BILL ANALYSIS �Ó
SB 249
Page 1
Date of Hearing: July 14, 2015
ASSEMBLY COMMITTEE ON JUDICIARY
Mark Stone, Chair
SB
249 (Hueso) - As Amended April 30, 2015
As Proposed to be Amended
SENATE VOTE: 36-3
SUBJECT: Vehicles: enhanced driver's license
KEY ISSUE: Should the Department of Motor Vehicles enter into a
memorandum of understanding with the federal government in order
to issue, to drivers who opt to obtain them, an "enhanced
driver's license," which uses "RFID" CHIP Technology to
facilitate movement across the california-mexico border?
SYNOPSIS
This bill would authorize the Department of Motor Vehicles (DMV)
to enter into a Memorandum of Understanding with the federal
government to issue "enhanced driver's licenses" that would
serve as both a driver's license, and a passport to persons who
request them. Pursuant to the federal Western Hemisphere Travel
Initiative (WHTI), persons entering the United States by land or
sea from Canada, Mexico, Bermuda, or the Caribbean must present
�
SB 249
Page 2
a passport, enhanced driver's license, or some other official
document that proves identity or citizenship. Before 9-11, land
travel across borders, especially between the U.S. and Canada,
tended to be somewhat informal. However, more rigorous
enforcement since 9-11 has slowed border crossings and led to
longer wait lines. To reduce congestion, WHTI authorized the
use of enhanced driver's licenses and identification cards, and
the U.S. Customs and Border Protection created "Ready Lanes"
dedicated to travelers with RFID-enabled travel documents.
Under WHTI, and rules promulgated by the Department of Homeland
Security (DHS), states that border Mexico and Canada may enter
into agreements with DHS to allow issuance of enhanced driver's
licenses that meet certain criteria, including the use of radio
frequency identification (RFID) technology. Proponents of this
bill, mostly business groups and local officials from Southern
California and Northern Mexico, argue that this measure will
reduce wait times and facilitate cross-border travel and trade.
Opponents contend that RFID-enabled documents, which allegedly
can be read at distances of up to 30 feet or more, pose a
significant threat to personal privacy and could be
surreptitiously copied to allow unauthorized border crossings.
The author and proponents respond that RFID-enabled licenses
will not contain any personal information beyond a
randomly-assigned number. They also stress the voluntary nature
of the program. The author will take amendments recommended by
opponents in this Committee; however, as noted in the analysis,
two outstanding issues remain, and it is not clear that the
amendments will remove any of the opposition to this bill. Both
the author's office and the opponents have informed the
Committee, however, that they will continue to work on this
issue if the bill moves forward. This bill recently passed out
of the Assembly Transportation Committee by a 15-0 vote.
SUMMARY: Authorizes the Department of Motor Vehicles (DMV) to
enter into a Memorandum of Understanding with a federal agency
to allow DMV to offer an enhanced driver's license, as defined,
to applicants who request it. Specifically, this bill:
�
SB 249
Page 3
1)Makes various legislative findings and declarations regarding
traffic congestion and wait times at points of entry between
California and Mexico and the potentially negative impact of
these wait times on international trade, travel, and commerce.
2)Authorizes the DMV to enter into a Memorandum of Understanding
(MOU) for the purpose of issuing an enhanced driver's license,
instructional permit, provisional license, or identification
card [hereafter EDL] to a person who is at least 16 years of
age, is a resident of California, and is a citizen of the
United States. Requires the applicant to submit sufficient
proof that meets the requirements of the Western Hemisphere
Travel Initiative to establish his or her identity, residency,
and citizenship, and to certify, under penalty of perjury,
that the information submitted is true and correct to the best
of the applicant's knowledge.
3)Prohibits an employer from requiring that an employee obtain
or use an EDL as a condition of employment, or take an adverse
action against an employee for refusing to do so, and provides
a remedy for an employee if the employer violates this
provision.
4)Requires an applicant for an EDL to sign a declaration
acknowledging his or her understanding of radio frequency
identification (RFID) technology.
