[Senate Hearing 110-113]
[From the U.S. Government Publishing Office]


                                                        S. Hrg. 110-113
 
  WILL REAL ID ACTUALLY MAKE US SAFER? AN EXAMINATION OF PRIVACY AND 
                        CIVIL LIBERTIES CONCERNS

=======================================================================

                                HEARING

                               before the

                       COMMITTEE ON THE JUDICIARY
                          UNITED STATES SENATE

                       ONE HUNDRED TENTH CONGRESS

                             FIRST SESSION

                               __________

                              MAY 8, 2007

                               __________

                          Serial No. J-110-33

                               __________

         Printed for the use of the Committee on the Judiciary


                     U.S. GOVERNMENT PRINTING OFFICE

37-167 PDF                 WASHINGTON DC:  2007
---------------------------------------------------------------------
For sale by the Superintendent of Documents, U.S. Government Printing
Office  Internet: bookstore.gpo.gov Phone: toll free (866)512-1800
DC area (202)512-1800  Fax: (202) 512-2250 Mail Stop SSOP, 
Washington, DC 20402-0001






                       COMMITTEE ON THE JUDICIARY

                  PATRICK J. LEAHY, Vermont, Chairman
EDWARD M. KENNEDY, Massachusetts     ARLEN SPECTER, Pennsylvania
JOSEPH R. BIDEN, Jr., Delaware       ORRIN G. HATCH, Utah
HERB KOHL, Wisconsin                 CHARLES E. GRASSLEY, Iowa
DIANNE FEINSTEIN, California         JON KYL, Arizona
RUSSELL D. FEINGOLD, Wisconsin       JEFF SESSIONS, Alabama
CHARLES E. SCHUMER, New York         LINDSEY O. GRAHAM, South Carolina
RICHARD J. DURBIN, Illinois          JOHN CORNYN, Texas
BENJAMIN L. CARDIN, Maryland         SAM BROWNBACK, Kansas
SHELDON WHITEHOUSE, Rhode Island     TOM COBURN, Oklahoma
            Bruce A. Cohen, Chief Counsel and Staff Director
      Michael O'Neill, Republican Chief Counsel and Staff Director







                            C O N T E N T S

                              ----------                              

                    STATEMENTS OF COMMITTEE MEMBERS

                                                                   Page

Leahy, Hon. Patrick J., a U.S. Senator from the State of Vermont.     1
    prepared statement...........................................   229
Specter, Hon. Arlen, a U.S. Senator from the State of 
  Pennsylvania...................................................     3

                               WITNESSES

Carafano, James Jay, Assistant Director, Kathryn and Shelby 
  Cullom Davis Institute for International Studies, and Senior 
  Research Fellow, Douglas and Sarah Allison Center for Foreign 
  Policy Studies, Heritage Foundation, Washington, D.C...........    10
Gilbert, Allen, Executive Director, American Civil Liberties 
  Union of Vermont, Montpelier, Vermont..........................     6
Harper, Jim, Director, Information Policy Studies, The Cato 
  Institute, Washington, D.C.....................................     8
Kephart, Janice, President, 9/11 Security Solutions, LLC, 
  Alexandria, Virginia...........................................    15
Schneier, Bruce, Founder and Chief Technology Officer, BT 
  Counterpane, Minneapolis, Minnesota............................    12

                         QUESTIONS AND ANSWERS

Responses of James Carafano to questions submitted by Senator 
  Leahy..........................................................    31
Responses of Jim Harper to questions submitted by Senator Leahy..    33
Responses of Janice Kephar to questions submitted by Senator 
  Leahy..........................................................    37
Responses of Bruce Schneier to questions submitted by Senator 
  Leahy..........................................................    43

                       SUBMISSIONS FOR THE RECORD

American Association of Motor Vehicle Administrators, Michael R. 
  Calvin, Interim President & CEO, Washington, D.C., statement...    46
Carafano, James Jay, Assistant Director, Kathryn and Shelby 
  Cullom Davis Institute for International Studies, and Senior 
  Research Fellow, Douglas and Sarah Allison Center for Foreign 
  Policy Studies, Heritage Foundation, Washington, D.C., 
  statement......................................................    56
Center for Democracy and Technology, Ari Schwartz, Deputy 
  Director, statement............................................    63
Electronic Privacy Information Center, Washington, D.C., 
  statement......................................................    70
Gilbert, Allen, Executive Director, American Civil Liberties 
  Union of Vermont, Montpelier, Vermont, statement and 
  attachments....................................................   131
Harper, Jim, Director, Information Policy Studies, The Cato 
  Institute, Washington, D.C., statment and attachments..........   167
Information Technology Association of America, Arlington, 
  Virginia, statement............................................   186
Kephart, Janice, President, 9/11 Security Solutions, LLC, 
  Alexandria, Virginia...........................................   196
Minner, Hon. Ruth Ann, Governor, State of Delaware, Wilmington, 
  Delaware, letter...............................................   231
Schneier, Bruce, Founder and Chief Technology Officer, BT 
  Counterpane, Minneapolis, Minnesota, statement.................   234
Vermont Department of Motor Vehicles, Bonnie L. Rutledge, 
  Commissioner, letter...........................................   238
Wall Street Journal:
    National ID Party, February 17, 2005.........................   241
    Immigration Reality Check, May 4, 2005.......................   243
    Deputizing the DMV, July 25, 2005............................   245
    Real ID Revolt, May 8, 2007..................................   246


  WILL REAL ID ACTUALLY MAKE US SAFER? AN EXAMINATION OF PRIVACY AND 
                        CIVIL LIBERTIES CONCERNS

                              ----------                              


                          TUESDAY, MAY 8, 2007

                                       U.S. Senate,
                                Committee on the Judiciary,
                                                   Washington, D.C.
    The Committee met, pursuant to notice, at 10:12 a.m., in 
room SD-226, Dirksen Senate Office Building, Hon. Patrick J. 
Leahy, Chairman of the Committee, presiding.
    Present: Senators Leahy, Feingold, and Specter.

OPENING STATEMENT OF HON. PATRICK J. LEAHY, A U.S. SENATOR FROM 
                      THE STATE OF VERMONT

    Chairman Leahy. Good morning. I apologize to Senator 
Specter and to the witnesses for being late. We sometimes, as 
the late Senator Moynihan used to say, act like a Third World 
nation around here, with closing off streets for motorcades, 
usually for somebody who, if they would simply drive up in an 
ordinary car, nobody would even know who they are or care, but 
we have to have motorcades to attract attention. Unfortunately, 
we do it with a lot of our own officials more and more. This 
one stopped traffic for about 20 minutes. If I could have just 
left my car, I could have easily walked to the Capitol.
    I recall when I was a law student here at Georgetown, one 
time up in the Capitol, I got on an elevator and stopped, and 
there was then-Vice President Lyndon Johnson and one agent with 
him. I stopped. He said, ``Boy, are you getting on or off?'' I 
said, ``Well, I was getting on, Mr. Vice President.'' He 
grabbed me by the lapel and pulled me on, and he said, ``Well, 
get on.'' I watched as he drove off. He was in a car with a 
driver, one agent, and that was it.
    The other day I noticed the Vice President came up to lobby 
some of our colleagues, and between the motorcycles and all the 
others, I counted 38 vehicles. Somewhere we have gotten out of 
control.
    I also recall--well, that is another story. I won't expand.
    [Laughter.]
    Chairman Leahy. We are turning our attention to an issue of 
great concern to States and to those Americans who value their 
privacy in the face of the Federal Government's expanding role 
in their daily lives, and I thank our witnesses for being here. 
I especially thank Allen Gilbert from Vermont, who told me he 
drove by early this morning the road to my own farm in Vermont 
and all looked peaceful.
    I look forward to gaining a better understanding of the 
impact of the so-called REAL ID Act. Actually, that is 
something we should have done, the Congress should have done 
before they passed the Act. But too often we will pass acts and 
then find out afterward whether or not they make any sense. I 
do not think this does.
    It was legislation forced through by the last Congress as 
an add-on to an emergency supplemental bill. I do not recall 
hearing objections to this sweeping substantive legislation 
being jammed into an emergency supplemental from those who this 
year were so critical of the important aspects of the U.S. 
Troop Readiness, or Veterans' Care, Katrina Recovery, or Iraq 
Accountability Appropriations Act. This bill would have 
provided for veterans care and Katrina relief and other needs 
in the emergency supplemental legislation that we passed last 
week and the President vetoed last week.
    The REAL ID Act was attached to an emergency supplemental, 
with no hearings, no votes, but what it is, the Federal 
Government will be dictating how the States go about the 
business of licensing residents to operate motor vehicles. 
State motor vehicle officials will be required to verify the 
legal status of applicants, adding to the responsibilities of 
already heavily burdened State offices. And if anybody thinks 
it is going to be a walk in the park standing in line at your 
local motor vehicle department, if you think you wait there a 
long time just for routine things, you can imagine what this is 
going to be like.
    While the Federal Government dictates responsibilities for 
what has traditionally been a State function--and adds layers 
of bureaucracy and regulation to effectively create a national 
ID card, and that is what it is--there is no help in footing 
these hefty bills. It is an unfunded mandate passed by the last 
Congress to add to the taxpayers of the States $23 billion in 
costs.
    The Wall Street Journal noted in an editorial--and I might 
note that the Wall Street Journal is not one of my biggest 
fans, but they noted in an approving editorial today that 
``REAL ID was always more about harassing Mexican illegals than 
stopping Islamic terrorists.'' It was put in ``in an effort to 
placate noisy anti-immigration conservatives amid the GOP's 
poll-driven election panic.'' And it was attached to a ``must-
pass military spending bill'' without hearings or debates, and 
the President ``made the mistake of signing it.''
    Given my own concerns, I have joined with Senators Akaka, 
Sununu, and Tester to introduce a bill that would repeal this 
law. We could have had negotiations, which would have been 
completed, and would have rested in stronger requirements for 
identification documents by now had the REAL ID Act not been 
forced through. You know, we were trying to actually work out 
something that made some sense. That all came to a halt when we 
did this, Oh, well, just pass $23 billion of extra taxes onto 
our States and let them do it.
    We all know the critical importance of national security. 
But security measures have to be smart as well as tough. Any 
one of us who flies often knows that there are some security 
measures taken that make sense, and others that look like 
window dressing for the sake of window dressing.
    The reaction to the unfunded mandates of the REAL ID Act is 
a pretty good example of what happens when the Federal 
Government imposes itself rather than creating a partnership 
with the States.
    In addition to the numerous stakeholders that I understand 
have made substantial comments, I hope that the DHS--a 
Department which has very real difficulties in just running 
itself and keeping itself secure--will pay close attention to 
the sentiments expressed by members of this Committee and by 
the Homeland Security and Governmental Affairs Committee, which 
held an oversight hearing on REAL ID in March. I think the days 
of Congress rubberstamping any and every idea cooked up by the 
administration are over. Let's see real solutions with 
demonstrable results before we throw away billions of dollars--
or more accurately, push those costs onto the States--in the 
name of some vague claims of enhanced security.
    I want to understand better the implications for individual 
privacy rights and national security of this law. I will put 
into the record the editorial from this morning's Wall Street 
Journal, Review and Outlook, ``REAL ID Revolt.''
    [The prepared statement of Senator Leahy appears as a 
submission for the record.]
    Senator Specter, again, I apologize to you. You were here 
on time. I was not.

