S. HRG. 107-506 – A License to Break the Law? Protecting the Integrity of Driver’s Licenses

[Senate Hearing 107-506]
[From the U.S. Government Printing Office]

                                                        S. Hrg. 107-506


                               before the


                                 of the

                              COMMITTEE ON
                          GOVERNMENTAL AFFAIRS
                          UNITED STATES SENATE

                      ONE HUNDRED SEVENTH CONGRESS

                             SECOND SESSION


                             APRIL 16, 2002


      Printed for the use of the Committee on Governmental Affairs

                          U.S. GOVERNMENT PRINTING OFFICE
80-295                             WASHINGTON : 2002
For Sale by the Superintendent of Documents, U.S. Government Printing Office
Internet: bookstore.gpo.gov  Phone: toll free (866) 512-1800; (202) 512-1800  
Fax: (202) 512-2250 Mail: Stop SSOP, Washington, DC 20402-0001


               JOSEPH I. LIEBERMAN, Connecticut, Chairman
CARL LEVIN, Michigan                 FRED THOMPSON, Tennessee
DANIEL K. AKAKA, Hawaii              TED STEVENS, Alaska
RICHARD J. DURBIN, Illinois          SUSAN M. COLLINS, Maine
MAX CLELAND, Georgia                 PETE V. DOMENICI, New Mexico
THOMAS R. CARPER, Delaware           THAD COCHRAN, Mississippi
JEAN CARNAHAN, Missouri              ROBERT F. BENNETT, Utah
MARK DAYTON, Minnesota               JIM BUNNING, Kentucky
           Joyce A. Rechtschaffen, Staff Director and Counsel
         Hannah S. Sistare, Minority Staff Director and Counsel
                     Darla D. Cassell, Chief Clerk


                         COLUMBIA SUBCOMMITTEE

                 RICHARD J. DURBIN, Illinois, Chairman
DANIEL K. AKAKA, Hawaii              GEORGE V. VOINOVICH, Ohio
THOMAS R. CARPER, Delaware           SUSAN M. COLLINS, Maine
JEAN CARNAHAN, Missouri              PETE V. DOMENICI, New Mexico
MARK DAYTON, Minnesota               THAD COCHRAN, Mississippi
       Marianne Clifford Upton, Staff Director and Chief Counsel
                 Mark L. Keam, Counsel, Senator Durbin
               Andrew Richardson, Minority Staff Director
          Mason C. Alinger, Minority Professional Staff Member
                     Julie L. Vincent, Chief Clerk
                            C O N T E N T S

Opening statement:
    Senator Durbin...............................................     1

                        Tuesday, April 16, 2002

Theodore W. Wren, Victim of Idnetity Theft.......................     4
Mary Ann Viverette, Chief of Police, Gaithersburg, Maryland, on 
  behalf of the International Association of Chiefs of Police....     7
richard J. Varn, Chief Information Officer, State of Iowa, on 
  behalf of the National Governors Associaiton...................     9
Hon. Barbara P. Allen, State Senator, Eighth District, State of 
  Kansas.........................................................    11
Betty L. Serian, Deputy Secretary for Safety Administration, 
  Pennsylvania Department of Transportation, on behalf of the 
  American Association of Motor Vehicle Administrators...........    13
Barry J. Goleman, Vice President, Public Sector, American 
  Management Systems, Inc........................................    15
J. Bradley Jansen, Deputy Director, Center for Technology Policy, 
  Free Congress Foundation.......................................    17

                     Alphabetical List of Witnesses

Allen, Hon. Barbara P.:
    Testimony....................................................    11
    Prepared statement with an attachment........................    53
Goleman, Barry J.:
    Testimony....................................................    15
    Prepared statement with an attachment........................    66
Jansen, J. Bradley:
    Testimony....................................................    17
    Prepared statement...........................................    80
Serian, Betty L.:
    Testimony....................................................    13
    Prepared statement...........................................    58
Varn, Richard J.:
    Testimony....................................................     9
    Prepared statement with attachments..........................    35
Viverette, Mary Ann:
    Testimony....................................................     7
    Prepared statement...........................................    29
Wren, Theodore, W.:
    Testimony....................................................     4
    Prepared statement...........................................    27


Chart submitted by Senator Durbin entitled ``Forged Documents 
  (Identity Cards, Record Books, Passports)'' with attached 
  photos.........................................................    85
Chart submitted by AAMVA entitled ``77% of Americans favor 
  Congressional legislation to modify the licensing process and 
  ID security''..................................................    95
Food Marketing Institute, prepared statement.....................    96
Raul Yzaguirre, President and CEO, National Council of La Raza, 
  prepared statement.............................................    98
Michael J. Eastman, Director, Government Relations, LPA, Inc., 
  prepared statement.............................................   112
Letter submitted by Mr. Jansen from Marc Rotenberg, Executive 
  Director and Mihir Kshirsagar, IPIOP Fellow, epic.org, 
  electronic privacy information center, with attachments........   124
Article entitled ``IDs--Not That Easy, Questions About Nationwide 
  Identity Systems,'' Stephen T. Kent and Lynette I. Millett, 
  Editors, National Academy Press................................   151

                      A LICENSE TO BREAK THE LAW?

                      PROTECTING THE INTEGRITY OF

                           DRIVER'S LICENSES


                        TUESDAY, APRIL 16, 2002

                                       U.S. Senate,
         Oversight of Government Management, Restructuring,
                 and the District of Columbia Subcommittee,
                  of the Committee on Governmental Affairs,
                                                    Washington, DC.
    The Subcommittee met, pursuant to notice, at 10:03 a.m., in 
room SD-342, Dirksen Senate Office Building, Hon. Richard J. 
Durbin, Chairman of the Subcommittee, presiding.
    Present: Senator Durbin.


