Editor’s note: I have worked around card technology for many years. I have used the line “the campus is a microcosm for society” more times than I care to admit. It is one of those phrases that can be used to sell a person on something or scare them from it. It has power. It also has inherent truth. Pulling together research for this article I was reminded of this truth as direct parallels kept emerging between the issues and debates occurring at the national level to those that we experience on campus. This article is about CR80 cards, it is about an important national security issue, it is about civil liberties and protecting our individual rights from governmental intrusion, and it is about some important lessons that we can use to improve our own campus card programs.
The debate over a mandatory national identification card is not new. In some countries, such cards have existed for many years. But in the United States and most other democratic nations, it has been avoided and deemed unnecessary. Discussion of national ID cards crops up periodically when conditions are right (or more accurately left) such as in times of international conflict (“control the borders!”), financial crises (“control aide programs!”), or reformation (“control the health care system!”). In the late 1990s, the Clinton Administration’s early efforts in health care reformation included a national health ID card intended to streamline benefits and information processing and reduce fraud. Civil libertarians squashed the plan with an organized mantra against a pending privacy invasion. Today, in the wake of the terrorist attacks on the country, a new move toward a national ID program is occurring once again.
Some argue that we already have a national ID card, citing the social security card or the drivers license. In reality, however, neither fits the current definition of national ID card in that the former need not be carried and presented for any functional purposes and the latter is neither centrally issued nor mandated for every citizen. This sentence highlights three key concepts that form the core of the debate between those in favor of a national ID and those opposed:
- It must be carried and presented for some functional purpose
- It is centrally issued or controlled
- It is mandatory for everyone.
The debate from both sides . .
A supporter might say: “In an effort to truly know the identity of the people attending our colleges, boarding our planes, and crossing our borders, we must first be able to identify our citizens. The federal government should mandate that all citizens carry a card that has been securely issued to them after presentment of valid credentials.
Only then can we begin to sort out thosethat do not have this card and make sure that their motives are sound.”
An opponent might say: “The government already knows too much about us. While a national ID might sound like a vehicle to protect us, it will quickly become a means to further erode our personal privacy. Just as the social security number is now misused as a general, and often required identity number, a national ID would certainly become adopted for all kind of unintended applications. The ability to track our movements, spending patterns, and other private information would be made not only easier, but likely governmentally-justified under the banner of national security.”
It is easy to see why this is a difficult and dividing issue. People on both sides feel passionately that they are correct.
Voluntary Travel Cards
As a potential compromise, the concept of a voluntary ID has received a great deal of attention. The concept is that anyone wishing to prove his identity and be issued a card to expedite authentication at security checkpoints could do so. Those that prefer to utilize current processes at security checks could still do so, though this more manual process would likely take more time. A specific example is the voluntary travel card that would enable its holders to speed through airport check-in processes and security points.
Opponents still find this voluntary card hard to stomach as they fear that the processes for those not carrying the card will be made arduous in an effort to pressure all parties to obtain the card. Additionally, many feel that a negative stigma will arise around those not carrying the card and subtle persecution will develop in time.
In the days following the September 11 attacks, proponents of a national ID received a big boost when two leaders from the technology community, Larry Ellison of Oracle and Scott McNealy of Sun Microsystems, came out in favor of such a program. Their support gave credibility to the cause and garnered widespread media attention. Critics, however, quickly pointed to the fact that the men were CEOs of companies that stand to benefit from such a program. Since then, numerous government agencies, trade associations, and think tanks have released statements, manifestos, and white papers in support or opposition to the issue.
Several of these papers do an exceptional job of detailing the issues (see the CR80News.com resources section for articles and links). For the remainder of this article, we shall focus on the similarities between the national debate and the issues that colleges and universities face when issuing an ID card on campus. The following questions are among those facing parties involved in national ID debate … and they are also facing campus administrators involved in card technology.
Is Big Brother watching?
