The IT Law Wiki
The IT Law Wiki

Citation[]

Government Accountability Office, Driver's License Security: Federal Leadership Needed to Address Remaining Vulnerabilities (GAO-12-893) (Sept. 21, 2012) (full-text).

Overview[]

Obtaining a driver's license under another's identity can enable criminals to commit various crimes. The 9/11 terrorists, for example, possessed fraudulent licenses. The REAL ID Act of 2005 sets minimum standards for states when verifying license applicants' identity, which go into effect in January 2013. If states do not meet these requirements, their licenses will not be accepted for official purposes such as boarding commercial aircraft. The Department of Homeland Security (DHS) is responsible for establishing how states may certify compliance and for determining compliance. The Social Security Administration (SSA) helps states verify SSNs.

The GAO was asked to examine (1) states' identity verification procedures for license applicants, (2) the procedures' effectiveness in addressing fraud, and (3) how federal agencies have helped states enhance procedures. The GAO analyzed DHS and SSA data on states' use of verification systems. The GAO tested state procedures in three states that have known vulnerabilities; results from these states are not generalizable.

The GAO recommends that the DHS work with partners to take interim actions to help states address cross-state and birth certificate fraud. The DHS did not concur with these recommendations, saying its ongoing efforts are sufficient. The GAO demonstrated that vulnerabilities remain as long as national systems are not yet fully operational. Therefore, the GAO continues to believe additional DHS actions are needed.