Report: REAL ID Final Rule Enables States To Begin Work On Technologies For Compliance
The final rule for REAL ID compliance provides the necessary guidance for states to begin building systems and linking networks to fulfill the mandates of the 2005 legislation, according to a newly released report by INPUT. While states have until May 11, 2008 to declare intention to comply with REAL ID, INPUT does not expect widespread resistance to derail the new approach.
"Compared to the proposed rule of last March, DHS has made a credible effort to reduce or eliminate Constitutional as well as procedural and technical barriers to REAL ID compliance in many areas of the final rule," said Chris Dixon, manager, state and local industry analysis for INPUT. "The final rule should serve as a starting gun for vendors to begin working with states on compliance. Even if REAL ID were repealed in the next year or so, the concepts and approaches laid out in the final rule would still form the basis for an ongoing, generational overhaul of state driver’s-licensing systems."
With the release of the final rule for the REAL ID Act of 2005, the Department of Homeland Security (DHS) has revised its approach from that of the Notice of Proposed Rulemaking (NPRM) of March 3, 2007. A variety of deadline extensions have been granted at least in part to provide the federal government with additional time to prepare various databases for interface with the states.
The REAL ID "Verification and Data Exchange Architecture" will leverage the American Association of Motor Vehicles Administrators' AAMVAnet as the "hub" for several "federated querying systems."
"Streamlining the source-document review and image-capture process will be essential to reducing the vast delays in processing of an estimated 240 million drivers," said Dixon. "Backend record-keeping and integration of state systems with the various federal and multi-state backbone systems will be the primary IT concerns in the near term. States will need long-term vendor support in implementing FISMA-compliant security around DMV databases and facilities, as well as downstream vital records production and systems -- especially birth certificates."
According to INPUT's analysis, the weakest link in the final rule concerns personal information included on the surface of -- or embedded electronically in -- the REAL ID card. While the final rule is defensible in these areas, controversies in this area are premised more on philosophy about the role of government than the specific technologies of REAL ID. If DHS and REAL ID-complying states do not address this issue head on, REAL ID will remain open to continued vigorous state and individual resistance based on fears of skimming and eventual incorporation of RFID technology into the card.