these, that you look very seriously at outsourcing as much
production as possible because most of the great breakthroughs
that are high technology and capital intensive occur in the
private sector and occur in entrepreneurial businesses. I
particularly would recommend Clayton Christiansen's, the
Innovator's Dilemma, as a study of new technologies that work,
and Nathan Merival's recent writing, particularly in USA Today,
on the concept of exponential industries and the ability to
develop really dramatic new technologies in the next 5 to 10
years.
I personally think we are going to want to end up with a
biometric solution that involves either a retinal or iris scan,
which I think is harder to cheat than the thumbprint, and
frankly, is as easy to measure in real time. It's simply a
picture, and any of us who are being filmed for television or
still photographers are having exactly the same experience
you'd have for a retinal scan.
I want to distinguish also civil liberties for American
citizens from foreign visitors. I believe that all foreign
visitors should be scanned as they enter the country. We ought
to have a data bank either of their iris or retina. I think
that's the technical decision of which one you're using. But we
ought to be able to know who you are. We ought to be able to
match you up against a system that would indicate whether you
were a known drug dealer, a known terrorist, etc., and that
would basically indicate and attach to an identity that had a
biometric on the identity card, so we knew that the person
we're talking to didn't just buy this for $11 in Los Angeles on
a street corner as can currently be done.
For Americans, I think it's fairly simple to have the 50
States go to a biometric measure on the driver's license and
simply ensure that all of the States--50 States plus D.C. have
their data bases linked. That means an investment in wireless
high-speed connectivity with very high-speed computing, but
literally it's no harder for a policeman standing and talking
to you beside your car within seconds to verify who you really
are, if we design a system that does it, and I think you can do
that with civil liberties protected.
I would not insist on a national ID card because I think
you do get into civil libertarian issues, but I would suggest
to you that the simple act of having two lines in airports, one
biometric where anybody who's a frequent flyer who wanted to be
able to literally walk through the line, verify who they are,
and pickup their ticket at security as they're going through,
while we'd have a long line that may take an hour and a half
for people who prefer to avoid that kind of convenience.
I think you'd find a natural migration of over 90 percent
of the American travelers within a year or less to the higher
speed line. Let me also suggest that the committee look at the
emerging technology at MIT and elsewhere, that for somewhere
between 1 and 30 cents per suitcase you could literally have an
embedded wireless system that would enable you to track
literally every suitcase, and if you introduced it as a
manufacturing process now, you would, within 5 or 6 years, have
an overwhelmingly tagged and identified highly secure system.
As I said earlier, this kind of thinking, I think, has to
also apply to trucks and to container cargos. And if you look
at what UPS and FedEx already do, you can see the beginnings of
a model that given the high--the new breakthroughs and the new
technologies can be even more sophisticated and even more
accurate. Let me just close by going back to the exactly
correct warning that Mrs. Schakowsky made. There is no question
in my mind that we can design, just as with medical records, an
ability to have personal privacy and access to information that
may save our lives, but that probably requires a Federal law
that makes it a felony to use that medical record
inappropriately.
Similarly I think you can design a system which allows you
to track a person who is generally out to do something bad
without, in that process, either dramatically inconveniencing
or harming those who are innocent, and in fact, I would argue
that if the American people knew that every employee who walked
on an airport had some means of checking to make sure they were
really the person they claimed to be, if we knew that our FBI,
CIA, FAA computers worked, the notion--I just want to close on
this notion, because what you're doing on this subcommittee is
so vital.
Six weeks before September 11th, the Central Intelligence
Agency told the Federal Bureau of Investigation two terrorists
had entered the United States. Six weeks later, they had still
not be able to get that information into the airline computers,
and two of the terrorists on September 11th in Boston boarded
the airplane under their own names, 42 days after the U.S.
Government officially knew they were in the United States and
they were very dangerous.
Now, I simply suggest going to a mandatory regular ID card
won't help much because with desktop printing they will learn
how to buy cards that are false, but if we had a high-speed
computing system and we had an ability to have very high speed
access, I think we could design a system where we would have
found those two people, they would have been stopped at Logan,
and we would have had a very significant understanding of what
was going on. I think this committee's moving in the right
direction. If it does it right, the system will be very secure,
it will be very safe and it will protect our civil liberties
while also protecting us.
Mr. Horn. We thank you very much for those pertinent views
which I'm used to and it's very useful. We now turn to the very
distinguished ex-Senator and one of the great public servants
of this country, namely Alan Simpson, who spent more time on
immigration I think than probably all the rest of us put
together. So I'm going to turn it over to you----
Ms. Schakowsky. Mr. Chairman, if I could just inquire,
apparently you're going to proceed through the vote?
Mr. Horn. No. We're going to go now and when Mr. Miller
returns, he will be presiding and then I will come back. We're
in this less-than-seamless operation known as the vote.
Mr. Simpson. We know that.
Mr. Horn. And we'll be back----
Mr. Simpson. I will just proceed, then. Thank you.
Mr. Horn. Proceed, and then I will try to be back in 6 or 7
minutes.
Mr. Simpson. Thank you, Chairman Horn. I come in here with
a very eerie feeling as Jack Brooks is staring at me there. He
would look at me with that smouldering cigar and say Simpson,
I've got a deal for you. God, I'd lose my shirt and my
underwear and everything else in here. Well, that was Jack
Brooks. What an amazing man.
It is a pleasure to be here to discuss this serious issue
of how we might strengthen domestic security. I was
particularly moved by Congresswoman Schakowsky's remarks where
I met Norm Mineta at the Hart Mountain Relocation Center when
we were 12-year-old boys. He was behind wire and I lived in
Cody, and our scoutmaster took us to the Jap camp, is what it
was called, 11,000 people there.
And Norm and I struck up a friendship of curiosity and
juvenile development that has lasted 70 years. He is a very
dear and special friend, but we'll want to remember at that
time, Attorney General Warren, Earl Warren of California,
signed the order to evacuate them, and the unanimous decision
of the U.S. Supreme Court by William O. Douglas said that it
was proper. So I think let's keep that into perspective and not
think of how it is 50 years from then as to the fact that the
Japanese submarine lobbed a couple of shells into an oil field
off of California in the Spring of 1942, and it kind of
startled people. Just thought I'd pitch that in. Just thought
I'd throw it in there.
Anyway, you're on track. I was impressed by what Newt is
saying because you're all being led astray by a single term,
and the term is national ID. I never used it. I put it in the
bill that we are now talking about a national ID, and you do a
disservice to the country when you use the phrase national ID.
We're talking about a more secure identifier system. It could
be many things, and if anyone believes there is intrusiveness
in what we are suggesting, all of us, Newt, myself, what Bill
will say, what Democrats and Republicans--what Rodino and I
said, what Mazzoli and I said.
And in the bill, it said we're not talking about a national
ID. That's a diversion for people who like to talk about
tattoos and Nazi Germany and don't let them get away with it.
We're not talking about that. Every time we tried to do
something in this area, it was filled with emotion, fear,
guilt, and racism. The Select Commission on Immigration and
Refugee Policy said we ought to do something in this area. We
tried to do that, got shot out of the saddle by arguments about
tattoos and Nazi Germany. Then we tried it again and we had a
biometric activity in one of them, and in a conference
committee in the middle of the night when on the floor of the
House passed, the Senate, there was an emotional, highly
emotional argument about, again, Nazi Germany and tattoos. It
was pulled out and dear old Joe Moakley took it out and we
passed it in the middle of the night without anything in it.
The House always had an aversion to that kind of thing. The
Senate would pass it. And I can only share with you that
everything we did in this area was bipartisan. Mazzoli,
Democrat from Kentucky, Rodino, the chairman of the Judiciary
Committee from New Jersey, still living, and a magnificent man,
we did these things--Hamfish, and Newt knows him well and so
did Bill. You have to do something, and the something is not
intrusive any more than what you get when you go to the airport
now or what you get when you go into a store and have to give
your slide card or when you file for credit or whatever it may
be----
Ms. Schakowsky. Senator Simpson.
Mr. Simpson. Yes, indeed.
Ms. Schakowsky. I'm afraid I have to go vote, which would
leave no Members here. And so I'm going to grab this gavel
while I can and recess this committee at least until someone
returns. All right?
Mr. Simpson. Well, that's very kind. Thank you. I'll just
keep going though. No.
[Recess.]
Mr. Miller [presiding]. The subcommittee will come back to
order. Mr. Horn will be back shortly and asked me to proceed
with the presentation. I think, Senator Simpson, would you
continue?
Mr. Simpson. Thank you, Congressman Miller, and I see you
have new devices which are very clearly, which aren't on yet,
so I will speed ahead--I was just kind of reviewing things and
speaking to Congresswoman Schakowsky's comments. Let me just
give us a very brief summary of past efforts. The Select
Commission came into being 1979 to 1981. I was a member of that
bipartisan commission. Father Ted Hesburg was chairman, and we
did a lot of things. We recognized that no system attempting to
control anything would be effective without a more secure
method of confirming a person's identity and immigration
status.
So we recommended, the Commission recommended--it was a
narrow vote, substantial improvement. Then we had the
Immigration Reform and Control Act of 1986. When that first
passed, it had a provision in it that the executive branch
would implement a system that would reliably determine identity
again and authorization of all persons. That was weakened by
the Senate and stripped by the House. I think it was a
conference committee and that's often the history of conference
committees as I recall them here in this Chamber, especially
with Brooks with the gavel.
But anyway, that's an aside. The enacted version of IRCA
had a pilot program in it, and then we had telephone
verification. We couldn't get much done because, again, the
background noise was always national ID. The initial conference
committee version of the Immigration Act of 1990 where we
broadened legal immigration a great deal, contained a pilot
program using biometric data to make State driver's licenses
more secure, and it was then to the amazement of Democrats and
Republicans alike that issue demagogued in the most grotesque
way one evening in this House body, and the House rule was
defeated and Joe Moakley brought it back from the dead, and we
got it out but it was stripped again.
Then Barbara Jordan came to the fore, the most amazing
woman, and she did the Jordan Immigration--Commission on
Immigration Reform. She recognized it was too susceptible, the
present system was too susceptible to discrimination against
foreign-looking or foreign-born or foreign-sounding workers; so
she commended a computerized registry using data provided by
Social Security and the INS and suggested pilot programs for
employers to use these data bases to be conducted in States
with the highest immigration rates.
Then along came the 1996 bill. I had little to do with that
because we did nothing to do anything to curb illegal
immigration--or legal immigration, rather, as Barbara Jordan
recommended, but we did get a pilot program in there to--where
you could access by computer modem. In 1997, it was used by
approximately 2,000 employers who were voluntarily using it.
While it's a helpful deterrent to certain instances of fraud,
it is not a good one. An unauthorized alien submits a card with
an invalid number or submits a card where the name does not
match a number, it does not prevent aliens who falsely assume
the identity of another person from using the other person's
valid Social Security number, and this is often referred to as
identity theft or true identity fraud and it is endemic in
America.
Talk to your credit card people. So I doubt that there is
any full support for a national ID card. I never suggested it
and I just have to pack that in one more time. And if that's
going to be the word, you're going to all fail. You will do
nothing. Get away from it. It's a phony baloney. What we're
talking about is--and when we were talking about it then--some
type of new document to establish work authorization or
identity. We were talking about perhaps a card that would not
be carried on your person, not be used for law enforcement,
have the maiden name of your mother on the back of it, and the
birth date. And then you know always would come the George
Orwellian aspects of that.
Here's what I suggest respectfully. A few positive
benefits, I think. I therefore would respectfully suggest that
you improve the safe--the State driver's licenses. That's the
principal identity document in our country. We must eliminate
the ability of people to falsely assume the identity of
another. Some of the September 11th terrorists facilitated
their actions through easy access to Virginia driver's
licenses. Now, the only way to prevent identity fraud is to
improve biometric data on the card. I agree with Newt
completely, such as a fingerprint. It is also--in California,
it is done with a retina scan in California for commercial
driver's licenses. You'll want to take a look at that.
Minimum nationwide issuance standards could be imposed by
the Congress or agreed upon by the States. I think it would be
minimally intrusive. Expanded access would be another one to
INS and Social Security data bases, extend the basic pilot
program, not just California, New York, Texas, Florida or
Illinois. Include other States; have access to that base. Of
course, that would require more funding for the Social Security
Administration and directing to improve the accuracy of the
data base. And here's the one that everybody misses, there are
about 2,000 agencies of the United States that issue a birth
certificate. They love it. They're little old ladies. They do
things, little old men, and they issue them and they love it.
They don't want anybody to mess with me giving--because I know
the mother and the father and when little twinkle toes was
born, I signed that.
The vulnerability of the birth certificate system allows
aliens to bypass all immigration systems altogether and
impersonate U.S. citizens. The Jordan Commission said if we
reduce the fraudulent access to the breeder documents, start
looking at the breeder documents, ladies and gentlemen of the
Congress, particularly birth certificates that can be used to
establish an identity of this country and the specific steps
recommended by her commission were, and I conclude, regulation
of requests for birth certificates through standardized
application forms, a system of interstate and intrastate
matching of birth and death.
We don't do that in America. We don't match birth and
death. How can you ever get a handle on it? Requiring a Federal
agency only accept certified copies of birth certificates and a
standard design and paper stock for all certified copies and
encouraging the States to computerize birth records
repositories. I think these recommendations are sensible,
practical, and should be enacted and it is time. Thank you very
much.
Mr. Horn [presiding]. Thank you, Senator. As usual you have
the common people's touch and you also know how to get through
the bureaucracy and everything else. I am glad to say to you
the commissioner yesterday told a number of us that he will
split up the agency so that you've got an enforcement operation
and you've got a service operation and a lot of us have wanted
that over the years. So a little progress is being made there.
[The prepared statement of Hon. Alan Simpson follows:]
[GRAPHIC] [TIFF OMITTED] 82171.010
[GRAPHIC] [TIFF OMITTED] 82171.011
[GRAPHIC] [TIFF OMITTED] 82171.012
[GRAPHIC] [TIFF OMITTED] 82171.013
[GRAPHIC] [TIFF OMITTED] 82171.014
Mr. Horn. We now go to Mr. McCollum, who during my years in
the House, no one was a better legislator than he was, and
we're glad to have you back here. Mr. McCollum.
Mr. McCollum. That's a high compliment, Mr. Chairman, and
I'm very glad to be back here too today with you, and
especially pleased to be with this distinguished panel, my
friends, Speaker Gingrich and Senator Simpson, with whom I've
served a number of years, and on a topic that really is very
timely and very important. I know like everybody here, that we
all were affected terribly by this tragedy on September 11th,
the attacks on us that I think most of us envisioned was
unimaginable.
Even many of us who served in the arenas that I did in
Congress knew that sooner or later we were going to have a
terrorist attack of some magnitude, we could not have expected
nor anticipated the horror that came with this particular one,
and now we're having a reaction to that. Having been chairman
of the Crime Subcommittee and, having chaired the Subcommittee
on Human Intelligence, founded the Terrorism Task Force, been--
18 of the 20 years served on the Immigration Subcommittee, many
of those years with Senator Simpson's work and mine, together
with the fellow up there you mentioned, Brooks and others. I
come to this with a perspective of absolute conviction about a
couple of things.
One of those is that there is no need for a national ID
card and I'm very much opposed to one, but I think it's
important to identify what a national ID card is. What do we
mean by that? Mr. Chairman, I mean by that, a uniform system, a
uniform card that every American would be required to carry to
produce to law enforcement employers, various government
agencies for identification purposes. Such a card would
contemplate a national data base, access by a computer for
verification purposes. It might contain a strip on the back
like your Visa card does. It has data and information already
built in it or accessible through a computer. A photograph, a
fingerprint, possibly even a national data base that every
American had a fingerprint in. I don't favor that. I don't
think that's right. I think that's an insult to our system of
government, the privacies and those that our great freedoms
that our founding fathers envisioned. It's a Big Brother-type
system.
But we do need to make some of the identifiers we already
have work, and that's what all of us are testifying about
today. I have not heard a word that either of my colleagues
said that I took umbrage with, but I do have a perspective on a
couple of these a little bit differently.