    Senator Durbin. Good morning. This hearing will come to 
order. Thank you all for being here. Today, the Senate 
Subcommittee on Oversight of Government Management holds a 
hearing entitled, ``A License to Break the Law? Protecting the 
Integrity of Driver's Licenses and State IDs.''
    On August 1, 2001, two men named Hani Hanjour and Khalid 
Al-Mihdhar drove a van from New Jersey to the Virginia 
Department of Motor Vehicles office located across the Potomac 
River just a few miles from where we are sitting this morning. 
In the parking lot of that DMV, they asked around until they 
found someone willing to lie and to vouch for their Virginia 
residency. They met Luis Martinez-Flores and Herbert 
Villalobos, who, for a price, were willing to help. Hanjour and 
Al-Mihdhar paid these strangers $50 each and received notarized 
forms which claimed that the two transients were, in fact, 
Virginia residents.
    Using these fake documents, Hanjour and Al-Mihdhar walked 
into the DMV, stood in line, like all of us would, had their 
photos taken, and walked out with authentic State-issued 
Virginia photo ID cards. The next day, on August 2, 2001, 
Hanjour and Al-Mihdhar returned to the same Arlington DMV 
office with two friends, Salem Al-Hazmi and Majed Moqed. 
Hanjour and Al-Mihdhar helped Al-Hazmi and Moqed obtain 
Virginia ID cards of their own by vouching that they lived 
together in the State of Virginia. After all, why should the 
clerk behind the DMV counter have any doubts? Hanjour and Al-
Mihdhar produced their Virginia IDs to prove their in-State 
    On the same day, Abdul Al-Omari and Ahmed Al-Ghamdi, who 
were renting a room at a Maryland motel, contacted Kenys 
Galicia, a Virginia legal secretary and notary public, through 
a referral from Luis Martinez-Flores, the same person who was 
hanging around the Arlington DMV the day before. Al Omari and 
Al-Ghamdi paid Galicia to have her prepare false notarized 
affidavits stating that the two men lived in Virginia. Using 
these fake documents, the two went to a Virginia motor vehicles 
office and received State-issued ID cards.
    On the morning of September 11, 2001, Al-Mihdhar, Hanjour, 
Al-Hazmi, and Moqed boarded American Airlines Flight 77 from 
Washington Dulles Airport headed for Los Angeles. They all used 
their Virginia ID cards to board the plane. The same morning, 
Al-Omari used his Virginia ID card to board American Airlines 
Flight 11 in Boston, bound for Los Angeles. At the same 
airport, Al-Ghamdi used his ID card to board United Airlines 
Flight 175, also bound for Los Angeles.
    We all know what happened to those three flights and 
another, United Airlines Flight 93, that never made it to their 
intended destinations that day. Instead, the commercial jets 
tragically became weapons of mass destruction at the hands of 
these terrorists. These terrorists bought their way into our 
shaky, unreliable, and dangerous system of government-issued 
identification. With these phoney cards, doors opened across 
America, including the doors of these doomed aircraft.
    Since September 11, our Nation has been struggling to 
understand how such heinous crimes could have occurred here in 
America. As we reflect upon the events of the past few months, 
we have come to realize that our system of democracy which 
allows all of us to enjoy our freedom is vulnerable to abuse by 
those who seek to destroy that freedom.
    The terrorists mentioned above, along with their co-
conspirators, knew exactly how to take advantage of our open 
and free society. In addition to Virginia, these terrorists 
targeted Florida, a State that at the time did not require any 
proof of residency from anyone. In fact, any tourist could walk 
into a motor vehicle office, fill out a form on his own, and 
receive a Florida license or ID card at that time. At least 13 
of the 19 terrorists held driver's licenses or ID cards from 
Florida. A few of the 19 held licenses or cards from more than 
one State, including from California, Arizona, and Maryland, 
while only one did not appear to hold any American ID.
    Some received duplicate cards from the same State within 
months of September. These foreign terrorists knew that a key 
to their devious plans was to come to America and blend in with 
everybody else until they were ready to take on their murderous 
mission, and one way they blended in with the rest of America 
was to obtain a driver's license or a State-issued ID card that 
helped them present a cover of legitimacy.
    They knew that the driver's license is the most widely-used 
form of personal identification. Across America, law 
enforcement agencies, retailers, financial institutions, 
airlines, and employers acknowledge the presentation of a 
person's driver's license as an acceptable and reliable method 
of verifying a person's identity.
    The driver's license is also a key that opens many doors. 
Anyone who can produce a valid driver's license can access just 
about anything. It can get you access to a motel room, 
membership in a gym, airline tickets, flight lessons, and even 
the purchase of weapons, all without anyone ever questioning 
you about who you really are. If you can produce a driver's 
license, we assume you are legal, you are legitimate, you are 
for real.
    The use of fake IDs is one of the oldest tricks in the book 
for criminals. It is also one of the oldest traditions of 
adolescence and a rite of passage for teenagers, to casually 
use a borrowed or tampered ID to buy alcohol or tobacco 
products or just to get into a nightclub. But after September 
11, use of fake IDs is no longer just a teenage trick or merely 
about drunk drivers, as serious as that is, trying to hide 
their bad driving records using multiple licenses. It is about 
our national security.
    I want to show you a page from the al Qaeda terrorist 
manual. I am sure you cannot read it from there, but this was 
found in Manchester, England. Police officials during the 
search of an al Qaeda member's home found this particular 
document and Attorney General Ashcroft presented it to our 
Senate Judiciary Committee last year. It is obvious that the 
September 11 terrorists were well trained by al Qaeda. They 
followed the instructions flawlessly. Here is an example of how 
successful they were.
    Each obtained the form of a photo ID, but it is not only 
foreign terrorists who use fake IDs or IDs obtained through 
fraudulent means. Seven years ago this week, Timothy McVeigh 
used a fake ID to rent the Ryder truck that he drove into 
Oklahoma City. As part of his plot to blow up the Federal 
Building, McVeigh picked up a fake driver's license in the name 
of ``Robert King.'' The card even listed a false birthday of 
April 19 as some cruel inside joke. That is the day that 
McVeigh executed his terrorist attack against fellow Americans, 
which was planned to fall exactly 2 years after the Waco 
incident of April 19, 1993.
    Another example, fugitive James Charles Kopp was arrested 
in France in March of last year after evading our law 
enforcement officials for almost 3 years. Kopp was accused of 
the October 1998 murder of abortion clinic doctor Barnett 
Slepian, who was shot and killed as he stood in the kitchen of 
his home in Amherst, New York. With help from other 
antiabortion activists, Kopp used a variety of fake driver's 
licenses and passports, changed aliases frequently, and moved 
in and out of the country.
    So as we look to defending America, it is critical that we 
carefully examine how our States issue driver's licenses and ID 
cards today and determine if it makes sense for every State to 
continue to maintain its own unique policy and procedures for 
the issuance process. For example, some States independently 
verify the breeder documents, such as birth certificates and 
passports provided by applicants, while others accept them at 
face value. Some States ask the applicants' Social Security 
numbers, others do not. Some States ask for proof of legal 
status in the country, others do not. Some States take 
fingerprints of the applicants, others do not.
    We also need to examine how secure the cards are 
themselves. For example, each of the 50 U.S. States and the 
District of Columbia issues driver's licenses and ID cards that 
vary widely in the level of security and resistance to 
tampering, from States that incorporate high-tech biometric 
identifiers to States that do not even require a photo on their 
    I recognize many States since September 11 are taking 
proactive, sensible steps to tighten their DMV systems, but I 
believe we need a nationwide effort to coordinate those 
    To help us understand the extent of the weaknesses and 
loopholes that exist in our driver's license issuance process 
and the usage of cards today, this Subcommittee has invited 
seven individuals to discuss these problems and to offer 
solutions. I am pleased to introduce the following witnesses 
and look forward to their testimony.
    I would like to welcome and introduce today's panel, Ted 
Wern, an attorney with Kirkland and Ellis in Chicago, thank you 
for being here; Mary Ann Viverette, Chief of Police of 
Gaithersburg, Maryland, on behalf of the International 
Association of Chiefs of Police; Richard Varn, Chief 
Information Officer for the State of Iowa, who is here on 
behalf of the National Governors Association; the Hon. Barbara 
Allen, State Senator representing the Eighth District of 
Kansas; Betty Serian, Deputy Secretary for Safety 
Administration of the Pennsylvania Department of 
Transportation, here on behalf of the American Association of 
Motor Vehicle Administrators, who have been extremely helpful 
in putting together this hearing; Barry Goleman, Vice President 
of AMS State and Local Solutions; and Bradley Jansen, Deputy 
Director of the Center for Technology Policy at the Free 
Congress Foundation.
    Thank you all for coming. We are looking forward to your 
testimony. It is customary in this Subcommittee to swear in all 
witnesses, so if you would please rise and raise your right 
    Do you swear the testimony you are about to give is the 
truth, the whole truth, and nothing but the truth, so help you, 
    Mr. Wern. I do.
    Chief Viverette. I do.
    Mr. Varn. I do.
    Ms. Allen. I do.
    Ms. Serian. I do.
    Mr. Goleman. I do.
    Mr. Jansen. I do.
    Senator Durbin. Let the record reflect that the witnesses 
answered in the affirmative and will not be asked to leave. 
    That was a joke. I would ask that you limit your oral 
statements to about 5 minutes. I know that is tough because 
this is a complicated issue. I will remind you, your entire 
statement will be entered into the record.
    Mr. Wern, would you like to begin?


