BILL ANALYSIS Ó SB 249 Page 1 Date of Hearing: September 8, 2015 ASSEMBLY COMMITTEE ON JUDICIARY Mark Stone, Chair SB 249 (Hueso) - As Amended September 4, 2015 As Proposed to be Amended SENATE VOTE: 36-3 SUBJECT: Vehicles: enhanced driver's license KEY ISSUE: Should the Department of Motor Vehicles enter into a memorandum of understanding with the federal government in order to issue, to drivers who opt to obtain them, an "enhanced driver's license," which uses "RFID" CHIP Technology to facilitate movement across the california-mexico border? SYNOPSIS This bill would authorize the Department of Motor Vehicles (DMV) to enter into a Memorandum of Understanding with the federal government to issue "enhanced driver's licenses" (EDL) that would effectively serve as both a driver's license and a passport to persons who request them. Pursuant to the federal Western Hemisphere Travel Initiative (WHTI), persons entering the United States by land or sea from Canada, Mexico, Bermuda, SB 249 Page 2 or the Caribbean must present a passport, EDL, or some other official document that proves identity or citizenship. Before 9-11, land travel across borders, especially between the U.S. and Canada, tended to informal. However, more rigorous enforcement since 9-11 has slowed border crossings and led to longer wait lines. To reduce congestion, WHTI authorized the use of EDL and the U.S. Customs and Border Protection created "Ready Lanes" for persons possessing an EDL. Under WHTI, and rules promulgated by the Department of Homeland Security (DHS), states bordering Mexico and Canada may enter into agreements with DHS to allow issuance of EDL that meet certain criteria, including the use of radio frequency identification (RFID) technology. Proponents of this bill, mostly business groups and local officials from Southern California and Northern Mexico, argue that this measure will reduce wait times and facilitate cross-border travel and trade. Opponents contend that RFID-enabled documents, which can be read remotely, pose a significant threat to personal privacy and could be surreptitiously copied to allow unauthorized border crossings. When the Committee heard a version of this bill in July of this year, the author responded to privacy concerns by stressing the voluntary nature of the program and noting that RFID-enabled licenses will only contain a randomly-assigned number, not personal information. However, for reasons detailed below, recent amendments undermine those responses to privacy concerns. The author will take amendments in this Committee to restore, albeit partially, some of the earlier protections that were in the bill. Privacy rights groups remain opposed. SUMMARY: Authorizes the Department of Motor Vehicles (DMV) to enter into a Memorandum of Understanding with a federal agency to allow DMV to offer an enhanced driver's license, as defined, to applicants who request it. Specifically, this bill: 1)Makes various legislative findings and declarations regarding traffic congestion and wait times at points of entry between California and Mexico and the potentially negative impact of SB 249 Page 3 these wait times on international trade, travel, and commerce. States that it is the intent of the Legislature that employers be prohibited from requiring employees to obtain an EDL as a condition of employment or retaliating against employees who refuse to obtain an EDL. 2)Authorizes the DMV to enter into a Memorandum of Understanding (MOU) for the purpose of issuing an enhanced driver's license, provisional license, or identification card [hereafter EDL] to a person who is at least 16 years of age, a resident of California, and a citizen of the United States. Requires the applicant to submit sufficient proof that meets the requirements of the Western Hemisphere Travel Initiative to establish his or her identity, residency, and citizenship. 3)Requires an applicant for an EDL to sign a declaration acknowledging his or her understanding of radio frequency identification (RFID) technology. 4)Requires the EDL to include reasonable security measures, including the use of tamper-resistant features, to protect against unauthorized duplication or disclosure of personal information. 5)Requires DMV to provide the applicant with a protective shield at the time the EDL is issued and inform the applicant that information on the EDL may be read without the holder's knowledge if the protective shield is not used. 6)Requires that RFID technology contain only a randomly assigned number or employ other security measures deemed necessary by the department that make any information on the EDL unintelligible to an unauthorized reader. In any event the radio frequency technology shall contain no more information SB 249 Page 4 than is required by the United States Department of Homeland Security requirements to permit a border crossing. 7)Requires an applicant for an EDL to have his or her photograph and signature captured or reproduced by DMV at the time of application or renewal. 8)Makes the facial image, signature, and copies or digital images of any documents required for application exempt from public records request. 9)Permits DMV to deny an application for an EDL if it is not satisfied with the genuineness of the applicant's supporting materials, subject to the applicant's right to appeal the denial, as specified. 10) Requires an applicant for an EDL to pay a fee, as set by the DMV but not to exceed $55, and provides that fees shall be deposited in an account and to be used by DMV to implement the provisions of this bill. 11)Requires DMV to make an annual report to relevant legislative committees, as specified. EXISTING LAW: 1)Requires DMV, upon proper application, to issue driver's licenses and identification cards. 