The California bill (SB 682) that would prohibit use of RFID transponders in any state-issued document, except as noted in the bill, has been held in the Assembly Appropriation Committee and made a two-year bill. The bill cannot be brought up again until January.

According to reports, SB 682 was placed onto the Assembly Appropriations Suspense File, the place that bills with substantive cost are held to be voted on at a later hearing.  The deadline for the Appropriations Committee to pass the bill was August 26.  State Assemblyman Alberto Torrico (Silicon Valley), working with opponents of the bill to hold it in Appropriations, is also working to encourage the Assembly to consider some form of existing Federal legislation.

Previous testimony in opposition included AeA (American Electronics Association), InCom, Atmel and the California Chamber of Commerce.  Testimony in support included the ACLU (American Civil Liberties Union), the parent of a Sutter County school child, the Privacy Rights Clearing House and a number of others.  Also supporting the bill are optical marking technology and proprietary laser card companies that have, or are seeking, applications in the ID card market.

Opponents of the bill met with the Speaker's General Counsel on 23 August to try to resolve the issue.  They indicated that they are in favor of legislation designed to ensure strict privacy and security but are opposed to any bill that takes a broad-brush approach and bans a single technology.

They also pointed out that the provision in the bill to criminalize unauthorized reading (skimming) of contactless RFID cards is redundant.  There are at least six current CA laws prohibiting obtaining personal information without permission.  These would cover the concerns over "skimming" of data from RFID cards.  The group also pointed out that there are current Federal regulations that address security concerns more rigorously than SB 682.

The group pointed to existing Federal legislation (FIPS 201) that details security provisions that must be in place for Federal Employee ID cards using contact and contactless smart cards.  This requires mutual authentication and encryption between the ID card and the reader.

The U.S. Department of Homeland Security in also in discussions with Governor's office to suggest that California adopt regulations along the line of HS Pres Directive 12, the parent document of FIPS 201.

Opponents of the bill admit that there is a growing public distrust of technology and the ability of companies to safeguard data repositories.  The recent rash of security breaches in supposedly-secure databases is fueling much of that distrust.  Although RFID is not the issue in any of these breaches, it suffers from the same negative connotation.

Although the bill is in "suspense," the bill's opponents are asking others to "plan ahead to send in individual letters and coalition letters for next year."