In a concerning move for privacy advocates, California has broadened its digital driver’s license/ID initiative, prompting citizens to place sensitive ID details onto their smartphones. Dubbed “mDL” by the California DMV, this mobile driver’s license can be used in contexts like airport security or verifying age for alcohol purchases.
Despite being pitched as a technological advancement, the pilot program, which is now open to 1.5 million participants, has its drawbacks. To obtain this digital ID, users must download the “CA DMV Wallet” app.
Critically, this doesn’t interoperate with native or decentralized wallet systems; instead, Californians are forced to trust their sensitive information to a singular, state-run app. The DMV insists that the app “does not permanently store your personal data,” but it still retains your phone number and an “encrypted photo of your DL/ID card.” One must question the longevity and security of such data retention.
The digital version is only accepted at a few locations.
Earlier this year, California governor Gavin Newsom hinted at this rollout, and recent reports indicated a growing number of participants. However, one can’t help but wonder if the potential privacy risks and data vulnerabilities associated with this move have been thoroughly assessed.