15 HVJLT 319
(Cite as: 15 Harv. J.L. & Tech. 319)
Harvard Journal of Law and Technology
*319 THE DEMEANING OF IDENTITY AND PERSONHOOD IN NATIONAL IDENTIFICATION
Richard Sobel [FNa1]
Copyright ( c ) 2002 by President & Fellows of Harvard College; Richard Sobel
TABLE OF CONTENTS
I. INTRODUCTION ....................................................... 320
II. THE COMPONENTS OF A NIDS AND ITS INITIAL DEVELOPMENT ............... 323
III. INTEGRATING THE DATABANKS .......................................... 332
IV. POST-9/11 DEBATE OVER A NATIONAL IDENTIFICATION CARD ............... 332
V. THE FEATURES OF A FORMAL NIDS ...................................... 338
VI. HISTORICAL ABUSES THROUGH IDENTIFICATION SYSTEMS AND DOCUMENTS ..... 343
VII. PRAGMATIC CRITIQUE OF A NIDS: PROBLEMS WITH ID AND DATABANK
REQUIREMENTS ..................................................... 349
VIII. FUNDAMENTAL CRITIQUE OF A NATIONAL ID AND PROFILING ................ 362
IX. FUNDAMENTAL CRITIQUE OF A NIDS ..................................... 370
X. POST-9/11 ANALYSIS: CHANGES IN PREMISES SINCE THE ATTACKS .......... 374
XI. COUNTERVAILING TENDENCIES AWAY FROM A NIDS ......................... 380
XII. A WORLD WITHOUT A NIDS ............................................. 382
XIII. CONSIDERATIONS AND CONCLUSIONS ..................................... 386
*320 I. INTRODUCTION
Even before the attacks on New York City and Washington, D.C. on September 11, 2001, America was moving toward a system of national identification numbers, databanks, and identity cards that conflicts with basic American principles and freedoms. That movement and its recent acceleration contradict the constitutional and philosophical bases of democratic government and undermine the fundamental foundations of political and personal identity. While the problems a national identification system ("NIDS") is intended to solve occur in relatively authoritarian societies, the troubles created by such a bureaucratic scheme plague free societies as well by foreclosing vital options and opportunities. A NIDS demeans political and personal identity by transforming personhood from an intrinsic quality inhering in individuals into a quantity designated by numbers, represented by physical cards, and recorded in computer databanks. Rather than constituting an inherent part of personhood and dignity, ersatz-identity becomes an attribute of bureaucratic and computerized systems. The growing impact of a NIDS on due process, freedom from unreasonable search, free expression, freedom of travel, the right to employment, separation of powers, and federalism makes this issue particularly appropriate for contemporary constitutional and policy analysis.
As privacy advocate Robert Ellis Smith has argued, the ongoing developments toward a national identification system fundamentally contradict the bases of the American system of governance. [FN1] In an open democratic society based on Lockean and Jeffersonian principles, the government derives its powers from the consent of the governed. *321[ FN2] Similarly, the United States Constitution was developed to circumscribe state power through federalism and the designation of fundamental rights. As a consequence, activities such as work, travel, and medical care are to be readily available and respectful of privacy in free societies. In contrast, in authoritarian societies, the government bestows, or denies, identities and opportunities through identification numbers or documents and intrudes into individuals' lives. In addition, because the government has the power to coerce and to control, people confront force when they seek to disobey government directions, including requirements for identification.
Several pre-September 11th ("9/11") databank and identification laws and regulations provided the basis by the mid-1990s for developing a bureaucratic surveillance system through the combination of data collection and identification requirements. Even before its extension, such a national identification system implemented by the government contradicted and circumvented basic constitutional rights, such as privacy. Moreover, a NIDS demeans the political values of identity by substituting ersatz-identities for identities based on personhood.
The fundamental identity and personhood that identification systems challenge are bulwarks for individual development. "[T]he concept of privacy embodies the 'moral fact that a person belongs to himself and not [to] others nor to society as a whole."' [FN3] The "condition of privacy is a moral value for persons who also prize freedom and individuality; part of its defense against unwarranted invasion should include advocacy of a moral right to privacy." [FN4] Individuals have the right to remain free from intrusion because personhood and fundamental rights in an open society create a political space, or buffer, around the individual that permits free expression and unencumbered action.