STATEMENT OF HON. ARLEN SPECTER, A U.S. SENATOR FROM THE STATE 
                        OF PENNSYLVANIA

    Senator Specter. Thank you, Mr. Chairman. This hearing is 
part of the continuing efforts of the Judiciary Committee to 
strike an appropriate balance between national security and 
individual liberty and privacy. We all know the terrorist 
threat, and it is important to be able to identify people, to 
know who is doing what, including flying on airplanes, which 
posed the 9/11 catastrophe. But even the 9/11 hijackers had 
multiple identifications, so the question is: How do we have 
identification which can be checked?
    REAL ID, for anybody who has not heard the expression, is 
real identification, that is, accurate identification. There 
have been tremendous objections raised already about this REAL 
ID from very diverse groups such as the American Conservative 
Union, at one end of the political spectrum; the American Civil 
Liberties Union, at the other end of the spectrum; and the 
National Organization for Women. These groups have a lot of 
people who are objecting to it. And it has quite a number of 
proponents in trying to deal with the issue of finding out who 
is who and what the problems may be.
    The Department of Homeland Security has asked for comments 
as part of the rulemaking process and got thousands of 
comments. The Department of Homeland Security estimates it will 
cost 23--I want to be sure we have the zeros right, $23 
billion. As I thought about it, I wanted to check my notes to 
see that this was accurate. It is going to cost a lot of money 
for the States. Eleven States have filed resolutions in 
opposition, two States have opted out, 33 States have moved 
ahead to comply. So there is a checkerboard of responses.
    We are wrestling with the issue of immigration legislation. 
A prodigious amount of work has been put into that by many 
Senators sitting down for hours on end. Hard to believe you can 
find as may as 10 or 12 Senators who will sit for 2 hours to 
work on immigration, and one of the issues that we are 
struggling with there is, beyond securing borders, to have 
employers know who is legal and who is not legal. And we are 
wrestling with the costs of foolproof identification.
    Then we have the issue about the citizens who are applying 
for a job. How can the employer be sure even citizens are what 
they claim to be--citizens? So that is a matter of enormous 
concern.
    You come on a very busy day. You only see customarily the 
Chairman and the Ranking here because there are so many 
collateral duties, and I am going to have to excuse myself in a 
few minutes. We are trying to put together an immigration bill 
because the Majority Leader has given notice that it is going 
to be on the floor next Monday, and he is going to employ what 
is called Rule XIV to bypass the Committee. I am not sure that, 
Mr. Chairman, Senator Leahy, has been wise, because we have 
been doing a lot of wheel spinning on the meetings we have had. 
Last year, when I was Chairman and Senator Leahy--this is role 
reversal--we had in this room elongated meetings, but we 
hammered out a bill without going into all the details. And we 
met the deadline which we had, and the bill which we produced 
in the Senate may be our starting point under this Rule XIV 
procedure where the Committee does not act. But that decision 
was made thinking we could craft a bill which would be 
agreeable to all parties, and that may turn out to be wishful 
thinking to find anything that is agreeable to all parties in 
the U.S. Senate.
    So we are wrestling with a tough issue with this REAL ID, 
and I appreciate the presence of the witnesses. We are going to 
try to find another Republican to come to participate in the 
hearing, but we will be watching your testimony very closely. 
We appreciate your inputs as we wrestle with this issue about 
how we identify people and still protect privacy.
    One item that I noted of special concern is that REAL ID 
does not respect the rights of the Amish and the Mennonites, 
who wish not to have their pictures taken. They have the right 
not to have their photographs taken, rights recognized by the 
U.S. Supreme Court precedent and State law. And we need to 
respect people's rights, and that is another issue. 
Pennsylvania has quite a number, but we need to respect rights 
of Americans wherever they may reside.
    So we have got some weighty issues here, Mr. Chairman. 
Senator Leahy has just shown me some identification, but I am 
prepared to vouch for him without even seeing identification.
    [Laughter.]
    Senator Specter. I have known him for 27 years in the 
United States, and our friendship goes back to 1970 when we 
were prosecuting attorneys, when we had real jobs.
    Thank you, Mr. Chairman.
    Chairman Leahy. Thank you.
    I was showing Senator Specter my Vermont driver's license, 
which does not have a picture on it. And I might say, which has 
nothing to do with this hearing--
    Senator Specter. It is one of the few documents in the 
world which does not have Senator Leahy's picture.
    [Laughter.]
    Chairman Leahy. We will invite them to the Leahy Center in 
Burlington. But, you know, all these things--the Amish and the 
Mennonites--all that should have been thought about before. 
This was just rammed down with no hearings or anything else, 
actually by the other body.
    I may have mentioned what--Senator Specter spoke of 
immigration. He deserves the thanks of both Republicans and 
Democrats in the Senate for the enormous work he put into this 
in the past 2 years. I was privileged to work with him on that 
and helped us keep our quorums and get things moving, and 
Senator Specter--I am glad that the Democratic leader has made 
sure that he is involved in these meetings. I think we did get 
a good piece of legislation out here that can be our starting 
point, and I would hope that we would move forward on this.
    I agree with President Bush--this will stop the presses, 
but I agree with him when he says he wants a comprehensive 
immigration bill. But I think that is what Senator Specter, 
under his leadership, put through last year. Well, let us try 
again.
    Senator Specter. Thank you, Pat.
    Chairman Leahy. Lady and gentlemen, would you please stand 
and raise your right hand? Do you solemnly swear that the 
testimony you will give in this matter will be the truth, the 
whole truth, and nothing but the truth, so help you God?
    Mr. Gilbert. I do.
    Mr. Harper. I do.
    Mr. Carafano. I do.
    Mr. Schneier. I do.
    Ms. Kephart. I do.
    Chairman Leahy. We will hear from each of you. We will 
begin with Allen Gilbert from Vermont. He is the Executive 
Director of the American Civil Liberties Union of Vermont. He 
has been a leading voice in our State about the REAL ID's 
impact on our State and our way of life. He also served as 
President of the Vermont School Board Association. He lives not 
far from me in Vermont and traverses the dirt roads that go 
near my home.
    Allen, you would be interested in knowing that years ago, 
when our oldest son, Kevin Leahy, who is now a lawyer in 
Montpelier, when he was in his early teens, he was asked by a 
reporter what kind of vehicle his father prefers during mud 
seasons on a dirt road. He said, ``Dad prefers a rental vehicle 
for mud season.''
    He was a reporter, then city editor of the Vermont Herald, 
later served as assistant editor of the Sunday Rutland Herald 
Times, was a free-lance writer, taught writing at several 
Vermont colleges and American studies at a German university; a 
bachelor's degree in history from Harvard, a master's degree in 
education from the College of William and Mary.
    Thank you very much for coming down. Please go ahead with 
your testimony.