    Mr. Wern. Thank you. First, I would like to thank you all 
for the opportunity of coming here and just let you know how 
truly honored I am to be a part of this process in any way.
    \1\ The prepared statement of Mr. Wern appears in the Appendix on 
page 27.
    My name is Ted Wern. I am an attorney in Chicago, Illinois, 
and 4 years ago, beginning in the spring of 1998, a person in 
Columbus, Ohio, stole some of my mail, and in that mail were 
documents containing three vital pieces of information, my 
name, my Social Security number, and my date of birth. Using 
that information as well as a fake identification card, that 
person departed on a crime and spending spree that was 
unimaginable to me at the time, and I still cannot quite put it 
into perspective.
    There are two categories of crimes that he committed. 
First, financial crimes. He incurred up to $50,000 in bad debt 
that I knew about. He had telephone accounts, cable bills, and 
utility accounts. He was able to board airline flights using 
tickets issued in my name, of course, purchased with credit 
cards issued in my name. He was able to rent a U-Haul truck. He 
was able to rent vehicles. He was able to enjoy all of the 
financial freedoms that we all take for granted.
    The second category of crimes were a bit more bold and 
these involved traffic violations. This man would be stopped by 
police--he apparently was not a very good driver. He was 
stopped by police on four separate occasions and he told the 
police that he was me, that he forgot his driver's license, and 
on those four occasions, somehow, the violations went onto my 
driving record. All along, I had no idea this was happening and 
these arrest warrants were issued in my name and all along I am 
just driving around in Ohio thinking that there are not any 
    One of those occasions was actually a DUI, and under the 
same circumstances, he was able to convince the officers, by 
giving all of this information that he had memorized so well 
and claiming that he has lost his driver's license. In those 
situations, we think that there was not an actual identity card 
presented, but it is hard to really know.
    The end result was that warrants were issued in my name. I 
was forced to go to court and appear as Ted Wern under these 
traffic violations and convince numerous judges that these were 
not committed by me. Those were the difficulties in remedying 
the traffic violations, but to be honest, what took more time 
and much more expense was to remedy each one of the credit 
accounts that this person created.
    For every credit card, and there were many, probably into 
the twenties, every credit card and every account, there was a 
half-hour of telephone conversations, numerous letters, 
notarizing of documents. There is a very elaborate process that 
one has to go through to clear these from your name, and the 
most difficult aspect is that you get better at clearing these 
from your name after you keep doing it. But the better you get 
and the quicker you clear your record, the more easy it is for 
him to get more credit because you have now cleared your 
record, your name is clear, and he can just spend more freely.
    The same applies for the traffic violations. Once I cleared 
the warrants, I had a clear record, so when he used my 
information to a police officer, he did not get arrested for an 
outstanding warrant in my name.
    With all that said, despite those problems, the financial 
effects, the inconveniences, the emotional effects of knowing 
that there is someone out there living a much richer lifestyle 
than you are living now on your name and on your credit. Aside 
from all that, I really do consider myself one of the more 
fortunate victims.
    For example, I am an attorney. It is my job to write 
forceful letters, to navigate corporate bureaucracies and to 
follow up with people and it was much easier for me to do that. 
It came natural to me. But there are quite a few people out 
there who do not have those resources. In fact, I volunteer for 
an organization out of San Diego, the Identity Theft Resource 
Center. I help victims in Illinois deal with these problems and 
I get a couple of E-mails a week from people--bright, educated 
people who just have no idea how to start and complete the 
    Yesterday, in an attempt to be a little more presentable 
for this hearing, I decided to get a haircut and the 
hairdresser happened to be a woman from El Salvador who just 3 
months after she came to this country had her identity stolen. 
At the time, her English was not very good and it took years 
for her to clear her record.
    So despite my problems and the heartache it caused, I was 
certainly one of the more fortunate victims, especially given 
that my perpetrator was caught. He is now in jail. He is off 
the streets. Many people are not that fortunate. Most 
perpetrators get to stay out there for a while because, as you 
will hear today, it is a pretty difficult crime to catch. It 
happens sometimes not even on paper.
    So with all of that said, what I would like to emphasize 
here is that this is an extremely difficult situation to remedy 
after it has happened to you. It has taken years for me. I 
would like to say that government and that law enforcement are 
able to correct these problems really easily, but the reality 
is, once it is committed, it is your burden as a victim to 
clear these things up. You cannot ask a police officer or a 
lawyer to go in and convince creditors that you are who you say 
you are. That is something, as we all know when we make 
telephone calls and prove that we hold a particular account or 
whatever, it is something only you can do.
    So what I would like to emphasize is that once this happens 
to somebody, the process for clearing it up is extremely long 
and extremely painful. So given the limited resources that we 
have, the need that we have to deal with this so quickly in 
light of the September 11 attacks, I think we are doing the 
right thing to focus on the prevention end right now. I mean, 
we will get to how to clear it up, how to create a system to 
help people overcome this problem. Right now, as I look back on 
my experience, I wish there was a more rigorous system that 
would prevent somebody from getting that information, from 
using it freely, from getting a fake identification card.
    So I think at this point, we are doing the right thing. We 
are focusing on prevention and I hope that this panel and this 
system can do everything in its power to make this all stop.
    So once again, thank you for the opportunity for coming 
here and it is an honor.
    Senator Durbin. Thank you. Nice haircut. [Laughter.]
    Chief Viverette.


    Chief Viverette. Good morning. I am pleased to be here 
today on behalf of the International Association of Chiefs of 
Police. As you may know, the IACP is the world's oldest and 
largest organization of law enforcement executives. It was 
founded in 1893 and with a current membership exceeding 19,000.
    \1\ The prepared statement of Chief Viverette appears in the 
Appendix on page 29.
    At the outset, I would like to thank you for holding this 
hearing today. From a law enforcement perspective, the 
importance of ensuring the integrity of identification 
documents cannot be overstated. Even prior to September 11, the 
IACP had been concerned with the availability of false 
identification documents and the ease in which false 
information could be used to obtain valid State-issued driver's 
    Law enforcement has seen that the ability of individuals to 
misidentify themselves can have serious, often tragic, 
repercussions in our communities. For example, teenagers often 
seek to obtain false identification documents so that they can 
purchase alcohol. As we all know, underage consumption of 
alcohol often has fatal results. The National Highway Traffic 
Safety Administration reports that in the United States, 
drivers between the ages of 16 and 21 account for just 7 
percent of all drivers in this Nation, yet are involved in 15 
percent of all alcohol-related fatalities.
    Additionally, individuals who have had their license 
suspended or revoked in one State because of their failure to 
operate a vehicle in a safe manner have all too often been able 
to go to neighboring States and acquire a new license under 
false pretenses. As a result, these unsafe drivers are back on 
the roads of our communities. Law enforcement officers who may 
encounter such individuals will rely on their license to 
identify the driver's infraction history and will, therefore, 
be unaware of the driver's actual status.
    Off the roadways, the ease with which criminals can 
fraudulently obtain a valid license or manufacture a 
counterfeit one greatly facilitates their ability to commit 
crimes involving identity theft and identity fraud. In 
addition, each year, law enforcement officers expend thousands 
of hours in efforts to properly identify criminal suspects who 
have misidentified themselves to police.
    However, as we all realize, the events of September 11 
greatly increase our need to ensure that the integrity of the 
driver's license issuance process is enhanced and that the 
ability of law enforcement officers to detect fraudulent 
licenses is improved. As the September 11 attacks demonstrated, 
the local police and other public safety personnel will often 
be the first responders to a terrorist attack. However, the 
role of the State and local law enforcement agencies is not 
limited to responding to these events. These agencies can and 
must play a vital role in the investigation and prevention of 
future attacks.
    Across the United States, there are more than 16,000 State 
and local law enforcement agencies. These agencies and the 
700,000 officers they employ daily patrol the streets of our 
cities and towns, and as a result, have an intimate knowledge 
of the communities they serve and have developed close 
relationships with the citizens they protect. These 
relationships provide State and local law enforcement agencies 
with the ability to effectively track down information related 
to terrorists. Often, State and local agencies can accomplish 
these tasks in a more effective and timely fashion than their 
Federal counterparts, who may be unfamiliar with the community 
and its citizens.
    In addition, police officers on everyday patrol, making 
traffic stops, answering calls for service, performing 
community policing activities, and interacting with citizens 
can, if properly trained in what to look for and what questions 
to ask, be a tremendous source of intelligence for local, 
State, and Federal homeland security forces.
    However, in order to maximize the capabilities of State and 
local law enforcement officers, it is vital that we improve the 
accuracy and ensure the validity of what has become the de 
facto means of identifying individuals in this country, their 
driver's licenses. Law enforcement officials must be able to 
act with certainty when dealing with citizens in our 
communities. We need to be certain that they are who their 
identification documents say they are and we need to be certain 
that the documents themselves are not counterfeit.
    The effort to improve the accuracy of driver's licenses is 
so vital because of the simple fact that individuals with a 
valid driver's license will have greater success in staying off 
the radar screen of State and local law enforcement officials. 
As subsequent investigations have shown, the ability of the 
September 11 terrorists to obtain driver's licenses or State-
issued identification documents greatly facilitated their 
operation within the United States.
    For example, as we all know, on September 9, a trooper from 
my home State of Maryland pulled over Ziad Zamir Jarrah, one of 
the terrorists on Flight 93, which crashed south of Pittsburgh, 
for speeding on Interstate 95 north of Baltimore. During this 
traffic stop, Jarrah produced an apparently valid driver's 
license from the State of Virginia, and as a result, the stop 
proceeded in typical fashion. However, if Mr. Jarrah had been 
unable to produce a license or if he had produced a license 
that the trooper could have identified as fraudulent, then 
further investigation would have been warranted and perhaps 
future events would have taken a different course.
    To address this crucial issue, the International 
Association of Chiefs of Police believes that several steps 
must be taken. First, certain minimum standards must be 
established that will help to ensure that information used to 
establish an individual's identity at the time they apply for 
the driver's license is valid and accurate and consistent from 
State to State.
    Second, agreement should be reached among the States for 
the inclusion of both a unique identifier, such as a 
fingerprint, and anti-counterfeiting security devices in 
driver's licenses.
    Third, States should be encouraged to link databases so 
that licensing agencies and law enforcement personnel in other 
States will be able to access an individual's criminal and 
motor vehicle traffic violation history in order to assist in 
the identification of potential criminal suspects or problem 
    Finally, the IACP believes that penalties for identity 
theft and identity fraud should be increased.
    In conclusion, I would like to state that the ability of 
individuals to obtain inaccurate identification documents 
either through fraud or forgery has been an area of vital 
concern to law enforcement agencies throughout the Nation for a 
number of years. Unfortunately, it took the events of September 
11 to catapult this issue to the forefront of national debate. 
It is the IACP's hope that action to remedy this critical 
situation can be taken in a timely fashion. We look forward to 
working with this Subcommittee, other Members of Congress, and 
our colleagues around the Nation in this effort.
    Thank you for the opportunity to appear before you and I 
would be happy to answer any questions.
    Senator Durbin. Thank you for your testimony. I appreciate 
it very much. Mr. Varn.