In a free society under a constitution of enumerated and delegated powers, a regime develops based upon and generating basic, retained rights for individuals as persons. This system derives from the over-arching principle of governance by consent. This dimension creates a buffer around individuals and against state action. Individuals inherently possess rights and political identities.
However, under a national identification system, rights are derived from credentials. People obtain ersatz-identities based on identification documents and numbers or places in databanks. The requirement *322 to prove identity or appear in a national databank in order to obtain and exercise certain rights demeans the foundation on which free governance is based. The use of personal information for governmental action without consent or due process violates liberty and property rights.
The existence of databanks and identification schemes implies that society has a right to surveil its subjects and to define individual identities separate from the inherent nature of personhood. The difference appears in the contrast between a system with a constitutional right to be free from unreasonable search as a person and a system with police privileges to search anyone at will. Freedom from search by virtue of personhood contrasts with obtaining that right only after one has proved to be a citizen through identification and thus deserving of that right or privilege. When one may only exercise fundamental rights with proper documentation, the nature of political and personal identity is degraded.
Personhood is a fundamental element of both personal and political identity [FN5] that implies a "bundle of rights." [FN6] As Justice William O. Douglas noted about the importance of personhood in his concurrence to Roe v. Wade in Doe v. Bolton, "the autonomous control over the development and expression of one's intellect, interests, tastes, and personality" is a constitutionally protected right and fundamental to privacy. [FN7] In his dissent in United States v. White, Justice Douglas advised that:
Invasions of privacy demean the individual. Can a society be better than the people composing it? When a government degrades its citizens, or permits them to degrade each other, however beneficent the specific purpose, it limits opportunities for individual fulfillment and national accomplishment. [FN8]
*323 The creation of a NIDS undermines the basic principles of personhood, sovereignty, due process, and federalism in the U.S. Constitution while ultimately providing questionable utility. The increased reach and effects of a NIDS on these fundamental issues requires the exploration and contemplation of its constitutional and policy implications.
II. THE COMPONENTS OF A NIDS AND ITS INITIAL DEVELOPMENT
Even before the recent calls for a national ID card, a NIDS was developing from the combination of government databanks and ID requirements. The five basic parts of an incipient NIDS are the Immigration Reform and Control Act of 1986 ("IRCA"), [FN9] the Illegal Immigration Reform and Immigrant Responsibility Act of 1996 ("IIRIRA"), [FN10] the Personal Responsibility and Work Opportunity Reconciliation Act of 1996 ("Welfare Reform Act"), [FN11] the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), [FN12] and the Federal Aviation Administration ID requirement and Computer Assisted Passenger Screening system ("CAPS"). [FN13] Other governmental and private databank and ID requirements also contributed to a NIDS both before and after 9/11. These five databanks constitute an informal NIDS, of which a national ID (or national ID number) is only one component.
