[Senate Hearing 111-883]
[From the U.S. Government Publishing Office]




                                                        S. Hrg. 111-883
 
   THE PASSPORT ISSUANCE PROCESS: CLOSING THE DOOR TO FRAUD, PART II

=======================================================================



                                HEARING

                               before the

                       SUBCOMMITTEE ON TERRORISM,
                    TECHNOLOGY AND HOMELAND SECURITY

                                 of the

                       COMMITTEE ON THE JUDICIARY
                          UNITED STATES SENATE

                     ONE HUNDRED ELEVENTH CONGRESS

                             SECOND SESSION

                               __________

                             JULY 29, 2010

                               __________

                          Serial No. J-111-104

                               __________

         Printed for the use of the Committee on the Judiciary




                  U.S. GOVERNMENT PRINTING OFFICE
64-705                    WASHINGTON : 2011
-----------------------------------------------------------------------
For sale by the Superintendent of Documents, U.S. Government Printing 
Office Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; DC 
area (202) 512-1800 Fax: (202) 512-2104  Mail: Stop IDCC, Washington, DC 
20402-0001




                  PATRICK J. LEAHY, Vermont, Chairman
HERB KOHL, Wisconsin                 JEFF SESSIONS, Alabama
DIANNE FEINSTEIN, California         ORRIN G. HATCH, Utah
RUSSELL D. FEINGOLD, Wisconsin       CHARLES E. GRASSLEY, Iowa
ARLEN SPECTER, Pennsylvania          JON KYL, Arizona
CHARLES E. SCHUMER, New York         LINDSEY GRAHAM, South Carolina
RICHARD J. DURBIN, Illinois          JOHN CORNYN, Texas
BENJAMIN L. CARDIN, Maryland         TOM COBURN, Oklahoma
SHELDON WHITEHOUSE, Rhode Island
AMY KLOBUCHAR, Minnesota
EDWARD E. KAUFMAN, Delaware
AL FRANKEN, Minnesota
            Bruce A. Cohen, Chief Counsel and Staff Director
             Brian A. Benzcowski, Republican Staff Director
                                 ------                                

      Subcommittee on Terrorism, Technology and Homeland Security

                 BENJAMIN L. CARDIN, Maryland, Chairman
HERB KOHL, Wisconsin                 JON KYL, Arizona
DIANNE FEINSTEIN, California         ORRIN G. HATCH, Utah
CHARLES E. SCHUMER, New York         JEFF SESSIONS, Alabama
RICHARD J. DURBIN, Illinois          JOHN CORNYN, Texas
AL FRANKEN, Minnesota                TOM COBURN, Oklahoma
EDWARD E. KAUFMAN, Delaware
                Bill Van Horne, Democratic Chief Counsel
               Stephen Higgins, Republican Chief Counsel


                            C O N T E N T S

                              ----------                              

                    STATEMENTS OF COMMITTEE MEMBERS

                                                                   Page

Cardin, Hon. Benjamin L., a U.S. Senator from the State of 
  Maryland.......................................................     1
    prepared statement...........................................    52
Kyl, Hon. Jon, a U.S. Senator from the State of Arizona..........     3

                               WITNESSES

Kutz, Gregory D., Managing Director, Forensic Audits and Special 
  Investigations Unit, U.S. Government Accountability Office, 
  Washington, D.C................................................     4
Sprague, Brenda S., Deputy Assistant Secretary for Passport 
  Services, Bureau of Consular Affairs, U.S. Department of State, 
  Washington, D.C................................................     6

                         QUESTIONS AND ANSWERS

Responses of Gregory D. Kutz to questions submitted by Senator 
  Cardin.........................................................    22
Responses of Brenda S. Sprague to questions submitted by Senator 
  Cardin.........................................................    27

                       SUBMISSIONS FOR THE RECORD

Arnold, Robert, National Vice President, National Federation of 
  Federal Employees (NFFE), Washington, DC, statement............    45
Kutz, Gregory D., Managing Director, Forensic Audits and Special 
  Investigations Unit, U.S. Government Accountability Office, 
  Washington, D.C., statement....................................    60
Sprague, Brenda S., Deputy Assistant Secretary for Passport 
  Services, Bureau of Consular Affairs, U.S. Department of State, 
  Washington, D.C., statement....................................    74


   THE PASSPORT ISSUANCE PROCESS: CLOSING THE DOOR TO FRAUD, PART II

                              ----------                              

                    THURSDAY, JULY 29, 2010
                                       U.S. Senate,
                                 Subcommittee on Terrorism,
                          Technology and Homeland Security,
                                Committee on the Judiciary,
                                                    Washington, DC.
    The Subcommittee met, pursuant to notice, at 2:30 p.m., in 
room SD-226, Dirksen Senate Office Building, Hon. Benjamin 
Cardin, Chairman of the Subcommittee, presiding.
    Present: Senators Hatch and Kyl.