    Mr. Varn. Thank you, Senator Durbin and fellow panelists, 
interested guests. I would like to start by saying I am 
representing both NASCIO, which is the National Association of 
State Chief Information Officers, as well as NGA today.
    \1\ The prepared statement of Mr. Varn with attachments appears in 
the Appendix on page 35.
    I need to begin by saying that neither organization has an 
official position directly on the subject of identity security 
or enhancing the driver's licenses or the life document 
systems. NGA does not see a need for Federal action at this 
time. It believes it is a State issue and the States need 
initially to have an opportunity to address it.
    NASCIO and its members have a special interest in the 
information technology issues surrounding identity security and 
want and need to play a role in coordinating and an operational 
role in the design, development, and implementation of IT 
solutions and systems. That said, let me point out some of the 
things I think do need to be done, some of which I personally 
believe involved some Federal action. That is my own personal 
opinion, though.
    Identity security is a critical component, and I will offer 
my own personal opinion separate from NGA or NASCIO's opinions.
    Identity security is a critical component of ensuring 
accuracy and preventing fraud in the granting of privileges and 
benefits in many government programs and processes. Identity is 
like a critical junction point in the wiring of government and 
the information society. If a fault occurs and false positive 
or false negative identifications are made, real harm, ranging 
from financial crime, ruined reputations, exploitation of 
vulnerable children and adults, and violent crime can result. 
Without good identity security, the trustworthy and deserving 
can be denied and the dishonest and undeserving rewarded.
    A common point of confusion in the discussion around 
identity is between the right to anonymity and the right to 
privacy. Privacy laws and constitutional protections are 
plentiful. Anonymity analogs are scarce. One reason for this is 
for most of human history, we have not been anonymous. We have 
lived in close-knit communities and people have known us since 
birth. We have ridden on that assumption, that we knew each 
other, and our credit systems and our business transaction 
systems have depended on that for the last 50, 60, 70 years, 
when, in fact, that system had fallen apart.
    The other reason anonymity is not commonly allowed is that 
it only works where behavior, status, age, or individually 
granted rights and privileges are not at issue. You have a 
right to be anonymous when you pay cash or maybe when you look 
at public records, but not when you are seeking a license, or a 
government benefit, writing a check, using credit, working with 
children or in a secure area, or buying protection from risk. 
The people that do the transactions need to know who you are. 
Who they share that information with is a privacy matter. It is 
not possible to be anonymous and get those rights and 
privileges in most cases.
    The identity system on which we depend for most of our 
transactions is broken and is more likely to actually enable 
identity theft and fraud rather than prevent it. Sound security 
in the creation of authentication needs three parts: Something 
you know, something you have, and something you are. We often 
rely on one or two of these to establish identity and extend 
privileges and benefits. As a result, facts such as we heard 
earlier, such as Social Security number, address, and birthday, 
mother's maiden name, which cannot be adequately protected as 
secrets, are used to create identity.
    It is not these facts or inability to keep them secret that 
is the problem. It is that we rely on them alone to establish 
identity. Moreover, we have grossly inadequate methods for 
creating and determining validity of the documents that 
comprise the ``something you have'' component. And finally, as 
was pointed out, with the exception of photos, we have not yet 
embraced a common and coordinated system of a biometric for 
presenting something you are.
    Our identity system is broken, therefore, because the parts 
are broken. We lack adequate investment, infrastructure 
standards, and process in coordination and information sharing 
among the responsible government entities.
    I would like to just point out what others have said by 
pointing out that I get on planes--our driver's license system 
is one of those parts that is broken--I get on planes with this 
identity right here. It happens to look like a driver's 
license, but it is my State ID card. I needed no more than 
being an employee of the State of Iowa to board every plane I 
have gotten on since September 11, an example of the problem we 
have with the security of the driver's license system.
    Cyber security, homeland security, electronic commerce, 
compliance with many laws such as HIPAA and this whole issue of 
identity security are related and need a coordinated solution. 
However, that is not how these programs are being done or 
addressed. We are headed towards years of rework, retrofit, and 
the integration of stacks of ID cards and ID systems unless 
coordination occurs now.
    There is a crying need for this and this coordination could 
take many forms. I have listed some of them for you in my 
written testimony, such things as interstate compacts, 
committees such as this looking at how the government spending 
is taking place in the agencies and in the programs that you 
have already authorized and making sure that it is coordinated 
both inside the Federal Government and between and among levels 
of government.
    I want to mention one other program that we are doing in 
Iowa that might be also part of the solution. It is a 
relatively simple and cheap effort to ensure that, what we call 
life documents are protected from illegal duplication or 
misuse. We have simply digitized all 11 million birth records 
from the State of Iowa since the 1890's. This system will allow 
the creation of an index and a process to reference that single 
electronic record as the real and unique record of a person's 
birth and databases can reflect when that is used in other life 
document issuing processes, and persons who are the subject of 
that record can find out when their birth record is being used 
to create identity.
    Finally, I would like to point out a need for coordination 
for some Federal activity concerning the legal entry of people 
into our country. There is a hodge-podge of systems that need 
to be coordinated into a single system which mirrors and is 
integrated with these enhanced State and local life document 
systems. The Federal Government needs to have a document that 
shows the beginning, the duration, the course, and the end of a 
legal entrant's life into our country, regardless of whether 
they are just visiting or making America their new home.
    The multiple Federal systems need to create a common 
electronic shared equivalent of a birth and death record. That 
common electronic record can be used by all levels of 
government in the same fashion as a normal birth and death 
record and would be the reference document for forms of 
identity and extension of privileges and benefits. Such a 
record for legal entrants could include a photo, biometric, 
statement and documentation of their life facts, such as name, 
date of birth, and so on. Even if different cards or processes 
stem from this one record, we will enhance the interoperability 
and efficiency of issuance systems and we will prevent fraud.
    With that, I would conclude by saying that NASCIO, NGA, and 
my department, the Information Technology Department of Iowa, 
thank you for the opportunity to testify today and I will be 
happy to answer questions.
    Senator Durbin. Thanks very much, Mr. Varn. Senator Allen.

                   DISTRICT, STATE OF KANSAS

    Ms. Allen. Thank you, Senator Durbin. I appreciate the 
invitation to testify today.
    \1\ The prepared statement of Ms. Allen with an attachment appears 
in the Appendix on page 53.
    I became interested in the issue of identity theft last 
December and January when I personally became a victim of bank 
fraud. I will not go into the details here today, but I can say 
that it was a very time consuming and frustrating and scary 
    As I researched this issue in my own State of Kansas, I was 
stunned to learn how easy it is to obtain fraudulent 
identification which is government issued in the form of 
driver's licenses and ID cards.
    As we all know, reports of identity theft have increased 
significantly and exponentially in the United States and, of 
course, in my State of Kansas, in the last several years. 
Today, I regret to say that Kansas is one of the easiest States 
in the country in which to obtain false identification and to 
steal someone's identity.
    Kansas is one of only a few remaining States that will 
provide any applicant an immediately-issued driver's license or 
ID card with no requirement of a Social Security number or any 
biometric information. We have no security measures in place to 
protect Kansans to ensure that the person applying for a 
driver's license or a non-driver's ID card really is that 
person. A simple photograph yields an instant permanent piece 
of government-issued identification.
    Kansas currently requires a photograph, but no Social 
Security number or fingerprint, to get a driver's license or an 
ID card. The bill which I cosponsored at the beginning of the 
2002 legislative session would amend State law so that all 
applicants for driver's licenses or ID cards would be required 
to submit their Social Security number and a biometric 
identifier, the most common of which would be a thumbprint, to 
obtain identification. Applicants would then receive a 
temporary license or ID card, and only after verification of 
the applicant's identity would a permanent piece of 
identification be issued.
    In addition, today in Kansas you can receive an ID card and 
a driver's license concurrently and we would no longer allow 
that to happen. That would be prohibited.
    The District Attorney's Office in Johnson County, which is 
part of the Kansas City metropolitan area and also near my 
Senatorial district, reports that cases of identity theft 
double every year. Identity theft in the City of Overland Park, 
where I live, have increased 100 percent in each of the last 2 
years. In my county alone, this crime causes over $1 million 
annually in losses to retailers, credit card companies, and 
banks. These losses are passed on to the consumer in the form 
of higher costs for products and services.
    Of course, the financial implications of identity theft are 
substantial, but they pale in comparison to the damage that can 
be done, including loss of life, when criminals steal our 
identities and use them for evil purposes on a broader scale.
    I have attached to my testimony today an article by 
Governor Tom Ridge, Director of the Office of Homeland 
Security, who is encouraging governors and other State 
officials to take steps to improve the security and 
authenticity of driver's licenses. Governor Ridge recently 
urged governors attending a National Governors Association 
meeting to draft model legislation setting standards for more 
secure licensing procedures. By coming up with their own 
procedures, Governor Ridge said the governors would avoid 
having standards forced on them by Congress.
    Driver's licenses are much more than a license to drive. 
They allow us to open bank accounts, to cash checks, to write 
merchants checks, and to step onto airplanes. They are the most 
widely used and accepted domestic document to verify a person's 
identity, but they are not reliable and they will not be 
reliable until we strengthen the verification identity process 
before a license is issued.
    As Americans, we have two choices. We can leave the current 
identification system as it is and risk the personal and 
financial security of private citizens, the finances of the 
business community, and the lives of fellow Americans, or we 
can improve the system.
    Going through this experience in my own State of trying to 
get legislation passed which would strengthen the 
identification system for licenses and ID cards, I found that 
there are some who argue a personal identification system is, 
in fact, an evasion of privacy or a limitation on personal 
freedom, but only those who have something to hide will lose 
from providing proof positive that they are who they say they 
are. Identity cards, and that, in fact, is what driver's 
licenses are today, should be as close to foolproof as 
technology can make them to protect us.
    S. 559 is not about invading Kansans' privacy. It is about 
preserving Kansans' privacy and protecting Kansans' security.
    Senator Durbin, you mentioned the nationwide effort to 
coordinate activities and I want to comment about a question 
you raised in our invitation letter, which was what should the 
role of the Federal Government be in enhancing the reliability 
and security of the driver's license system. Based on my own 
experience in Kansas, I feel quite strongly that a national ID 
card is not the answer. Perhaps the role of the Federal 
Government should be two things. First of all, to set standards 
for more secure licensing procedures, and second, to offer 
financial incentives to States that take every step possible to 
ensure that government-issued identification is authentic.
    Personally, I would welcome incentives from the Federal 
Government to help convince legislators in my State it is 
critical we improve the security and authenticity of driver's 
licenses in Kansas. Many of them still do not appreciate the 
magnitude of this threat to our personal safety and financial 
    I just wanted to comment in closing that this bill passed 
the Kansas Senate in March on a vote of 25 to 15. It passed out 
of the House Judiciary Committee and it is currently lingering 
in the House of Representatives, but I am still hopeful that we 
will get it passed this session. Thank you.
    Senator Durbin. Thank you. Ms. Serian.