Each of the major elements of the NIDS has a government identification or government databank component. The responses to terrorism and subsequent calls for a national ID may accelerate and expand the integration of these and other existing databanks and government ID requirements. While all of these systems have law enforcement implications, this Article emphasizes civil and administrative databanks and ID schemes. Other databanks involve on law enforcement activities, such as the Federal Bureau of Investigation's ("FBI") National Crime Information Center 2000 ("NCIC"). This distinction may *324 be eroding, however, in response to recent calls to integrate private with public databanks, and criminal justice databanks with credit card and travel histories, to create a "trusted traveler system" as discussed below. [FN14]
The Immigration Reform and Control Act of 1986 requires employers to have employees fill out and sign an I-9 verification form to prove that they are U.S. citizens or have governmental permission to work in the United States. To verify citizenship or government approval of employment, employers are also required to ask employees within three days of commencing employment to provide government identification, such as a passport or a driver's license plus a Social Security card. Employers may be fined up to $10,000 for each undocumented alien employed. [FN15]
In 1996, IIRIRA extended IRCA. [FN16] IIRIRA requires employees to provide identification to prove citizenship or government permission to work. [FN17] In addition, IIRIRA provides for a five- to seven-state "Pilot Program for Employment Eligibility Verification," which allows for databank checks for Social Security numbers. [FN18] It also provides funding for the "Machine- Readable-Document Pilot Program" in Iowa and the "Criminal Alien Identification System" Pilot Program. [FN19] IIRIRA calls for the standardization of birth certificates and driver's licenses in all states including Social Security numbers ("SSNs") [FN20] and for the development of prototype counterfeit- resistant Social Security cards. [FN21]
The Welfare Reform Act of 1996 mandates the creation of a federal databank to track all newly hired employees. The National Directory of New Hires ("New Hires Databank") records names, addresses, Social Security numbers, and wages for everyone hired after October 1, 1997. The information is collected at the state level and is transmitted to a national databank at the Department of Health and Human *325 Services ("HHS"). The New Hires Databank's stated purpose is to assist federal and state officials in locating parents who owe child support by tracking them from job to job and state to state, but it affects all newly hired employees. Thus, over time it would include almost the entire labor force of 120 million people. [FN22] As noted below, its uses have now been expanded to tracking repayment of educational loans.
The Health Insurance Portability and Accountability Act of 1996 was passed in an effort to make health insurance transferable when people change employers. [FN23] HIPAA mandated the development of both a unique health identifier ("UHID") and a national electronic collection system for personal health care data. The goal of a unique national health identifier was to facilitate the tracking of patients, health care providers, health plans, and health care events paid for by public or private funds. It was meant to assist in monitoring patients' health conditions, recording changes in providers, obtaining patients' old records, streamlining billing, and creating a national database to analyze costs or perform research studies. All information from patients' medical records would be included in this electronic system. [FN24]
Since October 1995, the Federal Aviation Administration ("FAA") has required airlines to ask passengers to identify themselves with government-issued photo identification. [FN25] For this purpose, passengers *326 typically need to provide a driver's license with a photo, a passport, or a governmental agency ID card. [FN26] Though ID is not strictly required by the FAA, it is the standard procedure for air travel. [FN27] CAPS requires that all passengers be profiled at check-in. [FN28] Those who fit a certain profile, such as passengers paying for tickets in cash or traveling one-way, are subjected to increased scrutiny, including a more intrusive search of their carry-on and checked luggage. [FN29]
Two of these acts, the Welfare Reform Act and IIRIRA, also call for upgrading identification documents. Both include provisions that require the Social Security Administration ("SSA") to upgrade the actual Social Security card. [FN30] As noted above, IIRIRA establishes Iowa's Machine-Readable-Document Pilot Program, in addition to the Criminal Alien Identification System Pilot Program that is tied to employment scrutiny. [FN31] The act provides that federal agencies "may not accept for any official purpose a certificate of birth" or driver's license *327 that fails to comply with federal regulations. [FN32] The act also includes a federal funding provision to link birth and death records. [FN33]