OPENING STATEMENT OF HON. BENJAMIN CARDIN, A U.S. SENATOR FROM 
                     THE STATE OF MARYLAND

    Senator Cardin. The Subcommittee on Terrorism and Homeland 
Security will come to order. I want to thank our witnesses for 
being here today. I want to first thank Senator Kyl and Senator 
Feinstein for their strong interest and continuing interest in 
this issue of the integrity and security of the passport 
issuance process.
    On May 5, 2009, over 14 months ago, I chaired the Terrorism 
Subcommittee hearing entitled The Passport Issuance Process: 
Closing the Door to Fraud. Today we are holding part two of 
that hearing. And quite frankly, I didn't anticipate that we 
were going to need a second hearing on this subject when I 
convened the first hearing 14 months ago.
    During that hearing last year, we learned about the 
Government Accountability Office's undercover investigation 
that had been requested by Senator Kyl and Senator Feinstein to 
test the effectiveness of the passport issuance process, and to 
determine whether malicious individuals such as terrorists, 
spies and other criminals could use counterfeit documents to 
obtain a genuine U.S. passport.
    What we learned at that time concerned me a great deal. GAO 
reported to the Subcommittee, and I'm going to quote from its 
2009 report, ``Terrorists or criminals could steal an American 
citizen's identity, use basic counterfeiting skills to create 
fraudulent documents for the identity, and obtain a genuine 
U.S. passport.''
    ``GAO conducted four tests simulating this approach and was 
successful in obtaining a genuine U.S. passport in each case. 
In all four tests, GAO used counterfeit and/or fraudulently 
obtained documents.''
    The May 2009 GAO report went on to note that the State 
Department and U.S. postal employees did not identify GAO 
documents as counterfeit. And further noted, and I'm quoting, 
``GAO investigators later purchased an airline ticket under the 
name used of the four fraudulently obtained U.S. passports and 
then used that passport as proof of identity to check into his 
flight, get a boarding pass and pass through security 
checkpoints at a major metropolitan area airport.'' That was 
the 2009 report.
    But it was not the first report to identify problems with 
the passport issuance process. In 2005 and 2007, GAO brought 
these issues to light. As a result, the GAO's 2009 report 
stated, and again I'm quoting from the GAO report, that ``State 
Department officials have known about the vulnerabilities in 
the passport issuance process for many years but have failed to 
effectively address these vulnerabilities.''
    Those were very serious findings back in May of 2009 
because the U.S. passport is the gold standard for 
identification. A U.S. passport can be used for many purposes 
in this country and it gives an individual the ability to 
travel internationally which is an important tool for someone 
who wants to do us harm, including terrorists, spies and other 
criminals.
    So the integrity and security of the passport issuance 
process is extremely important because it can have a profound 
impact on the national security of the United States.
    More than 14 months have lapsed since the first GAO report, 
and today we will be learning about a new GAO undercover 
investigation that I requested along with Senators Kyl, 
Feinstein, Lieberman and Collins.
    In this new investigation, a GAO undercover, used 
fraudulent identity documents including fake drivers licenses 
and birth certificates to see if they could obtain genuine U.S. 
passports. So what happened this time?
    Well, once again U.S. postal and State Department employees 
failed to detect the use of fraudulent identity documents. GAO 
undercover investigators sought seven passports. Most of them 
were approved by the State Department. Moreover, four of the 
passport applications that were submitted used a photograph of 
the same GAO undercover agent, and two passport applications 
that were initially approved used Social Security numbers of 
deceased persons.
    There is some news that is a credit to the State Department 
because the State Department detected two fraudulent passport 
applications before they were approved. However, what happened, 
happened before, and we were all under notice that this needed 
to be changed.
    As the Subcommittee attempts to get to the bottom of this, 
we must not forget that dedicated people are working very hard 
to correct these problems and they take their responsibilities 
seriously. But we must do better, much better.
    Congress can help by giving the State Department all the 
tools it needs. In that regard, I am introducing, along with 
Senators Feinstein and Lieberman, legislation that will help to 
close the door to passport fraud. Today I'm introducing the 
Passport Identity Verification Act. This legislation is a 
common sense solution that will give the State Department the 
legal authority that it needs to access information contained 
in Federal, state and other data banks that can be used to 
verify the identity of every passport applicant and to detect 
passport fraud without extending the time that the State 
Department takes to approve passports.
    I also will be submitting for the record a letter from the 
National Federation of Federal Employees which has previously 
made a number of recommendations to the State Department as to 
how to improve the passport issuance process.
    And from my perspective, management in the State Department 
needs to partner with its employees to ensure that their 
helpful, constructive ideas are implemented. I understand that 
there is pressure on passport examiners to act quickly. I'm 
sure some of that pressure comes from Members of Congress on 
behalf of our constituents and I understand that the American 
people can become concerned when their travel plans, whether 
for leisure or business are linked to their ability to obtain a 
passport in a timely fashion.
    But we've got to get this right. It is not simply a 
question of process, techniques and training. We need to make 
sure that the agencies that are responsible for processing 
passport application documents are concerned about national 
security as well as customer service and we need to make sure 
that they have the legal authority, the resources and the 
technology to verify the identity of passport applicants and to 
detect passport fraud. We simply cannot issue U.S. passports in 
this country on the basis of fraudulent documents. There is too 
much at stake. We have the technology, and we have the 
information to prevent such abuses.
    We have with us today two witnesses, one from the GAO and 
one from the State Department. Before I introduce our two 
witnesses, let me turn to the Ranking Member, Senator Kyl, and 
once again before recognizing Senator Kyl, I want to thank him 
for his interest in this issue, not only his interest but his 
leadership and the fact that he brought this issue to the 
Senate's attention.

 STATEMENT OF HON. JOHN KYL, A U.S. SENATOR FROM THE STATE OF 
                            ARIZONA

    Senator Kyl. Thank you, Mr. Chairman. Again, I appreciate 
your holding this hearing and the work you've done on the 
legislation that you discussed. I also want to thank Senator 
Feinstein who can't be here because of a scheduling conflict. 
But as the Chairman noted, she too has a continuing commitment 
to continue to pursue this issue surrounding fraudulent 
passports.
    I agree with Chairman Cardin that the GAO, and the GAO, 
that the State Department's continued inconsistent application 
of data verification and counterfeit fraudulent detection 
techniques must be corrected.
    This information from GAO makes us all continue to wonder 
just how many individuals are fraudulently obtaining U.S. 
passports. GAO I think accurately calls this the most sought 
after travel document in the world. So we're talking about 
something very important.
    Back in February of 2008, partially a result of the 2007 
Joint Homeland Security FBI Threat Assessment, Senator 
Feinstein and I asked GAO to report on passport fraud. In March 
of 2009, it reported on state's weaknesses surrounding the 
issuance of passports. Senators Cardin, Feinstein, Lieberman 
and I asked them in early 2010 for an update on the issue and 
that is what we are receiving today.
    There are a myriad of corrections the State could make to 
correct some of the vulnerabilities in the passport process. 
Irrespective of whether State Department passport adjudicators 
have law enforcement authority, State could work more 
collaboratively with Social Security Administration to ensure 
that accurate and appropriate and near real time information 
about Social Security members is pursued by those approving 
passport applications.
    Additionally, the State Department could work more 
proactively with the Department of Homeland Security to make 
sure that the electronic vital events system project, which 
digitizes birth records, is completed and the State Department 
in my view should always work to confirm a birth certificate's 
authenticity.
    It is troubling that DHS was required to complete a 
spending plan for 2010 for the $10 million in appropriations 
for that consortium project but only yesterday, 10 months into 
the fiscal year 2010, sent the spending plan up to Congress.
    Mr. Chairman, I want to follow up with some more specific 
questions for our witnesses, but I do want to make clear that 
the problems that GAO has effectively highlighted both before 
and today are really indicative of overall identity theft 
issues that we face as a nation. We've got to continue to work 
to make sure that individuals cannot fraudulently obtain 
drivers licenses, passports, visas, border crossing cards and 
other documents in this country.
    I very much look forward to the testimony of our witnesses 
and again I appreciate your calling this hearing.
    Senator Cardin. Thank you very much, Senator Kyl. Today we 
will be hearing from two witnesses.
    Greg Kutz is the Managing Director of GAO's Forensic Audits 
and Special Investigation Unit which conducts forensic audits, 
evaluates security vulnerabilities and conducts investigations 
of fraud, waste and abuse for Congress. He is also a certified 
public accountant and certified fraud examiner.
    He has been with GAO for nearly two decades and prior to 
his present position, he was Director of Financial Management 
at GAO.
    Brenda Sprague is Deputy Assistant Secretary for Passport 
Services in the Consular Affairs Bureau of the Department of 
State. Ms. Sprague has been Deputy Assistant Secretary of State 
since July 20, 2008 and she previously served in the State 
Department's Bureau of Diplomatic Security in its Office of 
Language Services.
    She has also served in the foreign service. Ms. Sprague 
testified in our hearing on May 5th, 2009. We'll start with Mr. 
Kutz.

STATEMENT OF GREGORY D. KUTZ, MANAGING DIRECTOR FORENSIC AUDITS 
AND SPECIAL INVESTIGATIONS UNIT, U.S. GOVERNMENT ACCOUNTABILITY 
                    OFFICE, WASHINGTON, D.C.