2)Authorizes, under the federal Western Hemisphere Travel Initiative, the use of EDLs to prove identity and citizenship SB 249 Page 5 for purposes of traveling between the United States, Canada, Mexico, Bermuda, and the Caribbean, so long as the EDL meets specified requirements, including radio frequency identification (RFID) that signals a secure government data base maintained by the United States Customs and Border Protection. (Public Law 110-53.) FISCAL EFFECT: As currently in print this bill is keyed fiscal. COMMENTS: The Western Hemisphere Travel Initiative (WHTI) represents a joint effort by the Department of Homeland Security (DHS) and United States Customs and Border Protection (CBP) to implement provisions of the Intelligence Reform and Terrorism Prevention Act (IRTPA) of 2004. As of January 1, 2009, WHTI began requiring U.S. citizens traveling between the U.S. and Canada, Mexico, Bermuda, and the Caribbean by land or sea to present a valid U.S. Passport or another WHTI-compliant document. Among the accepted documents are passports, a U.S. passport card, Trusted Traveler Program cards (NEXUS, FAST, or SENTRI), or an enhanced driver's license (EDL). Before 9-11, land travel across borders, especially between the United States and Canada, tended to be informal and less rigorous, with border agents often accepting a birth certificate or even a person's verbal affirmation of citizenship. However, more rigorous enforcement and new requirements under IRTPA slowed border crossings and led to longer wait lines. In an effort to reduce this congestion, WHTI authorized the use of EDLs (including state-issued identification cards), and the CBP created "Ready Lanes" dedicated to travelers with RFID-enabled travel documents. The goal of the EDL program is to strengthen border security and facilitate ease of entry into the United States for U.S. Citizens, especially those driving across the border on a regular basis. Federal law requires that any border state wishing to adopt EDLs SB 249 Page 6 must first sign a Memorandum of Understanding (MOU) with DHS. So far at least four states - Vermont, New York, Michigan, and Washington - have enacted authorizing legislation and already have EDLs in place. New York was the first state to sign an MOU in 2007. In other states the program has been a success. For example, the New York State DMV reports that over 100,000 persons have availed themselves of the new licenses, especially in upstate New York, near the Canadian border. In addition to decreasing overall wait times for travelers, EDL holders often use RFID-enabled "Ready Lanes" created by CBP. According to other states' DMV websites, use of RFID allows border patrol agents to pull up a person's information and photograph immediately without having to collect paper documents, inspect them, and then key in any required information. All of this is done automatically when the traveler holds the EDL in front of the RFID reader. The system does not allow the EDL holder to simply pass through, as in the case, for example, with FasTrak; the border patrol agents must still make a visual identification with the accessed photograph and may ask questions or inspect the EDL. This bill would permit California citizens traveling across the California-Mexico border to take advantage of this more convenient and time-saving process. According to the author, the idea for this bill grew out of his experience as Chair of the Select Committee on California-Mexico-Bi-National Affairs, where he became aware of the significant impact of border wait times on our state's economy. Indeed, the author provided the Committee with a 2007 report suggesting that long wait times slow commerce and discourage personal trips across the California-Mexico border. The report claims that delays at the border at the San Ysidro, Otay Mesa, and Tecate points-of-entry result in the loss of millions of dollars (and even billions) in lost revenue and tens of thousands of jobs in the San Diego-Baja region. (San Diego Association of Governments and the SB 249 Page 7 California Department of Transportation, 2007 Update to Economic Impacts of Wait Times at the San Diego-Baja California Border: Final Report.) Not surprisingly, many of the supporters of this bill represent chambers of commerce and local officials who believe that shorter wait times and more travel across the border will translate into more trade and tourism. In addition to these economic benefits, the author also believes that this bill will allow persons who regularly cross the border to make use of the RFID-enabled "Ready Lanes." Under the MOU authorized by this bill, the DMV could only issue an EDL to a person who requests it and is willing to pay the designated fee. Although many of the details of the program would presumably be specified in the MOU, the bill nonetheless sets forth a number of specific requirements that the MOU must contain. For example, the bill would specify that the RFID technology must only contain a random number or, if it contains other information, the EDL must employ other security measures that render the information unintelligible to an unauthorized reader. All of the states that have adopted EDL to this point apparently use only the randomly assigned number on the RFID chip. The border patrol matches this random to the personal information already in a database. Presumably, a California EDL would similarly contain only a random number, but the bill, as recently amended, would potentially allow the EDL to contain other information, including personal information, so long as it is rendered unintelligible to an unauthorized user and so long as the license contains no more information that is required to permit a border crossing. The bill requires DMV to employ other reasonable security measures, including a shield that would prevent interception by an unauthorized reader. EDL applicants must acknowledge their understanding of RFID technology and be informed that the information on the card or license