First of all, I believe that the Social Security card
desperately needs to be made more secure. There's been great
resistance to doing much with that card over the years but back
in 1996 or, excuse me, 1986 when the Simpson-Mazzoli, and then
more in the amendments of 1996 in the immigration world for
employer sanctions, and when you go to get a job, the two
principal identifiers became narrowed down to your driver's
license and your Social Security card.
So if you can produce them fraudulent or otherwise today,
they essentially get you a job and the Social Security card, as
well as the driver's license, is commonly used for a whole host
of other identification purposes today. Yet it is probably the
most fraudulently produced document in America. It is a
document that has been flimsy in paper for years.
In recent years, the Social Security Administration has put
a few fibers in it but by no means made it tamper resistant or
counterfeit-proof. And I encourage this committee and other
Members to really take a look at a proposal that I have in as a
legislative matter for a good number of Congresses.
One that was--is attached and submitted to this testimony
today, H.R. 191, and a bill in the last Congress, Mr. Chairman,
that you were an original cosponsor of. That is a proposal that
would require the Social Security Administration to make the
Social Security card as secure against counterfeiting as a $100
reserve notice with a rate of counterfeit detection comparable
to the $100 reserve notice and as secure against fraudulent use
as a U.S. passport. We're not talking about putting pictures on
the card, we're not talking about any of that, but it's all
those interwoven things that you can use, use ultraviolet
lights and so forth to determine.
I also would encourage the same type of activity that has
been discussed here today with regard to the driver's license.
I think that driver's licenses at least the general standards
for what they are should be uniform throughout the country, and
I don't think we have to mandate that. I don't think Congress
should preempt the States, but I think that there should be an
effort to encourage that from Congress and I think that it
should be done in a way that does have either a uniform
standard proposed or you get the States together to do that or
whatever. All driver's licenses should certainly have
photographs on them, they should have the signature on them.
They should have a fingerprint or another biometric identifier
on them, and they should have holograms and other types of
devices built into those driver's licenses just like I
suggested for the Social Security card so they cannot be easily
reproduced and so that when you take it somewhere to an
employer or to a person who's law enforcement, they can be
quickly checked. You know, we have a little machine that's been
around for a number of years on fingerprints. You put it on
this desk--I've had it come when I was chairman before my
committee. You probably have too, Mr. Chairman.
And it's not--doing nothing more than saying if you put
your finger on that machine and you put the card that you have
with your preexisting fingerprint on it, it matches it or it
denies it, and it doesn't have to go to some central data base
to do that. And at least that will tell me biometrically
whether the person I'm looking at is the same as what's on that
card. I also concur with the view that we need to do something
about birth certificates. One of the great, great problems in
this country are the breeder documents that Senator Simpson has
talked about and that's important.
Last, I want to comment on one aspect of the Immigration
Service because I do believe that the focus rightfully should
be there, as Congressman Castle stated in his opening. There is
a great, great opening right now in this country for people to
come here and not be identified. We need a tracking system. We
need to be--we need to find people so we don't have visa
overstays, and we need to shore up so many things. A number of
things have been mentioned, but one has not been. Today when
somebody goes before a formal proceeding of an immigration
tribunal or to the Immigration Service or whatever, they're
usually released on their own recognizance or maybe on a cash
bond. The Immigration Service has the authority to have a
security bond, much like a bail bond, but they don't do that,
and I believe that it would be extremely helpful to get people
to show up when they're supposed to before immigration
proceedings. If there was a general policy that a security bond
be used and then have the private sector, bail bondsman, if you
will, like they do in criminal law, be responsible for bringing
them in, making sure they do show up because people can come
not only to this country and get here too easily because of the
visa system and visa fraud if we don't track them, but then
when they do show up to a proceeding and they're supposed to
come back in 90 days or 6 months or whatever, we have no system
to bring them back in. We have no way of knowing where they are
and we don't have nearly enough police or immigration officers
that will ever be able to do that.
So why aren't we using the private sector the same way that
we do in criminal law? It's not being done today. So I would
encourage that this committee and your members look very
strenuously at not only making these identifiers more secure
and finding ways to track visa overstays and people who come in
here, but making sure that when they're here, that is, those
who are aliens, show up when they are supposed to at the end of
whatever period of time that there is.
Thank you, Mr. Chairman.
Mr. Horn. Thank you for your testimony.
[The prepared statement of Hon. Bill McCollum follows:]
[GRAPHIC] [TIFF OMITTED] 82171.015
[GRAPHIC] [TIFF OMITTED] 82171.016
[GRAPHIC] [TIFF OMITTED] 82171.017
[GRAPHIC] [TIFF OMITTED] 82171.018
[GRAPHIC] [TIFF OMITTED] 82171.019
[GRAPHIC] [TIFF OMITTED] 82171.020
[GRAPHIC] [TIFF OMITTED] 82171.021
[GRAPHIC] [TIFF OMITTED] 82171.022
[GRAPHIC] [TIFF OMITTED] 82171.023
[GRAPHIC] [TIFF OMITTED] 82171.024
[GRAPHIC] [TIFF OMITTED] 82171.025
[GRAPHIC] [TIFF OMITTED] 82171.026
[GRAPHIC] [TIFF OMITTED] 82171.027
[GRAPHIC] [TIFF OMITTED] 82171.028
[GRAPHIC] [TIFF OMITTED] 82171.029
Mr. Horn. And we'll now go to questioning. It's going to be
5 minutes per person because of the travel schedules, and we
will alternate between the majority and the minority, and I
will start it off. And if Mr. Chief Counsel will get the
technology here, we're in business.
In my opening statement, I cited a Pew Research Center
study that showed overwhelming support, 70 percent of those
polled for a national identity system, and are all of these
people just misguided? How do you feel? Do you think from what
you have seen of just the average citizen when you get into a
debate like this? And I would take it with this particular
three of you, would you have, say, a hardened, if you will,
Social Security or would you take the license which, in my case
with California, they have a photo and they have a thumbprint,
and not all of them do it, but that's pretty good
identification.
So any other types you're talking about than simply
hardening up the Social Security card and then putting a
picture on it or a thumbprint. I remember the supervisors of
Los Angeles County, which is a county of 10 million people and
they started with the photo on the welfare situation and a few
thousand people got off the rolls because they were going two,
three, four places to get money, and that was one way to do it.
Mr. McCollum. Well, Mr. Chairman if I might respond to
that, I don't believe that, for example, in the Social Security
card, you want to go to put a picture on it, I don't think you
need to. I think you can stay paper. Its purpose is to make
sure that the number that's on that card and the name on that
card are the bearers. When you take that card and produce it
for whatever purpose, that simple fact can be verified.
I also think, by the way, that it would present problems in
reissuance. The Social Security card, one of the great reasons
why that's been a problem in getting it corrected is the Social
Security Administration wanted to go to the cost of reissuing a
lot of cards. They don't have to reissue all of them. But I
think they do need to reissue those with those younger age
groups and that would be an added expense I don't think you'd
want to encounter. And again I don't think we need a national
ID card as such, a separate card, if you have a driver's
license and a Social Security card; one with a picture, one
without it are more secure, more tamper-resistant and
counterfeit-proof.
Mr. Horn. Mr. Simpson.
Mr. Simpson. It's interesting, Mr. Chairman, that polls
throughout the Select Commission back in the 1980's, 1985,
1990, if you'd asked the American people, Gallup, whatever, if
they favor restrictions on immigration, 70 percent do. It just
stays that way. Not illegal or--I mean, I'm talking about legal
and illegal immigration. Interesting. But when you come to the
Congress, it doesn't get done that way because the Statue of
Liberty suddenly enters the phrase and all of us are children
of immigrants. Mine are from Holland, orphans. If my granddad
hadn't killed a guy in the middle of the main street, we'd have
had a better reputation there in our State, but that's another
story and I won't go into it.
Nevertheless, you can't continue to talk about the Statue
of Liberty again. You must talk about reality and all three of
these--all three of us I think are, all of you are, but I think
the one that surprised me was when they put the examination
into California for the retina exam on truckers, guys just
stood outside the building because they didn't want to go
through any part of that because they'd been using fake ID's
and all the rest of it. It was a very serious problem, and I
think you ought to look into that California commercial
driver's license issue retinal exam.
Mr. Horn. Thank you.
Mr. Gingrich. I think that what you have to recognize is
that the people most opposed to a national ID card are
dramatically more passionate than the people who have some
vague general support for a national ID card. And that's why I
think Senator Simpson was right early on in saying that if we
go down that road, it's a dead end. It won't happen. On the
other hand, most Americans, I think, can be led to agree that
having an efficient transfer of information so you know that
your driver's license is real, that it's valid, so you can
check it across State boundaries, and for specific purposes.
Foreign visitors, I think most Americans would agree, you
could have a nationwide system of identifying--because that's
not part of what we think of as our civil liberties. People
that have very important security jobs, whether it's on
airports or elsewhere, people would agree you ought to have a
pretty high standard of security because they understand that's
a function of your job, it's not an infringement on civil
liberty, but I would encourage you to be minimalist in this.
You want to get to a highly secure system that is across the
whole country, that is ideally mostly decentralized in terms of
States implementing it, but with information able to flow
across State boundaries and you want to do everything you can
to minimize the threat to those whose primary concern is civil
liberties.
Mr. Horn. Thank you. My time is up.
Five minutes to Ms. Schakowsky, the ranking member.
Ms. Schakowsky. Thank you, Mr. Chairman.
Following up on that minimalist approach and using your
example, Speaker Gingrich, of what happened before September
11th, that the CIA actually transmitted information to the FBI
and it never got through, what I am wondering is are there not
systems in place were we to have the proper technology for
sharing that system--that information that could provide the
kind of security we need?
That is the question, but let me just say that in many,
many hearings that we have had since September 11th, what we
have found is that information was all over the place, and that
had it only been shared and gotten to the right place, that we
could have done this or that to prevent what happened. And so I
am just wondering if it isn't a matter of looking at our
systems, adding new technologies where we need to, but not new
authorities to gather that information; if it is just a matter
of making more efficient what we already have.
Mr. Gingrich. I think you are 90 percent right, but the 10
percent is missing, I think, could kill us, and let me describe
what I mean. First of all, whatever system we build, we ought
to have a competitive team try to break and find out how
rapidly can you buy a counterfeit. How rapidly can you figure
out a way to work around it, because we have active opponents
who study what we do and who could spend 2 or 3 years trying to
penetrate our systems. And if we are really serious about
security, then we ought to be serious about learning what its
weaknesses are.
Second, as Senator Simpson said a minute ago, we discover
that whether it is illegal aliens or it is people who are for
one reason or another using a false identity, that there are--
even in the current system, even if you had 100 percent
accuracy of sharing the information, some of the information
going into the system is false, and we don't have today the
kind of identifiers and the kind of structure to make sure that
the information you put in is accurate information. I think
that would be the other zone where I think there has to be
serious work done.
But I yield to my colleagues.
Mr. Simpson. Congresswoman Schakowsky, you are right on
track. One of the most frustrating things for me and I know for
Peter Rodino and Ron Mazzoli and all the rest of us was the
absolute stubbornness of the agencies to share information. The
one that appalled me was Customs and INS--oh, there is a real
internal--it was bizarre. It was childish. Customs--Customs can
pick up a lot of stuff. They know what is going on, and they'd
share it, and they'd say, we handle that. The Border Patrol and
the INS and the Justice Department and the CIA and FBI and
oftentimes their arrogance and the CIA's secret arrogance, I
mean, this is where you have to smash the big bug right here.
And I think that is what I hear the President saying that he's
going to give Ridge all the authority to do that, and he's
going to make him do it. Well, we have all been here a long
while. Merry Christmas. We will see what happens.
Mr. McCollum. I know that's a big problem. What Senator
Simpson just said, and we joked about it, it's so true. If Tom
Ridge can do it--I see the other day where he's talking about
maybe merging the Border Patrol, Customs and the Coast Guard. I
think that is going to be an awfully big hill to climb. And
you'd be better off using the energies you have got to do
things like forcing the Social Security Administration to
really go out and make the card tamper-resistant; make it like
the $100 bill; take the driver's license and make it more
secure; take the ideas that Newt Gingrich just said about
putting a data base together nationally to talk to each other
on these things technically and then cajole, continue to
cajole, the agencies to do this.
Ms. Schakowsky. Let me ask one quick other question. One of
the problems created by drivers' licenses becoming de facto
national identification systems is the privacy protection of
those records is very poor. We know that States often sell that
information to--along with the person's address, and it becomes
out there in the public. How can we make sure that any
particular system we use doesn't mean that information is sent
out? And should Congress stop the validation of Social Security
numbers until the States institute--a State instituted privacy
protection for drivers' license records, because they often
check those drivers' licenses against Social Security cards?
Mr. McCollum. Well, Ms. Schakowsky, I don't think we should
stop the validation system as it exists because we have a
security problem right now, and we need to let these things
happen as best we can. But I do believe that Congress should be
concerned and should encourage States to make the right
decisions to protect the privacy of the data that is in the
data base. That is the real point I made about not wanting a
national ID and trying to define it for you. The thing the
American public may say when they say, ``We are all for a
national identification card,'' is one thing, but when they
really get down to it, nobody that I know of favors a Big
Brother data base somewhere, whether it is in the State or the
Nation, where other people can get access to your personal
information. And there is a huge difference between providing a
chance, for example, for somebody who is an employer or law
enforcement to call up or do whatever we can on the computer to
a data base and say, if you walk in, that this is my name and
this is my Social Security card, and verify that they both
match electronically. There is a big difference between that
and somebody walking in and saying, ``OK, I have got a name,
now let me go find out what is the Social Security number, tell
me,'' or the other way around. ``I got a Social Security
number, you tell me the name that goes with it.''
We don't want that information shared publicly, and that's
the kind of thing that you need to discriminate, in my
judgment, against. But you are not going to mandate that in one
big piece of legislation. It is going to take a lot of work to
get understanding on the part of each person or group in the
States that are making those decisions to make them be aware of
what they're doing and be more secure to educate.
Mr. Simpson. May I add one thing? Newt Gingrich is a wizard
of the keyboard, and I am not adept in technical prowess of the
electronic age, but I do share with you, I believe totally,
there really is no such thing as privacy anymore because of the
information technology. They have got you in every data base in
this country, Social Security, driver's license, organ donor,
blood type, you name it, FBI reports. I used to read them. And
with what's happened with information technology in this
country, I think privacy is gone.
Mr. Horn. And now I yield 5 minutes to the gentleman from
Florida Mr. Miller and then Mrs. Maloney.
Mr. Miller. Let me followup on what Senator Simpson brought
up, and that's the issue of privacy. And I know Speaker
Gingrich and Mr. McCollum worked this issue when they served
here in financial privacy and medical privacy, and I know you
wrestled with trying to get legislation through. Would you
comment on that experience and what the experience has been
that you are aware of controlling that kind of privacy, because
we are all public figures, and you were public figures when you
served here in this institution, but that is really one of the
core concerns here is privacy. And when you wrestle with it,
and we pass legislation on financial, medical in particular, is
it working, and what can be done to assure privacy if we move
to some type of ID?
Mr. Gingrich. I think this is an extraordinarily important
issue in the way big computers is a much bigger danger than Big
Brother. It is so seductively convenient. You use a credit
card. It doesn't occur to you how much information you are
building on that credit card every week when you charge things,
what it tells somebody who is clever about your habits, your
interests, your taste, etc. Then you go and use telephones,
which have records, and then you go and pump gasoline. And then
you go and you get a driver's license--I mean, by the time you
are done with all this, if you were to accumulate all the
information that currently exists about you, you'd be stunned
at how much you are a public person in ways you did not intend.
And I think there are two very different layers of this. We
badly need to think through an integrated privacy policy in
terms of law. As I said earlier, I am a passionate believer in
electronic medical records, but I'm also a passionate believer
in a Federal law that would make inappropriate misuse of that
information a felony and have very stiff penalties. We have to
have the information, but we want to protect people from having
it exploited to hurt them.
Similarly, I think that it is important to recognize, and
as I stated in my own testimony earlier, I want to commend the
subcommittee again, you know, for your report issued last week
that the Federal Government agencies have security levels that
in many cases are so laughable that any really competent sixth-
grader could break into them. And even the ones that are
relatively secure, except for the top two or three, a
relatively competent junior-high-schooler could break into
them.