 STATEMENT OF ALLEN GILBERT, EXECUTIVE DIRECTOR, THE AMERICAN 
     CIVIL LIBERTIES UNION OF VERMONT, MONTPELIER, VERMONT

    Mr. Gilbert. My name is Allen Gilbert. I live in Worcester, 
Vermont--which is the next town over from Senator Leahy's town, 
Middlesex--and I want to thank Chairman Leahy for having us 
here to testify.
    People in Vermont have a lot of unanswered questions about 
REAL ID. Seldom have I encountered an issue that raises 
concerns among such a wide range of people. I can talk with a 
legislator about REAL ID, and she will point out that the 
National Conference of State Legislatures expresses misgivings 
about the program. I can talk with a member of the National Gun 
Owners in Vermont, and he will worry about Government 
intrusion. A member of an advocacy group for victims of 
domestic and sexual violence worries that REAL ID threatens 
protection programs for women and children.
    The Ancient Order of Hibernians does not like REAL ID, and 
neither does the American Friends Service Committee. Earlier 
this year, the Government Operations Committee of the Vermont 
House of Representatives passed, unanimously, a resolution 
opposing REAL ID. The resolution was subsequently approved, 
also unanimously, by the full Vermont House. The longest-
serving member in the Vermont House sits on the Government 
Operations Committee. Rep. Cola Hudson was born when a fellow 
Vermont Republican, Calvin Coolidge, was in the White House. 
Representative Hudson simply shook his head ``No'' when REAL ID 
was described in his committee.
    Our Motor Vehicles Commissioner testified in another 
legislative committee about the ``re-enrollment process'' 
required by REAL ID. Everyone will have to visit a DMV office 
with proper documents. For some people in Vermont, that means a 
long trip. And when they get to the DMV office, our 
commissioner said, ``The jokes about waiting in line at DMV are 
no longer going to be jokes but reality.''
    Long-time residents are going to feel like suspects when 
they are required to report and show their papers. Our 
commissioner noted that her father is 82 years old. He has had 
a driver's license for years. It is going to be hard to tell 
him, she said, that he has to prove his identity before he can 
get his license renewed. People in Vermont pride themselves on 
being part of tightly knit communities. Questioning who someone 
is, is seen as a sign of unfriendliness.
    Birth records in Vermont are kept by town clerks. The 
clerks--some of whom are part-time--are already in a frenzy 
over the thought of complying with the myriad requests for 
records they are going to get because of REAL ID.
    A State senator, who in his other life runs a construction 
company and races stock cars, said, ``I am not sure if it is 
the budgetary concern or the privacy concern or the nightmare 
it is going to create that concerns me most about this.''
    A series of data breaches this winter in Vermont led people 
to wonder about the security of stored data anywhere. DMV 
officials acknowledge that there are hundreds of unauthorized 
attempts daily to get at the department's information data 
base. Increasingly, Vermonters are worried that too much data 
is being collected about too many things. It is not just a 
sense that privacy is eroding. Vermonters are worried that 
their identities will be stolen by identity thieves.
    Vermonters are pretty responsible people. We generally step 
up to the plate when asked to do the right thing. But many 
people are not so sure that REAL ID is the right thing. It 
seems too big, too expensive, and too centralized.
    Mr. Bruce Schneier, who is going to speak a bit later, is 
here. I heard him speak last year, and one of the things that 
he said has really stuck with me. He said that security is an 
equation, with one side being what you are giving up and the 
other side what you are getting in return. I am afraid that 
with REAL ID we are giving up too much and not getting much, if 
anything, in return.
    REAL ID is going to cost the States a lot of money. The 
cost in Vermont is now estimated at around $8 million. That is 
a pretty substantial expenditure for us. Some of our State 
senators want to raise license fees and to call the increase a 
``congressional REAL ID tax.''
    The cost, the implementation, the risk of identity theft--
these things worry Vermonters. Vermonters are not convinced 
that REAL ID is a program that will make Americans safer.
    On behalf of the ACLU, its 53 affiliates and half a million 
members, I urge you to mark up and move S. 717, the Akaka-
Sununu-Leahy-Tester bill. That bill would replace REAL ID with 
sensible, cost-effective driver's license standards. The 
problems with REAL ID would be fixed, and the standards could 
be achieved in a cooperative fashion with State officials, 
Federal Government agencies, and privacy and civil liberties 
experts.
    Thank you for the opportunity to testify this morning.
    [The prepared statement of Mr. Gilbert appears as a 
submission for the record.]
    Chairman Leahy. Thank you very much.
    Mr. Gilbert describes the Vermont attitude. I know a couple 
of the people he referred to. I would consider them among our 
most conservative folks back home. But about the only thing I 
ever kept from the press written about me and actually framed 
was a sidebar to a profile in one of our major publications. 
And as I said, I live on a dirt road. This summer we will have 
had this old tree farm in the family for about 50 years, a 
great deal of acreage and fields that have to be hayed, and 
there is an adjoining farm family through successive 
generations who watch over the place.
    The whole thing went like this: It was a Saturday morning. 
A New York Times reporter in an out-of-State car sees a farmer 
sitting on the porch. He says, ``Does Senator Leahy live up 
this road?'' The farmer replied, ``Are you a relative of his?'' 
He said, ``No.'' ``Well, are you a friend of his?'' ``Well, not 
really.'' ``Is he expecting you?'' ``No.'' ``Never heard of 
him.''
    [Laughter.]
    Chairman Leahy. That is the kind of attitude we have.
    Now, Jim Harper is the Director of Information Policy 
Studies at the Cato Institute. As Director of Information 
Policy Studies, he focuses on the unique problems of adapting 
law and policy to the problems of the Information Age. He is a 
member of the Department of Homeland Security's Data Privacy 
and Integrity Advisory Committee. He is the editor of 
Privacilla.org, a web-based think tank devoted exclusively to 
privacy, and he maintains online Federal spending resource 
WashingtonWatch.com. He holds a J.D. from Hastings College of 
the Law.
    Mr. Harper, thank you for taking the time to be here today.

STATEMENT OF JIM HARPER, DIRECTOR, INFORMATION POLICY STUDIES, 
              THE CATO INSTITUTE, WASHINGTON, D.C.

    Mr. Harper. Thank you, Mr. Chairman. Thank you for having 
this hearing, and thank you for having me here to testify on 
REAL ID.
    In my opinion, the REAL ID Act is a dead letter. All that 
remains is for Congress to declare it so. At this point, my 
understanding is that eight States will not implement REAL ID. 
That means that States that do will not even get the benefits 
alleged from REAL ID. States that implement it at this point 
will be throwing good money after bad.
    The proposed regulations issued by the Department of 
Homeland Security on March 9th, on which comments close today, 
help to reveal that REAL ID is a loser. It costs more to 
implement than it would add to our Nation's security 
protections.
    In my written testimony, I have submitted a risk-based 
analysis of REAL ID, something DHS did not do, but I used DHS 
estimates to show that REAL ID's returns, its security returns, 
at best are 88 cents on the security dollar that we ask the 
States to spend on this.
    It is important to understand that an identity system does 
not apply a fixed identity to everyone. It causes our 
attackers, it causes opponents, to change their behavior, to 
engage in fraud, to avoid identity systems entirely. It is 
rather trivial, frankly, for a committed attacker of any kind 
to work around or to break an identity system like we are 
talking about in REAL ID. So the security benefits are not 
there.
    Because they are here to defend themselves, I will talk a 
little bit about the arguments made by proponents of REAL ID. I 
do so in the spirit of friendship, and I do not think anybody 
puts forward their arguments in bad faith. But the proponents 
of REAL ID essentially hew to two schools.
    One is the ``just do it'' school. It is a law. If we just 
spend a lot more money on it, we will have this thing, and we 
will get whatever we are supposed to get from it. In a paper 
issued last week, my colleague, Jim Carafano, said, ``Identity 
is one of the cornerstones of a free society.'' And I dropped 
my spoon into my Cheerios when I read that, because identity is 
also one of the cornerstones of a totalitarian society. The 
important question is who controls it, and I think it is much 
more important to decide whether Government should control 
identity or whether individuals in the United States should 
control identity. So I think it was an unthoughtful assertion 
in that case.
    It also caused me some regret to see that the Heritage 
Foundation is supporting the expenditure of $23 billion in a 
funded or unfunded mandate on the States. It is an organization 
that I have an affinity for and a past affiliation with.
    The other school is the ``do over'' school: If we could 
just go back and do it over again, maybe we could have done 
something using REAL ID to stop the terrorists. I know I sound 
a little glib in calling this the ``do over'' school, and we 
would all like to be able to go back and change the outcome on 
that day. But the ``do over'' school, if we could just go back 
and do it again, is not serious security argumentation. We are 
trying to design systems to secure our country going forward in 
the future, and the ability to go back and change things so 
that everyone would like it we do not have. So we have to think 
in terms of identity systems and how future attackers would 
avoid them or break them.
    You have heard from Allen Gilbert the privacy and 
convenience and expenditure concerns that are shared throughout 
the country. The regulations issued by the Department of 
Homeland Security essentially punted on the most important 
technology, security, and privacy problems. Of utmost 
importance, in my opinion, the DHS proposal also lays the 
groundwork for systematic tracking of Americans, law--abiding 
Americans, based on their race.
    Though the Department of Homeland Security failed to fix it 
in the regs, I do not think this is the agency's fault. And, 
again, people at DHS are working on these problems in good 
faith. Regulations cannot make this law work, and neither can 
delay. The real problem is the REAL ID law itself.
    As you mentioned, Mr. Chairman, there are meritorious bills 
pending in the Senate and House to repeal REAL ID and restore 
the identification security provisions that were passed in the 
9/11 Commission-inspired Intelligence Reform and Terrorism 
Prevention Act. Congratulations to you, Mr. Chairman, for being 
an original cosponsor of this legislation.
    These bills would be improved on the margin if they were to 
chart a path to Government use of emerging digital 
credentialing systems--systems that are diverse, competitive, 
and privacy protective. You can get security without 
surveillance. It is a couple generations down the road using 
very advanced technologies, but it is possible to do. We can 
have these identification and credentialing systems. 
Governments can be users of them. REAL ID is the ugly 
alternative to getting it right.
    Thank you very much.
    [The prepared statement of Mr. Harper appears as a 
submission for the record.]
    Chairman Leahy. Well, thank you, and I could not help but 
think, in listening to your testimony on the costs, I could 
think of some ways we could spend that $22 billion that would 
actually improve our security. And I understand Dr. Carafano 
will disagree with me, although I must say that I consider it a 
privilege to have Dr. Carafano testify before us. He is the 
Assistant Director for the Kathryn and Shelby Cullom Davis 
Institute for International Studies and Senior Research Fellow 
at the Douglas and Sarah Allison Center for Foreign Policy 
Studies. Dr. Carafano is an accomplished and recognized 
historian and teacher. He is an assistant professor at the U.S. 
Military Academy at West Point. He also taught at Mount St. 
Mary College. He served as a fleet professor at the U.S. Naval 
War College. He is a visiting professor at the National Defense 
University, I would also note with pride, at Georgetown. He 
graduated from West Point, has a master's degree and a 
doctorate from Georgetown, as well as a master's degree in 
strategy from the U.S. Army War College.
    Doctor, as I mentioned to you privately, I appreciate you 
taking the time to be here, as you have every time we have 
asked you to come before this Committee.

 STATEMENT OF JAMES JAY CARAFANO, ASSISTANT DIRECTOR, KATHRYN 
 AND SHELBY CULLOM DAVIS INSTITUTE FOR INTERNATIONAL STUDIES, 
 AND SENIOR RESEARCH FELLOW, DOUGLAS AND SARAH ALLISON CENTER 
 FOR FOREIGN POLICY STUDIES, HERITAGE FOUNDATION, WASHINGTON, 
                              D.C.

