Thursday, June 28, 2007

Subcutaneous implanting bill on Senate Floor

From CFC support letter for SB 362 (Simitian):

Subdermal RFID presents a Pandora’s Box of policy questions in addition to its profound implications for our constitutionally protected rights to freedom and privacy.

This is not a road we need to travel. It is simply not appropriate for anyone to force, compel or coerce anyone to accept a subdermal RFID-enabled identification implant. And though it sounds Matrix-like, this possibility exists now and is getting more real every day.

Data protection bill moves through CA legislature

The Senate Judiciary Committee passed AB 779 (Jones) by a 3-1 vote Tuesday.

The bill, which drew bipartisan support in the Assembly, would require retailers to notify consumers when and where their credit or debit card information was lost. It would require retailers to pay for the cost of notification and the cost of replacement cards. It would also require retailers to follow payment card industry data security standards to ensure proper retention and protection of credit and debit card information.


Also on Tuesday, SB 388 (Corbett) passed the Assembly Judiciciary Committee on a 6-3 vote. The bill requires companies that issue an item containing an RFID tag capable of being scanned for the recipient's personal information to provide disclosures to consumers.

Reining in Real ID

via BoingBoing,

Senate Takes Step Away from Real ID

During Wednesday's floor debate over a massive immigration bill, Real ID foes managed to preserve an amendment to prohibit the forthcoming identification card from being used for mandatory employment verification, signaling that the political winds have shifted from when the law was overwhelmingly enacted two years ago.

...

Politically speaking...the vote could be a turning point in the national debate over Real ID. It indicates that a majority of senators are willing to curb the controversial system, which has already led to a kind of grassroots rebellion among the states.


Yesterday New Hampshire joined South Carolina, Montana, Washington, Oklahoma and Maine in rejecting the federal Real ID Act as tantamount to requiring a national ID card.

Wednesday, June 27, 2007

VP & White House subpoenaed for warrantless surveillance

from The Nation:

Specifically, the Judiciary Committee is seeking information about when high-ranking members of the administration were made aware of the fact that even their own appointees and allies believed the warrantless wiretapping program was in conflict both with specific laws and privacy protections outlined in the Constitution.

Campaign for Real ID, immigrant driver's license bill stalled

SacBee:

Lacking the votes, state Sen. Gil Cedillo agreed Monday to strip his signature bill of language that would allow illegal immigrants to obtain California driver's licenses.

Instead, a watered-down Senate Bill 60 was approved 13-0 by the Assembly Transportation Committee. The amended bill states only that it is intent of the Legislature to review provisions of the Federal Real ID Act of 2005.


SignOnSanDiego:

Cedillo, D-Los Angeles, revealed the surprise decision during a hearing before the Assembly Transportation Committee on a broader measure drafted to comply with the federal Real ID Act's requirements for stricter identification standards for driver's license applicants.

...

The legislation had drawn sharp criticism from those opposed to providing licenses to illegal immigrants and from others who argued that the Real ID Act threatened privacy rights and would be too costly to implement.


A rider on a 2005 Iraq/Hurricane Katrina supplemental spending bill, the controversial Federal Real ID Act mandates that states standardize driver's licenses, creating a national ID card backed by a centralized database of aggregated personal records. In the event of a security breach, identity thieves would have the detailed information of 240 million citizens at their fingertips. This includes birth certificates, marriage licenses, divorce papers, court ordered separatios, medical records and information on the name, date of birth, race, religion, ethnicity, gender, address, telephone, email address and Social Security numbers of everyone with a driver's license.

More on RFID cloning

Friday, June 22, 2007

Status of RFID bills

from RFID Journal:

Calif. Legislature Advances RFID Bills

This week, majority votes from members of California's Assembly Judiciary Committee advanced four California State bills drafted to address RFID technology. Three were directed to other Assembly committees, but one—SB 362, which would prohibit the use of subcutaneous RFID implants without consent—is up for a floor vote and could soon land on Governor Schwarzenegger's desk. The Assembly Judiciary Committee approved SB 28, prohibiting the California Department of Motor Vehicles from embedding RFID inlays in driver's licenses; SB 29, preventing California public schools, school districts and county education offices from issuing any student IDs that use radio waves to transmit personal information, or to enable such information to be viewed remotely to track attendance, until Jan. 1, 2011; and SB 30, restricting how RFID technology could be deployed in identification cards issued by governmental entities in California. The three bills will next be sent to the Transportation, Education or Appropriations committee, respectively.

More information on SB 362 from the CA Office of Privacy Protection:

Subcutaneous Implantation of Identification Devices

This bill would prohibit a person from requiring any other individual to undergo the subcutaneous implanting of an identification device. It would authorize the Attorney General or an aggrieved party to bring an action against a violator for injunctive relief or for the assessment of civil penalties to be determined by the court. The bill would grant a prevailing plaintiff reasonable attorney’s fees and costs.

Fact sheet for SB 362

Thursday, June 21, 2007

RFID piece on 20/20



From the Woodland Daily Democrat:

Sen. Simitian's RFID measures, vociferously opposed by the technology industry, were prompted in part by the increasing availability of wireless equipment sold in stores and cyberspace that can read employee badges - even if they are in someone's pocket or purse 20 feet away - and create a new card using that individual's personal information.
...
"RFID technology is built for information to be read at a distance without people's knowledge or consent," said Nicole Ozer, a technology expert with the ACLU of Northern California.

"Just like you wouldn't post your Social Security number on the Internet, you wouldn't tell a passerby your phone number or address, it's important to keep your personal information, safety and financial security," she said.

Monday, June 18, 2007

RFID bills to be considered tomorrow

LA Daily News, via Rough&Tumble:

SACRAMENTO - Forgot your company identification badge at home? That wouldn't be a problem if employees had a small identification device about the size of a grain of rice inserted under their skin instead of a badge.

If that seems Orwellian to you, state Sen. Joe Simitian may have a solution. He's introduced a bill that would bar an employer or anyone else from requiring a person to have one of the devices implanted.

The measure is one of a series of bills the Palo Alto Democrat has proposed to control the use of so-called radio frequency identification devices, which can be placed in badges, passports, driver's licenses and on bodies to transmit radio signals with identifying information.

The Assembly Judiciary Committee is scheduled to consider four of the bills Tuesday.

They also include measures that would bar use of RFIDs in driver's licenses and student identification badges before 2011 and set privacy-protection standards for RFIDs.

A fifth bill by Sen. Ellen Corbett, D-San Leandro, is also on the committee's agenda. It would require companies that issue identification cards or other items containing RFIDs to disclose the personal information that would be revealed by the RFID and what steps they've taken to protect that information.