And I think it's really important to understand--and I met
recently with the National Association of State Chief
Information Officers, and we talked about the fact that we need
to set a whole new standard against hacking, against organized
crime, against terrorists, against foreign governments that
want to try and break in, and recognize that is going to take a
sharing of technical knowledge. It's just not writing laws, but
understanding how to write these security systems. And we have
to recognize how much of our code is now written outside the
United States. And I think we have to have a project between
the Department of Defense, the National Science Foundation and
the National Security Agency to really figure out a way to
literally scan all the code we now rely on, because we don't
know how many various back doors have been built in, because
you are talking about millions of lines of code that routinely
now enter the U.S. system from overseas.
Mr. Simpson. May I say, too, sir, and to the panel, who
knows more about the loss of privacy than all of us? You? Me?
All of us who are in public life have none--and maybe that's
all right. It's all right with me. I laid it out there, all the
peccadillos and all the goofy things I ever did. But there is
no privacy for a public figure. So I think it is very important
to realize that as we do these things, the media loses a lot of
sleep about us because when we get active, they go into
everything we've ever done: first grade, high school, college,
the whole works, and we get the whole load. When you come back
to them and say, aren't you intruding on our privacy? And they
say, well, you are public figures, and we are not. I say, more
guys know you on that tube than know us--all of us in Congress,
so don't give me that. I think we ought to know a little bit
about your private life.
It's a sick idea, I know. It's about the first amendment.
It belongs to me, too. We are the ones that suffered the slings
and arrows. And I am ready to do that at any time, in fact, in
anything, anything--and the woman I have been living with for
47 years is sitting back here--in anything they couldn't dig up
on Al Simpson, but let me tell you, they sure as hell tried.
Mr. McCollum. I would like to make a distinction, Mr.
Miller. You asked about privacy, and I think what is a person's
reasonable expectation, what are the Constitutional protections
for that, and there are some. And we live in a different age
when it comes to the computer, but we need to divide up what
people should reasonably expect in the way of privacy, with
respect to privacy and their government intrusion into that,
and what they can reasonably expect when they go out and take
certain steps on their own in the world of business and with
data that they freely yield to someone. Two different things.
The privacy that is protected in the Constitution clearly
is there when it comes to the government coming into your
house, not just from a criminal law standpoint, but an
unreasonable search and seizure or eavesdropping or whatever,
and we have all kinds of checks on that, and they should always
exist. When it comes to the computer, when you use the
computer, you need to be aware you are opening up whatever you
put in there for other people to look at. And we can talk about
trying to restrict that all we want, and it is very difficult
to do. On the other hand, when you give up data to a bank,
which is where we first met the privacy issue in the last
Congress and it created a lot of hullabaloo, I don't think
people were even thinking about the privacy question so much
there, but the reality is prior to the enactment of the big
bank bill last Congress, banks could share data they had with
anybody. There were no restrictions, and we put the first
restrictions--Congress did in the law. And those restrictions
said that since we allowed the merger of the operations of
banks and security companies and insurance companies, that if
you were in the same holding company, you know, the same group,
within that group, financial information that you as a citizen
gave to that bank could be shared. But if they wanted to go out
and give that information out to somebody that wasn't a party
to their company, to their holding company, they had to seek
your permission. And those are the kinds of things we need to
think about at each stage.
You give up your rights when you go and do a certain
business transaction, but you should be informed what you are
giving up. And before information that is given by you to a
business or third party is given away to somebody else, you
should have a right to say yes or no. But absolutely you should
have a reasonable expectation that the government won't intrude
your privacy. That is sort of the broad guidelines. It is a
huge subject, but that is the guideline.
Mr. Horn. Thank the gentleman, and now 5 minutes for the
gentlelady from New York Mrs. Maloney.
Mrs. Maloney. Thank you, Mr. Chairman.
Speaker Gingrich, you mentioned that you are not supportive
of a national ID card, but you support a more sufficient
transfer of information. Since all of the known terrorists were
visitors with visas here either legally or illegally, it
appears that a good place to start would be with a more
thorough tamper-proof green-card; would you agree?
Mr. Gingrich. I did say earlier that I drew a very sharp
distinction between the need for a national system for non-
citizens, which I think should be administered by the Federal
Government, run across the whole system; should have a clear
identifier that is biometric; and should have a data base that
can be accessed by a variety of agencies. And that should be a
condition of being here.
I also said, and I think you get real controversy about
this, but I think we are much better to go to some kind of
guest worker program and accept the legality of people who are
here for the purpose of working and get them identified. I
think when you have a pool of--I think the numbers are 3 to 5
to 7 million people who are illegally here, but are here to do
legal things--they are not here to be drug dealers or
terrorists, that pool of people who are outside the system
causes, I think, a real challenge for security purposes. So I
think it would be much healthier to have an identifiable guest
worker program and simply have a requirement that everybody who
is a non-citizen have some kind of an identifier and a
sophisticated greencard with a central data base. That should
be national. And my guess is overwhelmingly the American people
would support that.
I am also suggesting if you come here as a visitor as part
of the transit point, then we ought to have some biometric, an
iris or retina scan, so we can determine whether or not you are
a person who is a threat to the United States at a point of
entry, even for visitors who are here on business or here for
tourist purposes. And my guess is that most people on the
planet--people who come for business or vacation want to be
safe, and they want a safe system, and as long as it is not too
intrusive, I think they would be very accepting of that kind of
safety.
Mrs. Maloney. Building on that base of a non-citizen data
base that is national, who should maintain this data base?
Where would you put it in government? Would you put it in the
INS? Would you put it in the FBI? Would you put it in the new
Homeland Security?
Mr. Gingrich. I am going to yield to my two colleagues. I
haven't thought about it where in the Federal Government you
would house it. I would probably outsource a great deal of
management of it, because I think it is very, very hard for the
Federal Government to get first class----
Mrs. Maloney. It has to be maintained by the Federal
Government.
Mr. McCollum. It is the Immigration Service you are talking
about.
Mrs. Maloney. You say INS.
Mr. Simpson. It was my experience, Congresswoman Maloney, I
met some of the finest people in both parties who were
Commissioners of the INS. It is an absolutely unwieldy agency.
Doris Meissner did her best. There's nothing you can do with
them. The regional people are tough. The district people, they
are all--it has got to be done there. If you go ahead with the
legislation that is being proposed, then it would be the INS,
which would be logical, not Social Security.
Mrs. Maloney. This is only for non-citizens.
Mr. Simpson. Yes. And many non-citizens hold Social
Security cards.
Mrs. Maloney. I would also like to ask our panelists, who
do you believe should have access to that data base, assuming
it is in INS with oversight by----
Mr. Gingrich. For verification purposes, it is reasonable
to ask people to prove who they are when they apply for a job
if they are a non-citizen, and I think I would allow law
enforcement people to have access to the proof that they are
who they are. Beyond that basis, it would have to be carefully
screened--law enforcement, Federal law enforcement basis. But I
think if a highway patrolman pulls you over, and this is part
of your proof of who you are, it ought to be reasonable for
them to have at least the negative access that says, yes, this
is a real person.
Mrs. Maloney. The other panelists?
Mr. McCollum. I think what--Newt Gingrich is very clear,
but I want to amplify it, and that is the key to all of this in
identification and certainly in the area of these aliens who
are coming here is the proof that they are who are they are.
That verification, that is, that the whole idea if you have a
biometric and take your fingerprint and put it here, maybe that
goes back to some data base where you corroborate and say,
``Hey, that is Joe,'' but I don't think the general public
should have access to it. And I don't think that anybody but
law enforcement for very specific purposes, probably
Immigration Service and key law enforcement people, should have
access to the full information, presumably the data on that
alien about where they are born, how many times they have been
married, that sort of thing.
Mrs. Maloney. My time is up.
Mr. Horn. I thank the woman from New York, and now the only
librarian in the history of Congress, Major Owens, the
gentleman from New York, 5 minutes for questioning.
Mr. Owens. Thank you, Mr. Chairman.
What this distinguished panel seems to agree, that the
national identification card will not be a silver bullet. We
can put the debate to rest once and for all and focus instead
on another problem that I think most of them would agree we
have, and that is the problem of monumental mismanagement in
our agencies; you know, the kind of mismanagement which allows
us to have a worldwide electronic surveillance system where we
can pick up all kinds of information, but they didn't have
enough Arab translators in the FBI and CIA to deal with the
translation of vital information. I could not believe that when
I heard it, you know.
Right now we have a recent airplane crash in New York, and
it appears that turbulence of a jet that took off just before
is probably the cause of the accident that took place. If after
all these years of flying and jets we don't know about
turbulence and what it might do to an airplane, or, you know,
the mismanagement is such that decisionmaking within these
vital agencies like the CIA and FBI is off to the point where
Aldrich Ames could sit there for 10 years on the payroll of the
Soviet Union and Robert Hansen could be on the payroll of the
Soviet Union for 14 years, maybe your prestige and influence
could be put to work on a crusade to improve the management--
technology is excellent and way ahead of our capacity to use
it, including INS computers always breaking down, and there is
always a problem. If INS maybe had some of the budget of the
CIA--$30 billion plus and trying to maintain enough staff--
maybe we could--I will conclude and you can comment--maybe such
a crusade of people of your caliber would get to the heart of
the matter and all these other things would fall into place.
The companies that issue credit cards are very familiar
with ways, and you can develop a foolproof card. Even if
there's no foolproof card, there's a certain degree of fraud
they put up with, but they are pretty much on top of that. And
there are various ways of doing it, and some identification
cards, consolidation would be very convenient for most of us.
But the real problem, I think, is monumental mismanagement.
I think the history of the fall of the American cyber-
civilization might be written 1 day, and the cause will be
human error. That is what we ought to address.
Mr. McCollum. One of the greatest frustrations I had in the
last couple of years in Congress was the fact--is that over the
years I had been one of the those people who was beating up on
the CIA and others to get more language speakers of Farsi and
Pashto and all those languages that we're now seeing we don't
have. And we kept pouring money at it, and they kept reporting
to us, and they kept not getting the numbers and telling us
they just weren't available.
Mr. Owens. They had a lot of people who spoke Russian. A
lot of good librarians work for the CIA.
Mr. McCollum. But my point to you, and you know this
because you served with me in a number of these capacities, is
that you sit there, and you are only as good as the product or
the effort of the person who is right in charge at the moment
and the vision they have. And the vision in the case of some of
these things, including the language issue you are talking
about, had to be to go out and be creative and get that
language more quickly in place. The same thing is true about
the immigration stuff we're talking about here today. That is
why we all hope that some of the ideas being batted here today
will really be enacted and that Ziglar and others will go out
and do it, and we won't be talking about it.
Mr. Owens. We had a problem with Arab terrorism since the
Beirut bombing when President Reagan was President. There have
been Arabs--why after all these years don't they have
translators who can translate documents from Arabs?
Mr. Gingrich. Let me just say, in your 5 minutes, you put
your finger on the heart of the American challenge in the sense
that is what Senator Simpson said when he wished Tom Ridge luck
as part of his Christmas present. And it goes to the core of
whether we are a comfortable system or we're a serious system.
The difference is a comfortable system accepts any innovation
that doesn't require it to change. A serious system says,
``This is what has to happen.'' If you watch Jack Welch of
General Electric--probably the best modern CEO--he said for GE
to be successful it has to go and become X, and that means we
are going to change in the following ways, and he drove the
changes.
There are three problems: rivalry, bureaucratism and
acquiring new capabilities. Rivalry, the CIA doesn't want to
share with the FBI, and the FBI doesn't want to share with
anybody. I mean, it is an absurdity, and it should be a
national scandal that the watch list didn't get through to
Logan Airport after 42 days. The one that Senator Simpson
mentioned, the Border Patrol and the Customs agents standing
next to each other, have different computers. Now, that's just
a level of deliberate bureaucratic turf-guarding that shouldn't
be tolerable, and that should be shameful.
Second, bureaucratism. I had my staff pull this up the
other day. There are 51,000 Pashtuns in the United States. Now,
if the Central Intelligence Agency can't find Pashtun speakers,
they should assign someone to go to National Airport and wait
for the taxis to come in. The idea that you couldn't hire a
translator--you don't have to go through the process of vetting
somebody to be an FBI agent or vetting them to be a CIA agent
with secrets in order to have them as a translator. The notion
that you couldn't find an Arab translator in the FBI is that it
tells you how bureaucratic they were, how lacking in drive and
seriousness, and how unwilling to confront reality.
Third, I mentioned earlier before you got here--as a
librarian, you will appreciate that I am pushing books. I
mentioned Clayton Christenson's book on, the Innovator's
Dilemma, because he really makes the key point. Really big
breakthroughs tend to come in really small companies, just the
nature of how breakthroughs occur. Government is peculiarly
slow at finding those. Government procurement makes it almost
guaranteed not to acquire the newest technologies.
And so I think you put your finger on a profound challenge
for the American Government. I wish President Bush well and
Director Ridge well in trying to get this thing solved, but I
think you have absolutely described the core problem of us
becoming an effective country in the next decade.
Mr. Simpson. May I say a word to my friend Major Owens, who
I have enjoyed very much through the years? We have had some
nice sessions together and traveled together. You are
absolutely correct when you are talking about mismanagement,
and then you are talking about the thing that all of us never
do well when we are here, and it is called oversight hearings.
We have an oversight hearing. We bring in an agency. They
prepare for it. Oh, man, do they get ready for it. And then you
beat them up. And everybody just beats their brains out from up
on the panel. And they all say, don't worry, we recognize that.
We are going to correct it. In fact, we are so thrilled that
you see, too, this is a problem for us.
So after pounding their brains in all day, and after them
slip-sliding along like that old play, the Best Little
Whorehouse in Texas, where the guy just slid all over the
place, we don't do anything. I couldn't do anything. I had
oversight hearings with the INS, and they told me the most
magnificent things for 18 years, and nothing was ever done. It
was with violin music in the background and tympany and bells.
But it is oversight, and that is the tough one.
Mr. Horn. I am going to give you one more question. And in
his testimony--for the panel, too--Professor Turley will
propose that a commission be established to study the
feasibility of a national identification system. What do you
think of that proposal? You have been on these commissions.
Should they do it, whoever they are, Presidential and
leadership in both Chambers, or have legislators go up to the
trough and see what they can do?
Mr. Simpson. I think that a national commission--I speak
from experience. The Select Commission did two reports on legal
and illegal immigration, by the chairman, Ted Hesburgh, and
both of the commission reports were enacted into law--the
essence of the legislation. So I do think it's good. I do think
that it has to be--it has to be not called a national
identifier. It should be called how to make more secure the
systems of identification and work recognition in America, or
something like that. If you use national ID, it's over.
Mr. McCollum. I believe, as Senator Simpson does, that the
commissions do form the nucleus and sometimes the initial
impetus to get legislation enacted when you need to get a
consensus together. And I share his concern. The whole idea of
the national ID, as I described it in my statement to you, Mr.
Chairman, is a nonstarter, and we don't want to talk about it.
Not that we don't want to recognize that people could call
something that, but I don't want a national ID with a national
data base with Big Brother. But I do want to see improvements
that a commission could recommend and make things more secure
and an identification that really works in this country.
Mr. Gingrich. Let me be a doubter for just a second. I'm
not opposed to a commission, but I think we know an awful lot
of what needs to happen. And the Congress, I think, could move
expeditiously early next year on an awful lot of stuff
particularly as it relates to non-citizens. We really know how
much we have to improve that system, and I am not sure that we
need to have more people tell us. I suspect if you had your
staff go to the Library of Congress and pull up all the
commissions on this topic in the last 20 years and simply print
out the summary of recommendations, you'd be astonished how
much already exists and how many smart people have already
worked the issue. And I think it is important to move while the
public is paying attention and cares about this topic, and that
would be in the next session of Congress, not 3 years from now.
Mr. McCollum. And by the way, I'd echo that. I think he's
absolutely right about that point.
Mr. Horn. Well, I thank you all for coming. I know when the
three of you get together, it's going to be a lively session.
So we wish you well. Thank you.
We will go to the second panel now. Mr. Turley, Mr.
Goodman, Ms. Corrigan--would you all stand, please, to be
sworn.
[Witnesses sworn.]
