Among other things, new laws may be needed to forbid future tech from abusing them, Mike Brickner said
As Delaware moves further into the digital world with mobile driver’s licenses, the head of the state ACLU says laws might be needed to govern the way the licenses are handled.
“It’s complicated like a lot of these private issues,” says Mike Brickner, executive director of the Delaware American Civil Liberties Union.
A normal plastic driver’s license can be stolen if a wallet is stolen, and a thief can get a lot of information off that, he said.
Brickner likes the advantage of being able to configure the mobile license’s privacy settings so that when a person is showing it to enter a bar, buy a drink or buy cigarettes, information such as an address won’t show.
“But every time we add in new technology, there’s also all sorts of threats that could come with that,” Brickner said. “Oftentimes, it’s followed by abuse of that technology by the government, and I think, really, if we want to ensure that people feel comfortable and confident using this, we need to pass really strong regulations to make sure that this type of technology isn’t abused in the future.”
Many Americans live and die by their cell phones, he said. They are filled with important and sensitive data such as financial and medical information, pictures, videos and text messages.
What happens, he said, if a person is pulled over and and shows their mobile license to a police officer, who asks to see the phone.
The Delaware Department of Transportation says that drivers must hand their physical license to an officer if it’s requested, but doesn’t say anything about handing over the phone.
Deldot doesn’t have any plans to ask for any kind of legislation related to the mobile driver’s licenses, which is calls MiDs.
“It was not necessary for the state of Delaware to enact any legislation to allow MiDs in addition to the physical ‘hard card’ credentials,” said spokeswoman Marinah Carver. “Current law didn’t prohibit the implementation or utilization of MiD.”
If an officer asks for the phone, and the person hands it to them, it could be a violation of Fourth Amendment rights that protect against search and seizure if the officer goes through the information on the phone, Brickner said.
And if there’s no rules and regulations regarding the mobile IDs, neither police nor businesses are required to take them, Brickner pointed out.
“So it exists,” he said. “But there’s no ultimate function for it.”
There’s also the potential for other loss of privacy, he said.
“Whenever we’re adding new things, whether it be your ID or biometric information like your fingerprints or facial ID recognition that’s one more layer that we’re adding into the loss of personal data to technology,” he said. “There’s all sort of pitfalls with that. Some of the technology like facial recognition has had a lot of issues in terms of not working well, particularly with communities of color.”
Ultimately, he said, “It’s worrisome that this is potentially more proliferation of that type of technology, where eventually it could lead to — I think — an overall erosion of our private rights because of that technology.”
If a phone with a Mobile ID is stolen, the state will be able to press a button and wipe out the driver’s license information, Carver confirmed when the system was announced and hailed by many as a convenience.
“I love the idea,” said Ben DuPont, who often writes on tech issues and among other things is a co-founder of Zip Code Wilmington. “I think it will help people and am not worried about tracking.”
Brickner said the potential of mobile IDs from a personal or governmental point of view hasn’t really been explored.
“But that’s the other big concern,” he said. “Whenever we open up these arenas of technology, even if the program as it stands today doesn’t call for or allow or have the function to allow the government to do something like that, it doesn’t mean they can’t develop that in the future.”
As more surveillance and technological features are developed, the government often oversteps and has to be pushed back, Brickner said.
“I think that we have to have very clear prohibitions and regulations saying what the government can and cannot do,” he said. “Beyond the government, we can only sort of imagine what other types of actors may be able to hack into a phone and get some of this information, whether that be foreign governments or corporations or just people who are trying to get personal information for different scams and other types of fraud.
“The more that we’re adding onto these phones, tying it to facial recognition or fingerprints and other biometrics, it leads to potentially more issues in the future and sort of these compounding problems of private and technology.”
Brickner said he tries not to use facial recognition software or fingerprint technology if he can.
“For myself, the risks are too big,” he said.
He believes Delaware should be proactive and protect the private rights of its citizens and avoid anything that could lead to abuse and any kind of mass surveillance
“And that means, potentially, updating our privacy laws making sure that there are really clear protections of what the government can and cannot do with that information,” he said.