    Ms. Serian. Good morning, Mr. Chairman. I am Betty Serian, 
Vice Chair of the American Association of Motor Vehicle 
Administrators, AAMVA. I want to thank you for the opportunity 
to speak this morning.
    \1\ The prepared statement of Ms. Serian appears in the Appendix on 
page 58.
    AAMVA is a nonprofit association representing DMV 
administrators and law enforcement officials throughout the 
U.S. and Canada. And let me tell you about a few Americans.
    Larry and Rita Beller, Edward and Alice Ramaeker spent 
their golden years traveling across the country. They were 
killed on a New Mexico highway by a repeat DUI offender. The 
driver, holding eight prior convictions from different States, 
was under the influence of alcohol and plowed head-on into the 
retirees' car.
    Emeke Moneme, an Ohio resident, had his wallet stolen at 
the local gym. Within weeks of having his license disappear, 
Emeke discovered an identity thief had opened 13 fraudulent 
accounts in his name totaling $30,000 in bad credit debt. It 
took him months to straighten out his life.
    Sara Clark, a schoolteacher, was killed after her flight 
was overtaken by terrorists and crashed into the Pentagon. 
Terrorists boarded her flight using a fraudulently obtained 
driver's license. Sara Clark shared this sad fate with more 
than 3,000 other Americans on September 11.
    Larry and Rita Beller, Edward and Alice Ramaeker shared a 
list of DUI fatalities with more than 16,000 Americans every 
single year. And Emeke Moneme shares identity theft with 
hundreds of thousands of American victims.
    A common thread to these tragedies? The driver's license. 
The driver's license has become the most requested form of ID 
in the United States and Canada. Financial institutions require 
it to open an account. Retailers ask for it when you write a 
check. And the airlines demand it of you before you board a 
    The United States has more than 200 different valid forms 
of driver's licenses and ID cards in circulation. Each State 
and D.C. has different practices for issuing licenses. 
Individuals looking to undermine the system, whether it be a 
terrorist, a drunk driver, or an identity thief, shop around 
for licenses in those States that have become the weakest link.
    In addition, the lack of standard security features on a 
driver's license allows individuals to exploit this system. 
This makes it difficult for law enforcement to verify the 
validity of a license from another State, not to mention the 
identity of the person who is holding that license. The 
situation is worsened by the availability of counterfeit 
driver's licenses and fraudulent documents, breeder documents, 
over the net and in underground markets.
    We already maintain driving records. However, the country 
needs more effective tools to manage them. Problem drivers who 
obtain multiple licenses spread their bad driving history from 
State to State. They avoid detection, they avoid penalties, 
they avoid punishment. We need a system, such as the proposed 
Driver Record Information Verification System, to keep bad 
drivers off the road and save the lives of those who 
responsibly use the privilege to drive.
    DMVs already exchange driver history on commercial drivers 
through the 1986 federally mandated Commercial Driver License 
Information System, also known as CDLIS, and within a 4-year 
period, CDLIS kept 871,000 potentially dangerous commercial 
drivers off the road.
    The American public wants a more secure license and there 
are five ways we believe that Congress can help. Support 
minimum standards and requirements for each State that each 
State must adopt when issuing a license. Help DMVs identify 
fraudulent documents. Support an interstate network for 
confirming a person's driving history. Impose stiffer penalties 
on those committing fraudulent acts. And provide funding to 
make this happen, funding so that States can help ensure a 
safer America.
    Based on a recent survey, the public expects you to help. 
Eighty-three percent of the respondents use their driver's 
licenses for purposes other than driving. Sixty-five percent 
think it is too easy to obtain a fake license or ID card. 
Seventy-seven percent of the respondents favor Congressional 
action to modify the licensing process and ID security.
    For years, AAMVA has worked to strengthen the driver 
licensing process. Following September 11, Americans quickly 
learned how easily terrorists obtain driver's licenses. What is 
saddening is that it took this catastrophic event to heighten 
America's awareness of the importance of secure ID credentials.
    We want to ensure that every driver has one license and one 
driving history and Congress can make that happen. When you can 
verify identity, we are certainly one step closer to preventing 
fraud, protecting privacy, and saving lives. Thank you very 
much for the opportunity to testify.
    Senator Durbin. Thank you, Ms. Serian. Mr. Goleman.


    Mr. Goleman. Thank you, Mr. Chairman, for your leadership 
and the opportunity to be here today.
    \1\ The prepared statement of Mr. Goleman with an attachment 
appears in the Appendix on page 66.
    Senator Durbin, we at AMS believe that this Subcommittee is 
on exactly the right track by holding this hearing and 
advocating the development of a more secure driver's license. 
We believe technology can advance identification security while 
preserving our personal freedoms.
    I work for American Management Systems of Fairfax, 
Virginia, and I have been involved for nearly 30 years at the 
State and Federal level in how licenses are issued and in the 
information systems that support that process. I started as a 
driver's license examiner in the State of California issuing 
licenses. I ran a motor vehicle office and I worked to 
implement the one standard Federal license program that we have 
today, the commercial driver's license. Before I came to AMS, I 
worked at AAMVA, where I built and operated the information 
systems for the exchange of commercial driver information. And 
I know from personal experience that the system can be 
    When I was an examiner, I was presented with counterfeit 
documents to obtain a license. I stopped people from stealing 
identities for the purpose of cashing stolen checks. I was even 
offered bribes of cash or sexual favors in exchange for issuing 
driver's license. For the record, I refused those attempted 
bribes. [Laughter.]
    But unfortunately, not all employees do.
    As has been described by others on the panel here today, we 
have learned that in the aftermath of September 11 that 
terrorists obtained multiple driver's licenses and ID documents 
from State motor vehicle agencies with ease, some using 
fraudulent documents or bribes.
    Despite this security breach, there is encouraging news. 
This is a problem we can fix. With technology that exists 
today, we can stop the fraud and counterfeiting of State 
licenses. A model for the kind of Federal and State cooperative 
effort that is needed is a development of the licensing program 
to meet the requirements of the Commercial Motor Vehicle Safety 
    In helping to develop the information systems for this 
licensing program, I have seen firsthand how State and Federal 
agencies can work together. With Federal funding made 
available, State licensing experts can adopt and implement new 
strict Federal standards. Do not let detractors tell you this 
cannot be done.
    Your leadership and that of the others on this 
Subcommittee, however, is going to be necessary to make this 
happen. It is imperative that we improve the integrity of the 
driver's license to enable it to live up to its reputation as a 
reliable personal identification document. The reality is that, 
today, the license is the trusted de facto identification used 
by Americans to prove their identity within our borders. 
Retailers use them for cashing checks, banks for account 
verification, and airports for access to secure areas.
    Our newly revealed security vulnerabilities demonstrate how 
important it is that the next generation of ID documents adhere 
to standardized security features and use the highest level of 
tamper-resistant technologies available. Biometrics, such as 
fingerprints or facial recognition, for example, can complete a 
positive one-to-one authentication of an individual to the 
card. Smart cards will also make the driver's license into a 
carrier of important data, including the biometric identifier 
on the card itself.
    Used without improved verification techniques, however, 
these cards will be useless as secure, reliable forms of 
identification. I urge you to consider new technologies to 
ensure that people with counterfeit or false IDs will not be 
able to obtain better, more secure licenses.
    The first step is a thorough verification of the 
individual's identity before he or she enters into the system. 
To accomplish this, State examiners must have access to the 
data that backs up the documents, such as birth records and 
immigration data. Today's web services technologies can verify 
information in multiple databases while protecting the personal 
information from unintended disclosure.
    At AMS, we are currently working with Federal and State 
agencies in an effort to improve the basis for making 
identification decisions. Without improved identity 
verification, it is clear that we will not be able to achieve 
our goal of a more trustworthy document.
    I would also like to draw your attention to the importance 
of preventing or deterring employee fraud. Just as I was 
occasionally offered bribes, today's examiners have their 
integrity challenged when criminals seek any path to obtain a 
valid State license. To detect and deter fraud, licensing 
administrators must rely on technology for internal auditing 
and business intelligence tools. These are tools commonly used 
today in the commercial world.
    For example, States issue commercial licenses today 
according to Federal standards and it takes about 45 minutes to 
complete a required driving test. As a supervisor, I would be 
concerned about an examiner who issued a commercial license in 
only 10 minutes and I would want to investigate that 
transaction, but I cannot do that unless I have the data.
    The steps I have outlined are not only necessary, but 
achievable with Federal, State, and private cooperation. With 
your leadership, we can achieve success in improving our 
identification systems and homeland security. I thank you and I 
look forward to your questions.
    Senator Durbin. Thank you very much, Mr. Goleman. Mr. 