    Mr. Carafano. Thank you, Mr. Chairman. I appreciate this 
opportunity, and I have submitted a statement for the record.
    I just want to make three points very quickly: why this is 
an incredibly important issue, what are the options, and then 
what should be done.
    I do believe that identity is the cornerstone of a free 
society because we make a presumption in a free society that 
our citizens are acting lawfully and they should be left to go 
on their way. And we all know democracy works best in small 
communities because we have the trust and confidence of knowing 
each other. That is why Vermont is such an outstanding State.
    But we live in a large, diverse society, and a verified 
identity is critical to having that freedom of movement, and 
that is why criminals so assiduously go after these documents 
and try to undermine them. And that is why it is so important 
to retain the credibility of identity documents in a free 
society. So we have three options.
    One is we can do nothing. We can continue in the Wild West 
that we have had over the last decades where we have seen 
billions of dollars be lost every year to identity theft 
through fraud, theft, counterfeiting, and other types of 
criminal and malicious activities.
    The alternative is we can do a national ID. We could try to 
create a single document that everybody in the country has to 
have. I think that is a wildly impractical, a wildly 
unnecessary, and, quite frankly, a wildly unachievable goal. 
And I think it is a ridiculous notion to think that we want to 
take authority and power away from the States, that federalism 
is not the right solution to making this society safe, free, 
and prosperous.
    And the third alternative is we can do something 
reasonable, and I think what is implied by the REAL ID Act is 
something reasonable. It is voluntary programs for States that 
want to have their citizens have the privilege of presenting a 
credential for a Federal purpose. It is not a national identity 
card. It does not create new data bases. It does not give the 
Federal Government more information about our citizens than it 
has now. It does not put the Federal Government in charge of 
issuing or managing these programs. And it does not have to be 
an unfunded mandate and an unfair burden on the State.
    So what should we do? And just let me kind of briefly click 
off my to-do list.
    One is I do not think there is a legitimate constitutional 
issue here that needs to be adjudicated.
    Second is I do not think that there is any kind of 
congressional legislative remedy required to fix the law.
    Third is I think that rules can be fairly articulated and 
adjudicated under the system and that reasonable practices can 
be negotiated between the States and the Federal Government.
    Fourth is I certainly think that adequate privacy 
protections can be implemented in the system and to meet the 
national standards required under the REAL ID Act.
    And, fifth, I think we can fairly institute this system in 
a reasonable timeline. I think it is certainly appropriate that 
the Federal Government pay its fair share. I think it is a 
terrible idea that moneys to implement REAL ID come out of 
homeland security grants. It is simply robbing Peter to pay 
Paul. We have national requirements out there to raise our 
disaster and response preparedness systems in this country. If 
REAL ID is going to become a reality and a serious thing, it 
should have its own separate appropriations. And I think we 
should have a targeted strategy here. I think there are many 
States that are already virtually compliant with REAL ID, and I 
think we should focus our resources and our attention on the 
States that are closest to complying, also border States that 
want to use the REAL ID credential as a border-crossing card. 
Because I think once we have demonstrated the advantages of 
REAL ID, quite frankly, there will be a land rush for States to 
rush to implement this thing.
    We should be very clear, and I will just say this in 
conclusion. This is obviously not a panacea. There is no 
identity credentialing system in the universe that is going to 
provide you 100 percent security. Every identity system at some 
point is going to be undermined or compromised. It is not a 
silver-bullet solution to fraud, theft, or counterfeiting. But 
there obviously is some security value in having national 
standards to which credentials that are presented for a Federal 
purpose all meet. And I do think--and I would dispute the 
economic analysis. I do think at the end of the day the value 
of national standards, the economic benefits and the reduction 
in threat and common security threats justifies the costs, and 
I think, quite frankly, the implementation costs have been 
severely overinflated and are unrealistic.
    With that, Mr. Chairman, I thank you for the opportunity to 
be here today.
    [The prepared statement of Mr. Carafano appears as a 
submission for the record.]
    Chairman Leahy. I would note that on the cost still it is 
an unfunded mandate to the States, and I think you would agree 
with that at this point. Yes or no?
    Mr. Carafano. Mr. Chairman, I would agree that at this 
point there is not a reasonable agreement between the States 
and the Federal Government as to what the Federal Government's 
fair share is and how that should be implemented. So I do think 
that--
    Chairman Leahy. Well, no reasonable agreement insofar as 
the President has put zero in his budget for it. One would tend 
to think that, he being the decider, it is the position of the 
Federal Government that you are going to get zero.
    Mr. Carafano. I agree, and I think that is just flat wrong. 
There should be a separate appropriation to implement REAL ID, 
and the Federal Government should pay its fair share.
    Chairman Leahy. We will go to Mr. Schneier in a second, 
but, you know, I worry. I see in the press today that Dulles 
Airport where I fly out almost every week to Vermont and go 
through the usual search--shoes off, belt off. I saw a woman 
who was berated for having a tiny little thing of hand purifier 
in her bag because she did not have it in a larger plastic bag, 
even though it was well within the amount, but she was berated 
for doing anything so foolish and threatening to the security 
of the United States. You see a 90-plus-year-old woman, having 
taken her shoes off, and then being told she can put them back 
on, and she explained she cannot put them on. The nurse usually 
does it at the home, and they say, ``Well, it is your 
problem.'' On more than one occasion, I have gone over and put 
the shoes back on. I see TSA losing so much of our identity, 
and today in the paper they said you can buy for $100 a year 
some special ID to zip you through once you give them all kinds 
of background on yourself and fingerprints and everything else.
    I have no intention of buying one of those. I will stand in 
line, go through the same things that others do, because I 
cannot trust them to keep the information they get on me. DHS, 
which is a dysfunctional agency in many, many ways, at least 
some who are waiting for the recovery from Katrina a couple 
years later might say, ``Why should we trust you with it?'' But 
I am going to give you plenty of time to answer that, and also, 
we will keep the record open for all the statements and also 
keep the record open, as you know, afterwards, if you have 
heard something somebody has said and you have not had a chance 
to respond to it, you will be given a chance for the record.
    Mr. Schneier is an American cryptographer, computer 
security specialist, and a writer. He is the author of several 
books on computer security and cryptography. He is the founding 
chief technology officer at BT Counterpane. He has a master's 
degree in computer science from American University, a bachelor 
of science degree in physics from the University of Rochester. 
Before Counterpane, he worked at the United States Department 
of Defense and then AT&T Bell Labs.
    Mr. Schneier, thank you very much for taking the time to 
come here this morning.

   STATEMENT OF BRUCE SCHNEIER, FOUNDER AND CHIEF TECHNOLOGY 
        OFFICER, BT COUNTERPANE, MINNEAPOLIS, MINNESOTA

    Mr. Schneier. Thank you, Senator Leahy. I want to say that 
I am here as a security technologist and expert and not under 
the auspices of BT Counterpane. I have a statement from the 
Electronic Privacy Information Center for the rulemaking for 
the DHS, signed by 21 security experts. I would like to add 
that to the record.
    Chairman Leahy. Without objection, it will be part of the 
record.
    Mr. Schneier. My problem with REAL ID is it does not do 
what it claims to do. Most people think of ID cards basically 
as small, rectangular pieces of plastic that include our name 
and our picture. But an ID card is part of the very complex 
security system, and once you start looking at the entire 
system, you realize that REAL ID is much more complicated and 
much less secure and much less valuable than its proponents 
say.
    What really matters is not how it is used by the hundreds 
of millions of people who have it, but how it fails, how it can 
be abused by those who want to subvert it and want to get 
things that the ID should prevent.
    First off, REAL ID will be forged. Every ID card ever 
invented has been forged. The new $20 bill was forged even 
before it hit the streets. Money has a limit. You are not going 
to spend more than $20 to forge a $20 bill. A REAL ID card is 
an incredibly valuable piece of ID, so the value to forge it is 
much greater. And, paradoxically, by making a REAL ID, by 
making a single ID card, you increase the likelihood of forgery 
by making it more likely that the bad guys will spend more 
money to forge it.
    REAL ID has problems in the sign-up process. You can never 
produce an ID card that is more secure than the breeder 
documents needed to get one. So if you look at the ways you 
would get a REAL ID, if those documents are easier to forge 
than a REAL ID, people will do that.
    REAL ID will not prevent people from getting legitimate 
cards by bribing DMV clerks. This happens regularly. Some of 
the 9/11 terrorists did that. A hard-to-forge REAL ID, more 
stringent standards to get one will not protect us from someone 
basically being bribed to erroneously issue one.
    But the biggest security risk is the data base. REAL ID 
requires a massive Government data base. DHS says that it is 
not one Government data base; it is 53 small ones. I think that 
is a red herring. Interconnected separate data bases are the 
same as one data base. You know this when you go on the 
Internet, when you look at Google. That is one data base.
    This is a grave security risk. Senator Leahy, you just 
mentioned that last week the TSA lost 100,000 identities--not 
of us--of TSA employees, and this demonstrates how difficult it 
is for us to secure data bases. This I think is a bigger deal 
than the press is making it out. The identities of sky marshals 
are on this list. I think there are some grave security 
concerns here.
    It was mentioned, I think by Mr. Gilbert, the problem of 
the identity requirements and address requirements for domestic 
abuse survivors. I think this is a big risk also for judges. My 
father is a judge in New York, and having his address on his ID 
is a security concern for him.
    REAL ID also increases the risk of identity theft. There is 
a lot of talk about how it will decrease the risk. It actually 
will increase the risk.
    First off, most identity theft is not based on people 
forging a piece of plastic. Identity theft is done 
electronically, and a single credential is a one-stop shop for 
identity thieves. We are more secure from identity thieves when 
we have multiple different credentials, when stealing one does 
not get you everything. The more things a single ID is used 
for, the greater at risk we are; the more value it is for 
someone to try to steal it and the more he can do with it once 
he steals it. And if you think it is no fun when some criminal 
impersonates you to your bank, wait until some terrorist 
impersonates you to the TSA. That is going to be so much less 
fun.
    Again, even if you can magically solve all these problems, 
even if you can make the ID work, REAL ID will not help us 
against terrorism. There is a myth in this country that if we 
could just identify people, we would know who they are, we know 
what they do. That is wrong. Identity does not map to 
intentionality. And if you want an idea of how identity-based 
security does not work, look at the no-fly list. The no-fly 
list is the one example of identity-based security that most of 
us come into contact with, and we know it does not work. It 
does not catch anybody, and it just harasses innocent people.
    I was on the Diane Rehm show a couple of years ago, and 
there was a DHS person and we were debating this. And he said, 
you know, ``When you are sitting on a plane, you want to know 
the identity of the person sitting next to you.'' And I said, 
``Well, that is not true. I want to know if he is going to blow 
up the aircraft. If he is not going to blow up the aircraft, I 
do not care who he is. And, honestly, if he is going to blow up 
the aircraft, I do not care who he is either.'' It is not the 
identity. It is the intentionality.
    If you look at what we have done to help airport security, 
it is reinforcing the cockpit door, and it is teaching 
passengers how to fight back. It is not identifying who they 
are.
    So I think REAL ID is a waste. As a taxpayer, I think $23 
billion is too much.
    Thank you.
    [The prepared statement of Mr. Schneier appears as a 
submission for the record.]
    Chairman Leahy. Thank you. You were talking about TSA 
making mistakes. Normally, the most senior member of this 
Committee is Senator Kennedy, and he was stopped about nine or 
ten times getting on a flight he has been taking for 40 years 
back to Boston because he is on a no-fly list.
    Now, I have kidded Senator Kennedy about these Irish 
terrorists, they all look alike.
    [Laughter.]
    Chairman Leahy. Dr. Carafano is chuckling because he knows 
of my Italian heritage. But, I mean, that is how ridiculous it 
is. He even had the President call him and apologize. He said, 
``Look, I do not want an apology. Just get me off the darn 
list.'' We have had a year-old child have to get a passport to 
prove they are not a 40-year-old suspected terrorist. Catholic 
nuns. I have to be careful when I recount some of my days in 
Catholic grade schools and high schools about whether some of 
them probably qualified as terrorists, but I do not think that 
it would be fair to lump them into this terrorist thing.
    So, you know, you see mistakes being made there all the 
time. I do not feel any safer when I see Colin Powell in line 
in an airport and taking his shoes off and his belt off and 
being wanded and searched, especially when the person who is 
going to be cleaning the airplane while it is there is not 
getting anywhere near that kind of search, and the person who 
is alone in the airplane for about 20 minutes before you board 
and could put any kind of a bomb on board that plane does not 
get the kind of security that General Powell or former Vice 
President Mondale, former Vice President Quayle, former Vice 
President Gore, and others do.
    But I digress, and our next witness will be Janice Kephart. 
She is the President of 9/11 Security Solutions. She served as 
a counsel to the National Commission on Terrorist Attacks upon 
America, otherwise known as the 9/11 Commission. She is a key 
author of the 9/11 Commission staff report, ``9/11 Terrorist 
Travel.'' She continues to work with the Canadian Embassy, 
international organizations, and top administration officials 
in an effort to pursue the implementation recommendations 
sought by both the 9/11 Commission and born of her own work.
    Prior to her work on the Commission, she served as counsel 
to the Senate Judiciary Subcommittee on Terrorism, Technology, 
and Government Information, worked extremely hard on this 
Committee and knows the Committee well. And she is a graduate 
of Duke University and Villanova School of Law.
    Ms. Kephart, thank you for taking the time to be here.