    Mr. Kutz. Mr. Chairman and Ranking Member Kyl, thank you 
for the opportunity to discuss passport fraud. Today's 
testimony highlights the results of our most recent 
investigation.
    My testimony has two parts. First I will discuss what we 
did and second I will discuss the results of our undercover 
testing.
    First in March of 2009, we reported that State's passport 
issuance process was vulnerable to fraud. Specifically, we 
obtained four genuine U.S. passports using counterfeit and 
fraudulently obtained documents. This is important because as 
you mentioned and as this posterboard shows, with a U.S. 
passport, the world is yours.
    One year later at your request, we submitted seven 
fraudulent applications simulating the use of identity theft. 
For these tests, we used counterfeit and fraudulently obtained 
documents such as drivers licenses and birth certificates. 
These documents were prepared using publicly available 
hardware, software and materials.
    We also used seven different Social Security numbers from 
fictitious and deceased individuals. Two undercover agents 
applied for passports at six postal service and one State run 
location. Our tests were done in five different States and here 
in the District of Columbia.
    Now that I have said what we did, let me turn to the 
results of our undercover testing. As the Chairman mentioned 
specifically, State issued passports for five of our seven 
tests.
    I have in my hand the three genuine passports that we 
obtained. The posterboard shows on my right the actual breeder 
documents that we used to obtain these genuine U.S. passports. 
Some of the key flags that State missed include a 62-year-old 
using a Social Security number issued in 2009, counterfeit 
drivers licenses and birth certificates as shown on the monitor 
to my right there, one application with a vast age difference 
between the passport and drivers license photo and one 
application with a California mailing address, a West Virginia 
permanent address and drivers license, and a Washington, D.C. 
telephone number.
    This time as you mentioned there was improvement as State 
denied two of our applications after determining that they were 
fraudulent. For the first one denied according to State, they 
identified issues with our Social Security number. Subsequently 
they determined that our Florida birth certificate and our West 
Virginia drivers licenses were bogus.
    For the second denial, State identified discrepancies again 
in our Social Security number on our application. This time 
there were discrepancies against the birth date and Social 
Security records. Once again they determined that our drivers 
license and birth certificate were bogus.
    It also appears in this case that they had questions as to 
why the application was filed in Illinois, but the mailing 
address and drivers licenses were from Virginia and West 
Virginia.
    For the last two applications, physical passports were 
issued. However, according to State, these two passports were 
flagged when facial recognition technology linked the photos to 
our prior applications. State then recovered these two physical 
passports from the mail system.
    It is not clear why State was in some instances able to 
identify fraud and in other instances was not. As you both 
mentioned, one of the reasons for us being here today is to 
provide you with a status report on State's progress and its 
improvement initiatives. Another important benefit from today 
is for State to take these seven applications, and use them to 
improve their human capital, processes and the use of 
technology.
    In conclusion, significant concerns remain about State's 
ability to prevent passport fraud. With hundreds of different 
drivers licenses and birth certificates out there, recognizing 
counterfeits is a significant challenge.
    We look forward to continuing to work with this 
Subcommittee and State to improve passport fraud prevention 
controls.
    Mr. Chairman, that ends my statement, and I look forward to 
your questions.
    Senator Cardin. Thank you very much. Ms. Sprague.

STATEMENT OF BRENDA S. SPRAGUE, DEPUTY ASSISTANT SECRETARY FOR 
PASSPORT SERVICES, BUREAU OF CONSULAR AFFAIRS, U.S. DEPARTMENT 
                    OF STATE, WASHINGTON, DC