Mr. Horn. Didn't see too many other assistants. So let us
start, then, with Mr. Turley, Shapiro professor of public
interest law at the George Washington Law School. Mr. Turley.
STATEMENTS OF JONATHAN TURLEY, SHAPIRO PROFESSOR OF PUBLIC
INTEREST LAW, THE GEORGE WASHINGTON UNIVERSITY LAW SCHOOL; ROY
M. GOODMAN, CHAIRMAN, INVESTIGATIONS COMMITTEE, NEW YORK STATE
SENATE; KATIE CORRIGAN, LEGISLATIVE COUNSEL ON PRIVACY,
AMERICAN CIVIL LIBERTIES UNION; RUDI VEESTRAETEN, COUNSELOR AND
CONSUL, EMBASSY OF BELGIUM; TIM HOECHST, SENIOR VICE PRESIDENT
OF TECHNOLOGY, ORACLE CORP.; AND BEN SHNEIDERMAN, PROFESSOR,
DEPARTMENT OF COMPUTER SCIENCE, UNIVERSITY OF MARYLAND, COLLEGE
PARK, FELLOW, ASSOCIATION FOR COMPUTING MACHINERY
Mr. Turley. Thank you very much, Mr. Chairman. First of
all, let me express my thanks for appearing again before this
subcommittee and also to appear before you, perhaps for my last
time, as chairman of this subcommittee. We owe you a great
debt, and your retirement is a real loss to this institution. I
want to be one that thanks you for it.
Mr. Horn. Remember you are under oath now.
Mr. Turley. Obviously this is a subject where generally
more heat than light is generated. And in a rare display of
academic modesty, I will say that I will not resolve the
questions surrounding this debate. I would, however, like to
offer a Constitutional historical foundation perhaps to move
the debate from what is often kinetic rhetoric to a more stable
basis for discussion.
It is certainly not enough to dismiss national
identification systems as opposed to a card as unprecedented.
The framers gave us a system that is--was certainly at the
time--unique because it is the most nimble and versatile system
in the world. As in nature, nations that fail to evolve are
least likely to survive. The world is not static, and so our
responses have to be as dynamic as the world around us. So this
is a hearing that is looking at a question that is very much a
question for our times.
Whether you consider the national identification system to
be a necessary security measure or Big Brother's little helper,
we need to reach some type of consensus, and so it is an honor
to offer my views on those lines. Now, today's debate is part
of a long unbroken debate that has raged about the relationship
between the government and the governed. We as Americans have a
virtual hereditary suspicion of government. As Oliver Wendell
Holmes said, ``The life of law has not been logic, it's been
experience.'' And our experience with the government and
systems of this kind has not been good. It has been long and
painful.
We have learned that government authority operates along
the same principles as a gas in a closed space. As you expand
that space, government authority will expand as well to the
full extent of the expansion. And from Biblical times, and I
have laid this out in my written testimony, through the Ottoman
Empire and Henry VIII, nations have tried to create national
registries not for oppressive reasons, but for necessary
reasons, but those systems have, as we know, been used for
great harm.
Now, we also need to get away from a habit of talking a
good game about national identification systems. We are very
proud as Americans that we don't have human license plates. But
the fact is we have a national identification system, it just
happens to not be a very good one. We have allowed the Social
Security number to mutate into a national identifier. That is
ironic since, as I mention in my testimony, the Congress was
quite clear that the Social Security number was not to be used
as a source of identification. This Congress has repeatedly
said that it should not be used and that it's opposed to a
national identification. And so the question is why in my
wallet do I have a driver's license, a smart university card,
an athletic card and credit cards that are all based on my SSN?
Why do I have two kids, one is 3 and one who is 1\1/2\, have
their own cards? They're already being tracked.
The human serialization that we fear is here in some
respects, but the reason it is here and the reason we failed in
our efforts to control the SSN is because the market had a
need. It created a vacuum that, in the absence of congressional
involvement, it filled that vacuum. The SSN was inevitable
because the market needed it.
I happen to have a great deal of problems with national
identification systems. I tend to fear government, quite
frankly. I tend to like the least of it as I possibly can have.
But we also have to be concerned that if we do not act, that
the market will act for us. We have to be concerned that if we
remain passive, there will be efforts to fill that vacuum, and
they are happening right now. At this moment, the heads of the
Department of Motor Vehicles have already moved toward what's
called a de facto national identification card. The airlines
are working on a fast track card of their own that will
effectively have a national footprint. Now, I don't know the
heads of the Department of Motor Vehicles, quite frankly. Maybe
I should. But I don't think they are the ones who should make
this decision. I think you are the ones who should make this
decision. And it is important for you, I believe, not to be
repelled by the idea, to the extent, of being absent.
I happen to believe, and I may disagree with our earlier
panel, that we may want to discourage the development of those
cards. We may want to try to exercise some degree of control as
to what is happening in the country in terms of
identifications, if nothing else, to avoid the creation of
redundant systems where we suddenly have a whole bunch of cards
that become barriers to travel.
In the review of identification cards around the world, you
have over 100 nations with different cards, but to use the term
``national identification system,'' let alone ``national
identification card,'' is virtually meaningless. These systems
are unbelievably diverse. Some of them are really better than
our SSN system. Others are incredibly detailed and are attached
to data banks and probably would make most Americans feel
uneasy. But using the reference to Nazi Germany and to the
abuses, I think, is a little bit overblown, but it is relevant.
It is overblown in the sense that we have a Nation that has its
own safeguards, Constitutional safeguards, cultural safeguards,
that makes those types of abuses historical, but not
contemporarily relevant. Many of our friends around the world
like Belgium, France and Germany are great democracies, and yet
they have these cards. So I think we need to look at this with
the appropriate amount of passion, but also with an open mind.
Now, the cards differ, of course, dramatically. Britain had
a national identification system that was discontinued in the
1950's when they had a negative ruling by the lower Chief
Justice. They are now considering a new card, and they range--
we can look at, for example, the Belgium identification card,
which is one of the most developed of systems. And in Belgium,
you are required to have a card at age 12, and then you are
required to carry it by age 15. It is not an internal passport
system in the most negative sense, but it is a potential
barrier in the sense that when you go to an airport in Belgium,
you do have to show the card. Obviously Belgium has not used
that card for oppressive means. They have a large data base
that the police have access to.
Germany also requires the carrying of a card, and it has a
great deal of information. It is incorporated into a data base
which is accessed from multiple sources, like Belgium it is a
stand-alone system. Other countries like, for example, for the
Dutch, they have the SoFi number, which is a more developed
system than our Social Security system. It is sort of a hybrid
between these various options. And you can go through country
to country to look at these options.
As we move toward a national identification system, if we
are going to move toward that, then we need to look at the
Constitutional and legal parameters for that system, because we
are all talking about so far a system more of authentication.
It seems we are mainly talking about here--and the Members have
already indicated they are interested in authenticating
people--is to make sure they are the people that they say they
are.
So we have to distinguish between what we are trying to
achieve. Are we trying to get a ready identification that is
reliable for the cop on the beat so he can take a look, and the
card has biometrics and other elements that make it hard to
tamper with? If that is the case, the card can be largely
contentless. It simply requires those biometric elements to be
reliable as authentication. If we are talking about, as has
been discussed in the past, a Smart Card attached to a data
base, we are talking about far more significant issues in terms
of Constitutional and legal questions.
One of the most important Constitutional questions that has
to be dealt with is the right of travel. The Supreme Court has
said that the right of travel is virtually unconditional in the
United States. And when we develop national identification
systems, we have to be concerned not just in drift, but that
those systems can create barriers to travel that will impinge
upon that right. And I go into that in my testimony.
We also have to be concerned about creating a national
identification system that will fall into the trap of the Brady
law. To some extent, any national identification system will
require the integration of State and Federal systems. To the
extent that we commandeer the State agencies, we are moving
into a separate area where Constitutional concerns would be
heightened.
And finally, privacy protections, which I talk about in my
testimony. What I would like to propose is that Congress
consider--one thing that I think is clear, and clarity in this
matter is truly valuable. It should not necessarily be clear
how we should proceed, but it should be clear how we should not
proceed. We need to look at the SSN experience and not repeat
it. That's not how we do national policy.
We allowed the SSN to be propelled into a national
identifier without any vote of this body. There were a couple
of laws in which Congress embraced the SSN. Franklin Delano
Roosevelt wanted to use the SSN, but for the most part this has
been done with little foresight and control. And as we see
these de facto identification cards in the making, it seems
that history is repeating itself. So that is the reason I
recommended the creation of a Federal commission, and God knows
this town does not require another commission. I have been on a
Federal advisory group. I was on it for 3 years, and at the end
I wanted to take a ball-peen-hammer to my head. They are
frustrating. There's too many of them, but, unfortunately, I
think this is an area that deserves a commission unlike the
ones we have seen in the past.
Newt Gingrich is right. We have had commissions in this
area, but none have been given the specific task of looking at
whether we are going to have a national identification system.
Whether or not we act or not, that is important. We need to
have a commission that looks at the question of whether there
is inevitability. Whether in this information age we are going
to have this Cosean problem where the market is going to
dictate those conditions unless you do something.
So we have to deal with reality, and if that reality is
that businesses and agencies need a national identifier, I
would rather have you involved in it than the hidden hand of a
market which may take us away from privacy.
The commission can look at some questions I've laid out in
my testimony. The first one is what the function, utility of a
national identification card is. I have already mentioned that,
but there are vast differences, and when you look at what
people have said about national identification systems, they
are as different as you can possibly be. Some of them talk
about massive data bases, and some of them talk about immediate
authentication. I don't know which one we need, but we need to
look at that before we do anything.
Second, we have to look at the utility of the system. Part
of the problem with a national identification card is that you
can have a sleeper agent from Al Qaeda or an espionage agent.
In the United States, one of the most effective ways to
penetrate a nation is to have a sleeper, and he or she comes
into the country. She has a wonderful life, is a wonderful
neighbor, goes to PTA meetings, and then about 9 years down the
road, Al Qaeda activates her. She's got a wallet for every
possible card from the PTA to a fasttrack card to a national
identification card.
Finally, we need also--second, we need to look at what
technology is to be used for the system. We have everything
from iris recognition to DNA fingerprinting to facial
recognition systems. We need to look at those technologies. If
we are going to embrace the technology, embrace one that is
going to be good 10 years from now, that is going to be
accurate and reliable.
We need to look at the system of hacking, because if this
is going to be a system like Belgium's where you need to get it
on a plane, then, frankly, it is dangerous to have the usual
Government error rate with data bank and data bases.
Finally, we need to look at what type of protections we
need to put in place. As you know, the Census Bureau
information is supposed to be private, but it was used to round
up Japanese Americans. We know information from States have
been sold to private companies.
And then finally, I have suggested that we consider the
need for a Constitutional amendment. I have never supported a
Constitutional amendment until this year, but there is a trend
that needs to be arrested, and that trend is the diminishment
of privacy. It's chilling to hear a person like Simpson, who I
have a huge amount of respect for, saying privacy is dead,
because if privacy is dead, we have allowed something that is
uniquely American to die with it.
So in conclusion, the test for the moment is to try to
protect our society without changing it in the way that we lose
the object of our defense. The Framers never said it would be
an easy road, they simply said it was the only road for a free
people. And so I suppose the charge of the Framers is this: How
to keep us safe from harm, but to pass along our system to the
next generation in the condition it was passed to us. I think
that is a subject that deserves some thought and
circumspection.
I thank you very much for your time today.
Mr. Horn. We thank you very much for your presentation.
[The prepared statement of Mr. Turley follows:]
[GRAPHIC] [TIFF OMITTED] 82171.030
[GRAPHIC] [TIFF OMITTED] 82171.031
[GRAPHIC] [TIFF OMITTED] 82171.032
[GRAPHIC] [TIFF OMITTED] 82171.033
[GRAPHIC] [TIFF OMITTED] 82171.034
[GRAPHIC] [TIFF OMITTED] 82171.035
[GRAPHIC] [TIFF OMITTED] 82171.036
[GRAPHIC] [TIFF OMITTED] 82171.037
[GRAPHIC] [TIFF OMITTED] 82171.038
[GRAPHIC] [TIFF OMITTED] 82171.039
[GRAPHIC] [TIFF OMITTED] 82171.040
[GRAPHIC] [TIFF OMITTED] 82171.041
[GRAPHIC] [TIFF OMITTED] 82171.042
[GRAPHIC] [TIFF OMITTED] 82171.043
[GRAPHIC] [TIFF OMITTED] 82171.044
[GRAPHIC] [TIFF OMITTED] 82171.045
[GRAPHIC] [TIFF OMITTED] 82171.046
[GRAPHIC] [TIFF OMITTED] 82171.047
[GRAPHIC] [TIFF OMITTED] 82171.048
[GRAPHIC] [TIFF OMITTED] 82171.049
[GRAPHIC] [TIFF OMITTED] 82171.050
[GRAPHIC] [TIFF OMITTED] 82171.051
[GRAPHIC] [TIFF OMITTED] 82171.052
[GRAPHIC] [TIFF OMITTED] 82171.053
[GRAPHIC] [TIFF OMITTED] 82171.054
[GRAPHIC] [TIFF OMITTED] 82171.055
[GRAPHIC] [TIFF OMITTED] 82171.056
[GRAPHIC] [TIFF OMITTED] 82171.057
[GRAPHIC] [TIFF OMITTED] 82171.058
[GRAPHIC] [TIFF OMITTED] 82171.059
[GRAPHIC] [TIFF OMITTED] 82171.060
[GRAPHIC] [TIFF OMITTED] 82171.061
[GRAPHIC] [TIFF OMITTED] 82171.062
[GRAPHIC] [TIFF OMITTED] 82171.063
[GRAPHIC] [TIFF OMITTED] 82171.064
[GRAPHIC] [TIFF OMITTED] 82171.065
[GRAPHIC] [TIFF OMITTED] 82171.066
Mr. Horn. I have had the opportunity last night to read all
of them. And we will first get all the presentations in, and
the Members will have a question and answer with you and
dialog.
Now, my next witness here, we deeply are euphoric, Roy M.
Goodman, State senator from New York. You joined us on such
short notice. We thank you very much. You flew down here from
New York this morning after our invitation yesterday afternoon.
So you get things done very fast.
And I look at this background. Any legislator that has
1,200 of his bills become law, that is impressive. So we are
lucky around here if we can get five to be presented. And we
thank you, because you are also in the same business we are, as
chairman of the Senate committee on investigations, taxation
and government operations. And looks like you have had a lot of
fun. So, thanks for coming.
Mr. Goodman. Mr. Chairman, thank you very much indeed for
that warm welcome. I am grateful to you and the members of the
committee for an opportunity to appear before you today, albeit
on relatively short notice.
I would like to make at the outset a comment of warm salute
to my former colleague in the State Senate in New York, Major
Owens, one of our more esteemed Members who has risen to the
heights of the U.S. Congress. Major, I can see just from the
height of the ceiling in this room that we have pygmy
proportions compared to the stature which all of you possess.
And I am very proud to know you.
And also Mrs. Maloney, who happens to be my own
Congresswoman, and I very much hope that she will be around in
a few moments so I can salute her personally. A much esteemed
and good friend, although on the other side of the aisle I must
confess.
May I say, Mr. Chairman, that once upon a time on the
matter of personal identity, there was a gentleman who entered
his men's club, an elderly chap with mutton-chop whiskers,
typical of an old Peter Arnaud personality, and he sunk into a
deep chair and rang a little bell next to it on the table by
which he hoped to summon the club steward so he could order his
usual martini. Nothing happened. And he rang the bell again.
And finally after ringing it four times, he was outraged, and
someone came by and he said, ``Great God, man, do you know who
I am?'' And he spoke to one of the employees in the club. And
the chap looked at him and said, ``No, sir, I don't, but if
you'll go down, I'm sure the gentleman at the front desk will
be able to tell you.'' So this was an indication of an identity
crisis that occurred under slightly different circumstances.
May I say, sir, that on a much more serious note,
unfortunately, I appear before you at a moment when the Nation
is plunged into a war which it did not seek and which was
visited upon us in a most astonishing fashion on September
11th. The trauma of that is simply indescribable. I might just
tell you that on my first trip down to Ground Zero, I had a
chat with the fire commissioner, who was describing some of his
experiences on that particular day. Let me say, that he said a
chap came up to one of his fireman and said, ``I have a helmet
here, sir.'' And he said, ``Why are you bothering me with that?