     STATEMENT OF JANICE KEPHART, PRESIDENT, 9/11 SECURITY 
              SOLUTIONS, LLC, ALEXANDRIA, VIRGINIA

    Ms. Kephart. Thank you, Chairman Leahy. It is an honor to 
be before you as an alum of the Committee that prepared me so 
well for my work on the 9/11 Commission. I appreciate very much 
this Committee's continued interest and effort in the 9/11 
Commission recommendations, including the issue of identity 
document security that REAL ID addresses head-on.
    I am here in my own capacity today, but I would like to 
remind you that the 9/11 Commission gave high marks for passing 
REAL ID legislation, and former Commissioner and Secretary of 
the Navy John Lehman had an op-ed in this morning's Washington 
Post in support of REAL ID. I am also happy to be one who 
speaks with the 70 percent of Americans who, in a very recent 
Zogby poll, are in favor of REAL ID driver's licenses.
    To summarize where REAL ID stands today, every State DMV 
has taken at least a couple of steps toward REAL ID 
implementation. Forty-eight States and D.C. are checking Social 
Security numbers. Twenty check legal status. Three States are 
sharing vital events digitized records, and four
    more are about to come online. Alabama, New York, and Texas 
are considered innovators in REAL ID compliance. In addition, 
at least 23 State legislatures have bills supporting REAL ID in 
some manner. And there are passed bills in favor of REAL ID as 
well in States like Kansas and Michigan.
    The REAL ID law is based on the States' own exceptionally 
detailed post 9/11 work in establishing best practices to fix 
the State driver's license system that was known to generate 
neither secure IDs in content or production.
    The critical question of this hearing--Will REAL ID 
actually make us safer?--is absolutely the correct question to 
ask. And the answer, in my opinion, an unequivocal yes, by 
assuring greater national and economic security, public safety, 
and privacy. If REAL ID is implemented, individual Americans' 
identities are less likely to be stolen, their children safer 
from underage drinking and driving, and as the Fraternal Order 
of Police has stated, a cop on the beat is more likely to know 
who is being encountered.
    Last Wednesday, Subcommittee Chairwoman Feinstein held an 
excellent hearing on terrorist travel in this room whose theme 
was that secure IDs are essential for assuring people are who 
they say they are at our borders. REAL ID helps us do this 
within our borders. By looking at all the ways yesterday, 
today, and in the future as to how terrorists, counterfeiters, 
and criminals do their work.
    The 9/11 hijackers, we need to remember, assimilated into 
the U.S. by attaining 17 driver's licenses from Arizona, 
California, and Florida and 13 State-issued IDs, including the 
7 they fraudulently acquired in Virginia. Like other criminals 
and terrorists, the 9/11 hijackers then used those IDs for the 
purpose of renting cars, obtaining living quarters, and opening 
bank accounts. At least six hijackers total presented State-
issued IDs on the morning of 9/11 to help look like Americans 
and board aircraft. The pilot who flew into the Pentagon had 
four IDs from four different States, and the Pennsylvania pilot 
had three IDs and an unverifiable ID when stopped for speeding 
2 days prior to 9/11. The officer that stopped him needed an 
identity to associate with information, but he could not verify 
the ID, he could not verify the identity, and thus had no 
information to associate with it.
    The 9/11 final report terrorist travel recommendations 
called for ``setting standards for issuance of State IDs and 
designing a comprehensive screening system that sets common 
standards.'' The 9/11 Commissioners' 2005 final report gave 
Congress a really good mark for passing REAL ID, but cautioned 
``States' compliance needs to be closely monitored.''
    What has become unfortunate, in my opinion, is that myths 
and misinformation continue to abound about REAL ID, and let me 
address the most critical ones.
    First, REAL ID is not a mandate. It preserves States' 
rights, letting States choose whether to comply or not. States 
are making that decision now. A mandate is a requirement, and 
REAL ID is not that.
    Chairman Leahy. Ms. Kephart, I will give you added time for 
this. Would you add that if it says that you are not going to 
be able to go into Federal buildings, citizens of your State 
cannot go into Federal buildings or board airplanes without it, 
do you still feel that is not a mandate?
    Ms. Kephart. It is not a mandate, sir, when you do not 
actually require the State to do it.
    Chairman Leahy. You just cannot fly or go into Federal 
buildings.
    Ms. Kephart. Well, what DHS has said is that they will just 
require--they will work with the States to provide another set 
of requirements. But DHS could answer that question.
    Chairman Leahy. Which they have not done.
    Ms. Kephart. I believe that will come out in the rules, 
sir. The ending date is today.
    Second, REAL ID does not create a national data base. It 
does actually just the opposite. It keeps data flows to defined 
fields of information regarding Social Security information, 
birth and driving records, and other checks, with only the 
originator of the data capable of holding it and keeping it.
    Third, REAL ID does not invade privacy. The current REAL ID 
Notice of Proposed Rulemaking makes recommendations for best 
practices States should employ to protect privacy, and they 
have put a lot of effort into that. These best practices are 
hefty. They build on the Commercial Driver's License 
Information System and the National Driver Register---data 
bases created in 1986 and serving 45 States. In 20 years of 
operations, there have been no complaints at all about 
intrusions on privacy or identity theft from either of those 
data bases. One reason why is the 1994 Driver's Privacy 
Protection Act which protects driver data. Also worth 
mentioning is that the ITAA, the Information Technology 
Association of America, yesterday issued a report stating that 
REAL ID protects privacy beyond what exists now. They represent 
the folks who do this work for a living.
    Fourth, REAL ID does not create a national ID card. It 
avoids a national ID card. States use and control their own 
issuance processes, including meeting or exceeding REAL ID 
minimum standards.
    In conclusion, to make REAL ID a reality requires more than 
just the Federal Government or the States can do alone. It 
requires a partnership. It also requires recognition that 
securing U.S. physical and economic integrity is not just a 
Federal responsibility. It is everyone's responsibility. Not 
implementing REAL ID simply keeps us right where we are, which 
is vulnerable. What we need now is to deal with what we have, 
make it work, and provide the real seed money necessary to help 
States comply with REAL ID. It is resolution of this issue that 
gets us closer to secure IDs sooner rather than perhaps never.
    Thank you, Mr. Chairman.
    [The prepared statement of Ms. Kephart appears as a 
submission for the record.]
    Chairman Leahy. Would you feel that he Federal Government 
should pick up the tab on this?
    Ms. Kephart. The Federal Government needs to do its share, 
sir, absolutely.
    Chairman Leahy. And what is its share?
    Ms. Kephart. Its share is the seed money to get the States 
started.
    Chairman Leahy. What is seed money--5 percent, 2 percent of 
the total--
    Ms. Kephart. Sir, I am not an economist to figure that out, 
but it is whatever the combination of DHS and OMB says the 
States need to get started. States have to maintain their own 
DMVs anyway, so what REAL ID needs to do is help them do what 
they--beyond what they would do anyway for achieving best 
practices to what REAL ID requires. And whatever that 
difference is is what the Federal Government should supply.
    Chairman Leahy. What State do you live in?
    Ms. Kephart. I am from Pennsylvania originally. I live in 
Virginia now.
    Chairman Leahy. Good luck when you are standing in line.
    Ms. Kephart. I would be happy to for my country, sir.
    Chairman Leahy. All of us would, if it really made our 
country safer, just as I am sure I would feel that we were 
doing a great deal for the country when we watch former Vice 
Presidents and former Secretaries of State and former Chairmen 
of the Joint Chiefs of Staff having to take their shoes off and 
everything else, knowing that that is making us safer.
    Senator Feingold?
    Senator Feingold. Thank you, Mr. Chairman, very much for 
your great courtesy in letting me go ahead of you in the 
questions, and thanks to all the witnesses for their testimony 
on this important topic.
    Mr. Harper and Mr. Gilbert, there has been a lot of 
discussion about the immense cost to State DMVs of implementing 
the REAL ID Act, but I have heard less about the burden on 
other types of record keepers which will be expected to verify 
identity documents as a part of the driver's license issuance 
process. Take birth certificates, which for most Americans who 
do not have passports are going to be the only proof of 
identity they can provide under the DHS regulations.
    Birth certificates are issued by any of a number of local 
and State entities, and many birth certificate records are not 
electronic. Yet somehow all the State DMVs are going to have to 
verify with the issuing entity every birth certificate that is 
presented as proof of identity. I know this is going to be an 
issue in Wisconsin, where it is apparently going to cost 
approximately $25 million to digitize and match all the birth, 
marriage, and death records in the State.
    Can you expand on what vital records offices are going to 
need to do in order to comply with REAL ID and what sort of 
costs they can be expected to incur? And can you comment on 
whether this is a good idea to begin with? Mr. Gilbert?
    Mr. Gilbert. Senator, Vermont has no vital records office 
in the sense that most States do. Birth certificates are kept 
in town clerks' offices, which are literally sometimes part of 
a person's home. So there often is not even security for these 
kinds of documents, and the authenticity of a birth 
certificate, I have been told, from Vermont is being questioned 
by more and more States because of the lack of security. But 
that is the way it has been done in Vermont for many, many 
years.
    One of my sons was born in Vermont, and his birth 
certificate is kept by the town clerk of Berlin, Vermont. That 
is where the hospital where he was born is located. My other 
son was born in Germany. His birth certificate is on file with 
the U.S. Department of State. And for us to get a copy of his 
birth certificate, or for him to get a copy of it, I think he 
has to make application and wait--I do not know how long--until 
he gets a copy of the birth certificate.
    But those are two examples of procedures that I think are 
going to be difficult for some people to be able to carry 
through on when they go to a DMV, and then the DMV is going to 
have to certify that the birth certificate from the Berlin, 
Vermont, town clerk's office as well as the U.S. Department of 
State birth certificate are accurate. That is going to require 
a lot of verification.
    Senator Feingold. Mr. Harper?
    Mr. Harper. Well, it is a foresighted question that I do 
not think has a good answer yet, because the local public 
records offices have yet to really get together and figure out 
what this problem is. The first wave of debate about REAL ID 
has been when State legislators recognized the cost to them of 