5)Requires the EDL to include reasonable security measures,
including the use of tamper-resistant features, to protect
against unauthorized duplication or disclosure of personal
information.
�
SB 249
Page 4
6)Requires DMV to provide the applicant with a protective shield
at the time the EDL is issued and inform the applicant either
orally or in writing that the randomly assigned radio
frequency identification number can be read remotely without
the holder's knowledge if the EDL is not enclosed in the
protective shield.
7)Requires the EDL to include both of the following:
a) RFID technology that contains only a randomly assigned
number and that shall not contain any other personal data,
biometric information, or any number other than the
randomly assigned number. Specifies that the randomly
assigned number shall be encrypted if agreed to by the
Department of Homeland Security.
b) A machine-readable zone (MRZ) or barcode that can be
electronically read by the border patrol and contains only
as much information as is required by the Western
Hemisphere Travel Initiative to permit a border crossing.
8)Requires an applicant for an EDL to have his or her photograph
and signature captured or reproduced by DMV at the time of
application or renewal. Prohibits DMV from disclosing the
photograph or signature, or a copy of a digital image of any
required document, except that DMV may make the photograph and
signature available to the United States Customs and Border
Protection data base or as required by the Department of
Homeland Security for purposes of facilitating the purpose of
the Western Hemisphere Travel Initiative.
9)Makes the facial image, signature, and copies or digital
images of any documents required for application exempt from
public records request.
�
SB 249
Page 5
10)Permits DMV to deny an application for an EDL if it is not
satisfied with the genuineness of the applicant's supporting
materials, subject to the applicant's right to appeal the
denial, as specified.
11) Requires an applicant for an EDL to pay a fee, as set by the
DMV but not to exceed $55, and provides that fees shall be
deposited in an account and to be used by DMV to implement the
provisions of this bill.
12)Requires DMV to make an annual report to relevant legislative
committees and requires the report to include information on
the number of enhanced driver's licenses and identification
cards issued, the effect of EDL use on wait times and traffic
congestion at points of entry, and whether or not there have
been any security or privacy breaches related to the use of
the EDL.
EXISTING LAW:
1)Requires DMV, upon proper application, to issue driver's
licenses and identification cards.
2)Authorizes, under the federal Western Hemisphere Travel
Initiative, the use of EDLs to prove identity and citizenship
for purposes of traveling between the United States, Canada,
Mexico, Bermuda, and the Caribbean, so long as the EDL meets
specified requirements, including radio frequency
identification (RFID) that signals a secure government data
base maintained by the United States Customs and Border
Protection. (Public Law 110-53.)
�
SB 249
Page 6
FISCAL EFFECT: As currently in print this bill is keyed fiscal.
COMMENTS: The Western Hemisphere Travel Initiative (WHTI)
represents a joint effort by the Department of Homeland Security
(DHS) and United States Customs and Border Protection (CBP) to
implement provisions of the Intelligence Reform and Terrorism
Prevention Act (IRTPA) of 2004. As of January 1, 2009, WHTI
began requiring U.S. citizens traveling between the U.S. and
Canada, Mexico, Bermuda, and the Caribbean by land or sea to
present a valid U.S. Passport or other WHTI-compliant document.
Among the accepted documents are passports, a U.S. passport
card, Trusted Traveler Program cards (NEXUS, FAST, or SENTRI),
or an enhanced driver's license (EDL). Before 9-11, land travel
across borders, especially between the United States and Canada,
tended to be more informal and less rigorous, with border agents
often accepting a birth certificate or even a person's verbal
affirmation of citizenship. However, more rigorous enforcement
and new requirements under IRTPA slowed border crossings and led
to longer wait lines. In an effort to reduce this congestion,
WHTI authorized the use of EDLs (including state-issued
identification cards), and the CBP created "Ready Lanes"
dedicated to travelers with RFID-enabled travel documents. The
goal of the EDL program is to strengthen border security and
facilitate ease of entry into the United States for U.S.
Citizens, especially those driving across the border on a
regular basis.