We're trying to save lives.'' He said, ``The reason I'm
bothering you with that is there is a human head in the
helmet.'' Alas, the gentleman had been decapitated. And this is
one of the horrific, horrendous things that occurred on that
day.
And needless to say this is something which has embedded
itself in all of our minds most profoundly and with a sense of
deep grief and outrage that we appear before you to discuss the
problems relating to the identity card matter. And I have to
tell you my whole view of it is heavily tainted by the fact
that we are at war. I spent 3 years in the Navy during the
Korean War and wore about my neck at that time an ID tag with a
thumbprint engraved upon it, so that the idea of having a
fingerprint identification is certainly nothing new. My
officer's identification card had a full set of prints on it.
Military service is fully familiar with it.
I thought it would be useful just to take a moment to
review with you the contents of my own wallet in regard to
cards. I confess I haven't thought to do this until I sat down
here this afternoon, but I notice that I have a few of them.
And just to give you some idea to the extent to which privacy
is invaded, let me give you a quick inventory of my cards. I
will make it very brief.
On top is a picture card identifying me as a New York State
Senator; driver's license, which also has a picture of me upon
it; my Citibank Visa card, which has a picture on it; my MTA,
that is to say Metropolitan Transit Authority subway card,
which has my picture on it; a Sam's Club card, Sam's Club being
a retail establishment where I have credit, which has my
picture on it. And we go through a series of others, American
Express, New York Society of Securities Analysts, my Medicare
card, my New York Public Library card, my Wyoming Public
Library card where I go in the summertime, my Barnes and Noble
credit card, my New York government employee benefit card, my
Automobile Club of America card, my Metropolitan Museum
identification card, my Whitney Museum card and my Museum of
Modern Art card. Those are just a few of the things I carry
with me to be sure that I am at all times able to identify
myself as I go about my daily routine.
I think this gives you a little idea of the extent of the
lack of privacy which we have. Even with the best of
intentions, we are certainly photographed widely, and our data
is on file in many different places. I am sure anyone in the
room could produce a wallet with somewhat similar credentials
and make the point that we are today certainly an
identification card society on a very broad level.
And may I say to you, sir, it had been my opportunity as
chairman of the investigations committee in 1993 when the World
Trade Center was bombed--you may recall that we had a dreadful
incident in which there was a gigantic explosion--I went into
that hole and found a tremendous crater five stories deep and
three stories high and at that time felt it important to
examine the matter of how we have achieved security in regard
to the terrorist possibilities of future attack. And we
prepared a report on that date stating that there were many
vulnerabilities and thought it advisable to create a
commission, which commission would have as its principal
objective the eternal vigilance to try to prevent the
recurrence of this type of terrorist attack.
In so doing, I'm sorry to say that peoples' eyes quickly
glazed over. And in our world as human beings, we fairly soon
forgot that episode, and not until September 11th when we had
this far graver problem arise with such unpredicted suddenness
do we find ourselves in the position of having to once again
reconsider this.
And I did pull together a group of five former police
commissioners, group from the FBI and Port Authority, police
and a number of others to participate in an examination of
potential terrorist targets and possible means of defending
against them. That committee happened to have issued a report
yesterday, which, if I haven't sent in advance to you, I won't
attempt to touch on all aspects because it goes far beyond the
subject of today's meeting. But let me say there are at least
50 different ways in which we should be tightening up the
security in the State of New York to prevent future
occurrences, that cover such things as commercial airline
safety, private airline safety, which is a thing that has
loopholes the size of the Lincoln tunnel. Anyone can go to a
private airport, get on a plane, any size, and load it with any
cargo without any inspection whatsoever, proceed to fly over
the United Nations building and fly into it, and destroy it in
a matter of seconds in much the same fashion that the World
Trade Center was destroyed. And the same would apply to the
Empire State and others of our magnificent buildings in New
York.
This indicates the extent to which in this wartime
environment we have not really risen to the concept that we
must gird our loins and prepare ourselves with emphatic
dedication. I think, as Herbert Spencer said, ``It is only by
iteration and reiteration that we impress an alien conception
upon an unreceptive mind, and it is only by iteration and
reiteration that we must remind ourselves we are at war, and
war is a very grim business in which we have to suspend values
which we normally might wish to feel a repugnancy to us in
other contexts.''
I see my signal is to stop.
Mr. Horn. Don't worry. Just keep going.
Mr. Goodman. I will try to keep it as succinct as I can.
Let me simply say to you that with regard to the matters of
other emergency issues, we have looked at hospitals, we looked
at the transit system and various matters relating to nuclear/
electric/gas supplies for the city of New York. There is a
possibility that our power could be shut-off very simply by
going to the point of convergence of electric lines.
We want to emphasize the problems of biological and
chemical warfare about which much has been, unfortunately,
discussed in Washington in the wake of the anthrax scare and on
and on.
And let me say that I speak at the moment on behalf of my
colleagues who are former police commissioners, as I said,
including the new police commissioner designated by our new
mayor. His name is Raymond Kelly, and he is an expert in the
law, and indeed, I think, is a man of balanced judgment. It was
the unanimous judgment of this group that there should be
instituted a national identification card system. An open
question is whether it should be voluntary or involuntary, and
I am not prepared to give you any conclusion, and my own
concerns at the moment are very great. As a civil libertarian
of longstanding, I am very much concerned about the possibility
that such a system could be misused.
But let me just say that, we now have, as Mr. Ellison has
pointed out, the means by which to create cards which can carry
a tremendous amount of information and certainly establish
beyond any reasonable doubt the identity of the individual
holding the card. As you may be aware, in Israel, people
seeking entrance to an airplane do not have to stand in long
lines. They go to a kiosk and insert their card, insert the
palm of their hand and stand in front of a camera, which does
three things, I am told. One is to check whether the palm print
coincides with the print on the electronic chip embedded on the
card; to determine whether the facial characteristics are such
to be that is the individual involved; and finally, to
determine whether the retina of the eye, which is unique in
every human being, can positively identify the individual. This
tripartite identification concept is one which is now
technologically feasible and is in effect in various countries
around the world and has been used quite successfully, so that
the question is not whether it can be done, nor is it
necessarily the cost of doing it, because one could envision a
system in which there are payments made as a service as we pay
for easy pass cards in our cars going through the toll
facilities in New York. So that I am simply here to say to you
that the problem becomes one of the extent to which this could
impinge on privacy.
And I remind us all that the Supreme Court has stated
unequivocally that there is clear protection in the law for
privacy, but not for anonymity, and there's nothing about any
Supreme Court dicta which I'm aware, and this point is fully
emphasized by the distinguished civil libertarian lawyer Alan
Dershowitz, who in a paper made it clear that in his judgment
the time would come for the use of these cards. And I say to
you, sir, it is my belief that in order to accomplish several
objectives, the cards may serve a useful purpose, and I would
like to quickly outline the objectives, and that will conclude
my testimony.
The principal purpose of the card would be to positively
identify an individual to be certain that his identity has not
been stolen. As you may know, identity theft is a matter that's
now quite pervasive in our society. People's identities have
been stolen, their bank cards have been lifted, they've been
charged with purchases which they never made, telephone calls
which they never placed and the like, so that there is a
serious problem of finding a stable means of positive
identification, which, as I've indicated, now exists. So that
the question then becomes one of whether we are in a position
to use the cards constructively.
I would say to you that for the privilege of not having to
wait 2 to 3 hours on an airline counter line, that might be
worth a $25 payment for a lifetime, or 2 or 3-year subscription
to a card. Similarly, I think it's quite clear that this would
eliminate the need for profiling, an obnoxious thing based upon
ethnicity, or the various other characteristics which have been
used by police improperly to identify presumed suspects.
By having a positive ID card, a man could walk in wearing
all sorts of outlandish clothing, with a beard 3 feet long, and
side burns and all the things which might normally be
associated with someone who's an undesirable by virtue of easy
thinking; and by simply presenting the card, he would exempt
himself from the need of any special profiling-type
examination.
It strikes me that at this moment, because of the unique
facial hirsuteness of the people with whom we are at war, that
there is a problem; and as you recall, a Hindu was mistakenly
taken for a Muslim and slaughtered early on, right after
September 11th, which is the kind of tragedy we certainly wish
to avert. An ID card would preclude that type of problem
altogether, it's my judgment.
Furthermore, there are various conveniences, if one wished,
and wished to volunteer to have certain health aspects of one's
existence on the card. If you dropped to the ground with a
cardiac arrest and the card were in your possession, it could
be put into a reader and quickly determine your condition of
health and whether certain drugs that could or could not be
administered to you; whether a defibrillator would be an
appropriate thing to use in view of your heart rhythm pounding
and the like, and this could be a very beneficial health aspect
of the card system.
So the point that I'm making is it's not simply an
intrusion of privacy that's involved. There are various
collateral benefits which should be weighed in a total
consideration of whether these cards make sense.
Mr. Chairman, let me just sum up by saying that it's a
complex question, and because of my civil libertarian concerns
I have thought long and hard about this. I do believe at this
time that we have the sufficient sophistication and awareness
of the types of problems that exist to formulate a decent
judgment in the matter, and I would respectfully suggest to
this committee to take a close look at least a volunteer use of
such cards. I think at this time, in view of our war emergency,
they've become very relevant in attempting to determine who is
improperly in the United States at any given moment, tracking
people who may be undesirable or have patterns of sabotage or--
or other behavior which needs to be properly overseen and
tracked, and that without such cards it becomes exponentially
much more difficult to accomplish this purpose.
So with those thoughts in mind, I shall now subside with
all due respect, and thank you very much for a chance to be
heard.
[The prepared statement of Mr. Goodman follows:]
[GRAPHIC] [TIFF OMITTED] 82171.067
[GRAPHIC] [TIFF OMITTED] 82171.068
[GRAPHIC] [TIFF OMITTED] 82171.069
[GRAPHIC] [TIFF OMITTED] 82171.070
[GRAPHIC] [TIFF OMITTED] 82171.071
Mr. Horn. I think you mentioned earlier that you had some
recommendations out of your committee and once you're done with
it, if you could, we will have a spot in this to get the whole
document.
Mr. Goodman. I will be glad to do that, sir.
Mr. Horn. Thank you very much.
Mrs. Maloney. Can I have a personal privilege? I would----
Mr. Horn. He says he likes you now.
Mrs. Maloney. Well, I would like to welcome----
Mr. Goodman. While you were out of the room, Congresswoman,
I took the liberty of saluting you most warmly.
Mrs. Maloney [continuing]. Over the years, and we welcome
your testimony. You've always tackled the hard problems and
come up with good answers, and we appreciate your distinguished
input into this committee. Thank you for coming and it's good
to see you.
Mr. Goodman. Thank you very much. It's very good to see
you, too.
Mr. Horn. We now go to Katie Corrigan, who is the
legislative counsel on the privacy issues for the Washington
National Office of the American Civil Liberties Union, and she
has quite a background in terms of health, education, labor,
pensions matters, and we're glad to have you here.
Ms. Corrigan. Thank you. Thank you, Mr. Chairman, and thank
you members of the subcommittee. I appreciate the opportunity
to testify before you on National ID proposals on behalf of the
American Civil Liberties Union.
The ACLU is a nationwide nonpartisan organization with
nearly 300,000 members dedicated to protecting the individual
liberties and freedoms guaranteed in the Constitution and the
laws of the United States.
Like all Americans, the ACLU supports efforts to ensure our
security from terrorist threat but we remain convinced that we
need not sacrifice our liberties to protect our safety. We
believe a national ID system in any form should be rejected.
First, ACLU believes that the threshold question is whether
or not a security measure would be effective at protecting us
from terrorist threat. Since the terrible events of September
11th, there have been numerous proposals to create a national
ID system. The rationale is that we need to create a clear line
between us--the innocent people--and them--the dangerous
terrorists. Every one of us would like an ID card that would
put us squarely on the right side of the line and exempt us
from suspicion and heightened security when we board a plane or
go to work.
Unfortunately, none of the proposed ID systems would
effectively sort out the good from the bad. An identity card is
only as good as the information that establishes an
individual's identity in the first place. It makes no sense to
build a national ID system on a faulty foundation, particularly
when possession of the ID card would give us a free pass to
board a plane or avoid security checks at Federal buildings or
other public places.
No form of documentation is completely foolproof. The same
people who are forging ID's today will forge them tomorrow.
There are always ways to beat the system. Presumably an
individual would obtain an identity card, using a document such
as birth certificates or a driver's license. Anyone, including
terrorists, could alter or obtain such documents.
The Inspector General of Social Security testified last
week that six of the hijackers obtained Social Security numbers
through fraudulent means, and, as U.S. citizens, domestic
terrorists like Timothy McVeigh would certainly qualify for an
ID.
Second, not only would a national ID create a false sense
of security but it would be very, very expensive and divert
resources from perhaps more effective counterterrorism
measures. In 1998, the GAO reported that the Social Security
Administration estimates no matter what material a card is made
from or what type of technology, including biometrics, is used
for security, issuing an enhanced card to all number holders
using current procedures would cost a minimum of about $4
billion or more. And even with the offer from Oracle and Larry
Ellison for free software, the processing costs alone of
issuing new ID's to Americans are estimated to be 90 percent of
that billion dollar expense.
Third, in addition to huge costs, a National ID would
require a massive identification bureaucracy to support it.
Thousands of government employees would be required to develop,
implement, maintain, the supporting computer infrastructure and
technology standards for the ID cards. The SSA's $4 billion
estimate didn't even consider the cost of updating the picture
or other identifiers on the card over a person's lifetime, or
periodically replacing the magnetic strip on the back, or the
simple cost of having to replace lost or stolen ID's.
When setting up any new bureaucracies, simple questions
need answers. What would happen if an ID card is stolen? What
proof of identity would be used to decide who gets a card? What
would happen if you lose your ID? Anyone who has had to correct
an inaccurate credit history will understand how hard it could
be to correct an error that has found its way into a government
data base. Error rates and government data bases already tend
to be especially high, and we heard that from members of our
first panel. Then what happens if you are misidentified or one
of the thousands of victims of identity theft? Even with a
biometric identifier on each and every ID, experts say there's
no guarantee that individuals will be identified or
misidentified in error. A technology expert at the University
of Pennsylvania recently said biometrics are fallible.
Fourth, an ID system violates basic American values
including, our privacy, our quality, and our right simply to be
left alone. Day-to-day individuals could be asked for ID when
they are walking down the street, applying for a job or health
insurance or entering a building. This type of intrusiveness
would be joined with the full power of modern computer and data
base technologies. How long before office buildings, doctors'
offices, gas stations, highway tolls, subways, and buses
incorporate the ID card into their security or payment systems?
The result could be a Nation where citizens' movements inside
our own country are monitored through what would equivalently
be internal passports. The data base supporting such an ID
system would be massive and contain all sorts of highly
personal information. Thousands and thousands of government
employees and even private industries could have access to it.
The scope of information accessible through a centralized
data base as opposed to the many different data bases that are
attached to the cards that Senator Goodman pointed to would
magnify the risks of privacy violations. One mistake by a
government employee could result in disclosure of personal
information that could follow you around the rest of your life.
This past month, a State university accidentally posted the
psychological records of 62 children on the Internet, names,
addresses, along with intimate details such as ``a boy prone to
anger outbursts, gender identity issues and bed wetting.''
Disclosures could come back to haunt children later in life
when they're trying to find a job or get a security clearance.
With an ID system, one accidental keyboard stroke could put a
person's most sensitive information into public distribution.
And finally, Mr. Chairman, some people have argued that ID
cards would end racial profiling and other discriminatory
practices. Unfortunately, we believe that cards would provide
new opportunities for discrimination and harassment of people
who are perceived as looking or sounding foreign.
The 1986 requirement that employers verify the identity of
potential employees and their eligibility to work in the United
States has resulted in widespread discrimination against
foreign-looking American workers, especially Asians and
Hispanics. A national ID card would have the same effect on a
broader scale. Latinos, Asians, African Americans, and other
minorities would become subject to more and more status and
identity checks. This would have a stigmatizing and humiliating
effect and undermine our right to equal treatment. The national
ID system in any form could be expensive, require a cumbersome
bureaucracy, and violate some of our fundamental American
values, and it simply wouldn't work to stop terrorism.