doing this. The next wave comes when the local offices, like 
Mr. Gilbert talked about, are asked to digitize or put online 
records that they have kept in drawers in their basements and 
hidden away.
    In addition to the costs of doing that, the huge logistical 
problems with doing that, there are the security concerns with 
doing that. It is quite secure and quite private to have a 
paper document in a remote office somewhere. It is inefficient, 
but that inefficiency gives you security.
    When these documents are scanned, when they are put online, 
when the scanned images and the information from them are in 
data bases, that is much more efficient, but it is much less 
secure. And I think people have yet to think about that 
dimension of the problem.
    It is rather easy to put forward a pilot program and say, 
well, this pilot has suffered no breaches, there have been no 
complaints about this pilot program. The commercial driver's 
license system is an example where there are approximately 13 
million commercial driver's licenses out there in the system. 
There is a difference in kind, not degree, from going to 13 
million to going to 250 million, which include not just truck 
drivers but Senators, judges, officials of all kinds, and, for 
that matter, Paris Hilton. That is a system that is not secure 
the way a small system dealing with a relatively different 
class of people would be.
    I have a shoebox in my apartment with business cards in it. 
It has never been breached. But if I put gold in it, it might 
be breached, and that is the kind of difference we are talking 
about.
    Senator Feingold. In that vein, REAL ID appears to be on 
its face simply a new system for issuing identification cards 
and driver's licenses. But I, too, am concerned that REAL ID 
will ultimately create a system used for a variety of other 
purposes that many people would find troubling, such as 
tracking Americans' movements and activities. And I see nothing 
in the proposed regulations limiting this type of use of the 
REAL ID cards and associated data bases. Am I right to be 
concerned about that? And what other potential consequences 
might arise? Mr. Harper?
    Mr. Harper. I do serve on the Department of Homeland 
Security's Data Privacy and Integrity Advisory Committee. We 
had a meeting recently where Ann Collins, the Registrar of 
Motor Vehicles from the State of Massachusetts, spoke, and she 
said, ``If you build it, they will come.'' What she meant by 
that is that if you compile deep data bases of information 
about every driver, uses for it will be found. The Department 
of Homeland Security will find uses for it. Every agency that 
wants to control, manipulate, and affect people's lives will 
say, ``There is our easiest place to go. That is our path of 
least resistance.''
    So mission creep is the quick summary to this problem. If 
you build it, they will come. So I think it is very important 
to keep that in mind.
    I will note, by the way, that the Department of Homeland 
Security's Privacy Committee is submitting comments to the DHS 
in its rulemaking, and the most important part of it to me--I 
think they took great care to offer helpful, constructive 
comments--but the most important part is at the outset the DHS 
Privacy Committee declined to endorse REAL ID as being an 
effective or appropriate program to put in place.
    Senator Feingold. Mr. Schneier, I understand that there 
have been numerous incidents in recent years of DMVs being 
broken into or DMV employees taking bribes to issue fraudulent 
licenses. Do those kinds of incidents remain a problem? And 
what do they suggest about the success of the REAL ID Act in 
securing driver's licenses?
    Mr. Schneier. Well, what it says is that secure identity 
systems are much more complicated than REAL ID, and certainly 
when you look at the system, you have to look at the mechanisms 
to get the card, what happens when you lose a card. And, you 
know, it is the breeder documents. You talk about the expense 
and convenience, but it is also the security. That would look 
at the ethics and how well trusted the people who issue the 
licenses are. You also have to look at the verification 
procedures. We were talking about the data bases and who has 
access to them. You do not have to worry about the data base 
itself, which should be accessible from police cars, airline 
check-in stations, schools, from wherever it is being used. 
Also, you have to think about the shadow data bases. Whenever 
you build a credential like this that is so valuable and so 
useful, there will be a shadow data base collected by the data 
brokers, that when you present your card at a hotel or at a 
bar, it will be scanned, and that data will go in the shadow 
data bases. Suddenly, what starts out as a simple data base 
becomes even bigger.
    So, yes, I would worry about not only the clerks issuing 
them, I would worry about the clerks who are putting those 
birth certificates online. If it is cheaper to bribe them than 
it is to bribe a DMV clerk, you are going to do that.
    If you want to subvert the system, you have to look at the 
weakest link, and just REAL ID is so incredibly complicated. 
There are so many links.
    I put a diagram in my written testimony, which 
unfortunately I could not really put up on a screen, to try to 
lay out all the different ways there are security 
vulnerabilities in the system. And I think it is much more 
complicated than really a lot of people are thinking.
    Senator Feingold. OK. Mr. Gilbert and Mr. Schneier, 
identity theft is obviously a growing problem. Many people are 
concerned about the many recent security breaches of private 
and Government data bases containing sensitive personal 
information. Wouldn't the information gathered as part of REAL 
ID implementation also be vulnerable to these types of 
breaches? Mr. Gilbert?
    Mr. Gilbert. This has been a big concern to people in 
Vermont because there has been a series of data breaches of 
Government data bases in our State just this past winter, and 
there were some legislative hearings held on this. Our 
Department of Motor Vehicles commissioner was asked the same 
question in testimony before one of the legislative committees, 
and she acknowledged that there are over--there are several 
hundred attacks daily on their data base trying to get at the 
information in the DMV system.
    She feels that their system is secure, but I think what Mr. 
Schneier is pointing out is true, that when you up the ante of 
the value of the information, the people who want that 
information are going to try harder and harder and do more and 
more to try and get at it. And I have become convinced that 
building a secure system is just very, very difficult, that 
there has got to be another way to do this. And I do not think 
we have found that quite yet.
    Senator Feingold. Mr. Schneier?
    Mr. Schneier. Mr. Harper has already said that there is 
security in keeping records offline, that there is inherent 
security of making them hard to get to. They are hard to look 
at, and they are hard to change.
    Putting records online as part of REAL ID I think will make 
us less secure against identity theft because now data is more 
accessible, and it is also easier for someone to change.
    In a lot of ways, REAL ID does not affect identity theft 
because identity theft is not based on a piece of plastic. It 
is based on electronically impersonating you via a website to a 
bank. What it does affect is it centralized credentials, and we 
are safer because an identity thief can go after only one 
thing--one bank account, one broker age account--and attacking 
one does not get you the other. And if REAL ID moves to its 
logical conclusion, where it becomes the single ID used for all 
sorts of things, if you read the DHS rulemaking, that is what 
they are looking for. Then we are at increased risk of identity 
theft because now there is one document that can be stolen, 
which is the keys to everything.
    It is really paradoxical. We are more secure from criminals 
through distributed identity. The fact that you could open up 
your wallet and you have a dozen different cards and each one 
does one thing and not just one card, that is what makes us 
safer.
    Senator Feingold. Thank you for your answers. I have to 
leave now, so I am just going to very briefly recess--I do not 
need to. The Chairman arrives.
    Thank you, Mr. Chairman.
    Chairman Leahy. Speaking of Vermont, we had a group of 
Vermonters who stopped by, and I stepped out for a moment for 
that.
    Mr. Gilbert, let us start with you. I have expressed--and I 
understand and I appreciate Dr. Carafano's and Ms. Kephart's 
views to the contrary, but I am concerned about the Federal 
Government basically taking over State DMVs. In fact, we have 
to protect our personal information. We also have to have 
national security. I am not sure they have to be exclusive by 
any means.
    We know from what we have seen that had there been better 
use of the information we had, 9/11 could have been avoided. 
But I worry that the steps, those things that could make us 
vulnerable, are steps that are not being taken.
    When you talk to other Vermonters about this, from your 
testimony--and I know you refer to the construction business. I 
know the others you are talking about. You have gone through a 
cross-section of Republicans, Democrats, across the political 
spectrum. Is there any one aspect more than others that people 
object to?
    Mr. Gilbert. I think it is the privacy aspect that people 
are most concerned about. The money aspect is important to a 
legislator who is trying to find a couple million dollars to 
fix a bridge in his or her town. But I think the privacy aspect 
is something that just simply rankles Vermonters. And I think 
it rankles people in many other States around the country. 
There have been numerous resolutions and some binding 
legislation passed opposing REAL ID, and a good deal of that is 
based on a sense that REAL ID is going to violate privacy in a 
way that is not going to give us the security that has been 
promised.
    And I think when people look at that kind of equation, they 
say it is simply not the way to go; we need another way to get 
at this problem of standards for driver's licenses.
    Chairman Leahy. You know, it is interesting on privacy. I 
have always had a listed home phone number. I had it when I was 
a prosecutor. I have it now. Most people will not call me at 
home. They figure that if I get a chance to be at home with my 
family, they are going to give me privacy, and it is kind of 
the way we are. But I worry more than just kind of the feelings 
we have in our State. I also worry that the information given 
can get lost. We have seen the VA in a colossal act of 
incompetence lose material with our personal information, the 
Department of Agriculture do the same thing. TSA has had 
material with backgrounds on people stolen out of their 
headquarters. Most recently, the Department of Agriculture 
posted people's Social Security numbers online. It has been 
almost mind-boggling, the data losses in this administration. 
But a lot of big companies have done it, too. T.J. Maxx is an 
example. We had one major bank who just simply shipped by 
commercial airline all of the personal information of their 
customers to go off to a storage thing, and it got lost. They 
cannot find where it went.
    Now, I assume that their executives probably fly in private 
planes, and they are not used to having luggage lost. Any one 
of us who flies commercially, as I do and you do, knows that 