    Ms. Sprague. Thank you for the opportunity to discuss the 
Department of State's response to concerns raised by the 
Government Accountability Office in their latest undercover 
investigation of passport operations.
    Today I also seek your support for initiatives to assist 
the Bureau of Consular Affairs to detect and prevent passport 
fraud.
    We are fully committed to continually improving our system 
in order to maintain the most secure passport issuance system 
possible. That system, however, is not yet foolproof. We have 
made dramatic improvements over the past year and we will 
continue to work diligently to improve training, procedures and 
oversight of the passport application and adjudication 
processes.
    Through existing fraud detection procedures, we recently 
discovered that the GAO was conducting an undercover 
investigative operation of passport services. Investigators 
trained in document fraud submitted seven passport 
applications. They used legitimately issued Social Security 
numbers, counterfeit birth certificates and fake drivers 
licenses.
    We immediately identified fraud in two of their 
applications and identified fraud in two more prior to 
delivery. However, they successfully obtained three passports.
    Immediately upon discovering this GAO undercover operation, 
we took action. We placed all personnel involved in the 
issuance of those passports on 100 percent audit, conducted 
fraud training for all adjudicators and for the acceptance 
facilities involved, accelerated an aggressive deployment 
schedule of enhancements to our issuance system, which 
incorporated facial recognition technology, strengthened 
requirements for use of out of state identity documents, and 
developed a training module for all adjudicators on the 
adjudication and fraud issues raised by the GAO probe.
    We also initiated several longer range projects which 
include conducting a pilot of commercial database identity 
scoring, acquiring forensic document expertise in the 
development and delivery of our training programs, developing 
standardized on-line fraud indicator check sheets for our 
adjudicators and incorporating enhanced front end data checks 
into our document issuance system.
    Following a similar GAO operation 2 years ago in which we 
failed to detect any of the four applicant's fraudulent 
applications, we made process improvements and were more 
successful in detecting GAO's latest efforts. Even one passport 
issued in error is one too many and I am more upset than anyone 
that this has occurred. However, it was exactly the 
improvements which we put in place after the 2009 GAO operation 
that allowed us to recognize this operation before the GAO 
notified us.
    Following the first GAO investigation, we undertook the 
systematic review of our operations and developed a remedial 
plan that included revising adjudication standards and 
processes. Recalculating production standards, doubling the 
number of personnel devoted to fraud detection, enhancing data 
checks as part of our front end processing, introducing facial 
recognition technology and expanding the training provided to 
both specialists and supervisors in adjudication and in fraud 
detection.
    We have done much to address the vulnerabilities, but let 
me ask your help to eliminate them. The greatest threat to the 
integrity of the passport issuance process is document fraud. 
We need additional tools and stronger authority.
    First, we seek your assistance to pass legislation to 
designate Consular Affairs as a law enforcement entity for the 
purpose of data sharing. We need full access to state 
registries of births and death, and other identity information. 
Currently our access is restricted by the lack of such 
designation.
    Second, we seek the subcommittee's support to encourage 
standardization of the birth documents that we accept as proof 
of citizenship. There are more than 6,400 jurisdictions issuing 
birth certificates in the United States with more than 14,000 
versions in circulation.
    Thirteen states allow open access to birth records allowing 
virtually anyone to purchase copies of birth certificates on 
file. Differences in paper, format, signatures and security 
features make the detection of fraudulent birth certificates 
daunting.
    This is a challenge we face, and we face it every day. It 
is crucial that Congress encourage standardization of the birth 
documents that we accept as proof of citizenship.
    Third, we request your support to pass legislation to 
mandate that all passport applicants provide their Social 
Security numbers. In addition to birth documentation, we rely 
heavily on Social Security data to verify the identity of 
passport applicants. We seek legislation mandating that 
applicants provide Social Security numbers.
    Finally, we need your support for continued retention by 
the State Department of the WHTI surcharge as requested in the 
President's fiscal year 2011 budget. We need these funds to 
strengthen our systems and to combat fraud. Our request is part 
of a larger fee retention package which is in the President's 
2011 budget.
    Distinguished members of the subcommittee, I appreciate the 
constructive approach of this committee. I believe that all of 
us in the federal government are committed to enhancing our 
services so that they are safe, secure, efficient, equitable 
and responsive to the needs of the American people.
    I hope that you will support the initiatives I discussed, 
for they are essential to detecting and preventing passport 
fraud. I am ready to take your questions. Thank you.
    Senator Cardin. Well, thank you for your testimony. Mr. 
Kutz, let me at least clarify one part of the investigation so 
I understand it.
    In all seven of the efforts there was a false drivers 
license used, am I correct on that?
    Mr. Kutz. Yes. Six from West Virginia and the one in D.C. 
we used an actual D.C. counterfeit, correct.
    Senator Cardin. And none of these fake drivers licenses 
triggered the rejection of a passport, is that correct?
    Mr. Kutz. Not initially. We understand the two that were 
caught were initially because of the Social Security number 
discrepancies that then led to further investigation. That's 
our understanding.
    Senator Cardin. So it was the Social Security number that 
triggered the first two, and then there were facial differences 
I understand it on the next two that----
    Mr. Kutz. Not a facial difference, a facial match. In other 
words, we had multiple people, same faces with multiple 
passports. That's what we understand triggered the other ones.
    Senator Cardin. None of the triggering was, I guess my 
point is that you were able to use false, fake drivers licenses 
without getting detected basically?
    Mr. Kutz. The initial intake of those documents you see on 
my right, we don't believe anyone ever recognized those as 
counterfeits, that's correct.
    Senator Cardin. Thank you, that's helpful. Ms. Sprague, let 
me take you back to the May, 2009 hearing. You expressed some 
of the same sentiments at that hearing as you are now about how 
disappointed you are that you're not 100 percent, and that you 
take these issues very, very seriously.
    You also said that you were going to use your own red teams 
because you knew that the GAO would be back looking and you 
wanted to make sure that you were ready for that. Did you use 
red teams?
    Ms. Sprague. Yes, we did.
    Senator Cardin. How well did you do?
    Ms. Sprague. There were six attempts and we caught five of 
them.
    Senator Cardin. So GAO is better than your red teams?
    Ms. Sprague. GAO can get real Social Security numbers and 
diplomatic security can't.
    Senator Cardin. So I guess the other thing that has me a 
little bit concerned in your response is that you said that you 
detected the two, therefore you knew that GAO was after you, or 
at least was doing their investigation, and then you changed 
your procedures it looks like in order to counter what GAO was 
doing, which is fine.
    But we thought you would have the procedures to detect what 
terrorists, criminals, those who want to harm us, or those who 
just want to get a passport who are not entitled to a passport 
would do.
    My point is wouldn't you have taken these precautions from 
the beginning rather than just as a preemptive measure against 
a GAO investigation?
    Ms. Sprague. Detecting passport fraud and making certain 
that passports don't go to people who aren't entitled to them 
is our number one priority. However, we are taking advantage, 
if that's the appropriate word, of what we learned from these 
tests to make our process better.
    We also learned from what diplomatic security did and we 
were able to make our process better, so in that sense. But I 
do want to clarify one thing and that is that we are in the 
process of rolling out facial recognition. It is not rolled out 
across the entire system.
    After we realized that, or we believed that it was GAO in 
process, we wanted to check our system and see if there was 
anything more, and we were able at the headquarters level using 
software that is at a very early stage to go out and identify 
that in fact there were seven pictures that matched prior 
attempts. So that's how we identified the additional two.
    It wasn't that we changed our procedures because of the 
GAO. It was that we took advantage of a tool that is still in 
the developmental phase although it is well along and will be 
in complete operation by the end of September at all our 
agencies. It is already at six of them. Unfortunately those six 
were not tested. They were tested at ones where they were not 
yet functioning. But we didn't change anything just because of 
the GAO, except that I'd certainly like to think that we get 
smarter as we go through these things.
    Senator Cardin. But you did use that technology that was 
being used at other locations, you I guess switched them to 
where GAO was active.
    Ms. Sprague. No, what we are doing across the board is to 
have facial recognition of all incoming passport applications. 
We are rolling that out gradually across the network.
    However, we have a second tool which is facial recognition 
on demand where we can take a single photograph when we suspect 
fraud and run that against the entire database.
    As of this moment, it is rolled out to all the agencies. It 
wasn't there in April and May, but it is a secondary tool. 
There are actually two parts to our facial recognition 
technology. One, to do it as part of the up front of the 
application process, and the other one is to have a secondary 
check when we encounter a fraud that we can go back and look 
and see if it's there.
    Senator Cardin. And the purpose of the facial identity is 
to see whether there is duplicate requests or that you have a 
visual identification of someone who is not entitled to a 
passport?
    Ms. Sprague. The real thing it does is to identify if there 
have been multiple issuances to the same individual. So far at 
the agencies we have, we have not identified anybody using 
this.
    On the facial recognition on demand, we have successfully 
where we suspected fraud actually identified people not who had 
passports already, but who were in our Visa lookout file.
    So we have used that here and there on spot occasions. That 
tool is now available to all our fraud managers. It has been in 
development and it was only available to a handful before this.
    Senator Cardin. Just one more question on this. This 
technology is used where you suspect there is a problem, it is 
not used routinely? Even when it is fully implemented it won't 
be used routinely for every application? Or will it be used for 
every application?
    Ms. Sprague. The facial recognition that was part of our 
front end process will involve every application that is----
    Senator Cardin. And when will that be fully implemented?
    Ms. Sprague. By the 15th of September.
    Senator Cardin. I guess my last question is what should our 
expectations be here? What is a realistic goal? Are you saying 
that you can get to 100 percent? I know there is always things 
that can get by, but should we be expecting that you have the 