Other databank and ID requirements also contribute to a NIDS. Department of Transportation ("DOT") and SSA requirements mandate upgrading driver's licenses and Social Security cards as identification documents and require the DOT to impose standards to federalize the driver's license. In 1996, IIRIRA required that, by October 1, 2000, all state driver's licenses must display a SSN on or in driver's licenses. [FN34] A federalized driver's license would include the licensee's name, address, phone number, date of birth, physical descriptors, a photo, a social security number, and perhaps a biometric identifier. Proponents of the federalized driver's license maintain that it will reduce the number of forged identity documents used by illegal immigrants to gain federal benefits. [FN35] In response in April 1996, the Georgia Legislature passed a bill that mandates fingerprints for Georgia driver's licenses. [FN36] California, Florida, and Hawaii require fingerprints to apply for driver's licenses. [FN37] IIRIRA provisions for a federalized driver's license (or birth certificate) would deny federal benefits unless these ID documents incorporated social security numbers. [FN38] As a consequence, someone with an old driver's license (or birth certificate) would not be eligible to receive federal benefits. This requirement would force states, like Vermont, that do not require a photo on a driver's license to include one. [FN39]
Currently, the Problem Drivers Pointer System ("PDPS") and Commercial Driver's License System ("CDLIS") facilitate the interstate *328 sharing of information on problem drivers. [FN40] In the aftermath of 9/11, the American Association of Motor Vehicle Administrators ("AAMVA") announced proposals to cooperate with upgrading the driver's license with security features, such as a fingerprint or digital photograph, which would turn it into a de facto national identity card. [FN41] These licenses would also include barcodes or magnetic strips so they could be electronically scanned. The plan would involve linking the driver's license databases with law enforcement agencies. [FN42]
Citizens currently cannot obtain or renew a passport without providing a taxpayer identification number, usually a SSN, under penalty of a $500 fine levied by the Internal Revenue Service ("IRS"). [FN43] The intent of the provision is to allow the IRS to check on tax compliance by foreigners or citizens living abroad, yet the system is administered by the State Department, which issues passports to citizens living in the United States. [FN44] This provision is not subject to the Code of Fair Information Practices, which would prevent information about a person from being obtained "for one purpose from being used or made available for other purposes without his consent." [FN45] Thus, this requirement infringes the right to travel because individuals cannot get their passports renewed unless they provide a SSN. [FN46]
The Health Care Financing Administration, created in 1977 to manage the Medicare and Medicaid federal health programs, has set up a database to monitor the quality of health care among senior citizens. The database tracks the billing records and the performance of *329 over 9,000 Medicare-certified health care providers. Patients are asked, among other questions, personal information about "socially inappropriate behavior," "a sense of failure," and depression. [FN47] The database system has been scaled back, but not abandoned, because of public protest. [FN48] In late December 2001, HHS also proposed a Medicare databank to centralize all Medicare patient records under the routine use exemption to the Privacy Act of 1974. [FN49]
There are also several educational databanks that collect records on students as soon as they enter school, and contribute to a "nationwide data-exchange network." [FN50] The Goals 2000, Improving America's Schools, and School to Work Opportunity Acts created "vast and potentially ill-protected computerized records about children and families throughout America." [FN51] The National Center for Education Statistics tracks children's educational records and creates a "spider web of data exchange." [FN52] Data collection also includes socioeconomic status, learning disabilities, medical, behavioral, and family problems. [FN53] There are provisions for restricting the use and disclosure of individually identifiable data for statistical purposes, but they include exceptions for releasing individual data to the U.S. Comptroller General and the Secretary of Education. [FN54] Moreover, there are exceptions for disclosures without consent for routine uses and for civil or criminal law enforcement activity. [FN55] The "laws don't block the government's collection of individually identifiable information, only its use." [FN56]
The Bank Secrecy Act of 1970 created permanent records of all individuals' checks, deposits, and other banking activities. The statute also required similar recordkeeping for credit-card companies. [FN57] The act provided for informal access to records by law enforcement personnel. In California Bankers Ass'n v. Shultz, the Supreme Court held *330 that the act does not implicate Fourth Amendment protection. [FN58] While not developing a databank per se, the act creates the records and the potential mechanism for keeping track of all financial transactions in a central databank. [FN59] A December 1998 Federal Deposit Insurance Corporation ("FDIC") proposal for banks to scrutinize customer transactions -- "in effect would have mandated warrantless searches of private financial records" -- was put in abeyance. [FN60] Similar provisions, however, were resurrected after 9/11. [FN61]