that actually happens. And it got lost, and they said, ``Oops, 
sorry.''
    Let me ask also, you mentioned domestic violence groups. 
Tell me why the concern there.
    Mr. Gilbert. The concern is that the victim of domestic 
sexual violence often wants to protect her residence, her 
identity in the sense of where she lives. She has a fear of 
physical attack. And Vermont is one of, I think it is about 20 
States that currently offers a program where victims can use a 
post office box that actually is run by our Secretary of 
State's office, and mail, for example,
    can be delivered there, and the person can pick her mail up 
that way.
    One of the problems with even the Department of Homeland 
Security's recognition of this problem is they have a fix in 
place for States like Vermont that already have a program, but 
for all the other States that do not have a program, it is not 
clear how identity could be protected in this way. And the 
victim advocates that I talk to in Vermont are really concerned 
about this.
    Chairman Leahy. Thank you. Let me ask this--Dr. Carafano?
    Mr. Carafano. Sir, I think it is a perfect example of a 
fixable problem, why the rulemaking process is so important. Of 
course, the easiest fix on this is for someone that has been a 
victim of domestic violence abuse or a judge or a Federal 
prosecutor or anyone that does not want their legal residence 
on the front face of their identity credential is to have a 
post office box. And I think that within the rulemaking 
process, that is an easy fix.
    The law enforcement community does not need to see your 
address on the front of your identity credential. What they 
want to know is that you are you, that is primarily your full 
legal name, your date of birth, and your driver's license 
number. If they need to get your legal address, they can obtain 
that from other means.
    So I do think that this is one that is not a show stopper 
in any way, shape, or form. It is an absolutely totally 
legitimate concern that can be addressed intelligently through 
the rulemaking process.
    Chairman Leahy. Well, I do note that I have a listed home 
phone number, both here in the Washington area and in Vermont, 
and it does not have a street address on it.
    Mr. Carafano. And I do not think there is anything in REAL 
ID that should preclude people from wishing to have their post 
office box on the front of their credential.
    Chairman Leahy. I do not want my post office box on there. 
After all, I received one of the two deadly anthrax letters 
that I was supposed to open. It was sent to me. It was so 
deadly that two people who touched the outside of the envelope 
I was supposed to open died. I am not too eager to have my post 
office box there, which I do have. I get all my mail in a post 
office box. I am not too eager to have that known.
    Mr. Carafano. There is no way it precludes somebody from 
getting your address and mailing you an evil thing, so that--
    Chairman Leahy. Nothing gets mailed to my home. Ever since 
they tried to kill me with a letter, it goes through a 
specialized screening area.
    Let me ask you this, and I am going to ask this of each one 
of you. The Washington Post ran an editorial this morning by 
former Navy Secretary John Lehman supporting the law. Mr. 
Lehman argued that the REAL ID law will not result in a Federal 
data base.
    A simple question of each of you: Do you agree with that?
    Mr. Gilbert. I do not agree with that for the same reason 
when I go online and type in something in Google, I am 
essentially tapping into one integrated data base made up of 
thousands of other data bases around the world.
    Chairman Leahy. Mr. Harper?
    Mr. Harper. I do not agree with that.
    Chairman Leahy. Dr. Carafano?
    Mr. Carafano. I absolutely agree with that. There is a 
significant distinction between a single centralized data base 
that does not have any firewalls, any intrusion protections, 
any kind of protocols, and integrated data bases where you can 
put in firewalls, you can put in intrusion detection devices, 
you can set up screening and all kinds of protocols to make 
sure of that. That is what we do with--because we live in a 
world of integrated data bases. If your argument is let us not 
have any integrated data bases because that is an unacceptable 
privacy concern, then this economy and this society is simply 
going to cease to function. It is a distinction with a 
significant difference.
    Chairman Leahy. So you agree this will not result in a 
Federal data base.
    Mr. Carafano. This simply does not create a new national 
data base. Absolutely. There is no question about that.
    Chairman Leahy. Mr. Schneier?
    Mr. Schneier. I think it is a semantic dodge. There are 
lots of single data bases that have firewalls and IDSs. There 
are lots of single data bases that look like distributed data 
bases. There are distributed data bases that look like single 
data bases. How you implement it and how it is presented are 
completely orthogonal. This will result in a large Government 
data base, Federal or State. It will be accessed by both, so I 
am not convinced that is a difference that makes a difference.
    What it does is it makes a single--it is a one-stop shop 
for the data, and that is what is important. And who writes the 
check I think is secondary, and exactly how the computer 
scientists build the computers and the networks is also 
secondary.
    Chairman Leahy. Ms. Kephart?
    Ms. Kephart. Well, I think it is a slam dunk, probably, 
what I will answer on that. Of course, I agree with former 9/11 
Commissioner Lehman. In my testimony I have a chart. It is part 
of a paper that I released in April, and that chart shows the 
differentiated data bases that are checked.
    Chairman Leahy. So you agree that this would not be--
    Ms. Kephart. This is not a Federal--
    Chairman Leahy. This would not result in--
    Ms. Kephart.--data base. The data--
    Chairman Leahy.--a Federal data base. That--
    Ms. Kephart. OK. The data goes through--
    Chairman Leahy. That is a question--let me ask this next 
question. He asserts that the law is an unfunded mandate and 
that Congress should step up and fully fund the real costs that 
this essential program will impose on the States. Now, that is 
assuming that we do not change the program and it goes through 
as it was slipped into this appropriations bill.
    I am going to ask each one of you: Do you agree with Mr. 
Lehman's assertion that this is an unfunded mandate and that 
Congress should step up and fully fund the real costs that this 
essential program imposes on the States? Mr. Gilbert?
    Mr. Gilbert. I do not think Congress should fund any 
program that in the end is not going to be able to accomplish 
what the program is intended to do. If we could come up with a 
different program where we had cooperation with State and 
Federal officials, there was a chance for civil liberties and 
privacy experts to be involved, then I think it would be 
appropriate for the Federal Government to help the States pay 
for this.
    Chairman Leahy. Mr. Harper?
    Mr. Harper. It is an unfunded mandate, and it should not be 
funded because it should not be implemented.
    Mr. Carafano. I do believe Congress should pay its fair 
share of implementation of the system. I think people in States 
have a right--many of these States have antiquated systems 
which are providing no protections. We talked a lot about 
commercial data. There is more data on us in the commercial 
sector than the Government has, and there are many best 
practices and excellent practices in the commercial sector to 
safeguard data, and the notion that we should expect--not hold 
our Government up to at least the standards of best practices 
in the commercial sector is just wrong.
    Chairman Leahy. Did T.J. Maxx follow those best practices?
    Mr. Carafano. Again, sir, I did not say everybody in the 
commercial sector, but there are best practices out there that 
are in the commercial sector that are protecting data, and the 
notion that we should give our Governments a bye and not then 
at least safeguard our data as good as the people in the 
commercial sector is simply wrong.
    Chairman Leahy. Did the United States Department of 
Veterans Affairs follow that best practice?
    Mr. Carafano. Again, sir, we should expect Government to do 
the right thing, and we should expect value for service. I 
mean, I think--I do not think--
    Chairman Leahy. We expected the Government to respond to 
Katrina and--
    Mr. Carafano. I do not think that is a unreasonable 
requirement to expect our Government to do what the commercial 
sector can do in legitimately protecting data if they do the 
right thing. I mean, this is ridiculous to think--
    Chairman Leahy. Yes, I--
    Mr. Carafano.--that we should have State that should be 
allowed--
    Chairman Leahy. I agree with--
    Mr. Carafano.--to have 19th century systems that make their 
citizens incredibly vulnerable and that they do not provide a 
minimum level of protection. I think that is unreasonable. I 
think it is unconscionable.
    Chairman Leahy. I was not aware that in the 19th century we 
were issuing too many driver's licenses. But, Dr. Carafano, you 
know, we expect them to do that. But until they can prove they 
can do it, that worries me. When they--
    Mr. Carafano. And--
    Chairman Leahy. May I finish, please?
    Mr. Carafano. Yes, sir.
    Chairman Leahy. If it is OK with you. If the Department of 
Agriculture posts online people's Social Security numbers, 
sure, we can say we expect that it is part of the 
administration--the administration is strong on security, 
applaud them for saying the right things. But when they start 
releasing that online, that is not doing the right thing. When 
you cannot even secure computers inside TSA, it kind of makes 
you wonder. That is what I am saying.
    We may well agree if we are going to have this, of course, 
there should be best practices. You and I agree on that. But so 
far, this administration, just like a lot of our major 
corporations and banks, has not demonstrated the best 
practices. We know it is best practices to be able to set up 
ATM machines where they cannot steal your ID. They are showing 
on television how easy it is because they have not set up such 
best practices to prevent the theft of your identification at 
ATM machines.
    Mr. Carafano. Senator, every one of the criticisms that was 
mentioned here today exists in the systems as they currently 
exist today. So if we do nothing, all the vulnerabilities that 
were mentioned here still exist there and persist. The notion 
is that if we do not create national standards, if we do not 
demand more from our Governments, they are never going to 
perform that. And I just think it is--the notion that somehow 
we are going to make progress by saying do nothing I think is 
just--it just does not make any sense. And that is why--
    Chairman Leahy. Just so we do not--
    Mr. Carafano.--I think it is important for the Federal 
Government to pay its fair share to do the right thing.
    Chairman Leahy. OK. Just so we do not forget my yes-or-no 
question 15 minutes ago, Mr. Schneier, do you agree with Mr. 
Lehman's assertion that this is an unfunded mandate and that 
Congress should step up and fully fund the real costs?
    Mr. Schneier. I definitely think this an unfunded mandate. 
As a taxpayer, though, I do not want you to step up and pay the 
real costs because I am not getting the real benefit.
    Now, I think you have been a little unfair to T.J. Maxx and 
