Press Release
For Immediate Release
2 May 2005
ACTE To State Department: Test First...Then Implement
Vancouver, BC, Canada -- - The Association of Corporate Travel Executives will not endorse any proposal to embed Radio Frequency Identification tags in U.S. passports until the State Department can demonstrate that the chips cannot identify U.S. citizens at any distance from an unauthorized passport reader. ACTE will also require the State Department to prove that any encryption technology used to code traveler information is virtually foolproof, before being implemented in new passports.
The announcement was made by ACTE President Greeley Koch following a special presentation by Deputy Assistant Secretary Frank Moss at the association's spring conference, held in Vancouver, May 1-3, 2005. Moss assured the 1,100 members attending the event that the State Department would not issue the new passports until the RFID chips and encryption technology -- known as Basic Access Control -- were thoroughly tested.
"This is an example of how industry and government can work together," said Koch. "The State Department sought public commentary on the RFID proposal, and learned from 2,400 responses -- including ours -- that the largest user groups of passports had no confidence in the project. Now they're taking another look at the limitations of the RFID chip."
The RFID issue shot to the forefront of the privacy and security debate when the State Department previously announced that RFID technology -- without any encryption -- would begin to be implemented in U.S. passports this summer. The State Department had also stated that the RFID chips could not be read beyond 10 centimeters, or about four inches. Yet published accounts claim otherwise, with one source citing 30 feet as possible, while Barry Steinhardt, director of the Technology and Liberty Program for the American Civil Liberties Union, activated an RFID chip from three feet away during the Computers, Freedom and Privacy conference in April.
Moss acknowledged the possibility that RFID tags could be activated at distances greater than 10 centimeters in published reports last week.
The strongest objections to RFID tags is that they can remotely pinpoint U.S. citizens at a particular location and abet identity theft by providing sensitive information to an unauthorized reader. The State Department is apparently taking another look at encrypting passport data (name, address, and photograph) through Basic Access Control.
Basic Access Control technology uses a hidden "key" in the passport to enable a reader to decode and unlock the data on the RFID chip. It requires a passport control officer to physically open the passport and insert it into a reader. It also takes twice as long to process as a passport not enabled with BAC.
"There are too many unanswered questions regarding the RFID chips and BAC technology," said Koch. "First we were told that the chip could not be activated beyond 10 centimeters. Then we were told there was no reason to encrypt the data. Now we're being advised that there is a need to encrypt the data and the way to do it is with an unproven technology. Quite frankly, we think it is in the business travel industry's best interests for the government to wait and thoroughly test everything."
Koch pointed out that BAC technology still does not address the question of RFID chips pinpointing U.S. citizens to potential miscreants.
ACTE's Traveler Security Task force has recommended using barcode technology over the RFID chip until there is a better alternative. The U.S. government has already invested development dollars in this technology for the border control card, and unlike the RFID chip, it does not emit a signal.
"I don't see how the State Department can possibly get all this accomplished for a summer launch," said Koch. "But we'll be happy to provide them with a forum for a pubic demonstration either here or at our London Conference this fall."
For more information, contact:
Debbie Flynn
CEO
Brighter Group
The Pod, London's Vertical Gateway
Bridges Wharf, Battersea
London SW11 3BE England
T: 020 7326 9880
F: 020 7326 9890
E: [email protected]
W: www.brightergroup.com