Besides these databanks, there are numerous other government databanks that include records on over 280 million Americans. The Privacy Act requires a yearly census of databanks, but one has not been conducted recently. [FN62] The second annual report of the Privacy Act in June, 1977 showed a total of 6,753 "systems of records," as defined under the act, with data on 3.8 billion individual personal records. Among the largest are the SSA databank, tied to the Social Security card and now used regularly to verify SSNs for private employees. The IRS also has tax records on over 250 million Americans, but it has strong privacy protections. [FN63]
Moreover, the integration of public databanks with private data collections on purchasing patterns represents an extension of the NIDS. In seeking protection for the American people against terrorist attacks, former President Bill Clinton, calling himself a "fanatic civil libertarian," [FN64] suggested that the federal government acquire the same *331 information about residents that is in the possession of private firms. [FN65] "Under present law," Clinton claimed, "the biggest problem we've got is that the government doesn't have the capacity ... private companies do to track the whereabouts and the activities of people like the two suspects that the CIA did identify when they came into the country on visas." [FN66] Private companies conducting mass mailings "have a far better capacity to track potential terrorists and other suspects who come into this country," without intruding upon privacy, and using "simple information that has been available for years" about all of us. [FN67] The private database holders' "capacity far exceeds anything the government has." [FN68] Clinton added that "we must improve our woefully inadequate computer tracking capacity, [and] integrate the information systems of the intelligence and law enforcement agencies." [FN69]
While companies that sell lists or conduct mass mailings have obtained the vast preponderance of American citizens' names, addresses, credit card balances, and utilities information, the American government, Clinton notes, does not have nearly as complete information. [FN70] Clinton argued that accessing this data is necessary to track potential terrorists and to trace the money that keeps terrorist networks active. [FN71] If "guys like Mohammed Atta [a leader of the 9/11 hijackers] have to stay for a long time, they will use their real names because they may get checked" to get utility bills and credit cards. [FN72] It is "most urgent" for increasing safety in the short run, Clinton argued, that the government develop the capacity, or contract to use the information and techniques that are now legal for use in the private sector. [FN73]
*332 III. INTEGRATING THE DATABANKS
Separately and jointly, the five main databases and other identification schemes set the foundation for a NIDS. Though currently limited in interconnections, there are overlaps among IRCA and IIRIRA information, and the New Hires Databank now extends to student loan compliance. The routine use exemptions applied to the educational acts, possible computer matching among government databanks, and the proposed linking of CAPS with other private and law enforcement databanks implicate the potential for integration into a full national identification system.
Following 9/11, there have been calls for the integration of government databanks and watch-lists at airports to create passenger profiles to identify "safe travelers" and to spot potential terrorists. [FN74] Such an integration would constitute a conflation of administrative, criminal justice, and national security databanks and procedures.
The monitoring of the NIDS and informing citizens of its constitutional and political implications have gained paramount importance because the parts of the NIDS are coalescing in a largely unrecognized manner. [FN75] While such a system might begin informally and partly voluntarily, the momentum will shift toward a precisely structured, mandatory system, requiring a card to be in one's possession at all times. Once in place, such a NIDS would be almost impossible to dislodge.
IV. POST-9/11 DEBATE OVER A NATIONAL IDENTIFICATION CARD
The call for a national ID emerged as a response to the 9/11 attacks partly because supporters of a national ID system claim that existing forms of ID are inadequate. [FN76] This conclusion "has been fueled by an explosion in the number of financial crimes in which fraud artists adopt the identity of their victims" and accelerated by feelings that a national ID would help fight terrorism. [FN77] A NIDS would include assigning a unique identifier to every American to facilitate the merging of numerous existing databases of information. This unified database *333 would permit governmental agencies to assist one another both to avoid national crises and to work together after a crisis has occurred. [FN78] Because the American government already retains significant information about its residents and citizens in disparate databases, [FN79] according to proponents, a NIDS would simply be a more effective compilation of existing information. A NIDS would also better ensure that no wrongdoer gets lost in the cracks of bureaucracy or remains anonymous while traveling. [FN80]