The ACLU urges the Congress to reject proposals for a
national ID system. And I would be happy to answer any
questions at the appropriate time. Thank you.
Mr. Horn. Delighted to have your presentation.
[The prepared statement of Ms. Corrigan follows:]
[GRAPHIC] [TIFF OMITTED] 82171.072
[GRAPHIC] [TIFF OMITTED] 82171.073
[GRAPHIC] [TIFF OMITTED] 82171.074
[GRAPHIC] [TIFF OMITTED] 82171.075
[GRAPHIC] [TIFF OMITTED] 82171.076
[GRAPHIC] [TIFF OMITTED] 82171.077
[GRAPHIC] [TIFF OMITTED] 82171.078
[GRAPHIC] [TIFF OMITTED] 82171.079
[GRAPHIC] [TIFF OMITTED] 82171.080
[GRAPHIC] [TIFF OMITTED] 82171.081
[GRAPHIC] [TIFF OMITTED] 82171.082
Mr. Horn. And we now move to Rudi Veestraeten, the
Counselor and Consul at the Embassy of Belgium, and he's been
in their Foreign Affairs Ministry in their home city, and he's
had quite a career for his own country, and we're thanking you
for telling us how that works.
Mr. Veestraeten. Thank you, Mr. Chairman. Thank you,
members of the subcommittee. It's an honor to be invited here
today. I'll try to give some comments. A document which was
distributed contains the basics about the system in Belgium.
First of all, Belgium is--for those who doubt, is a
democracy. It's a democratic country. We have a longstanding
record of democracy and, specifically, we have a very
longstanding record of registering people and issuing ID cards.
We actually started issuing ID cards in 1919. We started
registering people locally in towns and in cities in 1856. That
is an existing system in Belgium.
I think when we talk about ID cards, when we talk about
registration, there are--and we talk about the events of
September 11th and other threats in the society today, there
are in fact three elements which are often mixed: First, there
is the ID card as such. The ID card is just a document which
allows somebody to identify who he is; 100 years ago, 50 years
ago, people might still just know you or know who you are. Even
today people in my village in Belgium, they know who I am. My
neighbors here in McLean know who I am. But when I drive around
in a car, people do not know anymore. The card is just a means
to prove who you are, that you are who you say you are. That is
the card.
And then the second element in this discussion, the data
base issue. We also have a quite sophisticated system in
Belgium with a centralized data base which contains a limited
amount of information you can find out in the documentation.
The data base is a very powerful tool to quickly find more. If
somebody shows up and has an identity card, you can then as a
police officer, as a public servant, depending on what your
duties are, you can find out about that person, what his
background is. This data is not contained in the cards, not
written on the cards, but there is a whole data base behind the
card, a system where more information is available if needed,
to those who need it.
And then there is the whole issue of security, and I'm not
going to talk about that.
Of course, the fact of having a card, having a passport,
having a travel document, having a driver's license, does not
allow any police officers to determine whether a person is a
terrorist or a genuine person. That's not the purpose of the
cards, let's not mistake this. The purpose of the card is only
to identify that this person does have this first name and that
last name, and is probably registered at a particular address.
That's a very important distinction to make, I think.
If we discuss abuse of the cards, I mean the threats of
having a card in a country like Belgium, the threat of having
this system where everybody needs to carry the cards, well, in
fact, you can say the same--this dates back from the German
occupation. We were occupied by the Germans twice, in 1418 and
in 1940-1945. We have been fighting the German system, the
Nazism, the fascists in 1940-1945, and we are proud to have
done that. I think we have a longstanding record of fighting
authoritarian mechanisms, authoritarian regimes, and we are
very proud of that.
Now, the Germans, when they have occupied Belgium, they
used police, they used military police, they used an army to
occupy our country and to take away all our civil liberties.
Now, this does not mean that we have decided after we are freed
from the German occupation to abolish police, to do away with
an army, to do away with military police. That's not to the
point. What we should try to do is to keep steady democratic
control over what police do in our country, keep steady
democratic control about what the army is doing, what the army
can do, what powers the army can be given. And that is the
sense of the--it's not about having a police which can, of
course, abuse its force; it's about control of the police.
The same goes, in our view in Belgium, for the cards. It's
not about the cards. It's about how you use the cards, what you
allow people to do with the cards, what you control and so on.
That is the essence of the debate in our country where it was
taken.
Now, if we want to see what the card means in our system
today, what do we use it for, I think the best way to--and for
the 2 minutes I have left, to explain--that is, to see, to
imagine from my viewpoint, for me to imagine my country without
the identity cards, what would be the difference if you would
take away the identity cards in Belgium. I think, first of all,
we would do what is the case in many other countries. We would
probably see other documents being used instead of an identity
card. This might be drivers' licenses, this might be Social
Security cards. We have those cards in Belgium as well. The
problem there--and that is why we have introduced the card in
the first place.
The problem is that those other cards contain data which
are not meant to be communicated to other people. I mean, on a
driver's license, there can be data which are not meant to be
communicated to a bank employee. It can be medical data, like
vision. It can be--it can appear to be not very important, but
the vision is mentioned on the driver's license.
The same goes for the handicapped, in some cases. I mean,
drivers' licenses are meant for other purposes other than
identification, and therefore contain other information which
are not meant for public distribution and not meant for the
bank employee.
The same goes for security. The other cards, Social
Security card here and in Belgium, those cards are not meant
for identification purposes and so do not contain the proper
security features which would be required for an identity card,
which is a different issue. A passport is an identity, a travel
document, so it's more similar to the identity cards.
And then there is also the fact that some people might not
have a particular type of card. They might not have a driver's
license. I have colleagues, diplomats, who do not drive their
own cars. They do not have a driver's license. So what do you
do with those people if you would--in Belgium, if you would
generalize the driver's license to be used instead of an
identity? You would then have to find a system where you would
issue driver's license with no rights to drive a car, for
identification purposes, which is not really what it's about.
So that is one thing.
We have a feeling in Belgium that the inappropriate use of
other identifiers affects the highly sensitive civil liberties
issue, because you'd be abusing other cards and information
contained in those cards in other systems; abuse of this
information for just mere qualification and identification.
What would also disappear if you would take away this
card--and this is probably typical for Belgium and not for a
country like the United States--is that it's very convenient
for people. We can travel in Europe with the ID. We do not need
passports to travel in Europe to countries like Turkey or other
neighboring countries. We have agreements there. So if we would
abolish the card in Belgium, many more people would need
passports, and this would increase the costs, as well, for
those people as for the administration to issue all these extra
passports.
In the case of police checks, if something happens and
people are stopped in the street, in the car or whatever, the
fact that we have the identity cards and a very efficient data
base does save a lot of time. People can be released after only
2 minutes, just checking if this person is really who he is. So
it's also a method there, in our view of civil liberty, that we
can release people immediately if there is no need to keep
them. We do not need to take them to the office, to the police
office.
Another very convenient use of the card is the case of
unfortunate accidents. When there is an accident with a person
on a bicycle and he carries his card, it's very easy to
identify him, to warn his family members. So it's also in the
advantage of the citizens of Belgium that the card exists.
And then alternatively, we also quite generally use
identity cards to fight credit card fraud in Belgium. In many
shops when you would want to pay with a credit card, you would
want to need to show your identity card and--the way you would
show your driver's license. Thank you.
Mr. Horn. Thank you very much.
[The prepared statement of Mr. Veestraeten follows:]
[GRAPHIC] [TIFF OMITTED] 82171.083
[GRAPHIC] [TIFF OMITTED] 82171.084
[GRAPHIC] [TIFF OMITTED] 82171.085
[GRAPHIC] [TIFF OMITTED] 82171.086
[GRAPHIC] [TIFF OMITTED] 82171.087
[GRAPHIC] [TIFF OMITTED] 82171.088
[GRAPHIC] [TIFF OMITTED] 82171.089
Mr. Horn. We're going to recess now because we have to get
through the testimony, and I want to give them full rein, Mr.
Hoechst, Mr. Shneiderman. So we're in recess until 12:45; in
other words, quarter of 1. We have a motion on the floor to
recommit with instructions and a passage situation. So we're in
recess until 12:45.
[Recess.]
Mr. Horn. The subcommittee will be in order and the recess
is adjourned, and we will start with Mr. Veestraeten, who might
not have been completely finished; so you're certainly welcome
if you want to give a few sentences.
Mr. Veestraeten. Yes, sir, I was finished. Thank you so
much.
Mr. Horn. OK. We will then move to Mr. Hoechst, senior vice
president of technology, the Oracle Corp. Thank you for coming.
Mr. Hoechst. Thank you, Mr. Chairman, Representative
Schakowsky, and members of the subcommittee. On behalf of
Oracle, I would like to thank you for inviting me to
participate in this discussion. I would also ask that my
comments and written testimony be submitted to the record,
along with an article written by our CEO, Larry Ellison----
Mr. Horn. Without objection, that will be in.
Mr. Hoechst. Thank you. The reason I ask to do that in
particular is the article in its original form makes arguments
about this issue that eventually were culled out during the
endless number of editing processes that go on as the articles
reach sound bites. And so I think many of the issues that are
relevant to this discussion, which I'll address in my comments,
were part of that original proposal as well.
As we know, information is an incredibly powerful tool, and
whether we're using it to make decisions in a boardroom or on a
battlefield, whoever knows the most about their situation is
the most well prepared to make competent decisions. And in the
country today, whether we're in the government system or in the
private sector we have countless data bases with all sorts of
information being gathered as part of the everyday processes of
modern life. And the challenges associated with providing
broader access to this information is exactly what we've been
working on for the last several years, but the reality is that
knowledge which is culled from these data bases is not about
the data itself, it's about the relationships that exist
between data. And as was fairly thoroughly discussed, I think,
in the prior panel, in our opinion the real challenge is not
creating new data bases based on these various systems; it is
coming up with a standard and secure a consistent means of
establishing relationships between these data bases when it's
relevant, sharing information across these organizations,
whether they reside within a single agency or across agencies
or even into the private sector.
So when we talk about a national ID card, I really think
what's important to remember is it's not about the card. The
card may--we'll see in my comments in a few minutes--may have
some interesting capabilities to make the process of securing
our systems more convenient and more straightforward. But what
we really want to focus on is the relationships between
critical information systems. And in the example that was
brought up earlier regarding what was sort of known about the
people before September, the terrorists involved with the
events of September 11th, before the fact versus after the fact
point readily to this point.
After September 11th the FBI was able to discover a great
deal about the people that were part of this act. The challenge
was not that data did not exist. We know the data existed,
because we know they gathered it after the fact. The point was
that we were unable to establish relationships between those
pieces of information to make competent decisions.
Now, we can make decisions after the fact, but this is the
difference between investigation and prevention. And so if we
are able to address the idea that through a common way of
identifying people inside information systems and standards for
sharing that information between systems is adopted, then we
have a much greater opportunity of taking advantage of all the
information that we're already collecting when it can still be
used to make a difference.
Now, if we think about the technical approaches with
consolidating data bases in this fashion, there's lots of
different things we can do. First is the idea of consolidation.
We could start to bring together information systems from
various organizations even inside agencies or, more
importantly, across agencies, into huge monolithic government-
managed data bases of everything we know about people. This is
not only a poor idea, it's not possible. Whether it's
technically possible aside, it's socially not possible. The
inertia that exists in information systems and inside
organizations, and overcoming the challenges of getting those
organizations to roll up their information into systems that
they don't control is really a task that would be very
difficult to accomplish. Not to mention the fact that the
government ought not to be in the business of building huge
consolidated data bases of information about people.
Instead, we could decide that it's more important to keep
these information systems separate and let them do what it is
they do today--and they are already, like we said, gathering
all sorts of information--but create some standard ways for
them to share that information with one another, and this could
very reasonably be aided by a common identifier of people. So
if we said between system A and between system B, whether
that's immigration and FBI or an airliner, airline company and
FBI, to validate that we're both talking about the same
person--having standards for doing that could be very helpful
in making that sort of communication more facile.
There are also other approaches which are not full
consolidation or full distribution and connectivity, and this
comes in the flavor of what I call sort of consolidated indexes
of information. So, for example, when a police officer pulls
over a speeding motorist and wants to check for outstanding
arrest warrants, does it make sense for that officer's system
to check every local and State law enforcement agency in the
country, in real time, to discover whether there are
outstanding arrest warrants? Of course not.
Maybe it would be prudent for us to have a national system
that points to outstanding arrest warrants; again, the
government not managing them, but the government providing a
more convenient way of checking across systems that really do
the same thing. And, in fact, the Department of Justice has
implemented just such a system for that problem.
So the reality is all sorts of these approaches, when we
talk about the consolidation and sharing of information, will
be part of the ultimate solution. We will have the opportunity
to consolidate systems that currently are duplicating efforts.
We'll have the opportunity to teach systems that don't
communicate with one another to do just that. And we'll have
the opportunity to create hybrids, assuming of course that we
come up with some standard methods for doing that.
The challenges in this fall into two buckets. First, the
technical challenges. The real challenge with an identification
system like this is not just relating to people and to
information systems, it is associating a human being with a
given identity. How do I determine that this person standing in
front of me is the same person I'm talking about inside this
information system or collection of information systems? And
that identity comes through many of the ideas discussed today.
It may be in the form of a card. It may be in the form of
biometrics, creating a secure and consistent biometrically
enabled identification card that anyone could use to establish,
to authenticate identity would be very difficult. Not only
difficult socially, but difficult technically. The state-of-
the-art here is advancing, but it needs to advance further
before we could turn such a system on in short-term.
However, there is great opportunity for us to take
incremental steps when attacking the technical challenges.
First, in establishing standards for national identity, an
identifier that uniquely identifies people and government,
guidance that should be used when building information systems
related to these issues could be done incrementally and systems
could come on line as they choose to start to exploit such an
identifier.
We also talk about making the existing identification cards
stronger rather than trying to establish a new one, and there I
think that the driver's license is a good candidate for that
because we've seen a lot of work already done there.
And then finally, in introducing specific populations to
this technology, rather than saying everyone has to
participate, maybe we first focus just on critical jobs;
people, for example, whose job requires that they are on the
tarmac in an airport, or specific populations of people, be it
non-citizens visiting the country, for example.
From the technical perspective of a technology company and
representative of that, I would like to suggest that with the
competent use of existing technology, we can improve the
security not only of identifying individuals but of
establishing relationships between information systems that
already exist today.
On the social side it's not so clear. And as the debates
have gone on today, the issues related with privacy and the
whole idea that the government is getting into the gathering
and establishing of large centralized data bases is an
important debate. But honestly, I believe that it comes down to
the difference between: Can we do something and should we do
something? The ability to do this and strengthen security is
there. The decision as to when this should be done falls in the
hands of policymakers like yourselves.
It's important to remember that a discussion of whether we
should do that has to be built on top of the ability to say
that we can do that and--but for that ``should'' particular
part of the debate, I think it's most appropriate to leave it
to policymakers to draw those lines of when such a system
should be exploited.
So, given that, I appreciate your time and your opportunity
to let us comment in this debate. Thank you.
Mr. Horn. Thank you.
[The prepared statement of Mr. Hoechst follows:]
[GRAPHIC] [TIFF OMITTED] 82171.090
[GRAPHIC] [TIFF OMITTED] 82171.091
[GRAPHIC] [TIFF OMITTED] 82171.092
[GRAPHIC] [TIFF OMITTED] 82171.093
[GRAPHIC] [TIFF OMITTED] 82171.094
[GRAPHIC] [TIFF OMITTED] 82171.095
[GRAPHIC] [TIFF OMITTED] 82171.096
Mr. Horn. And our last presenter is Dr. Ben Shneiderman,
professor, Department of Computer Science, University of
Maryland at College Park; and he is also here as a fellow, on
behalf of the Association for Computing Machinery. Thanks for
coming.
Mr. Shneiderman. Thank you, Chairman Horn, for the
opportunity to testify at this timely and important hearing. I
want to commend you, Ranking Member Schakowsky, the
subcommittee members and your staff, for turning Congress's
attention to proposals for a national identity card system.
