10.19.2005

The Citizens Against Government Waste Report

The Citizens Against Government Waste has issued a report about Real ID here. This report is important for several reasons:
  1. It covers the history of Real ID and it sneaky passage into law, very well.
  2. It warns that RFID chips may be required in licenses, and estimates a $17.4 billion cost if so. Keep an eye on this number!
  3. They are contemptuous of the federal government's ability to implement secure data bases (such as Real ID will require), and quote many dismal examples to make their point.

The $17,4 estimate is going to show up all over. Deep in the report they explain that they got this number by applying detailed estimates from a report issued by the London School of Economics, for creating a British national ID using an RFID chip. $17.4b sounds like an awful lot of money, but it comes to less than $70 per person. (There are almost 200 million drivers in the US, and many minors and non-drivers will need the new license to fly or enter federal buildings.) Most of the cost is in verifying ID and cards, replacing cards (they wear out in 3 to 5 years), securing the databases, and dealing with stolen and falsified cards.

Here are some other points from this hard-hitting report:
Sneaking through the legislative process without any congressional hearings or deliberation, the Real ID Act became law before most members of Congress had a chance to review it.
The new system places a heavy implementation and cost burden on state and local governments, especially departments of motor vehicles (DMV), as well as taxpayers and drivers. States will now have to verify birth certificates, federal immigration documents, and Social Security numbers with the appropriate federal departments, build a database to store and secure individuals’ identification documents, and train personnel to use the new system. Fees and taxes will have to be increased to cover whatever costs are not paid for by the federal government.
Currently, DHS is in the early stages of drafting guidelines for implementing the Real ID Act, and will monitor the states’ progress in implementing the new requirements. Most of the requirements should be fairly straightforward, albeit time-consuming for state and local governments, especially DMVs. According to NCSL Transportation Committee Director Cheye Calvo, “state officials don’t want DHS to choose one security solution for all states. They prefer trying different techniques with various business partners.”[10] This strategy makes sense, as states such as Arizona and Virginia already use reliable and cost-effective technology to produce identification documents and protect them from fraud and abuse.
... However, some lawmakers believe that no current license is secure enough.
The federal government in particular has a long history of using insecure computer systems. In June 1999, Rep. Roscoe Bartlett (R-Md.) testified that the DOD computer system was penetrated more than 3,000 times, but the hackers were only detected twice.[12] In 2000, hackers were able to gain root-privilege control of 155 systems at 32 federal agencies.[13]
The federal government has attempted to build several information systems that have been complete failures. The most costly example — in terms of dollars and security — was the FBI’s Virtual Case File (VCF). After September 11, the FBI was roundly criticized for being unable to connect the dots between offices and agents, and blame was placed on its technology infrastructure. Responding to the criticism, the FBI worked to finish the VCF, which was supposed to host millions of records and be accessible to every FBI intelligence officer, field agent, and office. ... In June 2005, The Washington Post obtained a confidential 32-page staff report prepared for the House Appropriations Committee. The report stated that doubts about the system were raised as early as 2003 and it “chronicles a list of errors and misjudgments that were made during the software project’s troubled history, from assigning underqualified personnel to poor oversight and inadequate planning.”[17]
The DTS began in 1997 when the Defense Travel System Program Management Office (DTS PMO) announced its decision to acquire a software-based travel system to take the place of traditional travel services and provide an end-to-end automated travel system. Once completed, the end-to-end system was supposed to provide every aspect of DOD’s travel management needs, including travel authorization, ticketing, voucher preparation, and travel reimbursement. ... It is highly unlikely that a fully implemented and fully functional DTS will be achieved, even by September 2006. The most current cost estimate released in March 2005 by the Government Accountability Office (GAO) concluded that the “DTS total life cycle cost estimate, including the military service and Defense agencies, is $4.39 billion.”[19] The new estimate means that taxpayers are paying $4.13 billion, or 1,565 percent, more than the original 1998 figure of $263.7 million.

0 Comments:

Post a Comment

<< Home