| | | 'DC One Card' questions could be answered by legislation | | November 03, 2009 |  | | | Staff Writer | | Following a confused debut for the DC One Card, Ward 3 D.C. Council member Mary Cheh is considering legislation to protect privacy and spell out exactly what information can be contained on the high-tech identification card, which eventually will provide access to a variety of city services and facilities.
The new photo identification card, first introduced in April 2008, is supposed to cut costs, add convenience and help city agencies coordinate social services. Once the program is fully implemented, a single piece of plastic will replace library, Metro SmarTrip, school and other local identification cards.
But the introduction to the card for many residents came this summer, when the Wilson Pool in Ward 3 reopened and some swimmers were told — mistakenly — that they could not get in without the new card. The confusion was compounded when some recreation and community centers said they required a One Card but were unable to issue them.
The issue prompted Cheh to convene an oversight session last month of her Committee on Government Operations and the Environment. She said she wanted to focus on the cost and benefits of the card, plans for fuller implementation and — uppermost in the minds of several witnesses — protection of privacy.
"A lot of people are very nervous, when they go to the library or rec center, what information is collected," Cheh said. "We need to have a legal framework before we launch this. We shouldn't freeze everything, but go slow until we have the protections we need."
Cheh said it is "nonsensical" that the Office of the Chief Technology Officer, which developed the One Cards, allows each agency that uses them to rely on its own privacy policy.
But the technology office's interim director, Chris Willey, testified that the program has "strong privacy protections." He said the cards contain only necessary identification data and do not record or store information on usage of facilities or services.
If a Wilson High School student uses the card to swim laps at the Wilson Pool, and then to take out books at the Tenley library, Willey said, "DPR would know she visited the pool, and the library would know what book she borrowed." But that information would not be stored on the One Card, he said, adding that "any data the library collects is no different than in the past."
The One Card, he said, contains only "the minimum amount of data necessary to ensure the unique identity of the cardholder" -- name, address, phone number, gender, photo, date of birth, last four digits of the Social Security number and the city agencies that the cardholder is registered to use.
So far, five agencies use the One Card: the summer youth employment program, public schools, Metro, recreation department and public libraries, with about 70,400 cards issued to date. In the next few weeks, Willey said, city employees will get a special One Card that will give them access to government buildings and, later, a chip for Metrobus and Metrorail.
Willey said the One Card will save the city $500,000 to $600,000 a year in printing, machinery and administrative costs. Before the launch, every agency had to issue its own identification cards, with administrators at many schools spending "substantial time" printing out new and replacement cards, he said.
John Chelen, a Cleveland Park resident who helped the technology office develop the cards, sees dramatic long-term benefits -- for example, helping social workers, probation officers and schools track information about a youngster emerging from the juvenile justice system.
"D.C. is in a unique position to accomplish an interconnection of information that has baffled municipal governments for 40 years" by connecting separate agency databases that have allowed children and troubled adults "to slip through the cracks and suffer," Chelen testified.
But he also argued that "legislation is needed to establish a regulatory framework" for sharing and protecting the information. "Not every service needs to be tracked. Only the minimum data needed to improve services should be shared. When I left OCTO, I did have nightmares that [the One Card] could be abused," he told Cheh.
Other witnesses, all experts on information security, were most concerned about privacy.
"Whenever government constructs a large database, there are privacy concerns," said Steve Block, legislative counsel to the American Civil Liberties Union of the National Capital Area. Block urged Cheh to specify in legislation that only identification data, not usage information, should be stored on the cards. He said there is "no persuasive reason" for including even the last four digits of a social security number.
Cynthia Wong of the Center for Democracy and Technology said the card should not be made mandatory for any service or agency, and she urged for a delay in wider implementation until city officials better address privacy concerns.
Cheh asked Willey if the technology office intends to make usage of the One Card mandatory.
"We have no position on that," he replied. "That's just not our call." | | | | | Log in to comment on this article |
| |
|