You've given some of my introduction already, and I will say
for further purposes that my statement represents the
Association of Computing Machinery's Committee on U.S. Public
Policy.
The ACM is a nonprofit educational and scientific society
of 75,000 computer scientists, educators, and other competing
professionals from around the world, committed to the open
interchange of information. In the 2 months since the
deplorable acts of terror were perpetrated against America, a
number of legislative measures and regulatory actions intended
to ensure the safety and security of our citizens have been
proposed. While most proposals have been well intentioned, some
have been misguided in that they overlook the potential for
unintended consequences or underestimate the technical
challenges and risks inherent in their implementation.
Recently, information technology vendors have suggested
that a comprehensive national identity card system could be
created and implemented in as little as 90 days. Implementing
such a complex system is a challenging systems engineering
matter. Such a rapid construction of an effective and novel
socio-technical system would be unprecedented. A constructive
alternative may be focused efforts that build on existing
systems such as State motor vehicle passports and visas. And as
the last speaker, I have the luxury of being able to resonate
with the many thoughtful comments that have been made already.
The first panel made very clear the strong political
concerns about a national system, and this panel has gone
through in good detail about some of the challenges in the
technical development. A national ID system requires a complex
integration of social and technical systems. That's what I'm
going to stress here is that combination, including humans to
enter and verify data, plus hardware and software networks to
store and transmit.
Such socio-technical systems are always vulnerable to
error, breakdown, sabotage, and destruction by natural events
for any people with malicious intentions. For this reason, the
creation of a single system of identification could
unintentionally result in degrading the overall safety and
security of our Nation because of unrealistic trust in the
efficacy of the technology.
The National ID card itself is only the most visible
component of a system that would require supporting
bureaucracies and elaborate data bases that would have to
operate in everyday situations; again, as said by several
members of this panel. In particular, a national ID system
requires an extensive data base of personal information of
every citizen. Who would enter the data? Who would update it?
Who would verify it? Who would determine when the data is no
longer trustworthy? Who would review audit trails and approve
access?
If a new and centralized approach is technically
problematic, as again has been stated by many, and politically
unpalatable, which seems quite well accepted here, then how
might we work to increase security? Constructive first steps
would be to define goals and develop the metrics of success.
Let me repeat that. Constructive first steps would be to define
our goals in a narrowly focused way, and develop the metrics of
success. If improved air travel safety is our goal, and it has
wide public support, then we need to develop the techniques to
achieve that goal, with modest impact on personal rights and
privacy. A realistic goal would be to make verifications of
passenger identity more reliable, while limiting delay,
intrusion, and inconvenience to citizens.
Improving State motor vehicle identification cards might be
accomplished by coordination among the States to determine best
practices for issuing, replacing, verifying, and monitoring
usage. Such efforts might be coordinated by the National
Association of State Chief Information Officers, as mentioned
by Newt Gringrich, or by the National Governors Association.
Common practices or even national standards might be arrived at
through public discussion. Adequate public discussion of
proposals is essential to gain acceptance and to improve their
quality.
A socio-technical systems approach would include
quantification of weaknesses and vulnerabilities of data base
security and network access based on existing systems. Then
realistic solutions to dealing with problems such as lost cards
and mistaken identifications would have to be developed and
tested. Special cases such as tourists, professional visitors,
foreign students would have to be addressed. Any complex social
technical system such as identity verification requires well-
trained personnel whose performance is monitored regularly.
Effective hiring and screening practices, chances to upgrade
their skills, and especially participation in the redesign of
the system, are important contributors to success.
Improvements for citizens could also lead to higher data
reliability and system efficacy. Citizen confidence and data
accuracy could be improved by system designs that provide
greater transparency and greater openness, by allowing citizens
themselves to inspect their contents and view a log of who uses
their data.
More constructive ideas could emerge by encouraging
research by computer and information scientists in
collaboration with social scientists. They would also be
encouraged to build bridges with legal and policy groups so
that their solutions are realistic and implementable.
It's important that the Congress proceed cautiously on the
issue of national identity card systems. They involve risks and
a variety of practical organizational and technical challenges.
Any effort to improve homeland security should begin with clear
statements of goals and quantifiable metrics of success.
Computer technology can do much, but it cannot see into the
minds and hearts of people, nor can it replace the capability
of vigilant citizens.
Face-to-face security checks must be a vital component of
airport and other security systems. On this point I also differ
from Mr. Goodman's report about Ben-Gurion Airport, where it is
not a biometric system, but it is repeated face-to-face
encounters with security checkers who ask questions and are
vigilant to the responses and the behavior of each person
passing through that airport, as I did late in August of this
year.
Despite growing public and political pressures from
perceived security enhancements, the risks and challenges
associated with a national ID card system need to be identified
and understood before attempting deployment. The problems
cannot be solved overnight or in 90 days, as has been
suggested, but constructive alternatives such as improving
existing State motor vehicle registration and passports are
promising possibilities that could bring benefits sooner than
establishing an entirely new system. The emphasis must be on
people first, then the technology.
The Association for Computing Machinery and other leaders
in the computing community are ready and willing to assist
lawmakers in their efforts to enhance the safety and security
of our Nation.
Thank you for the opportunity to speak here.
[The prepared statement of Mr. Shneiderman follows:]
[GRAPHIC] [TIFF OMITTED] 82171.097
[GRAPHIC] [TIFF OMITTED] 82171.098
[GRAPHIC] [TIFF OMITTED] 82171.099
[GRAPHIC] [TIFF OMITTED] 82171.100
[GRAPHIC] [TIFF OMITTED] 82171.101
[GRAPHIC] [TIFF OMITTED] 82171.102
Mr. Horn. I have been very enlightened by your
presentations. I had a chance to go through them all last
night, except for the Senator, who just flew down here, and
thank you again.
I just ask all of you, would you object to a form of
identification that contained only the person's name and
confirmation that he or she is a U.S. citizen? How do you feel
about that? That's getting down to essences.
Mr. Shneiderman. I think the issue is not just the card--
again, the card is only the most visible form--but who issues
the card, who certifies its correctness, and how it's handled.
And my belief and my testimony suggests that strengthening
existing systems such as State motor vehicle systems would be
the most effective.
We currently have accepted the practice of walking up for
airline boarding to show a State motor vehicle card. I think
that is the place of intervention where we could do most good
to improve its efficacy. Simply creating a new card with
whatever's on it I think will lead us down the wrong path.
Mr. Horn. Any thoughts on this, Mr. Hoechst?
Mr. Hoechst. Yeah. I would add that a card that just has a
small amount of information, and really even perhaps less than
you describe, which can only establish identity, is the only
thing that's really feasibly possible to deploy practically.
Any attempts to create cards that contain lots of information
just opens the troublesome box of discussions about how that
information is used. What's important is the information that
will be used, once identity is established, is already managed
by processes inside organizations, whether they're law
enforcement organizations or commercial organizations. What the
card only does is to help establish identity, authenticate that
this person is this--represents this well-understood and
standard identity.
Mr. Horn. Mr. Veestraeten, how do you feel about that; get
it down to the name, and are you a U.S. citizen or aren't you?
Mr. Veestraeten. Yes, Mr. Chairman. That is exactly how it
is organized in Belgium today. The cards only--I headed a
company of--the only cards which I had at hand, which was my
own, and with documentation which was disputed, and we only
mentioned a limited number of data. This number is limited by
law. So nobody can add any additional information. You will see
on the back of the cards, there are two items mentioned, and
this is on my explicit authorization. I had to sign the
documents to approve those mentions. One is the name of my
spouse, which I'm happy and proud to have there, and the other
one is the number of the national register with this assembled
data base, and I also approved in writing to have this item
added to my card. If not, it would not have been there. So the
only information we add is--we as a standard put on the card:
name, first name, date and place of birth, address and
nationality. And there is nothing else there.
Mr. Horn. Ms. Corrigan.
Ms. Corrigan. I think that in order to answer that
question, the Privacy Act, which was enacted in the seventies,
was rooted in a golden rule essentially, which is that
information collected for one purpose should not be used for
another purpose.
And it's difficult to answer your question because
information is rarely collected just to collect it. There's
usually a reason that you want to have such a list. So, for
example, a list of American citizens--and I think you yourself
proposed something similar a few years ago--around a voter
registry; you know, the difficulty there is, it was the same
debate that came up around, No. 1, as Professor Scneiderman
pointed out, you know, do we in fact have an accurate list that
would reflect that? We do have a passport document when we
leave the country, which establishes citizenship obviously? So
there are documents that are shown to do that.
Going back to my one of my original points is that to build
any one of these data bases on a faulty system of documents is
very problematic, particularly when it would deny you either a
service or a right that you've got either under law or the
Constitution.
Mr. Horn. Senator Goodman.
Mr. Goodman. I would like to reiterate once again the
notion that in a wartime situation, you have criteria which I
think differ materially from those in the halcyon days that we
knew before September 11th. And in this instance, the purpose
of the card would be to establish clearly and unequivocally the
identity of the individual. But let me point out that at that
stage of the game, we'd have linkages with various data bases
which might ascertain the possible undesirability of that
individual's behavior pattern which would require close
tracking.
For example, if someone enters the country in a situation
where they're here to do mischief, which has all too often in
the recent past proven to be the case, it's imperative that we
have some means of tracking that individual. To have a society
in which everyone can rattle around in a state of happy
unanimity, when the assumption that the cool air of freedom
must be the thing which we permit them to breathe continuously
while we're at war, I think denies the exigencies of the war
situation.
Mr. Horn. Professor Turley.
Mr. Turley. Well, I suppose I should be delighted with the
opportunity to lie about my weight, but I don't think that this
is an issue that will be solved by more cards. God knows,
Senator Goodman's wallet couldn't hold another one. But I think
my problem with it is simply that simply having a card issued
on an expedited basis I think puts us on a track of where we've
been. That is, there is a natural desire to rush into this room
and put this fire out.
But I think it needs more study than that, I think not just
because of our traditions, but because we have decided on the
technology, its use, its functions, it's appropriate functions.
Any dangers of what's called authorized misuse, all those
things we have to think about before we plunge into this.
I do think that there is a basis, I say in my written
testimony, issue a card relatively quickly for certain insular
groups--those may be foreign nationals, they may be foreign
students, but they would also be, for example, international
truckers--that we do need a very fast system at our borders
that's reliable; because we have a buildup at our borders
that's going to get worse, particularly during times of crisis.
We need to solve that right away and we can create a biometric
card to try to do that.
We may also want to use a card; for example, groups that
handle material like anthrax. So you can have an immediate card
issued.
But what I think we should be careful not to do is to
restrict it from drifting, not make it a national card. You
focus on those areas we need one right away, and then study the
issue of whether we need a national identifier.
Mr. Shneiderman. Focus systems would be most effective and
most prompt, I believe, in producing the benefits that we all
seek. But whether it's airport personnel or truckers, we can
go--and small groups can be approached and handled in a
respectful way.
Mr. Horn. I tried out on our first panel the idea of a
commission, which was usually a Presidential commission, of
picking the Chair, and then the Speaker of the House, and the
Majority Leader of the Senate. And I'm inclined to put that
into law and have my colleagues go with it. But what that does
is delay things. On the other hand, what it does is try to
build a consensus. So we had the Hesburgh one on immigration;
we had Barbara Jordan as the Chair, and so forth.
Now, we've been through this in terms of census material,
where we wanted to put through a 5-year or so, and they blew it
right out because they didn't want any part of it, and it
became a jurisdictional argument.
So I'd be interested in what your feeling is. Is it worth
getting a commission that has those suggestions of the Speaker
of the House and the Majority Leader of the Senate and the
Minority Leaders of both houses and the President of the United
States? So what do you think?
Mr. Goodman. Mr. Chairman, let me respectfully suggest that
it does seem to me that approach does take into account the
concerns which we feel are increasingly evident, and I'm afraid
if we are once again hit with another act of terrorism, which
in my judgment is in all probability likely to occur sometime
between now and Christmas, it's going to create the same
reaction, only on an exacerbated basis, that we had after the
World Trade Center and Pentagon episodes. And I must say to you
that I think that it's extremely important that we move on with
this fairly quickly and try to arrive at a conclusion. I would
hope that some form of identification could be established
promptly, so that we are protected to the extent possible
against a recurrence of this type of an act.
On the lighter side, I'm reminded of the couple at the
Atlantic City Boardwalk: The gentleman got on the scale, put a
quarter in, and one of those little tickets came out with his
fortune on it. And his wife said, ``What does it say?'' And he
said, ``It says that I'm a handsome, debonair fellow of extreme
brilliance with the highest IQ in Atlantic City.'' And she
said, ``Well, let me look at it.'' And she looked at it and she
said, ``It got your weight wrong, too.''
So that we do have occasional confusions in these
mechanical devices, but I think that we're at the point where
that type of thing is not likely to occur with any frequency.
Mr. Horn. Ms. Corrigan.
Ms. Corrigan. Well, it sounds like the legislation does not
have the ACLU chairing the commission, so it would be much
easier for us to come out in support of that.
Mr. Horn. Well, we don't know. You're here and----
Ms. Corrigan. Hey, I'm available.
Mr. Horn. Yes, and there are minorities in both Chambers.
Ms. Corrigan. I mean, I think the key is not whether there
is a commission or whether it is staff on a committee
developing a legislative proposal. I mean, the question is
what's in it and is--you know, the ACLU would oppose an
identification system either through the front door of calling
it a national ID or through the back door of some other type of
registry or integrated data base.
Mr. Horn. Mr. Veestraeten, did Belgium ever have, say, a
King's Commission or the Parliament, whatever, to get this
moving?
Mr. Veestraeten. No. This dates from long back in our
country. So I don't know how it was discussed back in the
beginning of the last century, but----
Mr. Horn. And the First World War and the Second World War.
Mr. Veestraeten. The card was introduced after the First
World War.
Mr. Horn. Yes.
Mr. Veestraeten. Yes.
Mr. Shneiderman. I think they have 80 years of history of
evolution to develop their approach which fits with their
national values. And I think we've got a history of evolution,
and I support the idea of a continued evolution to refine
existing mechanisms.
Mr. Horn. Mr. Hoechst.
Mr. Hoechst. Mr. Chairman, I would suggest that your
concern about a commission--about delaying things, especially
with an ID card, that there is an opportunity missed that could
be done in the short-term. And so what I would suggest for
identification cards, then something that studies it in the
form of a commission would be valuable as long as it were given
guidance that--along some of the ideas that were proposed
today, that it not just study it, but that it is practiced,
maybe in prototypical form; giving identification cards to
different populations to see how it works, rather than just
study it.
But I would also suggest that there is short-term activity
that can happen, that I would hate to see a commission cause us
not to focus on, and that is on these goals of information
sharing, especially between critical information systems in the
area of law enforcement and immigration and the like where we
do not--the technologies exist. We know they work. We need to
choose to use them, and we need to set clear guidelines about
when it is appropriate to use them and legal to use them.
Mr. Horn. Thank you. Dr. Shneiderman.
Mr. Shneiderman. I repeat my desire for the evolutionary,
but I think also focused action, as I say, as we heard here;
maybe specific interventions between--for information sharing
between FBI, CIA. If our concern is aircraft, you know,
boarding aircraft, then that kind of sharing of information is
a possibility on a very short-term basis.
And then I think focused populations, such as international
truck drivers or airport personnel who have access to secure
areas, immediate improvements could be made.
But, again, I want to restate it's not just building some
technology. It's providing the human infrastructure that builds
trust and support for this rather than antipathy. It must be
demonstrated that any intervention has broad support, and
especially of those who are most directly affected; that it's
implemented in a way in which people feel that this does
contribute positively, and therefore they are most cooperative
with it and they will point out--they'll be vigilant in
pointing out those who are potentially in violation.
Mr. Horn. I thank you and yield at least 10 minutes to the
ranking member.
Ms. Schakowsky. Thank you, Mr. Chairman. I think this has
been a really important and a very useful hearing. I thank all
the panel members. These are questions that we are going to
have to seriously consider.
