What you need to know about protecting your personal information, and how the new enhanced drivers licence can put you at risk

In an age where we are constantly having to adjust to new technologies that are often touted as “time saving” and “convenient”, such new technologies can also put you at risk for identity theft.

Such is the case with the new, ‘enhanced’ drivers licence that B.C. is currently testing via 521 guinea pigs who willingly signed up for the right to try it out.  A reader emailed a link to a recent story detailing the risks.  The reason for such an enhancement was to accommodate the American border entry requirements, in lieu of having a passport. The licences contain an RFID chip- radio frequency identification technology that uses radio waves to store and retrieve your personal information. A “reading” device picks up the information contained on your card , through those radio-waves, allegedly facilitating a faster entry to the US.

 The information on the licence is encrypted, however security experts now say that they have been able to obtain personal information from individuals who carry passports that contain the same chip. Although Canadian passports have yet to include this chip, many countries overseas use the RFID chip within the document. This opens the possibility that anyone who is able to obtain or create a reader could access your information from a distance via the use of an antennae, and Canadas Privacy Commissioner is concerned about the repercussions.

When this technology was introduced to Japan via their passport system, it was claimed that the radio frequency encryption was unbreakable, however, the story states that it only took two weeks for someone to figure out a way to access the system.

In BC, the licences contain a “security sleeve” that allegedly prevents illegal readers from scanning the card, which is only as good as the hacker who overcomes it. They are also keeping all the information stored on them in Canada, not the US – so they claim.

None of these assurances mean anything in the end. There will always be someone smarter than the person who designed it to break into it, and both the provincial and Canadian governments have outsourced information storage and billing to American companies in the past. The initiative must be taken by the consumer, and each of us as individuals to ensure the right choices are made in securing our personal information. I blogged recently about a contracted Canada Post outlet wanting to scan my identification, and this was followed shortly thereafter with a warning from the privacy commissioner to not let retailers scan your identification, or photocopy it. 

A good majority of us have become far too complacent with our information – and it shows. Identity theft is on the rise, and it can ruin your life. Credit rating trashed, debts owed that we didn’t incur, police reports and endlessly trying to prove who you are for years are the tragic results. We hand out sensitive information all the time without realising it: contest entries, rental applications for cars and apartments, store memberships, etc etc, and most often you don’t question why they need this information or if it is even legal to ask for it. We assume companies will keep our information safe, but this is often not remotely true.

To help you make the right choices, here is an identity theft checklist, to protect your personal information and keep it secure, from the office of the privacy commissioner. As well, pay attention to the following :

  • Always read the fine print on sales agreements. By signing you may also be giving the organization permission to add your name to a marketing list. Check the “no thanks” box, or write and initial a short note on the document saying you don’t want your personal information shared with anyone else.
  • Many retail stores ask for your name, address and telephone number when you make a purchase. If the store cannot give you a satisfactory reason for collecting the information, don’t give it out.
  • Information collected on product warranty cards is very often used for marketing purposes. You are not required to send in a filled warranty card – your receipt is all you need to make a warranty claim.
  • Charities and other fund-raising organizations often share donor lists with one another. If you make a donation and do not want your personal information to be given to any other charities, enclose a note with your payment.
  • If you don’t want your personal information out there, avoid filling out ballots for “free draws” or other promotions. These are surefire ways to get your name, address and telephone number on a junk mail or telemarketing list.
  • Many stores offer “rewards” or “points” programs. Often stores see your participation as consent to share your information without directly asking for your permission. If you want to avoid getting junk mail or other promotional material, either don’t join these programs, or ask the stores not to share your personal information.
  • Look through a copy of any magazines to which you subscribe. Most mention they may give your name and address to other companies for one reason or another. They also offer you the opportunity to opt out of this “service”. Do it!
  • Every time you make a call, dial *67 on your telephone (1167 on old rotary dial phones) to prevent your name and number from being displayed.
  • You may be able to remove your name from many mailing and telephone lists by writing to the Canadian Marketing Association, 1 Concorde Gate, Suite 607, Don Mills, Ontario, M3C 3N6.
  • A full index of fact sheets  from the Privacy Commissioner can be accessed at  http://www.privcom.gc.ca/fs-fi/index_e.asp

    One Comment on “What you need to know about protecting your personal information, and how the new enhanced drivers licence can put you at risk

    1. Thank you for this Laila, as usual you go that much further than your inspiration. I did think about volunteering for the pilot project, but hesitated in the end. Now that I have read this, it seems my hesitation was warrented. I will not get one, although it appears that in the end we will all end up with one of these cips in one location or another.
      So you know if we are entitled to know if our employers were to install one on our ID cards or not?