the VA and the DHS because those are the ones that have made 
the news recently, but these breaches happen every single day.
    Chairman Leahy. Oh, I understand that, and in mentioning 
that, I just mention that because I think people understand, 
having seen it, that breaches happen every day, absolutely.
    Mr. Schneier. But the lesson in that is that this is hard 
to do. I mean, we can talk about best practices, but in 
reality, it is very, very hard to keep this data secure. And 
when you look at the system, the problem is not how do we make 
the IDs better, but the problem is we are relying on ID-based 
security.
    There was a notion in the beginning, privacy versus 
security. That is a false dichotomy. It is not a matter of 
identity. We need to get security. And you think of a door lock 
or a burglar alarm or a tall wall or a reinforced cockpit door. 
There are lot of security measures that have nothing to do with 
privacy.
    Chairman Leahy. Well, but DHS and the other supporters of 
REAL ID keep saying that we must do all we can to protect 
ourselves and cost is no object. I would point out the Oklahoma 
City bomber had a valid driver's license. Nothing would have--
if he had been stopped while he was driving that truckload of 
explosive in a routine check, he had a valid driver's license. 
The 9/11 hijackers had valid State driver's licenses.
    Now, the REAL ID costs, I think DHS is the one that came up 
with the $23 billion cost estimate in its draft regulations. 
They also said they have to update their security standards in 
3 to 5 years, adding billions more in administrative costs.
    Are we in a ``security at any cost'' situation?
    Mr. Schneier. Clearly we are not. Security is always a 
tradeoff. Of course, there are always things we can do more. 
The question is: What has the value?
    Chairman Leahy. Ms. Kephart?
    Ms. Kephart. Well, I have to answer the 9/11 hijacker 
statement. The 9/11 hijackers had valid driver's licenses and 
IDs that at least seven of them obtained fraudulently. So the 
rest of that sentence needs to be there. Also, the REAL ID--
    Chairman Leahy. Well, thank you for telling me what I 
should say, Ms. Kephart. That is an amazing help, and I cannot 
thank you enough because I do not have the experience that you 
have after 32 years here in the Senate dealing with these 
matters. But let me add to this. They also could have not had 
to have any kind of an ID like that, and they had a passport. 
Is that correct?
    Ms. Kephart. They had passports that had much fraud in them 
as well. That was not detected.
    Chairman Leahy. And that is my point. We have a lot of 
people who come to this country that have passports, we look at 
them, and they appear totally valid on their face. You know and 
I know that both of us could within a matter of hours get 
passports that could pass scrutiny, and they would be fake 
passports--the point being if you are going to just rely on 
what ID you want, you can get fake IDs. Am I correct?
    Ms. Kephart. Absolutely you are correct--
    Chairman Leahy. Could you go to--
    Ms. Kephart.--and REAL ID is set out to address that based 
on the States' own best practices that they set out in a 
security document framework in AAMVA. And that is the basis of 
the REAL ID language.
    To answer your original question--
    Chairman Leahy. What in the REAL ID Act is superior to the 
driver's license provisions in the 2004 Intelligence Reform 
Act, which was passed after actual negotiation and discussion 
in a bipartisan way? What is superior in this to the driver's 
license provisions of the 2004 Intelligence Reform Act?
    Ms. Kephart. It sets out a more detailed set of language 
that is based on the 13 task force work that was done in AAMVA 
through the States, and it specifically draws on language that 
had been done by the States on their own. So it is more 
specifically geared to what the States wanted to begin with.
    Chairman Leahy. Does it bother you at all that this was 
passed with absolutely no input, debate, or anything else, just 
added in?
    Ms. Kephart. Sir, I would have always appreciated that my 
old Committee that it had gone through, but from what I 
understand, when Tom Davis drafted this and it went through Mr. 
Sensenbrenner's Committee, REAL ID was actually put on as a 
rider to get more votes because at the time it was very 
popular.
    Of course, the Senate should have had a chance to view it--
    Chairman Leahy. Would you--
    Ms. Kephart.--but that is kind of water under the bridge 
now--
    Chairman Leahy. Do you think this is what--
    Ms. Kephart.--and we are dealing with--
    Chairman Leahy. No, it is not water under the bridge. I 
mean, you have the Nation's Governors, Republicans and 
Democrats, who are saying they want to have a voice in this. 
Should they just be ignored?
    Ms. Kephart. They have a voice--
    Chairman Leahy. Or is this a case--
    Ms. Kephart.--in the proposed rules, sir.
    Chairman Leahy. Is this a case where the Federal Government 
knows better than the States?
    Ms. Kephart. Absolutely not, which is why--
    Chairman Leahy. Thank you.
    Ms. Kephart.--the comment period has been what it is. Thank 
you.
    Chairman Leahy. Thank you.
    I have other questions concerning what happens if these IDs 
are lost or stolen, whether they should be an acceptable 
credential for coming in from Canada. We are now talking about 
requiring passports to come in from Canada, an interesting 
thought when you have the largest unguarded frontier in the 
world. It will actually cut down very substantially the amount 
of traffic and commerce between two great nations. Any of us 
who live within a few miles of the U.S.-Canadian border know 
this will not stop somebody who wants to get across. And if you 
think it is easy in the eastern part of our country, go out in 
the western part. As somebody pointed out at one of the border 
crossings, one in the western part, the security is an orange 
cone sitting in the middle of the road.
    So do we look for substantive changes or do we accept what 
Ms. Kephart seems to be saying, that we have comment time and 
basically--and I do not want to put words in your mouth, Ms. 
Kephart, nor to finish your sentences for you, because I think 
now how offensive I would find that. But is this a case where 
we should just let DHS go forward with this? Or should we be 
seeking legislative changes?
    Ms. Kephart. Sir, I think the appropriate thing to do at 
this point, because a lot of time, effort, and money has been 
put into the proposed rules--the comment period ends today--is 
to see where those comments are. I am sure that the States and 
many others, including the folks at this table, have issued 
incredibly helpful comments to DHS. They have taken the privacy 
aspect of this very seriously. And I think as the comments come 
in, at the end of that period when it is reviewed and they 
issue their final rules, I think then is the appropriate time 
to decide whether to go back to the Intel Reform Act language 
or to proceed with REAL ID. But I think it is premature at this 
point, sir.
    Chairman Leahy. Thank you.
    Mr. Schneier?
    Mr. Schneier. I think that DHS has showed very little 
respect for the States and the people here. The comments are 
due today on the draft regulations. DHS has testified that we 
will get the final regulations by August or September. It is 
just not possible for DHS to read, review, and consider the 
thousands of comments they are getting, which tells me they do 
not intend to make any changes at all.
    If I could add one thing about the orange cone, I think the 
orange cone is a very good analogy to what we are trying to do 
here. That orange cone works if the Canadian drives right into 
and fails if he drives around it. And that is what we are doing 
here with REAL ID. Yes, if the bad guys do the exact thing we 
want them not to do that the REAL ID will prevent, we will 
prevent bad things from happening. But it is so easy for the 
bad guys to drive around it.
    Chairman Leahy. Dr. Carafano?
    Mr. Carafano. Mr. Chairman, I think there is a bigger 
problem for the Committee to focus on, and this is, I think, an 
incredibly unrealistic requirement in draft legislation for 100 
percent electronic verification on everyone in the United 
States before they get a job. To me, that is truly a national 
system, unworkable, unachievable, impractical, and that is a 
much, much bigger drag on our economy and a much, much bigger 
threat to our privacies and to this country as a whole than 
REAL ID.
    Chairman Leahy. Mr. Harper?
    Mr. Harper. You have a range of options open to you, of 
course. Restoring the 9/11 Commission-inspired identity 
security provisions in the Intelligence Reform and Terrorism 
Prevention Act is one. I think just as important, part of what 
you started here, is to have a national discussion on whether 
identity-based security gets you anything. I think that is most 
important. It is my opinion that it gets you very little.
    There are going to be identification systems going forward, 
and we should talk about the kinds of systems that can get you 
maximal security within that area without the surveillance. We 
are nowhere near that with REAL ID. We are going in the wrong 
direction. But there are systems we can put together that will 
solve these problems to the extent they can be solved. Direct 
security like Bruce Schneier talked about: cockpit doors, tall 
walls, That is real security. It does not rely on identity, and 
it does not have any privacy consequences at all.
    Chairman Leahy. Mr. Gilbert?
    Mr. Gilbert. If we do anything, I think we should go back 
to where we were in 2004 when the Intelligence Reform and 
Terrorism Prevention Act was being discussed. The ACLU and 
other groups were involved in the rulemaking. There was 
cooperation. There was discussion among officials on the State 
level and the Federal level, and then that sort of all got 
derailed with the REAL ID Act. And now we are sort of 2 years 
further along, and I think we might be further behind.
    But I want to underline what Mr. Harper just said. We in 
this country have really got to at some point face up to the 
fact that some things we think are making us safer and more 
secure might be having the opposite effect, and some things 
that we could be doing we are simply not doing because we are 
going for the jazzy things that sound as though they might be 
making us safer, and I am afraid they are really not. And I 
really worry that we as a country do not seem to have a level 
of awareness of the intrusion of electronic data and aggregated 
data bases in our lives.
    Chairman Leahy. Thank you very much. With that, all of you 
feel free, if you did not think you had enough time to answer 
any question, of course, I will provide room in the transcript 
to note that you wanted to add to that. Or if you find that you 
wanted to correct something, we will have room for that, and 
also questions or statements from other Senators. I think this 
is an extremely important issue. We want to be secure, but we 
also want our privacy. One of the great things about democracy 
is that you can usually guarantee both security and privacy. 
And in this debate it has become almost a cliche, but to make 
reference to--and I will paraphrase--what Benjamin Franklin 
said about those who would give up their liberties for some 
security: You usually end up with neither.
    Thank you.
    [Whereupon, at 11:46 a.m., the Committee was adjourned.]
    [Questions and answers and submissions for the record 
follow.]
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]