capacity to stop the type of fraudulent applications that GAO 
is participating in, or is this just a hopeless cause?
    Ms. Sprague. I certainly hope it's not a hopeless cause.
    Senator Cardin. It's our fourth investigation. It is my 
second as Chairman and it is disappointing to see that there 
was the success in again compromising our system.
    I guess--I have confidence in the work that our people are 
doing but I think we need to have an honest assessment as to 
whether our passports are going to be safe or not.
    Ms. Sprague. I think we have to look at all the aspects of 
passport safety. First of all, we have achieved great success 
against counterfeiting of our passport document with our new E-
passport and that has been corroborated by studies and we are 
very proud of it.
    But as we have made our documents more and more counterfeit 
proof, and I realize somebody is out there right now trying to 
figure out a way to counterfeit it, it makes it harder on the 
adjudication side because people attempt to obtain good 
passports with bad breeder documents. This is a problem that we 
discussed in the international forum at ICAO and others. It is 
common to all countries that are issuing travel documentation.
    We have got a lot of people working against us and we are 
always going to be addressing vulnerabilities. Can we get to 
100 percent? That is certainly our objective. It is an uphill 
climb. It requires lots of work, it requires focus every day, 
it requires resources and we're willing to address all of that.
    Senator Cardin. It just seems to me that a drivers license 
is a common instrument used and that there needs to be a 
capacity at the State Department to identify fraudulent drivers 
licenses. To me that seems like a basic security issue.
    Ms. Sprague. And it seems like a basic security issue to 
me, too. But let me explain to you where we are that we weren't 
last year. We have with the sponsorship of the Bureau of 
Diplomatic Security, we have received limited access to the 
nationwide verification system known as N-LES. We don't have 
access to all 50 states yet, but we have access to 43. Only one 
state has turned us down flat.
    It is a big leap for them to have done this because we do 
not have law enforcement identification or identity. I am 
missing the word there. But they have given us limited access.
    Unfortunately, that access, we only have 242 accounts for 
the whole world and I have 1,200 passport adjudication 
specialists. So we have focused those both here and overseas in 
the fraud offices. When we suspect fraud, we can go in and do a 
limited check of those drivers licenses.
    The second thing that is available to us on drivers 
licenses is that there are machines available. We have done 
some tests with them and we are moving forward with the 
procurement right now for our passport agencies where they will 
have the ability to see if the drivers license has been 
tampered.
    I have to be honest with you, we did two pilots with them 
and we didn't catch any counterfeit drivers licenses. We are 
going to go ahead anyway. But we only see one of ten drivers 
licenses. The other nine go to the postal acceptance agencies 
or the non-postal acceptance agencies. They don't have that 
capacity. Since our largest partner here is the postal service, 
they really aren't in a position to invest in this technology.
    We would have to help the postal service in some way. I 
would see that as the beginning of the solution. It would 
detect counterfeit. It would not detect those drivers license 
which people obtain in another identity other than their true 
identity. Those will come through as perfect drivers licenses. 
That is a much harder challenge for us and that requires each 
of the states to tighten their regulations.
    Some states like Colorado and Virginia have done a 
fantastic job. Other states have not stepped up to the plate. 
That is a problem that I cannot solve.
    Senator Cardin. Senator Kyl.
    Senator Kyl. What state turned you down flat?
    Ms. Sprague. South Dakota. But in fairness to the good 
people of South Dakota, they have a very rigid privacy 
restriction and they absolutely cannot share anything with 
someone who is not a law enforcement entity.
    Senator Kyl. By the way, is it Kutz? I don't want to 
mispronounce your name.
    Mr. Kutz. It is Kutz.
    Senator Kyl. Kutz. I'm sorry, sir. Well, Mr. Kutz, my 
understanding is that in your testimony here you have not 
recommended any additional recommendations because of the view 
that the previous recommendations have not been implemented.
    I wonder if you could tell us your evaluation of the degree 
to which there has been implementation of your prior 
recommendations.
    Mr. Kutz. With respect to training, we understand there has 
been training with respect to passports and the breeder 
documents that go into getting those. So to the extent that 
they have done better recognizing those, I think in most cases 
they are not recognizing the counterfeit breeder documents and 
that is difficult because there are hundreds or thousands of 
different birth certificates and drivers licenses out there.
    We do understand that they are doing more of a match with 
Social Security and the death records. Two of the cases here we 
understand they caught based upon a match. Last time they 
weren't checking the death file, for example, so we think that 
they've made some progress there.
    She talked about getting the ability to validate with the 
DMVs and the Vital Statistics on birth certificates. Those are 
critical elements of being able to authenticate the hundreds of 
different drivers licenses and birth certificates. We certainly 
support them doing red team. That was one of the things we 
recommended. We would suggest doing more than six tests a year, 
but certainly it is up to their discretion to what they do, but 
that's a valuable exercise to do the exact same thing that we 
do to continually test yourself, especially because things here 
are going to emerge.
    One of the things I will just mention because there are a 
lot of them, but requiring Social Security numbers of people is 
important. They don't have the authority at this point to 
require a Social Security number. So you have people who can 
actually get a U.S. passport without having to provide a Social 
Security number. That seems to be a significant issue to us.
    Senator Kyl. Let me ask you both. Ms. Sprague, you 
indicated I think three specific things here that would be 
helpful to you. The standard birth certificate, a legal 
requirement for Social Security numbers and I'm not sure what 
specifically with respect to real ID drivers licenses, but some 
further support for assurance that drivers licenses were not 
bad breeder documents, is that correct?
    Ms. Sprague. We are asking for designation as law 
enforcement so that we can get access to state and local 
records verification which we are precluded from because of 
privacy.
    Senator Kyl. Understood. But even if you had that, if you 
had bad breeder documents, you're going to have the same 
problem that other agencies have in verifying the fraudulent 
nature of the document.
    Ms. Sprague. It would only help us with counterfeits. It 
would probably not identify breeder documents routinely.
    Senator Kyl. Right. But the standard birth certificate 
might help in that regard.
    Ms. Sprague. It might. And I want to clarify that I am not 
asking for a national birth certificate that every state has to 
follow. The states, if we just were dealing with 50 birth 
certificates, it would be heaven.
    Senator Kyl. If they were digitized. In fact maybe you 
could, either one of you can relate to this program for 
digitization of the records. How far would that go toward 
satisfying this requirement?
    Ms. Sprague. Well, certainly one of the things that is 
holding back EVVE is that the states are in such different 
places in terms of how they have recorded and stored their 
data. If EVVE could get up and running, that would be a God 
send to us because we would be able to verify at least that a 
document was not counterfeit. You can only do that 
electronically.
    So to the extent that the records have not been presented 
in a somewhat common electronic format, EVVE'S task is 
daunting.
    Senator Kyl. With respect to the breeder documents that go 
into drivers licenses, what recommendations would you have to 
ensure that the document that you receive is a valid document? 
This appeared to be 100 percent of the cases you had a bad 
drivers license. Is that correct?
    Mr. Kutz. Yes. All the drivers licenses were counterfeit. 
The one in D.C. actually would have traced back to a real 
drivers license we got using counterfeit breeder documents from 
another test. So if they did a match on that, they would have 
actually determined that that person appeared to be real, but 
the actual drivers license we presented here in D.C. was a 
counterfeit drivers license.
    Senator Kyl. OK. So can you answer my question then, ma'am?
    Ms. Sprague. I would really like someone who is smarter 
than I am about the specifics of that to get back to you on it. 
But I can say in short that we would like the states to make a 
serious effort to verify that the person who is standing in 
front of them is in fact the person that they say they are.
    I can only speak, for example, for the State of Virginia or 
the State of Colorado which we are very familiar with because 
they have worked with us. In the State of Colorado they 
actually fingerprint people. They do facial recognition. Facial 
recognition would be terrific for drivers licenses because it 
would get people who do repeat drivers licenses.
    In addition, in the State of Virginia you have to have 
proof of residence, you have to come up with documents that 
link you and that gives us a much better trail to go back and 
say that the people are who they say they are.
    Of course what happens now is that people just avoid states 
that are tough and go to states that have a reputation for 
being more lenient.
    We also very much like those states, Colorado does it, 
where they indicate when you first got that drivers license so 
you're just not going that this is a renewal. You can see that 
the State of Colorado can corroborate this identity back to 
when someone was 16 years of age. Our passport specialists love 
that.
    Senator Kyl. Obviously the percentages in cases where your 
folks were fooled are not good percentages. I gather there is 
no way of knowing how many fraudulent or how many genuine 
passports you might be issuing that are based upon fraudulent 
data.
    Ms. Sprague. Any study that we have done post issuance or 
when we did our live audit last year, we did not, were not able 
to discover even when we were going back a significant number. 
That means either that we're really not doing very many and I 
believe that is true, but I also believe it is true that once 
someone gets a good passport with bad documents, it is hard for 
anybody to find it.
    So I don't know what the numbers are. I would like to 
believe that they are low. Every evidence I have is that they 
are low, but even one is too many.
    Senator Kyl. Would you say that if someone, say a 
terrorist, is bound and determined to get a U.S. passport and 
has a working knowledge of the kinds of things that you've been 
talking about here that it is more likely than not that if they 
use the techniques available to them, including the use of bad 
breeder documents for obtaining a drivers license, that they 
would be able to get a genuine passport from the State 
Department?
    Ms. Sprague. I would say, I would remind you that there are 
two things that we determine. One is identity and the other is 
citizenship.
    I think it is much more difficult for people to try and 
pass themselves off as Americans than it is for Americans to 
pass themselves off as other Americans. So if we are looking at 
homegrown terrorists who wanted to have a separate identity, 
that causes me tremendous concern.
    If you are asking me if I thought a foreigner could come in 
and easily obtain a passport in his own or another name, I 
