Department of State To Begin Issuing Passport Cards
To be “responsive to the needs and concerns of the border communities and to facilitate the travel of border community residents,” the Department of State has finalized a proposed rule issued in October 2006 providing for a card-format passport as a less expensive and more portable alternative to the passport book.
The final rule (PDF) explains that the passport card does not need to be signed to be valid, whereas the passport book requires a signature to be valid. In addition, it makes clear that those requesting and eligible for a no-fee passport will receive a passport in book form only.
The Department said it received over 4,000 comments regarding the proposed rule. Among those submitting comments were four members of Congress; the governments of Canada and two of its provinces (Manitoba and New Brunswick); a Native American government (Haudenosaunee Confederation, New York); and dozens of city, county, and municipal governments. Also represented were the U.S. Postal Service, the Air Transport Association, over two dozen technology companies and privacy interest groups, five tourism interest groups, and three offshore drilling concerns.
All four members of Congress, as well as technology, security, and privacy groups, said they were concerned about the choice of “vicinity read” radio frequency identification (RFID) technology for the passport card. The opinion expressed by many commenters was that vicinity read technology is not as secure as the proximity read technology currently used in the U.S. e-Passport because it could result in the unauthorized reading of information that could lead to identity theft and tracking of U.S. citizens by terrorists or the government. Several commenters mentioned a 2006 Government Accountability Office review of the US-VISIT program, which reported a low read rate using this type of technology and a statement in the report that it should be used only to track goods, not to identify people. A private company that designs, manufactures, and markets both vicinity and proximity read technology chips commented that the choice of vicinity read technology could have the unexpected result of compromising the security of U.S. borders while severely affecting the personal privacy of U.S. citizens. They also questioned whether vicinity read technology would necessarily improve border crossing times.
The Department said that the vast majority of such comments “reflected an improper understanding of the business model that WHTI [the Western Hemisphere Travel Initiative] is designed to meet and how the technology selected would actually be implemented.” Vicinity-read RFID technology “should allow CBP [Customs and Border Protection] officers to quickly obtain information about the border crosser and perform terrorist watch list checks while they are still awaiting a personal inspection and to read multiple cards simultaneously.” To ensure compatibility and interoperability with the Department of Homeland Security’s border management system, and to secure “significant travel facilitation advantages,” the Department of State said it will produce the passport card using vicinity RFID technology. “The operational concept that this rule promulgates should enable information about a border crosser to be queued while they are awaiting their interviews with the border officers, rather than waiting until they are face-to-face with the officer to provide their personal information,” the Department said, adding that this approach “is designed to substantially reduce wait times at the border, which was the key driver in development of the WHTI passport card business case.”
The Department explained that the vicinity RFID electronic chip contains only one item of information: a unique identifying number that has meaning only inside the secure CBP computer system. No other form of personally identifiable information, such as name, date of birth, Social Security number, or place of birth, will be stored electronically on the passport card or transmitted through RFID. All personal information will be contained in Department of Homeland Security systems and will be accessible only by authorized personnel through secure networks, the Department said. Upon receipt of the passport card number, the border crosser’s personal information will be downloaded from the CBP system and provided to the CBP officer. The CBP officer will then interview the individual, verify his or her identity, and determine the appropriate action to take.
All card holders will also be issued a protective sleeve for the card, which prevents transmission of the card’s unique identifying number. Additionally, use of the passport card is not mandatory. Border crossers who would prefer to use traditional passports may continue to do so, the Department said.
Many commenters also discussed the technology solution in the e-passport, whose business model is different from that of the WHTI, the Department said. In the e-passport case, a different technology solution was selected that enables transfer of personal information in a secure, encrypted, manner. The technology solution for e-passports does not meet the business model for the specific WHTI application, so it was not selected, the Department noted.