may be read remotely without the holder's knowledge if the EDL is removed from the protective shield. The DMV websites of other states indicate that these protections are standard practice. SB 249 Page 8 Finally, the bill also sets forth requirements for applying for an EDL. In addition to paying a fee not to exceed $55 and submitting documents proving identity and citizenship, applicants would also be required to agree to have their photograph and signature captured by DMV at the time of application or renewal. The bill exempts the photograph, signature, or other required documents from required disclosure under the Public Records Act. Finally, the bill seeks to make the program self-funding. Proceeds from the application fee will be deposited into the Enhanced Driver's License and Identification Subaccount, which DMV will use to implement the program. Privacy Concerns Surrounding the use of RFID. Much of the concern relating to EDLs, and especially the DHS rule that they include RFID technology, has focused on potential threats to privacy. Despite some technical-sounding terminology, RFID technology is fairly easy to understand. RFID "tags" or "chips" can be embedded into objects, including documents, clothing, pets, and even people. The RFID technology used in the EDL typically consists of a microchip (that stores a randomly assigned number) and one or more antennae. Remote "readers" can read this tag via radio waves. The reader constantly emits radio signals. As a person or object with an RFID tag moves near the reader - the distance varies depending upon the device - the antennae pick up the signal and transmit the number stored on the RFID tag to the reader. Most RFID tags, and apparently all of the ones used thus far for EDLs are "passive," meaning they can only be activated by the reader's radio signal. Some RFID tags are "active," meaning they can actively search out readers in the area. In either case, an authorized reader with access to a secure database can then match the number to the holder's information in the database. In some ways, RFID technology is a higher-tech version of bar code and magnetic strip scanning. However, bar code and strip scanning requires direct contact between the scanner and the SB 249 Page 9 stored information (or at least the magnetic strip or barcode must be in the direct line of sight of a laser). RFID readers, on the other hand, can read the information stored on the RFID tag remotely. Many of these, like the security badges used in the Legislature, must be held within a few inches of the reader. Some RFID readers, however, may read tags from distances of 30 feet or more, according to some studies. Experts disagree on the potential range of RFID readers in the future, but as technology advances it seems reasonable to assume that those ranges will increase. However, the fact that RFID tags can be read at any distance creates the possibility that information stored on an identification document could be read remotely without the holder's knowledge or consent. Information Stored on the RFID Tag. Given that RFID tags can be read at a distance, and potentially without the holder's knowledge, the critical privacy concern relates to the kind of information that is actually stored on the RFID tag and the usefulness of that information to any unauthorized reader. According to CBP and agency websites in the four states that have adopted EDLs, the RFID chip only contains a randomly assigned number that has no meaning until an authorized reader matches the random number to information already in the secure data base. The random number does not provide access to the database; it only allows those who already have access to pull up the EDL holder's data. Where EDLs have been used, personal information does not appear on the card, and the random number, therefore, is only useful to someone who already has access to the database. Even if the RFID tag contains only a random number, however, privacy concerns do not necessarily stop there. For example, privacy advocates claim that security measures must address more than the ability of the reader to access intelligible information from the tag; they must also address potential security breaches along the entire transmission process from tag, to reader, to computer database. Proponents of RFID, on SB 249 Page 10 the other hand, claim that RFID applications are confined to a closed system of authorized tags, readers, and databases within that system. Even if outsiders with remote readers obtained information from an RFID tag that "information" will typically only consist of a random number that is only intelligible to persons within the system or to those who can access that system. If an unauthorized person has accessed a secure government database, then clearly there is bigger problem than the unauthorized reading of the random number on an RFID tag. That number does not provide access to a database or make it easier to hack the data base. Opponents also contend that a random number can itself become a piece of personally identifiable information, noting Civil Code Section 1798.3, which defines "personal information" as "any information that identifies or describes an individual." Opponents note, for example, that the social security number was originally a more or less random number that nonetheless has become permanently associated with the person to which it was assigned for the limited purpose of tracking social security benefits. However, the danger that results from the unauthorized disclosure of a social security number stems from the fact that a social security number is used for identification purposes in a variety of other contexts, such as obtaining credit, opening a bank account, or applying for a job. No one could use the random number on the EDL, as one could use a social security number, to open a line of credit or