Language Selection

English French German Italian Portuguese Spanish

License-Screening Measure Could Benefit Data Brokers

Filed under
Security

Congress is considering forcing states to use data brokers to help screen applicants for commercial drivers' licenses, a potentially lucrative development for an industry under scrutiny for how it handles personal information.

Under a provision of a major highway bill, state motor vehicles departments would have to establish an "information-based" authentication program before the nation's roughly 12 million commercial drivers' licenses could be issued or renewed.

The provision does not specify who should do the work. But only a handful of companies, such as ChoicePoint Inc., LexisNexis and Acxiom, have services that likely would satisfy the requirements.

The firms, which collect, buy and sell personal information on nearly all U.S. adults, package and analyze data on individuals for a variety of clients, from security and law-enforcement agencies needing background checks to companies trying to better target potential customers.

Several of those firms have recently suffered breaches of their databases, exposing millions of consumers to possible fraud or identity theft. A surge of such incidents at companies, banks, universities and other organizations this year sparked congressional hearings and a slew of pending bills to better protect personal information.

Specific rules for the identification program would be set by the Department of Homeland Security and the Federal Motor Carrier Safety Administration. The provision passed as part of the Senate version of the highway bill, which is now being reconciled with a House version that did not include similar language.

"It's important [for national security] because unless there's an established procedure to authenticate identification documents, we might not know who is getting commercial licenses," said a spokesman for Sen. James M. Inhofe (R-Okla.), who authored the provision.

But state motor vehicle officials say the program would be an onerous, unfunded and unnecessary expense.

The recently enacted Real ID Act imposes several new steps for approval of all drivers' licenses, they say, including verification of Social Security numbers, birth certificates and home addresses. Additional rules exist for certifying drivers who transport hazardous materials, the officials add.

Jason King, spokesman for the American Association of Motor Vehicle Administrators, said commercial data brokers are notorious for refusing to correct their databases if they contain erroneous information.

"We worry that it's garbage in, garbage out," King said. By contrast, he said, states verify Social Security numbers directly with the Social Security Administration and are developing a system to authenticate birth certificates.

In a statement, LexisNexis said it strongly supports the bill, though a spokesman declined to say if it lobbied for the provision.

"While state Departments of Motor Vehicle officials may check identifying documents such as birth certificates prior to issuing a driver's license, these documents can be fraudulently obtained or forged," the statement said.

James E. Lee, chief marketing officer for ChoicePoint, said his firm did not lobby for the bill. But he said ChoicePoint the company has a "national infrastructure" for comprehensive identity verification that states currently lack.

He added that the company corrects all inaccuracies that it can, but that if the data came from government agencies and was wrong to begin with, his firm cannot fix it. The bill includes an amendment by Sen. Russell Feingold (D-Wis.) that mandates standards for accuracy and procedures for challenging incorrect data.
Still, privacy advocates are concerned.

Timothy D. Sparapani, legislative counsel on privacy issues for the American Civil Liberties Union, said he worries about the government expanding its use of background checks.

He added that "it's a rather perverse incentive for the government to reward these companies . . . while these companies have not yet demonstrated a capability to control even the data they have collected."

By Jonathan Krim
The Washington Post

More in Tux Machines

Security Leftovers

Leftovers: BSD

  • BSD Mag: Understanding Unikernels by Russell Pavlicek
    The number of tasks which lend themselves to being unikernels is larger than you might think. In 2015, Martin Lucina announced the successful creation of a “RAMP” stack. A variant of the common “LAMP” stack (Linux. Apache, MySQL, PHP/Python), the “RAMP” stack employs NGINX, MySQL, and PHP each built on Rumprun. Rumprun is an instance of a Rump kernel, which is a unikernel system based on the modular operating system functions found in the NetBSD project. So even this very common solution stack can be successfully converted into unikernels.
  • Summary of the preliminary LLDB support project
    Operating systems can be called monitors as they handle system calls from userland processes. A similar task is performed by debuggers as they implement monitors for traced applications and interpret various events that occurred in tracees and are messaged usually with signals to their tracers. During this month I have started a new Process Plugin within LLDB to incept NativeProcessNetBSD - copied from NativeProcessLinux - implementing basic functionality and handling all the needed events in the MonitorCallback() function. To achieve these tasks, I had to add a bunch of new ptrace(2) interfaces in the kernel to cover all that is required by LLDB monitors. The current Process Plugin for NetBSD is capable to start a process, catch all the needed events correctly and if applicable resume or step the process.
  • NetBSD Making Progress On LLDB Debugger Support
    NetBSD developers have been implementing the relevant interfaces needed for the LLVM debugger to effectively monitor and work on the operating system. As part of that they have also improved some of their own documentation, provided new ptrace interfaces, and more. Those interested in LLDB and/or NetBSD can learn more about this debugging work via this NetBSD.org blog post.

Firefox 51 Released With FLAC Audio Support, WebGL 2.0 By Default

Firefox 51.0 just hit Mozilla's FTP servers for those wanting the latest version of this open-source web-browser. Firefox 51 isn't a big feature release for end-users but notably does have support for FLAC audio, at long last! Great to see the web browsers finally shipping support out-of-the-box for this open-source audio codec. Read more

Intel Core i3 7100 Kabylake Linux Benchmarks

Last week I began delivering Linux Kabylake benchmarks with the Core i5 7600K while this week I finally am set to receive the Core i7 7700K. But for those curious how Kabylake is looking on the low-end, I picked up a Core i3 7100 as currently the cheapest Kabylake desktop processor. Here are some initial Linux benchmarks of this Core i3 processor on Ubuntu Linux. Read more