Opponents of a national ID frequently cite the Orwellian Big Brother when they explain their fear of government invasion of personal privacy. This concept is also common on college campuses when a card program is initiated. At schools across North America, student activists have conducted vocal protests against the campus card. At the University of Toronto, an organized effort resulted in high-level meetings on the topic and threatened to delay implementation. This is not unusual. At the University of Arizona, a faculty member raised such public protest that the issue was raised to the state government level.
As campus administrators, you need to understand that such concerns are real and should not be dismissed lightly. At the national ID level, public support has never been strong enough to outweigh the concerns of opponents. To date, the mandatory card concept has always fallen short in the end. On campus, however, card issuance and usage is mandated all the time. In certain cases, campus opponents have influenced policy decisions regarding the card. I have been involved with cases in which the Social Security Number has been eliminated, the cardholder’s photo has become optional, and a vendor partner’s logo has been removed upon request. While such options may seem inconsequential, small technically-viable compromises can mean the difference between an all-out war and a quiet protest.
Are there valid reasons why someone should be allowed to decline a card?
There are individuals that will wish to abstain from having their picture captured for reasons of a religious nature. We have seen this on campus many times. Whether an individual’s claim is real or concocted is not our determination to make. It is our responsibility simply to determine whether our office will produce an ID without a photograph. If this non-photo card could cause a security breach, the determination may be that such an individual will have to forego a card altogether. This can have other level-of-service ramifications to be considered.
Can a third party ever be trusted to keep confidential data confidential?
It seems that it is really a question of trust. Those who oppose national ID programs do not trust the government’s ability to keep data confidential and to avoid ‘feature creep,’ a situation in which new functions are added on top of those originally intended. People who support a national ID either trust the government to maintain their private information or are willing to risk its dissemination in favor of greater security.
On campus, the same concern is common. Why should a student trust that a campus administrator will protect his data and use it only for the specified purpose? And what is this specified purpose? Will it be provided to third-party marketers? Can the student opt out? Whether the questions are asked directly or not, cardholders are wondering.
At least a handful of campus card programs have had these issues raised and had to look to campus attorneys for answers. The Family Educational Rights and Privacy Act (FERPA) dictates the way in which student data held by an institution can be utilized. The regulation does accommodate the sharing of confidential information with third party companies for specific purposes when that third-party company is contracted to perform a service on behalf of the institution. There are many grey areas in this description, however, such as what purposes can be contracted, opt out provisions, where the line stops between the contracted service and other peripheral services.
What is ‘acceptable’
documentation of identity?
Another key element in the national ID debate is the issue of individual authentication at the point of document issuance. Several of the terrorists involved in the September 11 attacks had valid credentials that had been obtained fraudulently. This helped to focus attention on the often inadequate procedures used by drivers license bureaus when issuing cards. In many states, an individual producing a photo ID will be provided a license or official state ID card. With this license or card, almost any other document can be obtained.
Would it surprise you to know that the photo ID often used to prove identity when requesting a new or duplicate driver’s license is a campus ID card? We need to examine our processes and make certain that valid credentials are required for each new and reissued card–both for the security on our campus and beyond.
What can we learn from this?
Come up with a privacy statement and publish it. Several years ago, this might have raised more concerns than it alleviated. Today, however, students expect privacy statements because of the web.
Be extremely cautious of any transfer of student information to third parties, and seek guidance from your registrar and legal counsel for specific permissions.
If possible, create a process for students to opt out of non-essential components. The mere fact that this option exists will alleviate much of the concern.
Document your requirements for the credentials that must be presented prior to the issuance of a new or replacement card and make certain that all members of your card office staff adhere strictly to these guidelines. As an example, a valid driver’s license or passport along with proof of enrollment (if that is not available via your card production system) or other written justification of why the individual needs a card in cases of outside contractors. There should be no exceptions for friends, faculty, or outside contractors. Everyone must present the required documents.
In summary, the federal government is addressing these issues in a post-911 environment. Campus administrators, long familiar with these issues, now must address the heightened focus and realization that their card issuance has impacts far beyond the campus.