otherwise commit identity theft. The comparison between the random RFID number and a social security number, therefore, is not persuasive. In addition, according to the websites of the states that have entered into MOUs with DHS, the EDL is issued with a protective "sleeve" or "Faraday shield" that covers the EDL and thereby prevents unauthorized reading of the RFID chip - so long as the sleeve is in place. RFID and Possible Border Security Concerns. Opponents also contend that using RFID technology could pose security as well SB 249 Page 11 as privacy risks. That is, even if an RFID reader cannot access the secure data base it could potentially copy the random number and use it to create a counterfeit license. According to the ACLU of Washington State, studies suggest that such duplication is possible. However, the bill appears to anticipate this problem by specifying that security measures shall include the protective sleeve. In addition, even if a counterfeit EDL were made with the help of a surreptitious reader, the border patrol must still visually determine that the person presenting the EDL matches the photograph that is pulled up from the secure database. Obviously there is no unassailable means of preventing a determined person from making counterfeit EDLs, just as there is no unassailable means of preventing that person from obtaining counterfeit copies of regular driver's licenses or passports or any other form of identification. Recent Amendments Cause Concern: The Committee is hearing this bill for a second time because of recent amendments that eliminate some of the privacy and employee protections that were added to earlier versions of the bill. Although opinions differ on the extent to which the EDL will create privacy or security risks, the author's strongest responses to privacy concerns raised in the past were as follows: (1) the decision to obtain an EDL is entirely voluntary; and (2) the only information that the EDL will contain is a random number that is meaningless to anyone other than an authorized reader who has access to the relevant data base. Recent amendments undermined both of these responses. First, when the Committee heard the first iteration of this bill (AB 2113 in 2012), the author agreed to amend the bill to prohibit an employer from requiring an employee to obtain an EDL as a condition of employment. The Committee felt, and the author agreed, that this ran contrary to the author's desire that the EDL program be strictly voluntary. When the present bill was heard by the Senate Judiciary Committee earlier this year, that Committee recommended, and the author agreed, to add SB 249 Page 12 enforcement provisions to the employer prohibition. Recent amendments removed the entire subdivision setting forth these employee protections. As noted below, the author has agreed to amend the bill again in this Committee to clarify that it is the Legislature's intent to prohibit employers from both requiring employees to obtain an EDL as a condition of employment and taking adverse action against an employee who refuses to obtain an EDL. While the author realizes that intent language is not binding in the same manner as statutory language, he notes that this bill merely permits DMV to enter into a memorandum of understanding and, as such, it will be some time before EDLs are issued. The bill now requires DMV to consult with interested parties, including privacy rights groups and employers, among others, before entering into the MOU. Once the MOU is approved by the federal government, there will still be some amount of time before the EDLs would become available. State law could be enacted to place restrictions on the use of EDLs in the future. Therefore, according to the author, there is no urgent need to address the respective rights of employers and employees at this time. In addition to the employee protections, the prior versions of this bill contained a number of security provisions suggested by privacy rights groups, including, most notably, that the EDL only contain a randomly assigned number and that it not contain any other personal information. The most recent amendments removed these protections. Specifically, the recent amendments eliminated the requirement that the EDL contain only an encrypted random number and replaced that provision with a requirement that the EDL contain only as much information as required by DHS to permit a border crossing. This means, contrary to the amendments previously negotiated and agreed to, the RFID technology on the EDL could, in fact, contain personal information. This could apparently include, at minimum, a name, photograph, and passport information. In short, if the RFID technology did not contain a random number used to match the personal information in the data base, then the EDL would presumably include personal information on the license or card. SB 249 Page 13 PROPOSED AUTHOR AMENDMENTS: In an effort to restore some of the privacy and employee protections that were in the version of this bill when it was heard and approved by the Committee, the author has agreed to take the following amendments: In the Section 1 findings and declarations, a new subdivision (m) will be added to read as follows: (m) It is the intent of Legislature that the decision to obtain or not obtain an enhanced driver's license is strictly voluntary. To that end, if California enters into a Memorandum of Understanding to issue an enhanced driver's license pursuant to the federal Western Hemisphere Travel Initiative (Public Law 110-53 and Public Law 108-458), it is the intent of the Legislature that an employer shall not require an employee to apply for, or use, an enhanced driver's license, provisional license, or identification card as a condition of employment, nor shall an employer discharge an employee or otherwise discriminate or retaliate against an employee