Notwithstanding concerns about government access to compiled information, NIDS proponents argue that sometimes privacy should be sacrificed in favor of necessity or convenience. [FN81] For example, people choose to obtain toll passes that allow them to move quickly through highway tollbooths. The passes also provide information to the toll authority about a person's movement, but those who obtain the passes may see the trade-off as a fair one without recognizing the long term surveillance consequences. [FN82] A NIDS poses a similar tradeoff in that people may have "a little less anonymity for a lot more security." [FN83] To most, less privacy for more security seems reasonable. [FN84] According to a Pew poll immediately after the 9/11 attacks, 70% of Americans favored a national ID card to curb terrorism, though the percentages were lower in prior and subsequent polling. [FN85]
Acculturation is a common explanation for Americans' seeming lack of concern. Americans are used to producing photo identification for a multitude of activities, such as "flying, driving, drinking and *334 check-cashing." [FN86] Military personnel already are given ID cards with embedded computer chips. [FN87] The AAMVA plan for a national security system would incorporate unique identifiers. [FN88]
Suggestions about the type of national ID system necessary to solve this problem vary. For instance, Harvard Law School professor Alan Dershowitz proposes a system using fingerprints in which the identification card itself would only contain minimal personal information, such as "name, address, photo and print." [FN89] The ID card aspect of the system could be optional, but would be meant to expedite security-check processes. [FN90]
Larry Ellison, CEO of the Oracle Corporation, has proposed a more complex system, in which "a national database combined with biometrics, thumb prints, hand prints, iris scans, or other new technology [would] detect false identities." [FN91] The database would contain information such as "names, addresses, places of work, amounts and sources of income, assets, purchases, travel destinations, and more[,]" information that already exists in databases maintained by private companies such as American Express and Visa. [FN92] Ellison argues that this comprehensive system would be one of the best ways to prevent terrorists from operating under assumed names and to generally protect secured locations, such as airports. [FN93]
Specifically, to gain entry to airports, Ellison's system "would require people to present a photo ID, put their thumb on a fingerprint scanner and tell the guard their Social Security number." [FN94] The person's records could be brought up from the database once their identity is confirmed. If there were risk factors, the appropriate measures could be taken to ensure safety. [FN95] While this system may seem complex and potentially cost prohibitive for the government, Ellison's company, Oracle, has "already offered to provide the necessary software for free, and  other companies would pitch in with hardware and support." [FN96] "The database [c]ould be maintained and run by the government alone" to avoid the appearance of corporate benefit. [FN97]
If American citizens remain entitled to value their privacy, they are the ones who have to decide how much of that privacy they might *335 exchange for more security. Dershowitz argues that the amount of privacy that would be relinquished is minimal, given that "[t]he existence of a national card need not change the rules about when ID can properly be demanded." [FN98] However, consideration must be given to the potentially increased likelihood that ID will be demanded by police. [FN99] Dershowitz maintains that a system that minimally inconveniences all members of the population may be superior to the current system of racial profiling where certain members of the population experience increased suspicion based solely on race or ethnicity. [FN100] For instance, if men of Arab descent have proper identification that checks out when compared to the database, they could pass through security at the same rate as other people.
Finally, Robert Scheer maintains that a national ID card may even prove to be a privacy benefit. [FN101] The Defense Department card "enables users to electronically sign and encrypt online documents." [FN102] An ID card could even contain the capacity to scramble cell phone calls for users. [FN103] In terms of protecting against fraud or misuse of cards, a national ID system has the potential to provide protection superior to current options.
The DOT is considering a "trusted-traveler" card for airline passengers, featuring a biometric description of the owner and probably awarded after an FBI background check. The card would aid those who want to travel without waiting in long lines. [FN104] In addition, the FAA is proposing an "air security screening system" to bring together air passengers' travel history, living arrangements, travel companions, and other personal data. [FN105]
Prior to 9/11, there were few calls for such a national ID and many voices questioning it. The political forces pressing for and against a NIDS are varied. Proponents include an association of government *336 officials as well as business leaders. Even before 2001, the National Governor's Association ("NGA") [FN106] had asserted the "great need for some type of personal identification mechanism "to combat fraud, crime, illegal immigration, and mismanagement of funds." [FN107] In 1996, the NGA called for the federal government to implement such a system to track citizens from birth to death.
