March 31, 2005 | By Donna Wentworth

New US Passports Will Serve as Terrorist Beacons

The US State Department is pushing for what may be the most misguided and dangerous travel "security" plan ever proposed: putting insecure radio-frequencyidentification (RFID) chips in all new US passports. These chips would broadcast your name, date of birth, nationality, unique passport number, and any other personal information contained in the passport to anyone with a compatible RFID reader. That's right - anyone, not just passport control.

"The upshot of this is that travelers carrying around RFID passports are broadcasting their identity," observes security expert Bruce Schneier. "It means that anyone with a reader can learn that information, without the passport holder's knowledge or consent. It means that pickpockets, kidnappers, and terrorists can easily -- and surreptitiously -- pick Americans or nationals of other participating countries out of a crowd."

Astonishingly, the State Department proposal abandons even the most fundamental security protections. Why broadcast passport data at all? With machine-readable travel documents that require physical contact between passport and reader, you can rest assured that your passport will only be read when you intend to show it, eliminating any risk of surreptitious reading. But the State Department isn't only endorsing contactless RFID technology for passports - it wants to broadcast your personal information in the clear. In other words, it wants to use digital signatures for authentication, but doesn't want to encrypt or otherwise protect passport data, claiming that the information isn't worth protecting and that encryption would interfere with "global interoperability."

This is especially disturbing in light of the fact that safer options are readily available; the government already uses a line-of-sight LaserCard optical memory card that can't be read from your wallet or purse for multiple-entry visa Border Control Cards ("LaserVisas").

Privacy advocate Bill Scannell calls RFID-embedded passports "terrorist beacons" - and that's precisely what they'll become if we allow the State Department to move ahead with this plan. The Department is soliciting the public's input on the new passports, and the time to act is now - the deadline for submitting comments is this coming Monday, April 4. Follow the links below to learn more and submit your comments today:

US State Department Notice of Proposed Rule Making
(Please note that all comments must include the Regulatory Identification Number, RIN 1400-AB93, in the message subject line.)

Bruce Schneier: RFID Passports

Bill Scannell's website: RFID Kills

Edward Hasbrouck: Deadlines Loom for RFID Tracking Chips in USA Passports

Deeplinks Topics

Stay in Touch

NSA Spying

EFF is leading the fight against the NSA's illegal mass surveillance program. Learn more about what the program is, how it works, and what you can do.

Follow EFF

Censorship powers, data retention, and vague hacking crimes: Pakistan's terrible cybercrime bill has it all:

Nov 25 @ 5:11pm

While Bangladesh blocks social messaging apps, locals are turning to Tor and Twitter:

Nov 25 @ 3:50pm

You've heard recent news about Securus, the prison phone service. It's also the proud owner of a very stupid patent.

Nov 25 @ 3:09pm
JavaScript license information