We should have a federally funded, nationwide ID program. Here’s why and how, briefly.
The Case “for”
A federal ID could be used to help ensure the sanctity of the democratic process. With it, one could prove their identity when voting to prevent fraud and hopefully alleviate suspicion of it. Note, there are studies that indicate ordinary voter ID does not increase one’s confidence in the system, even though 80% of our country is in favor of voter ID. However, I am not describing an ordinary voter ID.
If implemented as described below, a federal ID could reasonably prove one’s identity whether in-person, by mail or even online. It could also provide forensically sound evidence in the event that a vote is disputed in any region – each vote would be tied to a unique federal ID and digitally signed with their private key. By verifying a small, random sample of votes one could readily determine that no ballot stuffing, fake registrations, or hacking occurred. After a period of time, the link between ID and vote could be destroyed to retain anonymity (something not guaranteed even now by absentee ballots).
If implemented as described, such a federal ID could mitigate the risk and damage of identity theft. A simple trip to the local card office could permanently lock out the stolen credentials while allowing the victim to continue utilizing their federal ID number. Any further attempts to utilize the stolen credentials will fail yet still be useful for law enforcement purposes.
A federal ID could also be a convenience by consolidating common information. It could be used to provide proof of eligibility for employment. Employers could scan the card and get instant feedback in lieu of the existing I-9 forms. It could show you have a license to drive or carry a concealed firearm in a given state, or even have a professional license. Each state could petition the federal government for certain features they’d like to be readily shown on the ID.
The Case “against”
Cost. There is no way to get around the issue of cost. We simply must decide that the cost of this program is worth it or necessary. However, I am advocating for this ID to be federally funded (including a certain number of re-issuances for loss/theft), thus not an instrument of systemic bias against lower income individuals. To further facilitate that income neutrality, we could fund local employees who will meet lower income individuals at work or home for the purpose of identity verification and issuance, to prevent acquiring or updating the ID from being a source of financial hardship.
Privacy. This is a valid concern with any national program that tracks citizens. However, we are already tracked by multiple federal agencies. There is no reason why a federal ID has to further reduce our privacy, especially if we apply the following stipulations:
- The photograph and any other identifying information appearing on the ID card may NOT be entered into any searchable database other than the federal ID program.
- Require a warrant to obtain a name from the database by submitting a photograph. All facial recognition in the service of a warrant must be done by the federal ID system ONLY i.e., law enforcement would NOT have access to the entire database to perform their own searches.
- Similar to #2, if DNA or other biometric information is incorporated into the system to provide further verification of a person’s identity, searches against that information may only be performed with a warrant, or by card issuing offices when printing a new card and the individual’s identity cannot be verified by visual inspection.
Solution in Search of a Problem. This argument is frequently made by advocates against voter ID such as the ACLU. For instance, they claim there is no evidence of in-person voter fraud being even a minor problem. Even if that is entirely true, voter fraud is a frequently discussed national concern. As mentioned above, a vast majority of our nation is in favor of some form of voter ID, even though they may not realize that ordinary voter ID does not solve many of the problems they are worried about.
I emphatically dispute, however, the ACLU and other’s claim that a federal voter ID could not prevent voter fraud by mail. Digital signatures (and a pseudo form of them for ballot by mail) are a proven technology that can be used to provide a reasonable system of validation of every mailed or digitally submitted ballot, especially if implemented as described below.
- The ID card should prominently display a recent photograph and the birth month and year of the individual for casual in-person verification of their identity (such as when voting at a polling center or being carded for age).
- The ID should have a unique, randomly generated 10 digit alphanumeric ID number, bound to the individual. That will be the individual’s Federal ID for life. It should be closely held like one’s social security number (and indeed could one day replace the SSN), but the cryptographic system described below should allow for recovery of one’s identity after ID theft without having to reissue a new number.
- In addition to the Federal ID, a randomly generated public/private key pair for that individual. The public key should be converted to an alphanumeric form and printed ONLY on the back of the card. This area of the card should be laminated as described below. Upon printing the card, the public key should be digitally scrubbed from the system and available nowhere else.
- The private key should be stored in a centralized, air-gapped system with only two remote capabilities: 1) Cryptographic checksum/signature verification (keyed by Federal ID and a digital signature signed by an individual’s public key) 2) Facial recognition/biometric search by warrant only.
- I’d suggest using elliptic curve cryptography simply to keep the keys of manageable length for a human to type out when doing remote identity verification.
- A new public/private key pair should be generated whenever the card is re-printed (e.g. from loss, theft, information change or even upon request for a fee), and also periodically regardless – perhaps every two to three years. Doing so gives the federal ID a greater resistance to identity theft than the simple social security number + birth day system of authentication we use now. Even if someone’s federal ID becomes public information, it still cannot be used to vote or open a line of credit, for instance.
- The ID should be laminated before being issued, and the lamination on the back should be lenticular over the area of the public key to prevent the key from being read or copied at anything but several sharp angles along the full length of the key. Although this feature serves to prevent casual identity theft from a simple photo or copy of the card, it is not failure proof nor intended to be. One should still be mindful of who handles their ID card.
- The back of the card should VERY prominently indicate that the number on the back should not be duplicated and only entered when performing a remote identity verification (such as when opening a new line of credit, submitting one’s tax returns or even when signing a mail-in ballot).
- I’d suggest collecting an individual’s DNA or other biometrics at birth (and when this system is first implemented) so that their identity can be proven in the future. This information would be searchable by law enforcement by warrant only. Its ordinary use would be in the case of issuing a new ID card when the individual’s identity cannot be determined from their physical appearance.
We can implement a federal ID program that prevents most forms of voter fraud (except coercion), gives consumers greater protection from identity theft and does not reduce privacy.