Another private association raised the issue of a national ID without using that specific name. The AAMVA has called for creating a national license by linking driver's license records with the SSA, Immigration and Naturalization Service ("INS"), and law enforcement agencies. [FN108] These proposals to coordinate state driver's license databanks call for congressional mandates and funding of $100 million. While clearly advantageous for elected and appointed government employees with informational needs, its benefits to private citizens are less clear. [FN109] Both the NGA and AAMVA are private interest organizations of government officials, not government entities per se. [FN110]
*337 In critiquing the AAMVA plan, the Electronic Privacy Information Center ("EPIC") argues that the proposed nationalized driver's license "does not accomplish its stated aims of increased safety and security, but merely shifts the potential for fraud and identity theft to a higher plane, where the intrinsic privacy invasion is greater, and the means of remedying inevitable flaws is more complex and difficult." [FN111] Centralizing authority over personal identity both increases the risk of ID theft as well as the scope of harm when it occurs. Privacy and security are best protected by "documents serving limited purposes and by relying on multiple and decentralized systems of identification in cases where there is a genuine need to establish identity." [FN112]
The AAMVA residency and identification proposals actually would increase the number of unlicensed drivers by making it harder for individuals to get licenses. According to EPIC, the AAMVA is not the right body to determine the "balance between identification and privacy" because it is a trade association representing public administrators that are not directly accountable to the public. [FN113] Its goal of "one card, one person, one record" [FN114] contradicts American diversity. EPIC maintains, "[t]he combination of technical concerns and prevalent American constitutional values protecting freedom of movement, privacy and anonymity," and "strongly suggests that any national identification scheme must be rejected." [FN115] "A national ID would create a false sense of security because it would enable individuals with an ID -- who may in fact be terrorists -- to avoid heightened security measures." [FN116]
Interestingly, the Bush administration, including the cyber security chief, Richard Clarke, has downplayed the idea of a national ID card. [FN117] Supreme Court Justice Antonin Scalia indicates that he would probably vote against such an idea if Americans held a referendum on the idea. [FN118] Conservative New York Times columnist William Safire *338 has warned that the "fear of terrorism has placed Americans in danger of trading our 'right to be let alone' for the false sense of security of a national identification card." [FN119] Internet advocacy groups like the Electronic Frontier Foundation ("EFF"), EPIC, and the American Civil Liberties Union ("ACLU"), as well as some conservative and libertarian groups, such as the Cato Institute, oppose a national ID plan. A coalition of forty groups opposes the AAMVA plan for a national identification system. [FN120]
Some advocates of a NIDS propose a limited document. Yet bureaucratic and technological imperatives and Americans' concern for security suggest that a more, rather than less, complex and intrusive system would be created. The following section provides a possible scenario for such a complete system.
V. THE FEATURES OF A FORMAL NIDS
Independent of the calls following 9/11 for a stand-alone NIDS, such a system has been developing through different databanks that track large numbers of people. The NIDS emerging out of the five major laws and regulations mentioned in the previous sections is likely to expand to fill other purposes. Given the post-9/11 call for a national ID, what might such a system look like beyond the aggregation of the existing databanks and ID schemes? [FN121]
A formal NIDS would require a national ID number, national databank, and national ID card, though less centralized systems are theoretically possible but unlikely in practice. [FN122] Administratively, a formal NIDS would include identification of a supposed constitutional provision permitting it, enabling legislation outlining its proposed provisions, and complex administrative regulations to implement it. Congress would need to pass specific enabling legislation since this is fundamentally a national issue, if constitutional.
The computer databanks of a NIDS would be organized by ID numbers and tied administratively, or perhaps electronically, to a physical card. The national ID numbers would be used for multiple purposes, and computer databanks that collect disparate pieces of information would be integrated. An individual would have to be located in the databank in order to have a legal identity and receive bureaucratic *339 recognition. To receive an ID card, an individual would have to meet registration requirements such as official proof of birth in the U.S. or legal residency. A proper ID would be required to receive government benefits or to exercise political rights. For instance, a national ID would be required for any official encounters, including with the police, or to vote.
Creating a NIDS would begin with the assignment of a unique national ID number. [FN123] This number would probably be a variant on the SSN and includes a security feature such as a "check" digit. [FN124] This data collection about American citizens would begin at birth. It would create for each newborn the prospect of being tracked from cradle to grave by way of a government-issued number. Such a process has already begun with the relatively recent (1990) practice of issuing SSNs at birth, and recording the SSN on the birth certificate.