    Mr. Jansen. Mr. Chairman, thank you for having us here. I 
wanted to say that there are a lot of debates on this in the 
public fora and I have met with some of the other people in 
this room today. A lot of the other fora are more prone to 
sound bites and do not necessarily advance a solution to the 
debate and I congratulate you for bringing together a lot of 
people who do offer positive solutions. All of the groups that 
I know of here and from what I have heard from the other 
testimony are all trying to reach actual solutions, and there 
is not a simple one-size-fits-all approach that is going to fix 
this and I look forward to working with many of the other 
people here in the future.
    \1\ The prepared statement of Mr. Jansen appears in the Appendix on 
page 80.
    The Free Congress Foundation works with Eagle Forum, the 
Electronic Privacy Information Center, and the ACLU to head a 
loose ad hoc coalition of groups that are opposed to a national 
ID system. I would like to, with that in mind, indulge the 
Chairman to include a letter that EPIC asked me to have 
included in the record.\1\
    \1\ The letter submitted by Mr. Jansen for EPIC with an attachment 
appears in the Appendix on page 124.
    Senator Durbin. Without objection.
    Mr. Jansen. I would like to highlight some of our concerns 
briefly and then go into some other comments. The coalition 
that we are working with put a letter to President Bush on the 
AAMVA proposal. We oppose Federal funding for that proposal for 
a variety of reasons, the first of which is that a national ID 
system would not prevent terrorism. An ID card is only as good 
as the information that establishes the identity in the first 
place and there are other solutions that need to be done.
    A national ID would depend on a massive bureaucracy that 
would limit our basic freedoms. There are problems there in 
terms of just what the identification is. It is not just 
necessarily an identification system, but it could easily 
become a data collection system and there are broader and 
complex issues that need to be addressed there which could also 
contribute to identity fraud.
    A national ID system would be expensive and it would direct 
resources away from more effective counterterrorism measures. 
There have been a lot of varying estimates on this proposal and 
there are lots of other proposals that might be done. We do not 
know what the costs and benefits of these are and we need not 
rush into some kind of a solution for that.
    Our organizations believe very strongly that a national ID 
system would contribute to identity fraud and make it much more 
difficult to remedy instances when victims have suffered 
identity theft.
    Americans have consistently rejected the idea of a national 
ID and limited the uses of data collected by the government. In 
the 1970's, both Presidents Nixon and Carter rejected the use 
of Social Security numbers as a uniform identifier because of 
privacy concerns. A national ID would be one-stop shopping for 
perpetrators of identity theft, who usually use Social Security 
numbers and birth certificates for false IDs.
    Even with the biometric identifier, such as a fingerprint, 
on a national ID, there is no guarantee that individuals will 
not be identified or, more importantly, misidentified in error. 
The accuracy of biometric technology varies, depending on the 
type and implementation, and it would be more difficult to 
remedy identity fraud when a thief has a national ID card with 
your name on it but his biometric information.
    As an example of some of the problems that might happen if 
we were to standardize some of these issues, the letter that I 
received from the Subcommittee here asking me to testify had my 
name spelled differently in the two different times that it 
mentioned my name. Again, I am sure there was no intent to 
defraud or anything else, but transposition errors can happen.
    Senator Durbin. It was a test. [Laughter.]
    Mr. Jansen. A national ID could require all Americans to 
carry an internal passport at all times. That would compromise 
our privacy, limit our freedom, and expose us to unfair 
discrimination based on national origin or religion. The 
national driver's license right now is not used for many of 
these purposes, but other speakers here are right that it is 
used more broadly, and the more it is linked with other 
purposes, the more it could be used and abused for other 
    If it is linked with, for example, our educational 
backgrounds, it will not be difficult to determine that I went 
to a parochial grade school and Jesuit high school that began 
with the word ``Saint'' and determine, therefore, that I am 
Catholic. We need to be very careful what a national 
identification system is that we are talking about and also how 
it might be linked and used with data collection.
    In addition to the concerns that we raised in this 
coalition letter, the Federal Government already has a lot of 
authority to address some of these concerns. Richard Clarke, 
who is the chairman of the new Critical Infrastructure 
Protection Board, was quoted in Wired magazine recently as 
saying, ``On the government systems side, we already have a lot 
of authority to use standards and enforce them. We have never 
done that.''
    What we need to do is for the Federal Government to focus 
on systems that are directly affected by the Federal 
Government. Another speaker here today made reference to a use 
of a mailing that helped perpetuate identity fraud. The post 
office has a national change of address system that needs to be 
addressed for uses for identity fraud.
    We also need to be concerned that standardizing these 
procedures across the States would truncate the discovery 
process during a period of great technological change. Some 
States might adopt different types of biometric identification 
or different types of systems, such as the one advocated by 
Senator Allen, that might be a best system. Even if we adopt 
what might be an overall best system now, there is no guarantee 
that that system would always be the best system, and by 
actually having different States adopting different standards, 
we have a way of comparing and contrasting which systems work 
and which ones do not and adopting the better systems more 
    In conclusion, I would just like to applaud the 
Subcommittee for taking an active role in such an important 
question. The development of new technologies, including 
biometrics, might be able to improve the quality of 
identification systems, but their capability should not be 
exaggerated. The focus of the Federal Government at this point 
should be to address the inadequacies of their own systems, 
such as the passport and INS systems, and again, I thank you 
again for this opportunity.
    Senator Durbin. Thank you, Mr. Jansen.
    Mr. Jansen, let me ask you, you have undoubtedly flown 
since September 11 and have been asked to produce a photo ID at 
an airport, is that correct?
    Mr. Jansen. Yes.
    Senator Durbin. Do you have problems with that? Do you 
object to that?
    Mr. Jansen. To producing ID or a driver's license to 
getting on an airplane?
    Senator Durbin. Right.
    Mr. Jansen. No, not at all.
    Senator Durbin. Why?
    Mr. Jansen. I think that it is a good protection for 
Americans and it is also a private commercial enterprise, and 
if I choose not to do that, I do not have to, as opposed to a 
government ID or a government-imposed system where citizens do 
not have that choice.
    Senator Durbin. You are getting way ahead of me here. The 
airports, of course, now are under Federal jurisdiction and the 
standards that are being used at those airports are subject to 
Federal rule, and one of those standards which is ubiquitous is 
the presentation of a photo ID. I think most people would 
understand that that is the entry into the system, and as you 
said, that is not an unreasonable request that you verify that 
you are, in fact, Bradley Jansen with one ``s'' and that you 
are the person who purchased the ticket. So if that standard of 
proof is reasonable, what is wrong with making certain that it 
is accurate?
    Mr. Jansen. There is nothing wrong with making sure that 
that system is accurate, and again, I applaud the Subcommittee 
for addressing these in a much more constructive fora than we 
have debated these in the past.
    Having a photo ID does not necessarily require a specific 
identification card. I have traveled using my passport as well 
as my driver's license. For example, in the situation of the 
terrorists, one of the terrorists used a passport that was 
stolen, and when the initial list of alleged hijackers came 
out, it included the name of someone who had had his passport 
stolen, had reported it stolen, and the State Department itself 
did not keep a record of passports that were stolen.
    Shunting responsibility to the States on this, I think 
would risk absolving the Federal Government for their 
responsibility in maintaining the accuracy and identification 
of the systems for which they should be responsible.
    Senator Durbin. That is a good point, and let me assure you 
that no matter what we say about driver's licenses and State 
IDs or other forms of identification, it is not at the expense 
of the Federal Government meeting its own obligation, whether 
it is through the passports or whatever source of Federal ID is 
    But I want to make it clear that this hearing is about 
State-issued driver's licenses, not a national ID, that the 
States will still have the authority to issue and revoke those 
driver's licenses. There is nothing in legislation we are 
considering that would take that authority away from the 
States. What I am trying to explore here is ways to make 
certain that on a national basis, we have an accurate, reliable 
standard so that if I present an Illinois driver's license and 
Senator Allen presents a Kansas driver's license at Reagan 
National Airport, that they know going in that it is more 
likely that they are accurate. That is all that we are seeking 
to do here and it is not to establish a national ID, which 
brings a whole range of other issues into this discussion.
    Mr. Wern, let me start with you, if I might, in my 
questions. Senator Allen has been a victim of identity theft 
and so have I, about 2 years ago. I was lucky. I did not go 
through what you did, but I got a phone call at my home in 
Springfield, Illinois, one day. My wife was nearby and they 
