Last Wednesday, the Senate Homeland Security and Governmental Affairs Committee agreed on several amendments to the PASS ID bill
[S. 1261] and sent the legislation
on to the Senate.
Let's take a look at some of the changes:
- Exceptions to the anti-skimming provision
A key privacy protection we support in PASS ID restricts the collection and use of information scanned from the machine-readable zone on your driver's license or ID card. However, in response to the concerns of retailers and other third party users of driver's license information, the committee introduced an amendment that directs the Federal Trade Commission (FTC) to issue regulations establishing exceptions to this anti-skimming provision.
While CDT recognizes that there are legitimate uses for data scanned from licenses, we are concerned by how broadly some of the proposed exceptions are described. The FTC can and should protect the privacy and security of cardholders even under these acceptable uses; otherwise, we risk gutting the anti-skimming provision entirely. As a general matter, the privacy protections the FTC could build in to protect this information will only be more effective if Congress provides specific statutory guidance now for addressing the types of secondary uses of specific information we are most concerned about.
In particular, allowing third parties to store information to "prevent consumer fraud" without building in limits on how long information can be stored and how it could be further shared, aggregated, and used would create a massive loophole in this otherwise much needed protection.
Read more »