In order to centralize the information indexed by a national ID number, there would need to be a national databank or a series of interconnected state or regional databanks. A potential basis for this system might be the integration of databanks from each of the five components of the preexisting NIDS. An alternative basis would be Social Security records, IRS data, or census enumerations if confidentiality restrictions were removed. This would involve amending the restrictions on use of governmental records and SSNs in the Privacy Act of 1974 [FN125] and avoiding the Fair Information Practice principles [FN126] that information collected for one purpose should not be used for another without consent of the person identified. Because the AAMVA proposal involves a national lobbying organization seeking congressional legislation and funding, this is not really a form of federalism as it would be developed directly from state initiatives. [FN127]
For efficiency, such a computer system would centralize and interconnect with educational, employment, Social Security, tax, pension, medical information, and perhaps criminal records. This data would paint a detailed portrait of each individual's habits and preferences, even though such collections would not be fully accurate or secure.
*340 A less extensive model for a NIDS lay in the Johnson Administration's 1965 proposal for a National Data Center ("NDC") to centralize and link government data collections. [FN128] The NDC would have stored records from four federal agencies: "population and housing data from the Bureau of the Census; employment information from the Bureau of Labor Statistics; tax information from the Internal Revenue Service; and benefit information from the Social Security Administration." [FN129] The NDC databank would have contained "every person's electronic birth certificate, proof of citizenship, school records, draft registration and military service, tax records, Social Security benefits, and ultimately, their death records and estate information." [FN130] The concept of the NDC "slowly evolved into that of a massive databank containing cradle-to-grave electronic records for every U.S. citizen." [FN131] The rejected NDC would have encompassed only part of the current informal NIDS.
A more complete national data system than an informal NIDS would include the health or travel records generated by HIPAA or CAPS. Like the proposed NDC, a formal NIDS databank would contain birth certificate, citizenship, school, draft, military service, tax Social Security, death records, and additional types of data.
Once established, procedures would have to be developed for entering, checking, and verifying inclusion in the database. There would need to be specific registration procedures at various points in life, periodic updating, and replacement of lost or stolen cards.
Most likely, people would receive a first national ID when entering school at about six years old, and perhaps an updated version upon taking a first job. Children and adults would have to renew their ID every five to ten years, and at life changes ranging from marriage to change of address. This process is similar to obtaining or renewing green cards for immigrants. [FN132] While superficially like renewing a driver's license, it would be much more serious and Kafkaesque [FN133] because of the importance of reestablishing eligibility for a national ID, and the consequences of being denied a card or its renewal. It would also encompass the procedures and bureaucratic requirements of registering for potentially deniable benefits or trying to renew a driver's license when one has a questionable driving record or becomes *341 elderly. Expired national IDs would not be valid or usable as identification.
A possible scenario for constituting a formal NIDS over the life cycle might include the following: at birth, every U.S. citizen would be enumerated and issued a national identification number that would be entered onto a paper or electronic birth certificate and into a hospital (or community) system connected to a national databank. [FN134] Permanent residents and naturalized citizens would be assigned national ID numbers during the process of naturalization or when registering for government benefits. This system would also try to include as many illegal immigrants and temporary visitors as possible.
When a child reached school age, he or she would apply for and, if meeting the criteria, be issued a national ID. Citizens would need to re-register for a NID at the age of sixteen. [FN135]
Over a lifetime, the national ID number would be used to track mandatory updating of home addresses, parental information, health records, school records, employment, and pension records. The NIDS databank, perhaps located at the HHS or the Commerce Department, could include the information on the citizen's receipt of government services such as health care or welfare benefits, and perhaps driving record. The national ID might also serve as a smart card for governmental and private purposes. It might be integrated with, or updated by, referencing certain private databanks. [FN136]
The national ID would also likely include more technologically sophisticated features, such as digital photos, to assist facial recognition technology, perhaps tied to airport or neighborhood video surveillance. [FN137] A biometric would be used to confirm identity electronically. The biometric features most likely would be fingerprint or iris scans, though in theory they could also include DNA representations. The physical card itself might include a barcoded magnetic strip or computer chip to include basic identification information and perhaps medical, eligibility, or criminal records. National IDs would also include anti-counterfeiting measures such as a hologram. [FN138]