Federal law requires that any border state wishing to adopt EDLs
must first sign a Memorandum of Understanding (MOU) with DHS.
So far at least four states - Vermont, New York, Michigan, and
Washington - have enacted authorizing legislation and already
have EDLs in place. New York was the first state to sign an MOU
in 2007.
�
SB 249
Page 7
For the most part, the programs have met with success; for
example, the New York State DMV reports on its website that over
100,000 persons have availed themselves of the new licenses,
especially in upstate New York, near the Canadian border. In
addition to decreasing overall wait times for travelers, EDL
holders often use RFID-enabled "Ready Lanes" created by CBP.
According to these official websites, use of RFID allows border
patrol agents to pull up a person's information and photograph
immediately without having to collect paper documents, inspect
them, and then key in any required information. All of this is
done automatically when the traveler holds the EDL in front of
the RFID reader. The system does not, of course, allow the EDL
holder to simply pass through, as in the case, for example, with
FasTrak; the border patrol agents must still make a visual
identification with the accessed photograph and may also ask
questions or inspect the EDL of the holder.
This bill would permit California citizens traveling across the
California-Mexico border to take advantage of this more
convenient and time-saving process. According to the author,
the idea for this bill grew out of his experience as Chair of
the Select Committee on California-Mexico-Bi-National Affairs,
where he became aware of the significant impact of border wait
times on our state's economy. Indeed, the author provided the
Committee with a 2007 report suggesting that long wait times
slow commerce and discourage personal trips across the
California-Mexico border. The report claims that delays at the
border at the San Ysidro, Otay Mesa, and Tecate points-of-entry
result in the loss of millions of dollars (and even billions) in
lost revenue and tens of thousands of jobs in the San Diego-Baja
region. (San Diego Association of Governments and the
California Department of Transportation, 2007 Update to Economic
Impacts of Wait Times at the San Diego-Baja California Border:
Final Report.) Not surprisingly, many of the supporters of this
bill represent chambers of commerce and local officials who
believe that shorter wait times and more travel across the
border will translate into more trade and tourism. In addition
to these economic benefits, the author also believes that this
�
SB 249
Page 8
bill will allow persons who regularly cross the border to make
use of the RFID-enabled "Ready Lanes."
Under the MOU authorized by this bill, the DMV could only issue
an EDL to a person who requests it and is willing to pay the
designated fee. No one would be forced to obtain a license.
Although many of the details of the program would presumably be
specified in the MOU, the bill nonetheless sets forth a number
of specific requirements that the MOU must contain. For
example, the bill would specify that the RFID technology must
only contain a random number, and not any other personal
information or biometric data; that the EDL would employ
reasonable security measures, including temper-resistant
features; that EDL applicants acknowledge their understanding of
RFID technology; and that applicants would be informed that the
random RFID number could be read remotely, especially if the EDL
is removed from the protective shield or similar
tamper-resistant device. According to the DMV website, in
states that already issue EDLs, these protections appear to be
the standard practice.
The bill also sets forth requirements for applying for an EDL.
In addition to paying a fee not to exceed $55 and submitting
documents proving identity and citizenship, applicants would
also be required to agree to have their photograph and signature
captured by DMV at the time of application or renewal. The bill
specifies that the photograph or signature shall only be
available to CBP and only used for purposes authorized by WHTI.
It exempts the photograph, signature, or other required
documents from required disclosure under the Public Records Act.
Finally, the bill seeks to make the program self-funding.
Proceeds from the application fee will be deposited into the
Enhanced Driver's License and Identification Subaccount, which
DMV will use to implement the program. Finally, the bill
prohibits an employer from taking any adverse action against an
employee who refuses to apply for or use an EDL and provides
remedies for a violation of this prohibition.
�
SB 249
Page 9
Privacy Concerns Surrounding the use of RFID. Much of the
concern relating to EDLs, and especially the DHS rule that they
include RFID technology, has focused on potential threats to
privacy. Despite some technical-sounding terminology, the basic
outline of how RFID and related technologies work is fairly easy
to understand. RFID "tags" or "chips" can be embedded into
objects, including documents, clothing, pets, and even people.
