Identity theft has been a growing problem for years, but the recent Equifax hack has raised the issue in people’s minds again. Equifax may be the biggest security breach of personal information, but it is not the first and will not be the last.
Americans continue to rely on antiquated methods of identification, the most prominent of which are Social Security numbers. Forcing the Social Security number to act as a secure means of identification asks more of the nine-digit combination than was ever intended.
Last week, reports emerged that the Trump administration was considering the problem of SSNs. They should be. The cobbled-together identification system has been failing for years and will continue to do so unless it is replaced by a secure method of documenting Americans’ identities. We need a better answer to the problem of identifying oneself and protecting that identity from fraud. We need a national identification card.
A Long Time Coming
This is not a new issue. That we do not have a national ID card yet should be chalked up as a victory for two groups: federalists and privacy advocates. For the former group, the idea of the federal government taking over one of the duties of the states—issuing primary identification documents—would continue the troubling trend of concentrating power toward Washington, away from the people. For the latter, giving the government access to and control over our personal information would necessarily degrade our personal autonomy and force people deeper into a system of which some of them want no part.
Neither is a bad position, but their proponents make the mistake of comparing a world with a national ID to one where perfect conditions of federalism and privacy prevail. That’s not a world that exists now, if it ever did.
Federalist opponents of the national ID should consider that we are presently living in a system where the federal government already is deeply involved in tracking everyone’s identity. We have SSNs, as well as passports, and the coordination of state IDs through the REAL ID Act of 2005, among other things. That makes for a hodgepodge of barely functional federal documents combined with federal coercion of the states regarding their own IDs. One federally issued, a secure identification system would simply improve the existing federal IDs while obviating the need to force the states into line on their own. National ID doesn’t bring the feds into the equation: they are already there.
The way things stand now is also unacceptable from a privacy standpoint, as the Equifax hack shows. No matter how careful you are with your own documents, unless you live in an off-grid, cash-only economy, the credit reporting agencies have your information. And they do a terrible job of keeping it safe. In the security breach, which exposed names, addresses, SSNs, and driver’s license numbers, the company did not even exercise the bare minimum of caution in keeping customers’ information safe.
As cybersecurity writer Brian Krebs explains, one section of Equifax’s website was protected by a password and login that were both “admin,” which Krebs notes is “perhaps the most easy-to-guess password combination ever.” The federal government is not the best steward of information, as the 2015 Office of Personnel Management hack showed, but even they are better than Equifax.
Privacy advocates will tell you that Americans have long resisted a national identification card. That’s true, but the result has not been more privacy: it has been less security and less privacy. They are not denying the government a tool, they are simply forcing it to use tools that are less effective and more dangerous.
New Tools Exist
We do not have to re-invent the wheel here. Other countries have been innovating in this field for years. That they do so is not a reason in itself for America to follow: different countries have always had different laws. But actions of other governments can show us that such things are possible, as well as showing which methods are likely to be successful.
Since 2010, India has been rolling out its Aadhaar card to its one billion-plus citizens. While Americans have been using the same SSN technology that their great-grandparents were issued in the New Deal, India has taken a technological leap in using secure, biometric indicators to give its people a reliable form of identification.
The 12-digit ID number is no great improvement on the nine-digit SSN, but it is linked to a database containing enrollees’ fingerprints and iris scans. Stealing the number itself becomes irrelevant, as it is useless without its owner being present, either physically or by a secure mobile connection. By April 2017, as The Economist reports, more than 99 percent of the Indian population was enrolled.
India was starting from a much lower technological base than the United States would, as many of its citizens had no reliable way to identify themselves to anyone who did not know them personally. In America, we have the opposite problem: not only can you identify yourself, but anyone with your credentials can, too. Biometric data, which the State Department is already incorporating into passports, could provide security for domestic transactions, as well.
Many Problems, One Solution
The Equifax hack focuses the ID card discussion on consumer purchases and credit, but that is only one of many reasons Americans need a more secure means of identifying ourselves. Issues of personal identification crop up in many areas of domestic policy.
Consider the question of voter ID, for example. The main allegation from the Left is that this policy makes life more difficult for voters who lack the time or money to procure identification documents. A national ID program could have the resources of the federal government to ensure that everyone has access, and could offer fee waivers to people who cannot afford it—if not being free entirely.
India has managed to identify almost their entire population of 1.3 billion in seven years. Is there any doubt that the much richer United States could do the same for our much smaller populace? All at once, the objections to voter identification would vanish.
Better identification documents would also help with illegal immigrants being employed contrary to our laws. Every one of these employment transactions involves either under-the-table cash payments or identity theft to impersonate a taxpayer with a Social Security number. A national ID card cannot stop someone from getting paid in cash for day labor, but it can help prevent longer-term labor law violations.
The existing E-Verify system, which can be used to ascertain workers’ legitimate identities, could easily be folded into a national ID system, cutting off this avenue of identity theft. Incorporating legal immigrants’ alien ID cards could also ensure that immigrants who do have the right to work here can do so without difficulty.
A unified identity document could go even further in reducing costs, increasing convenience, and securing Americans’ identities. It could be incorporated into the passport system, perhaps even replacing passports altogether for travel to countries that once did not require them, like Canada and the Caribbean. States could fold their state driver’s license systems into the national ID. Although they could not be forced to do so, it might make for an attractive way for state governments to save money while increasing citizens’ security. Registering for the military draft, which is probably unnecessary already, would no longer require a separate process.
The federal government should be careful not to take the idea too far. Although it would be to most people’s advantage to have a more functional ID, any new program should not be made mandatory. We are not a nation where internal passports are required, and we should not become one. Just as you do not now have to have a driver’s license or a passport wherever you go, you should never be required to carry a new federal identification card either.
But for the vast majority, those who already carry and use at least one form of government-issued identification, the federal government ought to consider improving and unifying a system that, as the Equifax hack shows, is currently failing its people.