Driver’s license app on a smartphone raises privacy issues.
Posted by Arun . on 19 December 2014 09:40 AM
A smartphone app that drivers in Iowa will be able to use as an official driver's license could lead to privacy abuses by law enforcement.
In 2015, the Iowa Department of Transportation (DOT) plans to become the first to offer the apps to drivers for free, according to published reports.
"The way things are going, we may be the first in the nation," Iowa DOT Director Paul Trombino was quoted as saying in a report published in The Des Moines Register.
Iowa police will accept the driver's license app during traffic stops and by airport security officers screening travelers, Trombino said.
Thirty states already allow drivers to show proof of insurance via a smartphone app, so allowing them to also identify themselves as licensed drivers on a smartphone is a natural extension.
However, handing police officers or security screeners your smartphone gives them access to a lot more than your license, according to Forrester analyst Heidi Shey.
"The privacy concerns that have been brought up already about this are all worth considering. Putting a driver's license on a smartphone app leaves the door open to privacy violations simply due to device access," Shey said.
For example, if a police officer pulls over a driver for a traffic violation, the officer typically takes the license and registration back to the patrol vehicle to process the information.
While the U.S. Supreme Court ruled in Riley v. California that a warrant must first be obtained prior to searching the contents of a cell phone, that ruling could be thwarted by officers citing "probable cause" or "exigent circumstances."
"Once well-recognized exception [to a warranted search] applies when 'the exigencies of the situation' make the needs of law enforcement so compelling that a warrantless search is objectively reasonable under the Fourth Amendment," the Supreme Court wrote in its decision.
The Electronic Privacy Information Center, a research group in Washington, filed a brief as part of the Riley case before the Supreme Court.
Alan Butler, EPIC's senior counsel in Washington, said while there's "no direct application of Riley" because the Iowa mobile app is being built to act only as an ID, it still raises a host of privacy concerns - not the least of which is all the searchable private information on a smartphone.
Additionally, what if the driver were to get a phone call or text message while the smartphone was in a police officer's possession?
"And, what is the app doing? Is it collecting additional information about me, whether intentionally or unintentionally?" Butler said. "What is my device doing when it's using the app? Is it leaking private information about me without my knowledge?"
There are also practical reasons a smartphone could fail as a means of legal ID, including a dead battery.
Until drivers leave their homes carrying nothing but a smartphone that acts as a wallet, electronic key, debit card, among other things, and that has the appropriate security for that information, "there's no good reason not to keep carrying a plastic driver's license in our wallet," Shey said.
"By that point in the future, maybe there will be a version of the app that can be pulled up on the touch screen on the car's dashboard and securely transmitted to a device that the police officer has, eliminating the need to hand your smartphone over," Shey said.
Read more »