who refuses to apply for, or use, an enhanced driver's license, provisional license, or identification card. Replace subdivision (d) in section 15401 with a new subdivision (d) that reads as follows: (d) Radio frequency identification technology shall contain only a randomly assigned number or employ other security measures deemed necessary by the department that make any information on the license or card unintelligible to an unauthorized reader. In any event the radio frequency technology shall contain no more information than is needed to comply with the United States Department of Homeland Security requirements and a machine-readable zone or barcode that contains only so much information as is required by the SB 249 Page 14 federal Western Hemisphere Travel Initiative (Public Law 110-53 and Public Law 108-45) to permit a border crossing. In paragraph (3) of subdivision (b) of Section 15401 replace "randomly assigned radio frequency identification number" with "information on the license or card" ARGUMENTS IN SUPPORT: According to the California Chamber of Commerce, the "ports of entry along the California-Mexico border are among the busiest ports in the world." The Chamber claims that each year forty-five million vehicle passengers cross the border at one of six points of entry, and that "the average wait for travelers at these ports is over an hour." The Chamber further claims that these delays "result in a loss of eight million trips each year," and that in San Diego County alone this translates into an estimated loss of $1.2 billion in revenues. The Chamber believes that this bill will relieve border congestion by allowing travelers to use "ready lanes," and that it will allow CBP officers to quickly assess information "and focus on the traveler's vehicle as opposed to scanning documents - reducing wait time by up to 60%." The Imperial County Transportation Commission supports this bill for substantially the same reasons, claiming that border wait times cause "a devastating loss of nearly $1.5 billion in revenues, 3.4 million potential working hours, 39, 500 jobs, and $59 million in wages annually in the San Diego and Imperial region alone." Several other business groups, both from Southern California and from Baja California, support this bill and cite similar statistics for the economic impact on their respective locales. ARGUMENTS IN OPPOSITION: In a joint letter, the ACLU, Consumer Watchdog, the Eagle Forum of California, the Electronic Frontier Foundation, and the Privacy Rights Clearing House oppose this bill primarily due to their "profound privacy and security concerns about the use of insecure Radio Frequency Identity SB 249 Page 15 (RFID) computer chips in EDL identity documents." In addition to their general concerns that EDLs will compromise the privacy of the holder's personal information, opponents also point out that the EDL lacks some of the security measures used in passports. For example, they claim that in U.S. passports a new random number is generated each time the RFID is read, whereas EDLs now in use in other states appear to use a random number that does not change with each reading. Also, while the data embedded on the passport is encrypted, this bill only provides that the number will be encrypted if "agreed to by the United States Department of Homeland Security." Finally, opponents claim that while EDLs may be optional now, "optional government programs often turn into permanent mandatory programs." The Ella Baker Center for Human Rights and the Legal Services for Prisoners with Children (LSPC) oppose this bill for many of the same reasons raised by the ACLU and others; however, the Baker Center and LSPC also believe that SB 249 will "allow law enforcement officers to racially profile Californians from a distance and without their knowledge." The Baker Center contends that "personal information contained on EDLs will be accessed by [CBP] through the National Law Enforcement Telecommunications System (NLETS), which in turn is "accessible to local law enforcement." In addition to the above arguments, which were made to prior versions of the bill, the ACLU and the Privacy Rights Clearinghouse have submitted additional letters expressing grave concerns that the recent amendments mean that the bill will pose an even greater threat to privacy rights and civil liberties. They also object to the author removing previously negotiated provisions from the bill. PREVIOUS LEGISLATION: SB 397 (Hueso) of 2014 was substantially similar to this bill except that it did not contain a requirement that the applicant be informed, in writing, that SB 249 Page 16 RFID random number could be read remotely and it did not provide penalty provisions enforcing the prohibition against employers taking adverse action against an employee who refused to apply for or use an EDL. That bill passed unanimously off the Senate Floor and unanimously out of this Committee but was held in the Assembly Appropriations Committee. AB 2113 (Hueso) of 2012, was similar to SB 397. That bill passed unanimously out of this Committee but was held in the Assembly Appropriations Committee. REGISTERED SUPPORT / OPPOSITION: Support Calexico Chamber of Commerce California Chamber of Commerce Casa Familiar Chula Vista Mayor's Office City of El Centro City of San Diego SB 249 Page 17 El Centro Chamber of Commerce Todd Gloria, San Diego City Council Member Imperial County Transportation Commission Otay Mesa Chamber of Commerce Representative Juan Vargas San Diego Association of Governments San Diego Regional Chamber San Diego-Tijuana Smart Border Coalition State of Baja, California Opposition ACLU Consumer Watchdog Eagle Forum SB 249 Page 18 Ella Baker Center for Human Rights Electronic Frontier Federation Legal Services for Prisoners with Children Privacy Rights Clearinghouse Analysis Prepared by:Thomas Clark / JUD. / (916) 319-2334