would like to believe that that would be a far more difficult 
challenge. We focus a lot of attention on verifying 
citizenship.
    I think that, I would return to my comment. It is easier 
for an American to pose as another American than it would be 
for someone who is not an American to pose as one.
    Senator Kyl. All right. You might need to be careful in 
view of the judge's decision in Arizona yesterday putting an 
extra burden on the United States government when you seek to 
verify U.S. citizenship. They seem to be very fragile in this 
regard, at least according to the affidavits that were 
submitted in the case I say facetiously, thank you very much 
for both of you testifying.
    Senator Cardin. Senator Hatch.
    Senator Hatch. Well, thank you, Mr. Chairman. Some of my 
questions may have been asked because I got here just a little 
bit late, so if they have, I apologize. Just say they've been 
answered.
    You suggest that the Bureau of Consular Affairs be 
designated a law enforcement entity in order to access data 
sharing among Federal, state and local governments.
    How would this help your consular officers in combating 
passport fraud?
    Ms. Sprague. I mentioned before but I'm happy to mention it 
again because I really would like to leave a very strong 
impression.
    This is, the various states have privacy regulations and 
that is appropriate. Almost all of them have an exception that 
data from their vital statistics, be it drivers licenses, birth 
certificates or death records can be shared with law 
enforcement.
    For us, the most effective way to hit against those 
databases is at the front end of the process. We can't do that 
at this time because there is not an easy work around with each 
of the 50 states, the District of Columbia, the city of New 
York, the Commonwealth of Puerto Rico to get that other than as 
a blanket exception that we are involved in a law enforcement 
function.
    We are not interested in law enforcement for anything other 
than for getting access to records which are otherwise 
protected from disclosure because we need them to protect the 
people of the United States more than anything else.
    Senator Hatch. Now you, I understand you'd like to require 
Social Security numbers on all passport applications and I 
regularly hear from my constituents about identity theft and 
privacy concerns which often stem from the fraudulent use of 
Social Security numbers.
    So it is hard for me to advocate for another opportunity 
for potential misuse. But that being said, I would like to hear 
how requiring Social Security numbers would combat fraud within 
the passport issuance process, and we know there are so many 
false Social Security numbers out there.
    Ms. Sprague. Although there are many false Social Security 
numbers out there, the Social Security database is still a 
source of tremendous, is a tremendous resource for us because 
it enables us to quickly identify legitimate Americans, people 
who have longstanding identities and that we can issue their 
passports expeditiously.
    It also enables us to single out into a smaller subset 
people about whom we have some question, particularly if 
someone is operating with a false Social Security number.
    Right now if someone does not submit a Social Security 
number, we certainly give that application additional scrutiny. 
It takes them longer to get through the process. But our hands 
are tied because this data is so useful to us and we don't have 
it available to us.
    The Social Security Administration is able to confirm back 
to us and does on an overnight basis the name, the date of 
birth, the Social Security number, whether or not they are 
dead, which is obviously an important thing, and their gender. 
We lose all those things if we don't have the Social Security 
number up front.
    I would agree that we have tremendous concerns about the 
misuse of Social Security data or privacy data in general and I 
will be very candid with the committee. A passport application 
is the mother load for somebody who wants to commit identify 
theft. It is all there. For that reason, we have been very, 
very attentive to the need to protect that data.
    Not only by ourselves, but by our colleagues in the 
acceptance facilities. This year we required that they begin to 
send us all their applications by traceable mail. Our new 
acceptance facility oversight program, that is one of the 
primary points of their investigations to make sure that this 
data is being appropriately protected in the post office.
    So your constituents are right to have legitimate concern 
about this. We do, too. But we don't know how else we can find 
out who they are before we issue them a passport.
    Senator Hatch. Part of the initial passport application 
process, acceptance agents as the U.S. postal facilities must 
review various applicants' identity and citizenship documents 
as well as their submitted photos.
    These agents are also required to fill out an observation 
checklist regarding any concerns about the validity of the 
applicant's documents.
    In your experience, what are the challenges presented by 
using a U.S. postal acceptance agent in the passport process?
    Ms. Sprague. The post office and the clerks of court who 
support us, 9,400 of them around the country, are good 
partners. Obviously it is always a risk when you are entrusting 
such an important duty to someone who doesn't work for you 
directly.
    But I would have to say that almost universally, especially 
the postal service has tried very hard to meet our 
expectations. Our new acceptance facility oversight program has 
gone out. They have been received. In only a little over 6 
months we have done over 1,300 inspections. We have been 
received enthusiastically. People are anxious to learn, they 
are anxious to do it right.
    Having said that, they have their own challenges. 
Particularly the postal service has many financial strains. As 
people leave, the new people are not trained immediately, it 
causes them to have a disruption in being able to provide the 
service. Some of the people take to this better than other 
people and that's why we have the new acceptance facility 
oversight program because we are very anxious to make sure they 
are doing the best possible job. They don't work for us but 
they do a very good job of working with us.
    Senator Hatch. Thank you. Thank you, Mr. Chairman. I 
appreciate this opportunity.
    Senator Cardin. Thank you for your questions. Let me come 
back to the point that you raised about greater access to 
identification information.
    Obviously if someone has used fraudulent documents to get 
an ID document, that's not going to show up if you have a valid 
drivers license that was obtained through fraudulent means. But 
that was not the essence of the concerns at least expressed by 
GAO and that is that there is fraudulent documents being used 
to obtain a passport.
    Looking at drivers licenses, looking at the birth 
certificates and also Social Security numbers, that technology 
exists to be able to verify that information. Admittedly there 
is just so many types of birth certificates that you point out 
and we have at least 50 jurisdictions with drivers licenses. 
And then I think you pointed out, Ms. Sprague, that the postal 
services do not have that equipment readily available.
    My question is why not? Why shouldn't we have the ability 
to verify the information from a drivers license? We can swipe 
cards today pretty quickly. Why don't we have that similar type 
of technology that's implemented in terms of passport 
verification? The legislation that I mentioned in my opening 
statement would designate you as, the Consular Affairs as law 
enforcement, so it does take care of the issue that you raised 
initially and with Senator Hatch. It also gives you access to a 
lot of these databanks.
    The question is would you have then the capacity to use 
that information? It seems to me, and I guess I'll start with 
Mr. Kutz first, isn't that the key here? Doesn't the examiner 
have to have access to the databanks in order to be able to 
verify the validity of the documents that are being used?
    Mr. Kutz. Well, the first line of defense is at the post 
office. Most of these passports the post office is the initial 
contact. For example, in all of our cases we went to the six 
post offices and one of the first things they did was took our 
drivers license, went to a copy machine and made a copy of it 
and gave the original back.
    So right there you are operating with a copy of a 
counterfeit document. There is no way you could ever determine 
a copy of a counterfeit. So that is something that is very 
important why I think you're talking about having the ability 
to match with other state records.
    If you had real time access to match the drivers license 
number with the state database while that person is sitting 
right in front of you, that would be critical. That would deter 
people from coming in in some cases if they knew that someone 
was going to actually do that or if they had the machine there 
that was going to actually try to authenticate the drivers 
license, that might deter people from even coming in in the 
first place which to me, prevention is the most important part 
of this.
    Senator Cardin. Well, I agree. I think that's the point. If 
you make a copy, as you pointed out, make a copy of a 
fraudulent document, to be able to trace that later is going to 
be very difficult. You have got to do it while the person is 
there. The technology exists. So is this a funding issue?
    Ms. Sprague. It is a funding issue, but it is also an 
access issue. I cannot envision a circumstance in which N-LETS 
would enable us to have that kind of verification access at 
point of sale, if you will, for the post office.
    However, if they can determine if it is counterfeit or not, 
which they could do with a very simple device that is available 
commercially, that would take us a long way. We would get to 
the counterfeit.
    Then when the actual drivers license comes into us, we 
would be able to hit against N-LETS and at that point we would 
be able to figure out if it was in fact a validly issued 
drivers license. So you eliminate the counterfeit right at the 
beginning and then at the N-LETS point of view as it comes into 
passport, we're able to identify it.
    We really don't want our postal people to try and confront 
people who are committing a fraud. We would rather that be 
taken on by skilled professionals. In fact, even at our 
agencies when we have someone who is committing fraud, we bring 
in reinforcements from diplomatic security and our guards 
onsite to handle how that particular apprehension will take 
place.
    Senator Cardin. So just so I understand before I get Mr. 
Kutz's response to this, if I might. If the intake person at 
the postal service determined that the drivers license was 
fraudulent, what would that person do? Allow the applicant to 
leave?
    Ms. Sprague. They would, and we would, they would provide 
us a check sheet and then we would take it from there. We do 
that whenever they suspect fraud and we have had some terrific 
leads from postal people and the people in the clerks of court 
who have spotted somebody as being suspicious, provided that 
back to us and we have successfully traced it back.
    Remember, the person really wants to get their passport, so 
they are going to be somewhere where they can pick that 
passport up. So we do have a second chance at them if we do 
want to apprehend them.
    In passport fraud, obviously whenever we can, we work with 
the U.S. Attorney to prosecute, and that is the best outcome. 
But if we are successful in preventing the issuance of the 
passport and identifying the person as a fraud, that is too a 
very good outcome.
    So considering the disbursion and the sensitivity of the 
data and the sensitivity of the states to the exposure of their 
data, I think that that model would be successful for us.
    Senator Cardin. Mr. Kutz, do you have a view about that? 
Whether at the intake make a determination on fraudulent on the 
drivers license, but then the rest being done at a centralized 
location?
