Language Selection

English French German Italian Portuguese Spanish

License-Screening Measure Could Benefit Data Brokers

Filed under
Security

Congress is considering forcing states to use data brokers to help screen applicants for commercial drivers' licenses, a potentially lucrative development for an industry under scrutiny for how it handles personal information.

Under a provision of a major highway bill, state motor vehicles departments would have to establish an "information-based" authentication program before the nation's roughly 12 million commercial drivers' licenses could be issued or renewed.

The provision does not specify who should do the work. But only a handful of companies, such as ChoicePoint Inc., LexisNexis and Acxiom, have services that likely would satisfy the requirements.

The firms, which collect, buy and sell personal information on nearly all U.S. adults, package and analyze data on individuals for a variety of clients, from security and law-enforcement agencies needing background checks to companies trying to better target potential customers.

Several of those firms have recently suffered breaches of their databases, exposing millions of consumers to possible fraud or identity theft. A surge of such incidents at companies, banks, universities and other organizations this year sparked congressional hearings and a slew of pending bills to better protect personal information.

Specific rules for the identification program would be set by the Department of Homeland Security and the Federal Motor Carrier Safety Administration. The provision passed as part of the Senate version of the highway bill, which is now being reconciled with a House version that did not include similar language.

"It's important [for national security] because unless there's an established procedure to authenticate identification documents, we might not know who is getting commercial licenses," said a spokesman for Sen. James M. Inhofe (R-Okla.), who authored the provision.

But state motor vehicle officials say the program would be an onerous, unfunded and unnecessary expense.

The recently enacted Real ID Act imposes several new steps for approval of all drivers' licenses, they say, including verification of Social Security numbers, birth certificates and home addresses. Additional rules exist for certifying drivers who transport hazardous materials, the officials add.

Jason King, spokesman for the American Association of Motor Vehicle Administrators, said commercial data brokers are notorious for refusing to correct their databases if they contain erroneous information.

"We worry that it's garbage in, garbage out," King said. By contrast, he said, states verify Social Security numbers directly with the Social Security Administration and are developing a system to authenticate birth certificates.

In a statement, LexisNexis said it strongly supports the bill, though a spokesman declined to say if it lobbied for the provision.

"While state Departments of Motor Vehicle officials may check identifying documents such as birth certificates prior to issuing a driver's license, these documents can be fraudulently obtained or forged," the statement said.

James E. Lee, chief marketing officer for ChoicePoint, said his firm did not lobby for the bill. But he said ChoicePoint the company has a "national infrastructure" for comprehensive identity verification that states currently lack.

He added that the company corrects all inaccuracies that it can, but that if the data came from government agencies and was wrong to begin with, his firm cannot fix it. The bill includes an amendment by Sen. Russell Feingold (D-Wis.) that mandates standards for accuracy and procedures for challenging incorrect data.
Still, privacy advocates are concerned.

Timothy D. Sparapani, legislative counsel on privacy issues for the American Civil Liberties Union, said he worries about the government expanding its use of background checks.

He added that "it's a rather perverse incentive for the government to reward these companies . . . while these companies have not yet demonstrated a capability to control even the data they have collected."

By Jonathan Krim
The Washington Post

More in Tux Machines

Internet of Things Web Editor Open Source Project Started

The StackSavings Web Editor has recently been launched as an open source project. The aim of the project is to be a Web Editor for the Internet of Things. The IoT web editor is built on Amazon Web Services cloud platform and is working toward the goal of providing an easy to use web editor interface. Read more

GNOME Software 3.22 Will Support Installation of Snaps, Flatpak Repository Files

The GNOME 3.21.4 desktop environment was released last week, which means that many of the default applications and components were updated with bug fixes and various enhancements. Read more

openSUSE Leap 42.2 Now Merged with SUSE Linux Enterprise 12 Service Pack 2

The development cycle of the openSUSE Leap 42.2 operating system continues, and today we would like to inform our readers about the availability of the third and last Alpha build in the series. Read more

Linux 4.7 and Linux 4.8

  • Linux Kernel 4.7 Officially Released, Introduces Support for Radeon RX480 GPUs
    Today, July 24, 2016, after a week of holiday fun, Linus Torvalds has had the great pleasure of announcing the release of Linux kernel 4.7 for all GNU/Linux operating systems. The Linux 4.7 kernel has been in development for the past two months, but that shouldn't surprise anyone who is either reading our website on a regular basis or keeping pace with the Linux kernel development cycle, which was very normal for this branch. A total of seven Release Candidate (RC) testing builds were released since May 29, 2016, which introduced numerous new features and improvements.
  • The Biggest Features Of The Linux 4.7 Kernel
    If all goes according to plan, the Linux 4.7 kernel will be released before the day is through.
  • The Size Of Different DRM Graphics Drivers In Linux 4.7
    Last October I looked at The Size Of The Different Open-Source Linux DRM/Mesa Graphics Drivers, but with it being nearly one year since then and Linux 4.7 due out today, I decided to run some fresh L.O.C. measurements on the popular DRM/KMS drivers to see their current sizes. This lines-of-code counting was mostly done out of a curiosity factor. In this article I'm just looking at the in-kernel DRM code and not the Mesa drivers, DDX drivers, LLVM back-ends, or anything else in user-space related to the open-source graphics drivers.
  • The Btrfs Windows Driver Updated With RAID Support & Other Features
  • Hardened Usercopy Appears Ready To Be Merged For Linux 4.8
    Yet another Linux kernel security feature coming to the mainline kernel that appears readied for the Linux 4.8 merge window is hardened usercopy. Hardened usercopy was originally based upon GrSecurity's PAX_USERCOPY feature but reworked into a whole new form, according to developer Kees Cook at Google. This hardened usercopy is to be exposed as the CONFIG_HARDENED_USERCOPY option within the kernel.