said, ``Well, Durbin, we finally caught up with you.'' And I 
said, ``What are you talking about?''
    They said, ``Did you think you could get by making charges 
at Home Depot in Denver, Colorado, and not paying thousands of 
dollars that you owe us?'' I said, ``I have never been to a 
Home Depot in Denver, Colorado.'' ``Oh, yes, you have. Is this 
your Social Security number?'' They gave it to me. ``And this 
is your mother's name?'' ``Yes.'' ``Well, you had a Home Depot 
credit card and these charges were made and you have ducked it 
and we have finally caught you here in Springfield.''
    In fact, someone had stolen my identity and it took me, I 
think, about 2 months to finally go through the credit system 
and clear it up. And to their credit, no pun intended, it 
worked, and when it was all said and done, my record was 
    You went through a much longer, more involved, and 
obviously painful process, but ultimately, the person who did 
this was apprehended, is that correct?
    Mr. Wern. Yes.
    Senator Durbin. How did that happen, do you know?
    Mr. Wern. It was soon after he got a DUI from an Ohio State 
patrolman and was able to give my information and basically 
walk scot free from that. I think that the vigilance that they 
took after that event, both the Mansfield Division of the Ohio 
State Patrol and the local Mansfield Police Department, they 
really focused their energies on catching this guy because he 
basically crossed the line.
    That is not to say that other law enforcement was resistant 
to following up on these things. It is just hard to catch 
somebody unless they really do something that bold and visible. 
Most of the time, these things happen over the phone, they 
happen on the Internet, and it is just hard to track a person 
    Senator Durbin. A curious situation, though, that he would 
be pulled over for a traffic offense, not have a driver's 
license, and be able to talk his way out of it.
    Mr. Wern. Yes.
    Senator Durbin. That is what happened?
    Mr. Wern. That is what happened.
    Senator Durbin. Did you have the assistance of any State or 
Federal agencies in this effort to clear up your identity 
    Mr. Wern. Aside from law enforcement, there were two 
investigators working on the case. I contacted the FTC, which 
has jurisdiction over identity theft cases. Now, at least from 
a research perspective, they do gather data. I also contacted 
the Secret Service and the post office, because a lot of what 
he was doing would be considered mail fraud.
    The agencies were responsive, but I ultimately came to the 
decision that this is the kind of problem that I can better 
deal with myself. Their response was, well, send us everything 
you have. You send them everything you have and it is very hard 
from their perspective, sitting in an office far away, to 
really approach it from a granular level and talk to the 
creditors and track the person down.
    And also, there has to be thresholds. There are thousands 
of these cases out there, and at the time when I contacted 
those agencies, it was at the beginning stage and I do not 
think that the numbers were quite high enough nor the incidents 
serious enough. Those agencies have to prioritize their time.
    But I think I probably could have looked to those agencies 
more. I think, in retrospect, I probably could have benefited 
more from their resources, but it became routine. I learned how 
to deal with it and I tackled it, I guess, in my own way.
    Senator Durbin. And as you said, as a lawyer, you know how 
to write a forceful letter.
    Mr. Wern. Yes.
    Senator Durbin. Chief Viverette, have you worked the 
Highway Patrol for the State of Maryland, or at least enforced 
    Chief Viverette. Within my community, yes, sir.
    Senator Durbin. And so when someone is pulled over and 
presents a driver's license, which is the first thing that you 
are asked for, what is normal in terms of verification at the 
site of the stop or the arrest when it comes to that driver's 
    Chief Viverette. Sir, it is normal for us to use that 
document fair on its face unless we have a computer available 
to us where we can check that documentation. It may be that the 
computer is down and we have to believe that what we receive is 
fair on its face and write the citation.
    Senator Durbin. If the computer is working, what can you 
    Chief Viverette. Well, we can learn more about that 
individual and ask additional questions. Sometimes we will ask 
for a registration and we can compare the information. But it 
is not unusual to find tickets in a stolen vehicle where 
someone has provided false information. The car is stolen and 
the tickets are left in the car as the culprit leaves the 
vehicle behind.
    Senator Durbin. But you have a computer system that links 
you to the Maryland State Police, is that how it works?
    Chief Viverette. That is correct, sir. Not all the cars 
have computers, just the fortunate agencies that can afford 
them. You can run them through communications, but sometimes 
air traffic and a busy night precludes that, or the computer 
may be down, or you just get very specific information that the 
person is not suspended.
    Senator Durbin. Ms. Serian, let us talk about the system 
now. Assume that Chief Viverette has pulled someone over and 
gone into the State computer system to get some more 
information to see if that driver's license is valid. Does 
that, for example, if she picks someone's license from the 
State of Pennsylvania, does her Maryland system check with the 
State of Pennsylvania at that point?
    Ms. Serian. Yes. I believe there is a nationwide system 
that can check on the driver's status of records through the 
State police systems. Ideally, in police officers' cars in any 
State, eventually, you should be able to pull up the photo so 
that would tell you then if that really is the person or is 
not. But once again, photos are not even commonplace on all 
licenses and the technology has not--it is not available, I 
guess I should say. It is advanced, but not available 
    So yes, there are communication links that can allow those 
things to happen, and perhaps Mr. Wern's record would have been 
flagged. But in this case, it probably was not. In the case 
when it would be flagged, the local or State police officer 
would know that this is a potential fraud issue here.
    Senator Durbin. But the communication between States is 
critical in the world of interstate commerce.
    Ms. Serian. The communication between States is very 
critical, especially, Senator, between DMVs and driver 
licensing organizations. We right now have a critical 
communication in terms of information for the commercial 
drivers. The Commercial Driver Licensing Information System 
provides not only a status, but also the driving histories that 
can be transferred from State to State.
    That is a very good system, and that is why the AAMVA 
proposal also calls for a system that includes the Drivers 
Record Information Verification System so that driving records 
and the information that surrounds that driver or ID card 
holder can be transferred from State to State. That will, 
indeed, help local law enforcement officials.
    Senator Durbin. Of course, some of the things that we are 
in the process of putting into a piece of legislation include 
trying to make certain that the issuance of the driver's 
license in the first instance is valid, that the person does 
prove their identity going in.
    I was recently interviewed by one of the television 
networks. They sent a reporter to the streets of Los Angeles 
with $150. It took her 2 hours to come up with something that 
looked like a driver's license, and those of us who walk 
through airports know how closely those licenses are examined. 
People look at them quickly and off they go. I think it would 
be easy to counterfeit them under the current circumstances.
    There has been talk here about a smart card, about more 
information and transfer. The idea, I guess, is if you can 
swipe a credit card and in a hurry determine whether or not 
there is any credit to be issued, the same thing could be true 
for driver's licenses in the future, is that correct?
    Ms. Serian. Yes, it is. However, I would say that right 
now, we need to really focus on improving the driver licensing 
document as the product that needs improvement. What States may 
wish to do in the future are taking a driver's license and 
making it other things, including health care benefits, those 
types of things. Many States are researching those 
possibilities right now. But that really needs to be a State-
to-State decision.
    What we have is a system that is broken and a product that 
is not very reliable. So I would really encourage the 
Subcommittee to stay focused on improving the driver's license.
    For example, this is not a valid Pennsylvania driver's 
license. I know it. It is a counterfeit. But it would be very 
difficult, and it is very difficult for the 16,000 police 
organizations throughout the country, or in California, as you 
mentioned, to know if that is a valid license or not. That is 
why minimum standards are an important thing to consider.
    Senator Durbin. Let me ask you this, Mr. Varn, because I 
thought you made some very important philosophical distinctions 
about anonymity and when you surrender it in our society. In 
the National Governors Association, how far along are you in 
discussing this issue?
    Mr. Varn. Not very far along, Senator. I would say the 
governors are at the beginning of discussing this issue. The 
technologists are a little further along. NASCIO has been 
looking at this issue of identity security for some time and 
you will find a number of efforts in different States to 
improve identity security, but I would say the governors just 
started to examine it.
    Senator Durbin. In fairness, we are just starting to work 
on this bill, so I am not being critical of your lack of 
effort, but I think when we look at what has happened in the 7 
months or so since September 11, we now realize this is going 
to be the coin of the realm in America. You are going to have 
to produce a photo ID, and the question is, is it reliable and 
is it accurate?
    Senator Allen, in the State of Kansas, you have gone 
through this experience. What kind of political resistance have 
you run into in terms of making your process a little more 
    Ms. Allen. The issue has been the issue of loss of privacy 