    Mr. Kutz. I would just say this. I think that if you look 
back at history, this goes back, it is almost set up like a 
pre-9/11 process in a post-9/11 world. If you were to start 
this all over again, would you set this up at the post office 
from the security standpoint? Perhaps not.
    But we have what we have at this point, so two layers of 
defense here. If you had the machines to authenticate the 
drivers license and subsequent we have the ability to validate 
or authenticate with the DMVs, to me those two together would 
work in this environment.
    Senator Cardin. So how far away are we from having that 
equipment located at the service centers?
    Ms. Sprague. At my counters and agencies, as soon as the 
procurement is finished we will have it done. It's relatively 
straightforward for us to move ahead with that.
    The post office wants to do it. They have showed us a 
machine that they'd like that actually does a whole lot more 
than that, but they simply don't have the capital to invest in 
that.
    Now, they are paid for what they do for us. The passport 
applicant gives them $25 and they use that to cover their 
costs. The problem is they need some way to capitalize it up 
front.
    I am not an expert on these things, but in the back of my 
mind I have thought if we could set up some sort of rotating 
capital fund which they could reimburse with what they collect 
from the applicants, because of course everything we do in 
passports and in fact most of what we do in Consular Affairs is 
funded, so that we are able to establish what it costs and that 
and only that is what we charge to the users of it whether it 
is visa applicants, overseas or Americans who are seeking 
services.
    Senator Cardin. Would you just make available to our 
Subcommittee the cost issues here?
    Ms. Sprague. I would be happy to do that.
    Senator Cardin. Just so we get a better understanding of 
that cost.
    Senator Kyl.
    Senator Kyl. Thank you, Mr. Chairman. I wonder if maybe we 
could work with the Committee that Chairman Lieberman and 
Ranking Member Collins, Homeland Security, to determine whether 
or not postal service has ever requested any assistance from 
the Congress, and if so, what has happened to it. If not, why 
not and then work with you all to see if we could obtain that.
    If it's just a matter of funding for a commercially 
available program and it could be as effective as you say it is 
and the ramifications of not finding these things are as 
serious as the GAO has said and we totally agree with that, 
then this is something we ought to pursue.
    Do you agree with GAO's assessment that you have not 
implemented, not you, but the department has not implemented 
the previous recommendations of the GAO?
    Ms. Sprague. I would say that we have implemented a great 
many of them, but we haven't solved all our problems. For 
example, the acceptance facility oversight program is something 
that was first recommended in 2005. We rolled it out this year. 
I'm very proud of it.
    It took us too long, but it's a good program. Some of our 
verifications with Social Security we got beat up and we should 
have been beat up because we didn't have it a year ago.
    We have got an excellent relationship with Social Security. 
They are working with us right now to have real time access. 
Right now we get 24 hours. They are going to give it to us real 
time. We are actually at the point of figuring out how much it 
is going to cost and making exchanges of business requirements 
and we are very optimistic that we will get this problem 
solved.
    The only reservation I have when I talk about what we can 
and cannot do is, neither the Social Security Administration 
nor the states can give us what they don't have.
    For example, the death master file is a wonderful thing and 
in fact Social Security in our 24-hour turnaround gives us 
access to all of the death data that they have. But it isn't 
complete. In the case of two of the applications that we looked 
at, the people who died were not in the Social Security death 
master file.
    After the fact, we couldn't figure out why their Social 
Security number came up as an absolute perfect match. We did a 
little bit of research and our managers figured it out, and it 
was that they weren't in the death master file. In this 
particular instance we figured out how we can address it. But 
the death master file is not perfect. Social Security makes no 
claims that it is perfect.
    Another tool that we use, and in this instance was not as 
successful as we would have hoped, is the SSN validator is what 
we call it where you can figure out by using an algorithm when 
and where the Social Security number was issued. The GAO likes 
to beat us up with that and they beat us up with that again 
this time.
    Social Security doesn't maintain that. It is sort of a 
separate entity and we have to maintain it as separate from 
what we get back from Social Security. But it doesn't matter 
because Social Security is going to abandon that algorithm for 
very good reasons, but it is going to leave us in a hole in 
terms of any newly issued Social Security numbers. It is not 
only children, it is also immigrants, remember. We won't be 
able to tell when it was issued because it won't be in the 
algorithm.
    Social Security doesn't maintain their data in that way 
that they can share it with us. So we've got a big problem that 
we can figure out a solution to. We are working very closely 
with Social Security, we hope we can find a solution, but we 
are anxious about that.
    Senator Kyl. Mr. Kutz, do you have a response to what Ms. 
Sprague has just said?
    Mr. Kutz. Yes. I would say in one area that they did 
improve, we used the first four we got last time, one of them 
was a child, a legitimate SSN we got with counterfeit documents 
several years ago. They didn't catch that last time.
    This time we used another child we have that had a 
legitimate Social Security number and they did catch it, so 
that was an improvement in that Social Security matching. So 
that's why I think they're making progress in that issue of 
validation of deceased or regular Social Security numbers.
    It is not easy, but I think the real time, as real time as 
you can get on that access, that is an important element of 
this.
    Senator Kyl. It just strikes me that you are now 
identifying some additional problems that you're going to have 
to contend with and you've told us that you are working with 
Social Security to try to resolve this last problem that you 
mentioned.
    I think it might be helpful for us if you could give us a 
brief report, memorandum, that tells us all of the things that 
you think are necessary for you to do your job the very best in 
issuing passports to people only who are entitled to them and 
then to the extent that some of those things require the 
executive branch to get people together, perhaps it can do 
that. To the extent legislation might be necessary, we can 
address that.
    To the extent that GAO has identified things that your 
department can do better, address that in the memo as well. If 
you think yes, they're right, you can do better, fine. If you 
think there is some reason why you can't would you put that in 
the memo for us?
    Ms. Sprague. I would be happy to do that.
    Senator Kyl. I know I'm asking you to do something here 
that the Chairman hasn't requested, but I think probably all of 
us could benefit by such a report.
    Ms. Sprague. I would be happy to do that.
    Senator Kyl. Thank you.
    Senator Cardin. Senator Hatch.
    Senator Hatch. I'm happy with what I heard.
    Senator Cardin. Let me just underscore the point that 
Senator Kyl made on information. As I try to analyze, and the 
question I asked at the end of the first round is what should 
our expectations be and it was a serious question.
    I understand that this is a process that we can do a lot 
better and we need to do a lot better, but what is reasonable 
for us to expect here as far as performance is concerned? I 
think there have been many worthwhile suggestions that have 
been made that don't seem to be overly burdensome from the 
point of view of the timeliness of the passport applications 
and the cost for processing it.
    As you pointed out, Ms. Sprague, this is a fee generated 
reimbursement structure, so therefore the people of this Nation 
are entitled to get the services for the fees that they are 
paying.
    What it seems to me is that there are different layers of 
protection here. Each one helps us. On the drivers licenses, it 
seems to me that the technology is there to be able to 
determine a fraudulent document through a relatively efficient 
process at the application stage that should be implemented. It 
also seems to me that access to the databanks will also help 
you detect fraudulent applications. Now, that may need to be 
done at a centralized location, but it is a second layer.
    On the Social Security numbers, the records kept on those 
who are deceased is one method, but as you point out, it's not 
foolproof. So therefore you look at the Social Security number 
which gives you some indication, but that's not foolproof. So 
it seems to me you have to combine all these issues in the most 
efficient way and by doing this, the net will be tight enough 
that you're going to increase dramatically the denial of those 
fraudulent applications.
    Then when we get to the birth certificates, I couldn't 
agree with you more that this is a task that we really need to 
work with local governments, and try to figure out a more 
effective way of verification of birth certificates that are 
fraudulent. Because again, that information is available, it is 
just not in a very useful way and it seems to me we need to 
make greater progress there.
    As I have been informed, there are other identification 
documents that we haven't really gotten to today, but it seems 
to me that those are less problematic than some of these other 
forms that we're talking about.
    I would ask that you get us the information that we 
requested. We do have legislation that we're looking at. I 
really do know that the people are working extremely hard to 
get this right and we know it's not an easy task. Congress 
doesn't always show its appreciation in the right way when we 
have our budgets that we can take up, but we need to do better.
    I think GAO has pointed out that we can do better. It is 
not that we should be doing better. So I think all of us are 
going to have to sort of work together and figure out a way to 
reduce the error rates and to make the passport, which is 
considered the gold standard, really the gold standard, 
minimizing any fraudulent applications being successful.
    Mr. Kutz, I thank you very much for the work that your 
agency does. I think it is done in a very up front way with the 
Congress. Ms. Sprague, I thank you for the seriousness in which 
you have always treated the information, and your presentation 
and cooperation with this committee. And we look forward to 
working with you for better results.
    Senator Kyl. May I just add one more thing? If there is 
another 9/11 and people obtain fraudulent documents as they did 
in that case like drivers licenses, for example, and people ask 
why it happened, I think every one of us has to be able to say 
we did everything we could to prevent it from happening.
    I think maybe we take it too lightly because it has been a 
long time now, but we tend to forget what happened back then 
and why it was that people could operate freely in this country 
because they had obtained fraudulent documents.
    So I think some degree of urgency is required here as well.
    Ms. Sprague. Thank you, Senator.
    Senator Cardin. The hearing record will remain open for 1 
week for additional statements and questions for the record. If 
there are additional questions that are propounded, I would ask 
the witnesses to respond in a timely manner to any of those 
written questions. With that, the Subcommittee will stand 
adjourned. Thank you.
    [Whereupon, the hearing was adjourned.]
    [Questions and answers and submissions for the record 
follow.]
[GRAPHIC] [TIFF OMITTED] 64705.001