I want to first play a kind of devil's advocate and--
because my proclivity is to be--as those of you who have heard
my opening statement--is to be very, very skeptical of the
notion of a national identification card. But the point that
Mr. Veestraeten said, which is that we use identity cards, and
all of you--we do that when you go on an airplane, when you
cash a check, all kinds of places where we are asked and
required to produce some sort of identification. It seems to me
if the technology is available to improve on those systems,
maybe not perfectly, but to improve on those systems. Then he
asked the question or at least made the statement that since we
do that anyway, why not have a universal card, a national card.
So, Dr. Shneiderman.
Mr. Shneiderman. Again, I think the supportive
participation from citizens is necessary. If they see this as a
universal card collected by a Federal agency, I think the
resentment may--and the doubt and the questions, the
interference with privacy would be very much in their mind, so
you'd have a poor participation and, I think, disruption.
People would be concerned.
Whereas, if they apply for their State motor vehicle
license, where they recognize that the benefit is they're
receiving a card which enables them to drive, that it possibly
takes care of health problems should they have an accident, and
that there may be other specified focused, clear benefits to
it, they will cooperate, and that those who take the
information will have a clear sense of purpose and work as best
as they can to ensure that the quality of the data is high and
that customer satisfaction is high and that participation is
broad. And, again, when someone is attempting to forge or
bypass the system, there's likely to be stronger citizen
participation in stopping such interventions.
I think we have the interesting examples of computer
viruses. Why is it that the Lenox communities or the Mack
communities have less of this. There's a warm sense of
participation. There's an active sense of pride. It's close to
them. And so I think if we follow those models and we want to
bring, as in this country, we have a long history of bringing
things closer to people by having the States be the closest
point of connection for such activities, we will be building
the right kind of system. And thinking about the social
dynamics of why someone offers their information and why they
might try to deceive and how they might help to prevent others
from deceiving, that's where we will go to build the strongest
possible system. So again a diversified system and again a
focused one that deals with special communities.
Ms. Corrigan. I think here, whether it's a State level
document like the driver's license or a Social Security number
or a newly issued type of identifier like the biometrics, I
think we have to go back to the purpose for which we are
gathering this information. And the way that this debate has
been framed since the terrible events of September 11th has
been a national identification card or some sort of national ID
system that would protect us from acts of terrorism. And based
on the arguments I already made in my testimony, we can't build
such a system on a set of faulty documents.
Many of those terrorists on September 11th had fake Social
Security numbers. Actually all 19, according to the Inspector
General last week, had such security numbers, some of them
legally and some of them not. You can't establish motive or
intent simply on the basis of knowing who someone is. It makes
me nervous to think by having a traveler's ID or national ID
card I could just pass through security unchecked without much
more, and that to me doesn't create more security. In fact, it
creates a false sense of security, too much dependence on
technology.
If we are talking about State or Federal level efforts, we
have to go back to the basic question, is this even an
effective security measure to begin with?
Ms. Schakowsky. Anyone else burning to respond because I do
have another question? Let me ask you this, is there a place
for these incredible new technologies, biometrics, palm, all
those things? I mean, should we be looking for ways to utilize
them more effectively or do those lead into problem areas for
us as well?
Anyone? Mr. Hoechst.
Mr. Hoechst. I would suggest there is a great many places
for using them, but not necessarily should we have an
expectation that tomorrow, we could use them to uniquely
identify anyone who is on our soil, American or visiting. And
that partly comes in limitations of the technology in its
current state, but it partly comes just in the broad ability to
adopt any such technology like that.
However, there are opportunities to use them where they are
very effective. And this comes in, for example, authenticating
yourself to secured areas. Perhaps we'd say you need to
identify that you have certified--you need to identify
biometrically that you are allowed to enter secured areas in an
airport or whatever. And for that sort of smaller focus
identification, we know there are a subset of people that are
allowed to do this and we are going to confirm that you are one
of that subset. They work quite well. For the general case of
just saying, ``Hey, I got a person here, let me look through
all people to determine whether this person is this person,''
they are still immature in that phase, I think.
Mr. Shneiderman. I want to confirm that on the technology
side. These are promising technologies, but do not offer short-
term hope for wide-scale dissemination. We've heard in the past
voice recognition patterns and other technologies that might
have been used, and these techniques are potentially
interesting and they should be expanded and should be
researched, but they are in the longer-term and should not be
seen as a techno-fix in the short-term.
Ms. Corrigan. Although we are not the technology experts
that you've got at the end of the table, I think our mantra is
not all biometrics are created equal and not all uses of
biometrics are created equal. We supply the same tests to those
measures that we would to a national identification card. In
the security context, the ACLU came out in support of the use
of strengthened identification cards for air employees that
need access to secure areas, including the use of biometrics on
those cards. The reason is that in those instances it's a
limited and targeted use of the biometric, and also you're able
to take the thumbprint or you're able to take the iris scan
under very controlled conditions, which makes a difference in
the effectiveness and error rates of biometric technology.
Mr. Goodman. May I venture a comment? I'm not sure at the
moment whether we realize the extent to which certain
technologies are already in play. And in an attempt to achieve
security, I would like to give you a couple of quick examples
in this regard. As you may know, there is something called
CAPS, which is an acronym for Computer Assisted Passenger
Screening. This is a system under which information is obtained
in the reservation process to screen out passengers who may
require additional security checks. The airlines are fairly
widespread in their use of such a system.
Also manifests are at this time provided by airlines. A
manifest is a list of the passengers on a flight which will be
landing in due course at a given airport, and in that airport
they receive an advanced copy of the list of the passengers on
board to try to determine whether there is a possibility of
either customs violations or immigration violations and the
like. So already Big Brother, if you please, is watching very
closely in certain instances to try to determine what's going
on. In my judgment, these are both fully justified in the
present circumstances of tension. And I would again repeat, in
the context of a war situation, anything we can do to utilize
current technology to assist us in making identification of
high-risk individuals is helpful. Normally you would not wish
to do that. And you'd say in a civil libertarian sense, ``Que
sera sera,'' let it be and don't mess with this sort of thing.
But I think it would be a great mistake when we know that we
will probably be once again subject to a potential attack to
allow ourselves to be in a solemn state to matters of this
sort.
Mr. Turley. Could I add something? Obviously, I suggested a
commission because I think this deserves more study. And I
think that it's not just a technological issue that needs more
study, but we need to look at the efficiency and viability of
the systems. And if you have a single unified card it has to be
integrated very often with at least some level of data base
that creates its own issues. But putting that aside, I just
wanted to disagree with Senator Goodman in one sense. I happen
to think we do need more security.
But we have a long history of the government in times of
crisis doing things that can only be described as moronic. And
some of them are more than moronic, such as the internment of
American citizens of Japanese origin. To simply say we are
living in danger is not a justification for going boldly into
these areas in the search for even a modicum increase in
security. I think we have learned too much in terms of our
history.
So I agree with Senator Goodman. I know that he intends
this in the best sense. But I don't agree that should be the
reason or the time schedule for us to act. I don't even believe
this is necessarily going to add security. I mean these
hijackers on September 11th had wallets that were bursting with
false IDs. Adding another one is not going to reassure me. I
would rather be reassured for my sons that when they inherit
this country and this system that it's going to be given to
them in the same condition that it was given to me. And that's
my greatest concern, because frankly the Taliban is today's
flavor of threat, and tomorrow there's going to be another
group of fanatics. But I am more concerned in how we respond to
the threat than the threat itself at the moment.
Mr. Goodman. May I remind us that had we taken a view that
peoples' activities in the country are their own business
unless they do something overtly wrong, that this possibly was
what underlay the fact that we failed to realize that people
are taking flying lessons, learning how to fly planes in
midair, but neither to land them nor permit them to take off.
And had we simply accumulated a little degree of intelligence
data that indicated there were certain foreign nationals
indulging in that type of flying lesson, it might have created
a pattern of concern that would have possibly detected the
advance notion of people plowing airplanes in tall buildings in
our society.
I use that as an example because it does seem to me that
there was an earlier reference to an intelligence breakdown.
The use of vigilant intelligence and the need for both the
horizontal and vertical communication of intelligence agencies
in the United States is an absolute imperative at this time,
and it is rather regrettable that we have been informed that
the FBI and CIA have not adequately communicated with one
another and certainly not adequately communicated with local
law enforcement to permit vigilance at a time when it could be.
We want to practice preventive medicine. I don't want to
wait until the next thing happens and say it's a pity it
happened. Let's do something about it now. I would like to
prevent it from occurring ever again, because anyone that lives
in New York will be forever scarred by what's just happened,
and that is why I am taking an intense view of these
discussions at this moment.
Ms. Schakowsky. Thank you to all of you. I want to comment
on this important discussion that we have been having. I think
the example of flying lessons conducted by a company that gave
them--what turned out to be a terrorist is an example of ways
in which our current infrastructure failed us and the ability
to communicate information brokedown, and we certainly are all
interested in making sure that we fill in the cracks and make a
seamless flow of information to the extent that we can. But I
have to say, Senator Goodman, that I, too, feel that
particularly at this time when we're all in a state of
reflection about what is most precious about the United States,
what are the things that make us unique and are so worth
protecting, that we must proceed very cautiously, perhaps even
more cautiously than when things are just clicking along so
smoothly, so that we don't make the kinds of overreaching
mistakes that we did when we interned the Japanese. And I know
that you are certainly not talking about that kind of activity,
but I think it is somewhat of a slippery-slope in that we have
to be very careful that we don't install permanent--one reason,
for example, that I voted no on a bill that I thought had many
good provisions, the bill, which I felt shouldn't have been
called the Patriot Act, because I believe myself to be a
patriot, but I voted no on that. So I think we have to be very,
very careful as we proceed forward. And I think that this
conversation today and all of the witnesses, both panels,
contributed to the kind of thoughtful debate that we need to
have, and I appreciate it very, very much.
Mr. Horn. Well, I wanted particularly to appreciate what
the ranking member did about the terrible breach of the
Constitution with the Japanese Americans going into
internments. I am proud to say my mother, who was director of
welfare in her county, she opened up and said that is just
wrong. And the only person I know of who was elected who was
against that was Roosevelt and General DeWitt--just went ahead
of everything, putting people in internment camps, even going
with the Army to Peru, and so forth. But the only elected
person was a very interesting gentleman named Harry Kane, the
mayor of Tacoma, where many Japanese Americans were, and he
later was a U.S. Senator and then President Eisenhower made him
head of the Subversive, whatever board it was in those days,
and he had the guts to stand it. And I had lunch with the Chief
Justice Earl Warren just before he died, about 3 months before,
and that was, he felt, the biggest mistake. And he was a
wonderful man and very strong on civil liberties and--but one
gets swept up in that and they do it. But it's wrong, and we
don't want to see that happen again.
So let me just ask one or two questions and we'll close it
out. Mr. Hoechst, Mr. Ellison has offered to provide the data
bases for free for Oracle. Does this include maintenance,
technical support and upgrades? As long as you are in a Santa
Claus mood, I just thought I'd----
Mr. Hoechst. I would not venture to be able to speak for
him on what's intended there. I would like to describe the
nature of the intent of that offer, which was to take advantage
of the resources and the enthusiasm that commercial
organizations like Oracle and others have to facilitate action.
So Larry's comments, I believe, were to try and remove any
roadblocks required to facilitate action toward building
systems that can share information. And if what we can do is
provide free software or free maintenance on software or free
services that can help us in a tactical way to stimulate action
rather than be roadblocks that cause processes to languish,
then we will do that.
Mr. Horn. I have one question for Ms. Corrigan. How would a
consolidated identity system invade the privacy of individuals
any more than the current systems, Social Security, driver's
licenses, passports and--we have that now.
Ms. Corrigan. Actually, we also have something called the
Privacy Act, which is rooted in one basic principle, and that
is information collected for one purpose. So whether it's by
the Museum of Modern Art in New York or whether it's by the
Social Security Administration, information collected for that
purpose shouldn't be used for another purpose unless subject to
one of the exceptions outlined in the law. And we at the ACLU
are very concerned about the misuse of Social Security numbers
and privacy violations that go on everyday. But one of the
biggest protections of privacy is actually the decentralized
nature of the data. It is one thing for my doctor to have
access to my personal health information. It's another thing
for law enforcement to have my arrest record. But it's a
completely different thing for people to combine those pieces
of information and come up and marry them so you can come up
with a whole profile of my life. And as I mentioned before, one
accident, you know, in the Federal Government unfortunately has
been subject to either accidents in terms of security on the
Web or unfortunately employees who are corrupt and sell or use
and misuse that information, that, again, there's a difference
when you have separate data bases versus the marrying of the
information.
Mr. Horn. I'll tell you, every hearing we have had on
privacy, and that is we wanted to make sure and the Speaker
mentioned it this morning, you make a felony out of it. We had
one of our colleagues when I came into the Congress, her
medical file had been put in the papers. And why? A disgruntled
employee or whatever. And that's why people have to be very
careful of any files in a doctor's office in particular.
Mr. Shneiderman. I would like to speak to that issue.
There's a long history of attention between centralized and
decentralized systems and there are two issues. One is as Ms.
Corrigan described. The centralized facilities allow a single
point of attack, single point of destruction, a single point of
violation and therefore the magnitude of the violation is
greater. The capacity of the computer to amplify power to do
good also amplifies the power to do evil. And therefore someone
can search across a much larger data set in that way.
But the other interesting point about the multiple or
diversified, decentralized approach, actually it stimulates
creative designs by having independent explorations and
involves much more effective best practices if they are then
shared and copied by the others, which is again why I encourage
the collaboration by the way of the National association of
State CIOs so that the best practices of each of the 50 States
can then be repeated and disseminated widely. And that's truly
one of the strengths of the decentralized approach.
Mr. Horn. I am going to thank the staff now and then have a
closing bit of where I think this is going. And the person on
my left is J. Russell George, the staff director and chief
counsel for the subcommittee. And Bonnie Heald in the back is
the deputy staff director. Darin Chidsey is a professional
staff member. Mark Johnson, clerk. Earl Pierce, professional
staff member. Jim Holms, intern. And then for the ranking
member here, David McMillen, professional staff member. And
Jean Gosa, minority clerk. Our court reporters, Lori Chetakian
and Nancy O'Rourke, and we thank you.
The hearing was not intended to resolve the national
identification issue, but merely to advance the debate in light
of the September 11th attacks and the changed world in which we
now live. Our witnesses provided a variety of perspectives and
brought a great deal of expertise to the discussion. We are
only beginning to explore this complicated issue. But one thing
is certain, the September 11th attacks, as horrifying as they
were, have brought out the best in America.
One small but important example of the Nation's strength is
the ability to conduct this calm, civil but vigorous discussion
of whether America needs a national identification system and,
if so, how to go about creating it. Ultimately we can trust the
American people and their representatives to make the right
decision.
And with that, we are adjourned.
[Whereupon, at 1:50 p.m., the subcommittee was adjourned.]
[Additional information submitted for the hearing record
follows:]
[GRAPHIC] [TIFF OMITTED] 82171.103
[GRAPHIC] [TIFF OMITTED] 82171.104
[GRAPHIC] [TIFF OMITTED] 82171.105
[GRAPHIC] [TIFF OMITTED] 82171.106
[GRAPHIC] [TIFF OMITTED] 82171.107
[GRAPHIC] [TIFF OMITTED] 82171.108
[GRAPHIC] [TIFF OMITTED] 82171.109
[GRAPHIC] [TIFF OMITTED] 82171.110
[GRAPHIC] [TIFF OMITTED] 82171.111
[GRAPHIC] [TIFF OMITTED] 82171.112
[GRAPHIC] [TIFF OMITTED] 82171.113
[GRAPHIC] [TIFF OMITTED] 82171.114
[GRAPHIC] [TIFF OMITTED] 82171.115
[GRAPHIC] [TIFF OMITTED] 82171.116
[GRAPHIC] [TIFF OMITTED] 82171.117
[GRAPHIC] [TIFF OMITTED] 82171.118
[GRAPHIC] [TIFF OMITTED] 82171.119
[GRAPHIC] [TIFF OMITTED] 82171.120
[GRAPHIC] [TIFF OMITTED] 82171.121
[GRAPHIC] [TIFF OMITTED] 82171.122
[GRAPHIC] [TIFF OMITTED] 82171.123
[GRAPHIC] [TIFF OMITTED] 82171.124
[GRAPHIC] [TIFF OMITTED] 82171.125
[GRAPHIC] [TIFF OMITTED] 82171.126
-