The RFID technology used in EDLs typically consists of a
microchip (that stores a randomly assigned number) and one or
more antennae. Remote "readers" can read this tag, via radio
waves. The reader constantly emits radio signals. As a person
or object with an RFID tag moves near the reader - the distance
varies depending upon the device - the antennae pick up the
signal and transmit the number stored on the RFID tag to the
reader. Most RFID tags, and apparently all of the ones used
thus far for EDLs are "passive," which means that they can only
be activated by the radio signal; others are "active," which
means that they can actively search out readers in the area. In
either case, an authorized reader with access to a secure
database can then transmit this number to the database where it
can be matched to information about the holder. The distinction
between "passive" and "active" tags is important because,
despite some claims to the contrary, EDLs do not "broadcast" any
information, personal or otherwise.
In some ways, RFID technology is a higher-tech version of bar
code and magnetic strip scanning. However, bar code and strip
scanning requires direct contact between the scanner and the
stored information (or at least the magnetic strip or barcode
must be in the direct line of sight of a laser). RFID readers,
on the other hand, can read the information stored on the RFID
tag remotely. Many of these, like the security badges used in
the Legislature, must be held within a few inches of the reader.
Some RFID readers, however, may read tags from distances of 30
feet or more, according to some studies. Experts disagree on
the potential range of RFID readers in the future, but as
�
SB 249
Page 10
technology advances it seems reasonable to assume that those
ranges will increase. However, the fact that RFID tags can be
read at any distance creates the possibility that information
stored on an identification document could be read without the
holder's knowledge or consent.
Information Stored on the RFID Tag. Given that RFID tags can be
read at a distance, and potentially without the holder's
knowledge, the critical privacy concern relates to the kind of
information that is actually stored on the RFID tag and the
usefulness of that information to any unauthorized reader.
According to CBP and agency websites in the four states that
have adopted EDLs, the RFID chip only contains a randomly
assigned number that has no meaning until an authorized reader
transmits it to a secure government data base, where the random
number is then matched to information in the secure data base.
In other words, a person or agency that already has access to
the data base, like the CBP, uses the random number to locate
the information on the cardholder. That information does not
appear on the card, and the random number, therefore, is only
useful to someone who already has access to the database.
Similarly, this bill expressly states that the RFID chip will
contain "only a randomly assigned number" and expressly states
that it "shall not contain any personal data, biometric
information, or number other than the randomly assigned number."
[Emphasis added.]
Even if the RFID tag contains only a random number, however,
privacy concerns do not necessarily stop there. For example,
privacy advocates claim that security measures must address more
than the ability of the reader to access intelligible
information from the tag; they must also address potential
security breaches along the entire transmission process from
tag, to reader, to computer database. Proponents of RFID, on
the other hand, claim that RFID applications are confined to a
closed system of authorized tags, readers, and databases within
that system. Even if outsiders with remote readers obtained
�
SB 249
Page 11
information from an RFID tag, that "information" will only
consist of a random number that is only intelligible to persons
within the system or to those who can access that system. If an
unauthorized person has accessed a secure government database,
then clearly there is bigger problem than the unauthorized
reading of the random number on an RFID tag. That number does
not provide access to a database or make it easier to hack the
data base. Rather, the number will merely allow the border
patrol, or anyone who already has access to the data base, to
pull up stored data to which the number refers. If an
unauthorized person could access the data base, he or she would
not need the random RFID number.
Opponents also contend that the random number can itself become
a piece of personally identifiable information, noting Civil
Code Section 1798.3, which defines "personal information" as
"any information that identifies or describes an individual."
Opponents note, for example, that the social security number was
originally a more or less random number that nonetheless has
become permanently associated with the person to which it was
assigned for the limited purpose of tracking social security
benefits. However, the danger that results from the
unauthorized disclosure of a social security number stems from
the fact that a social security number is used for
identification purposes in a variety of other contexts, such as
obtaining credit, opening a bank account, or applying for a job.
