No Passport to Privacy

Travelers get chipped.


A close look at your passport will reveal your age, your place of birth, where you've been lately, and, usually, an awful picture. But travel documents could soon reveal far more–and from a distance. In October the Government Printing Office awarded $373,000 in contracts to the firms SuperCom, Axalto, BearingPoint, and Infineon Technologies to produce a new generation of smart passports embedded with biometric RFID chips capable of transmitting data to readers dozens of feet away. By the time you read this, the first of them may already have been issued.

Few object in principle to biometric passports, which should make it more difficult for terrorists or criminals to cross borders with forged or stolen documents. But many civil libertarians are concerned that the "contactless" chips–as opposed to cards that only give up their information upon direct contact with a reader–lack adequate security precautions and are susceptible to unauthorized "sniffing" by identity thieves or government snoops hoping to gather information covertly from passport holders.

Computer security consultant Kevin Barrows, a former FBI agent who worked on high-profile identity theft cases, argues that the information encoded on smart chips –for now, primarily data to be used by facial recognition scanners –would be of little use to identity thieves, unlikely to be worth the trouble of stealing. But security guru Bruce Schneier remains concerned: "Initially it's just going to be the photograph and a few other bits of data, but these things change. And I don't necessarily want to walk around the Third World broadcasting that I'm an American."

The privacy conscious should be able to shield their documents from surreptitious sniffers by covering passports in a metal sheath. "In this case," jokes Schneier, "a tinfoil hat really is the answer."?