and loss of personal freedom, and I guess it just depends on 
your perspective on the issue, but to me, we are protecting 
privacy and protecting security and it is really those people 
who have something to hide who do not want to verify their 
identity. Those people who do not have anything to hide, I 
think are happy to provide whatever means are necessary to 
prove their identification.
    Senator Durbin. I guess the privacy issue is the most 
important part of this conversation. How far can or should 
government go in asking questions? As Mr. Varn mentioned, when 
you walk in and say, ``I want to drive a car in this State,'' 
you have basically said, ``I am part of your system now. What 
are the standards you use in your system? Do I have to take a 
test, have my photo taken, a thumbprint?'' Whatever it happens 
to be, I have really voluntarily submitted myself to a system 
that has been established in the State.
    I want to make it clear for the record that what we are 
trying to establish here in this legislation are the basic 
minimum standards of identification. Each State can then decide 
where they want to go in terms of additional information, and 
that is something that will be debated in Kansas or Illinois or 
Pennsylvania, as to what other information might be included in 
that card. But when Chief Viverette and her officers with the 
International Association of Chiefs of Police stop someone 
across America, there ought to be some basic standards that 
they can look to and say, we know that this is a valid 
Pennsylvania driver's license and this one is not because there 
are certain elements we are going to look for that are common 
to each and every one of them.
    I might also add, it is interesting, if you would go to the 
City of Chicago on virtually any weekday morning, just south of 
Wacker Drive, you will see hundreds of people standing on the 
sidewalk outside of an office building. They are trying to get 
into the Mexican consulate because the country of Mexico is now 
issuing a card called a matricula and the matricula is a 
national ID card in Mexico, and these Mexicans in the United 
States are anxious to get it because with that card, they can 
get into the financial system in our country. They can open 
bank accounts and do other things.
    The standard of proof for those cards is far beyond any 
driver's license that I have seen in the United States. They 
have to produce original copies and certified copies of birth 
documents, a copy of a driver's license, for example, from 
Mexico, local identification as well. It is a very high 
standard which is being used.
    And it is interesting that we are saying to people from 
other countries in our Nation, you are held to this high 
standard, but yet for those within our Nation, we do not seem 
to establish the same standard of proof in terms of what we can 
    Mr. Goleman, let me ask you about the technology. You have 
talked about that for a second. How expensive is this? Where is 
this going to take us in terms of what it will cost to make 
these cards less easy to counterfeit?
    Mr. Goleman. The card production itself, States probably 
spend today in the neighborhood of about $1 per card to produce 
the current type of driver's license. Actually, Ms. Serian can 
probably tell you more accurately what she pays in 
Pennsylvania. But I would estimate that card production costs 
would probably go up substantially, up into the $2, $3, $4, $5 
range in order to put much higher security features on the 
licenses, or if you go to smart cards or imbed biometric 
technology into the card itself. It is still not a high cost, 
more similar to the costs that Europeans pay for identity 
    Senator Durbin. The range of $1 to $5, you think, is a 
reasonable range for our conversation here in terms of current 
cost versus additional expense to make them more reliable?
    Mr. Goleman. Yes, I do. On a mass production basis, I think 
that the costs would be that.
    Senator Durbin. Senator Allen, did you want to comment on 
    Ms. Allen. Well, I did. In our bill, we originally doubled 
the fees for everything to cover the costs of implementation 
and there was a lot of resistance to that. So what we ended up 
doing was amending the bill and we just raised the photo fee by 
$1, from $2 to $3, and we estimated that that would cover the 
cost of implementing even the biometric piece. So it is really 
not a big increase.
    Senator Durbin. That takes that argument to a different 
    Let me ask you about the other question, about the use of 
databases by the States in issuance of driver's licenses. 
Getting back to the point Mr. Jansen and others have made about 
privacy here, can you tell me what you think the standard 
should be, should there be any national standard, let us say, 
about the use of the database of information beyond law 
enforcement and verification of identification? Ms. Serian.
    Ms. Serian. There absolutely should be, Senator. Motor 
vehicle agencies right now are governed by some of the 
strictest privacy standards anywhere, and that is the Driver 
Privacy Protection Act. We take those very seriously. In fact, 
many States have even more stringent privacy regulations and 
laws than the DPPA requires. We take that very seriously and we 
certainly follow that law.
    I do believe that with any new proposal, we should probably 
consider additional amendments or considerations to change the 
Driver Privacy Protection Act in terms of strengthening it even 
further. Even though we have very stringent privacy laws and 
regulations and we take those very seriously and we treat that 
as a great responsibility, I think there is still a need to 
even consider stronger amendments to the Driver Privacy 
Protection Act.
    For an example, if I may----
    Senator Durbin. Sure.
    Ms. Serian. An example of taking your license right now and 
not using it for verification procedures--this is a real 
Pennsylvania license here--and using it in bars or nightclubs, 
not just for verification of age, or in convenience stores for 
verification to be able to buy tobacco, taking that information 
that is on there and storing it, even though you might give it 
up freely to go into that bar, or even though you might give it 
up freely to go to the convenience store or stay in a hotel, I 
think we need to consider greater uses in terms of more 
stringent requirements so that it can only be used for 
verification purposes and certainly not retaining the data.
    Senator Durbin. Mr. Goleman, you also made a reference to 
Federal standards when it came to commercial driver's licenses. 
What are those standards that currently apply when the States 
issue these commercial driver's licenses, the Federal 
    Mr. Goleman. There are several standards. There are 
standards for the actual tests that the driver has to take. But 
as far as the information system goes, the States issue the 
licenses according to the Federal standards and the States 
maintain that driving record, but once they issue that license, 
they essentially register that driver into the Commercial 
Drivers License Information System, which is merely an index of 
the fact that this driver, Joe Smith, with this date of birth 
and this driver's license number was issued a license in the 
State of Illinois.
    If that driver attempts to get a license in any other 
State, the State is required to check first to see if he is 
already registered in the system, and if he is, then that 
record is pulled back into the new State for combining with his 
existing record.
    So the States retain the data in their own systems. It is a 
very critical aspect of the system, that they retain ownership 
of that data and are responsible for it. Yet there is a 
centralized index that allows them to locate the record 
wherever it is.
    Senator Durbin. Good. Thank you very much.
    I might say that we had a number of witnesses who wanted to 
join us today from a variety of different groups, Mothers 
Against Drunk Driving and others. Each group kind of came to 
this from a little different angle, but they all started with 
the same premise, that the misuse of driver's licenses had 
caused terrible problems, and I think we have heard about quite 
a bit of that today.
    The identity theft question, which involves not just credit 
but traffic offenses and, in fact, reputation of an individual, 
which has to be reconstructed, and fortunately, Mr. Wern, you 
were able to do that because of your own skills.
    Chief Viverette has talked to us about the law enforcement 
side of this. But for a driver's license issued to one of the 
would-be terrorists and used on September 9 to avoid any 
further investigation, people may be alive today who were 
killed on September 11. It is a matter of that sort of gravity.
    We have also heard and probably know from personal 
experience these young people who use these driver's licenses 
for alcohol and tobacco and to hide bad driving records.
    The list goes on and on, and I think it really calls on us 
to try to come up with a reasonable means of cooperating with 
the State issuing agencies so that we can establish meaningful 
standards so that people know that it is a serious process in 
the issuance of State IDs and driver's licenses so that we can 
verify that they are not defeating the system by forum shopping 
in different States for the easiest place to find a driver's 
license, so that we can also find out whether someone has a bad 
driving record in one State and is trying to avoid that 
knowledge in another.
    It is a way to crack down on fake ID mills and to deter 
internal fraud, and I think Chief Viverette made the point, and 
others, as well, we need to stiffen the penalties. We need to 
take this seriously. If we are going to go through what I 
consider to be the acceptable hassle of producing photo IDs, 
let us make certain that they are accurate from the start.
    Thank you all very much for joining us. It was a good panel 
and we will proceed in preparation of this legislation.
    The Subcommittee meeting will stand adjourned.
    [Whereupon, at 11:24 a.m., the Subcommittee was adjourned.]

                            A P P E N D I X

















































































































































































Leave a Reply

Your email address will not be published. Required fields are marked *