No one could use the random number on the EDL, as one could use
a social security number, to open a line of credit or otherwise
commit identity theft. The comparison between the random RFID
number and a social security number, therefore, is not very
persuasive. Finally, to the extent that there is any danger of
unauthorized reading of the random number, this bill takes
additional precautions. For example, this bill would require
encryption, if agreed to by DHS, and other "reasonable security
measures to protect against unauthorized disclosure of personal
information regarding the person who is the subject of license,
permit, or card." The bill, as proposed to be amended,
clarifies that all EDL applicants must receive a protective
�
SB 249
Page 12
sleeve that prevent unauthorized reading.
According to the websites of the states that have entered into
MOUs with DHS, the licenses appear to adopt standard
tamper-resistant security measures, such as a protective
"sleeve" or "Faraday shield" that covers the EDL and thereby
prevents unauthorized reading of the RFID chip - so long as the
sleeve is in place. Some privacy groups claim that these
shields are not always adequate - in part because they are
apparently not always impenetrable, and in part because there is
no guarantee that people will use them. (For example, banks
often place debit cards in sleeves when they first issue them
and, almost as often, people throw away the sleeve.) However,
this bill, like the authorizing legislation in other states,
requires an applicant to sign a declaration acknowledging his or
her understanding of RFID technology. As recently amended, the
DMV would also be required to inform applicants that the random
RFID number could be read without the holder's knowledge,
especially if the holder does not use a protective sleeve that
must be provided at the time the EDL is issued. If a person
chooses not to use the protective sleeve, that will be the EDL
holder's choice, just as it will be a person's choice to request
an EDL in the first place. However, even if the person removes
or loses the shield, it deserves reiterating that the only thing
the unauthorized reader would obtain would be the random number.
That number is only meaningful to someone who has access to an
existing database containing information about the EDL holder.
RFID and Possible Security Concerns. Opponents also contend
that using RFID technology could pose security as well as
privacy risks. That is, even if an RFID reader cannot access
the secure data base it could potentially copy the random number
and use it to create a counterfeit license. According to the
ACLU of Washington State, studies suggest that such duplication
is possible. However, the bill appears to anticipate this
problem by specifying that security measures shall include the
protective sleeve. In addition, it should be noted that even if
�
SB 249
Page 13
a counterfeit EDL were made with the help of a surreptitious
reader, the border patrol must still visually determine that the
person presenting the EDL matches the photograph that is pulled
up from the secure database. Obviously there is no foolproof
means of preventing a determined person from making counterfeit
EDLs, just as there is no foolproof means of preventing that
person from obtaining counterfeit copies of regular driver's
licenses or passports or any other form of identification.
Proposed Author's Amendments: The author will take the
following amendments in this Committee. In additional to some
non-substantive clarifications, the amendments listed below
address two concerns raised by the ACLU: (1) the language will
expressly provide that the applicant be provided with a
protective shield and be informed of its purpose at the time
that the document is issued (this may be implicit in the bill in
print); (2) specify that all privacy laws and regulations that
apply to standard driver's licenses will also apply to EDLs.
- On page 5, line 18 after "shall" insert: provide a
protective shield at the time the document is issued to the
individual, and
- On page 5, line 22 delete "a" and insert: the
- On page 5, lines 22-23 delete "similar tamper resistant
device"
- On page 5, line 26 after "technology" insert: and the
purpose of the protective shield
- On page 6, line 9 after "license" insert: instructional
permit, provisional license
�
SB 249
Page 14
- On page 7, line 6 after "chapter." insert: All laws
related to the privacy or security of a driver's license,
instruction permit, provisional license, or identification
document or similar document, or regulating the use,
access, or sharing of information, shall apply to enhanced
driver's licenses, instruction permits, provisional
licenses and identification cards.
Remaining Issues. While the amendments above meet some of the
opposition's concerns, the author and opponents, and
particularly the ACLU, continue to work on two other issues.