[GRAPHIC] [TIFF OMITTED] 64705.002

[GRAPHIC] [TIFF OMITTED] 64705.003

[GRAPHIC] [TIFF OMITTED] 64705.004

[GRAPHIC] [TIFF OMITTED] 64705.005

[GRAPHIC] [TIFF OMITTED] 64705.006

[GRAPHIC] [TIFF OMITTED] 64705.007

[GRAPHIC] [TIFF OMITTED] 64705.008

[GRAPHIC] [TIFF OMITTED] 64705.009

[GRAPHIC] [TIFF OMITTED] 64705.010

[GRAPHIC] [TIFF OMITTED] 64705.011

[GRAPHIC] [TIFF OMITTED] 64705.012

[GRAPHIC] [TIFF OMITTED] 64705.013

[GRAPHIC] [TIFF OMITTED] 64705.014

[GRAPHIC] [TIFF OMITTED] 64705.015

[GRAPHIC] [TIFF OMITTED] 64705.016

[GRAPHIC] [TIFF OMITTED] 64705.017

[GRAPHIC] [TIFF OMITTED] 64705.018

[GRAPHIC] [TIFF OMITTED] 64705.019

[GRAPHIC] [TIFF OMITTED] 64705.020

[GRAPHIC] [TIFF OMITTED] 64705.021

[GRAPHIC] [TIFF OMITTED] 64705.022

[GRAPHIC] [TIFF OMITTED] 64705.023

[GRAPHIC] [TIFF OMITTED] 64705.024

[GRAPHIC] [TIFF OMITTED] 64705.025

[GRAPHIC] [TIFF OMITTED] 64705.026

[GRAPHIC] [TIFF OMITTED] 64705.027

[GRAPHIC] [TIFF OMITTED] 64705.028

[GRAPHIC] [TIFF OMITTED] 64705.029

[GRAPHIC] [TIFF OMITTED] 64705.030

[GRAPHIC] [TIFF OMITTED] 64705.031

[GRAPHIC] [TIFF OMITTED] 64705.032

[GRAPHIC] [TIFF OMITTED] 64705.033

[GRAPHIC] [TIFF OMITTED] 64705.034

[GRAPHIC] [TIFF OMITTED] 64705.035

[GRAPHIC] [TIFF OMITTED] 64705.036

[GRAPHIC] [TIFF OMITTED] 64705.037

[GRAPHIC] [TIFF OMITTED] 64705.038

[GRAPHIC] [TIFF OMITTED] 64705.039

[GRAPHIC] [TIFF OMITTED] 64705.040

[GRAPHIC] [TIFF OMITTED] 64705.041

[GRAPHIC] [TIFF OMITTED] 64705.042

[GRAPHIC] [TIFF OMITTED] 64705.043

[GRAPHIC] [TIFF OMITTED] 64705.044

[GRAPHIC] [TIFF OMITTED] 64705.045

[GRAPHIC] [TIFF OMITTED] 64705.046

[GRAPHIC] [TIFF OMITTED] 64705.047

[GRAPHIC] [TIFF OMITTED] 64705.048

[GRAPHIC] [TIFF OMITTED] 64705.049

[GRAPHIC] [TIFF OMITTED] 64705.050

[GRAPHIC] [TIFF OMITTED] 64705.051

[GRAPHIC] [TIFF OMITTED] 64705.053

[GRAPHIC] [TIFF OMITTED] 64705.054

[GRAPHIC] [TIFF OMITTED] 64705.055

[GRAPHIC] [TIFF OMITTED] 64705.056

[GRAPHIC] [TIFF OMITTED] 64705.057

[GRAPHIC] [TIFF OMITTED] 64705.058

[GRAPHIC] [TIFF OMITTED] 64705.059

[GRAPHIC] [TIFF OMITTED] 64705.060

                                 