However, at the time of this writing, it did not appear that
those issues would be resolved in time for this hearing; any
further amendments that the author agrees to will most likely
need to be taken in the Assembly Appropriations Committee, where
this bill will be referred should it pass out of this Committee.
The two remaining issues - encryption and information sharing -
are detailed below.
Encryption Requirement. One of the remaining areas of
disagreement between the opposition and the author concerns the
need to encrypt or otherwise make a randomly assigned number
unintelligible should it be intercepted by an unauthorized
reader. As opponents observe, the federal government allows
states to participate in the EDL program only on a "take it or
leave it" basis. This bill seeks to "require" encryption of the
randomly assigned number on the RFID tag, but only "if agreed to
by the United States Department of Homeland Security."
Opponents would like to make two changes to this provision.
First, the opponents would strike the phrase, "if agreed to by
the United States Department of Homeland Security." In short,
the MOU would demand encryption whether the DHS agrees or not.
The only option for the federal agencies at that point would be
to either accept this condition or not enter into the MOU with
the state at all. Second, opponents would like to revise this
�
SB 249
Page 15
provision so that the EDL number must either be encrypted or it
must "generate a different unique random number each time the
card is read."
At this point, the author is unwilling to take those amendments.
While the federal program apparently does not presently require
encryption - or at least the DMV websites for the other states
that issue EDLs do not list this as one of the security features
- it is unknown whether or not the federal government would
honor the state's demand for encryption or approve an MOU that
contained such a demand. In addition, it is not entirely clear
if the cost of encryption would outweigh the benefits of
encryption. Encryption, after all, simply means that the
sequence of characters is scrambled when sent via technology
that allows unscrambling at the other end by an authorized
recipient. Encryption, therefore, is generally required where a
magnetic stripe or RFID tag contains information other than a
random identification number (e.g. name, address, social
security number, bank account number, etc.) that would be
intelligible and useful if not scrambled. The value of
requiring encryption of an already-random number, relative to
the cost, is not entirely clear. Because the cost, benefit, and
the federal government's willingness to accept an MOU that
requires either encryption or a number that changes with each
use are not certain, the author does not want take this
amendment at this time. However, the author's office has
indicated to the Committee that it is willing to work on this
issue and is attempting to consult with technical staff at DMV
about the feasibility of these options. The author wants to
also ensure that any technological requirements required in the
bill are not so specific that they preclude using more effective
technologies that may become available in the future.
Law Enforcement Access and Sharing of Information. The author
and opponents continue to discuss a second issue: the extent to
which information about the EDL holder may be shared with other
public agencies, especially law enforcement. ACLU has requested
�
SB 249
Page 16
an amendment that would prohibit CBP from accessing or using
information obtained through the EDL for any purpose other than
facilitating border crossings. It would also prohibit CBP from
sharing this information with any other public agency or private
entity for information obtained through the EDL. Again, the
author is not willing to take this amendment without having
additional information. For example, it is not entirely clear
what rules currently limit CBP's ability to use and share the
data that it collects from other sources, such as standard
licenses and passports. Once it is in the database, it is not
entirely clear why information obtained from an EDL would be
treated any differently than information obtained from some any
other sources. As noted above, the author has already accepted
an amendment providing that any privacy laws that apply to
standard driver's license will also apply to EDLs. Of course,
this begs the question of just what privacy laws apply to
standard drivers' licenses. This, too, is one of the unknowns
that the author wishes to explore.
Conclusion: This is the third consecutive session that the
author has brought this proposal, with only minor variations,
before this Committee. Both of the earlier bills - AB 2113
(2012) and SB 397 (2014) - passed unanimously out of this
Committee but were held in the Assembly Appropriations
Committee, notwithstanding the fact that neither of those
earlier bills ever received a single negative floor or committee
vote. The author has taken a number of amendments to meet some
of the privacy concerns raised by opponents, and the author and
opponents have informed the Committee that they will continue to
work on the remaining issues identified in this analysis if the
bill moves forward.
ARGUMENTS IN SUPPORT: According to the California Chamber of
Commerce, the "ports of entry along the California-Mexico border
are among the busiest ports in the world." The Chamber claims
that each year forty-five million vehicle passengers cross the
border at one of six points of entry, and that "the average wait
�
SB 249
Page 17
for travelers at these ports is over an hour." The Chamber
further claims that these delays "result in a loss of eight
million trips each year," and that in San Diego County alone
this translates into an estimated loss of $1.2 billion in
revenues. The Chamber believes that this bill will relieve
border congestion by allowing travelers to use "ready lanes,"
and that it will allow CBP officers to quickly assess
information "and focus on the traveler's vehicle as opposed to
scanning documents - reducing wait time by up to 60%."
The Imperial County Transportation Commission supports this bill
for substantially the same reasons, claiming that border wait
times cause "a devastating loss of nearly $1.5 billion in
revenues, 3.4 million potential working hours, 39, 500 jobs, and
$59 million in wages annually in the San Diego and Imperial
region alone." Several other business groups, both from
Southern California and from Baja California, support this bill
and cite similar statistics for the economic impact on their
respective locales.
ARGUMENTS IN OPPOSITION: In a joint letter, the ACLU, Consumer
Watchdog, the Eagle Forum of California, the Electronic Frontier
Foundation, and the Privacy Rights Clearing House oppose this
bill primarily due to their "profound privacy and security
concerns about the use of insecure Radio Frequency Identity
(RFID) computer chips in EDL identity documents." In addition
to their general concerns that EDLs will compromise the privacy
of the holder's personal information, opponents also point out
that the EDL lacks some of the security measures used in
passports. For example, they claim that in U.S. passports a new
random number is generated each time the RFID is read, whereas
EDLs now in use in other states appear to use a random number
that does not change with each reading. Also, while the data
embedded on the passport is encrypted, this bill only provides
that the number will be encrypted if "agreed to by the United
States Department of Homeland Security." Finally, opponents
claim that while EDLs may be optional now, "optional government
�
SB 249
Page 18
programs often turn into permanent mandatory programs."
The Ella Baker Center for Human Rights and the Legal Services
for Prisoners with Children (LSPC) opposes this bill for many of
the same reasons raised by the ACLU and others; however, the
Baker Center and LSPC also believe that SB 249 will "allow law
enforcement officers to racially profile Californians from a
distance and without their knowledge." The Baker Center
contends that "personal information contained on EDLs will be
accessed by [CBP] through the National Law Enforcement
Telecommunications System (NLETS), which in turn is "accessible
to local law enforcement."
PREVIOUS LEGISLATION: SB 397 (Hueso) of 2014 was substantially
similar to this bill except that it did not contain the
requirement that the applicant be informed, in writing, that
RFID random number could be read remotely and it did not provide
penalty provisions enforcing the prohibition against employers
taking adverse action against an employee who refused to apply
for or use an EDL. That bill passed unanimously off the Senate
Floor and unanimously out of this Committee but was held in the
Assembly Appropriations Committee.
AB 2113 (Hueso) of 2012, was similar to SB 397. That bill
passed unanimously out of this Committee but was held in the
Assembly Appropriations Committee.
REGISTERED SUPPORT / OPPOSITION:
Support
�
SB 249
Page 19
Calexico Chamber of Commerce
California Chamber of Commerce
Casa Familiar
Chula Vista Mayor's Office
City of El Centro
City of San Diego
El Centro Chamber of Commerce
Todd Gloria, San Diego City Council Member
Imperial County Transportation Commission
Otay Mesa Chamber of Commerce
Representative Juan Vargas
San Diego Association of Governments
San Diego Regional Chamber
�
SB 249
Page 20
San Diego-Tijuana Smart Border Coalition
State of Baja, California
Opposition
ACLU
Consumer Watchdog
Eagle Forum
Ella Baker Center for Human Rights
Electronic Frontier Federation
Legal Services for Prisoners with Children
Privacy Rights Clearinghouse
Analysis Prepared by:Thomas Clark / JUD. / (916)
319-2334
�
SB 249
Page 21