Join 3,514 readers in helping fund MetaFilter (Hide)


outsourcing the country
March 27, 2008 6:47 AM   Subscribe

The Governmental Printing Office prints all United States passports but they decided that it was time to outsource part of the work. They claim it is secure [pdf].
posted by mustcatchmooseandsquirrel (22 comments total) 3 users marked this as a favorite

 
I'm kind of mystified why the American printing firms aren't raising a big stink over this. A multimillion dollar contract just sails out the window to Thailand and these business owners stand idly by?
posted by crapmatic at 7:03 AM on March 27, 2008


I'm kind of mystified why the American printing firms aren't raising a big stink over this. A multimillion dollar contract just sails out the window to Thailand and these business owners stand idly by?

Ever hear of no-bid? I suspect that's what happened. This quote from the article:

...the GPO spokesman, said foreign suppliers were picked because "no domestic company produced those parts" when the e-passport production began a few years ago.

I suspect should actually read: "...no domestic company produced those parts as cheaply as the foreign suppiers."

My daughter has to get a passport for an upcoming youth group trip to Mexico. I was shocked to see the cost had gone up to $100. Now I know why. Profits über alles!
posted by Thorzdad at 7:11 AM on March 27, 2008


I just got a new passport. I was horrified at how shitty the quality of the photo printing is. They still require photograph's to be attached to the application, but instead of laminating the actual photo under plastic to the booklet, now they just inkjet a crappy scan directly to the page of the booklet and it looks awful. Passports used to be such nice "official" documents. They had standards for photography. They were kind of neat. Now they are just more stupid, "cheap" ugly, junk.
posted by JBennett at 7:34 AM on March 27, 2008


I've dealt with the GPO* off and on for the last 25 years in the course my job. It's a prime example of too much unchecked power in a government agency. They try to impose their monopoly on other federal agencies by threatening federal employees with legal action and even jail time for using other sources, or even doing too many copies in their own office. One federal agency I worked for had to resort to having their legal department write a 17 page opinion citing Constitutional separation of powers as to why GPO could not follow through on their threats. President Clinton once had to write an opinion dealing with the definitions of "printing" and "copying" to accompany his signing of a bill into law, which contained verbiage granting more power to the GPO than he thought was appropriate. He didn't want to veto the other things in the law, so appending the opinion letter was the best he could do.

In one position for a federal agency, I contracted out millions of copies of multi-part forms (vital patient info forms used in some government hospitals) for another agency. I had them produced in my city in the west, and trucked 2000 miles to the warehouse in the D.C. area for far less and far faster than GPO could contract it. The agency asked me to help when their GPO order never showed up after many months, and the medical staff was resorting to making photocopies of the needed forms.

Sending stuff overseas is no surprise. Just another bad move by an agency who let their power go to their head. Crapmatic is right. Domestic companies should be raising a big stink, just from a business perspective.

*Nitpick: It's Government Printing Office. No -al necessary.
posted by Fuzzy Skinner at 7:35 AM on March 27, 2008


Fuzzy Skinner probably explains this fuckup, but a fuckup this momumental makes me wonder if it isn't part of a plan by the Administration to come back to Congress explaining that passports are now insecure, and we need some massive database and RFID chips and privacy violations to fix it.

Probably just incompetence and arrogance, but after seven years of this bullshit, everything looks look a power-grab to me.
posted by orthogonality at 7:42 AM on March 27, 2008 [1 favorite]


heh
posted by Grod at 7:44 AM on March 27, 2008


Can we strangle it in a bathtub yet?
posted by dhartung at 7:55 AM on March 27, 2008 [3 favorites]


Oh the sweet, sweet xenophobia in that "Moonie Times" article. The actual gist of the news is: because American subcontractors could not deliver the biometric chips, or because they were too expensive, part of the work for the new passports has gone to foreign companies. Big deal. Other countries do it all the time, contracting out elsewhere (including to the US) the printing of government documents and even currency.

Nothing in the article indicates that those foreign companies aren't properly vetted or less secure than their US competitors. There's one alarming, but completely misleading line about the company doing part of the work in Thailand having been "victimized by Chinese espionage". As one discovers later on, the company in question is Dutch, the work done in Thailand is merely the installation of the RFID antennas, and the alleged victimisation is a case of patent infringement, which does not involve any espionage whatsoever, since patents must, by legal definition, publicly disclose the technology involved.
posted by Skeptic at 8:18 AM on March 27, 2008


BTW, Thorzdad , the GPO's link indicates that it charges the State Department USD 14.80 for each blank passport book. If your daughter was charged over USD 100 for its passport, then there must be some ripping off going on, but not by the GPO or its foreign suppliers...
posted by Skeptic at 8:21 AM on March 27, 2008


I've subcontracted all my printing out to a pencil in my right hand. I suspect it may have been made in Asia. I propose a lawsuit.
posted by blue_beetle at 8:28 AM on March 27, 2008 [1 favorite]


The number of counterfeit US passports are going to go through the roof. How many will get 'lost' in transit? How easy will it be to get one from a forger? What will this do to the validity of legitimate passports?

This doesn't seem like a bright idea, but I'm not sure what we can do about it.
posted by thebigdeadwaltz at 8:43 AM on March 27, 2008


orthogonality said: "a fuckup this momumental makes me wonder if it isn't part of a plan by the Administration to come back to Congress explaining that passports are now insecure, and we need some massive database and RFID chips and privacy violations to fix it."

Done! (The new passports already have the chip in them, and the Western Hemisphere Travel Initiative includes a bunch of new rules that shorten the time that the old passports will be valid -- I assumed it was to hurry the populace onto chipped passports. For example, instead of simply getting an amendment form to attach, when one changes one's name, one now has to get a whole new passport. Feel free to wrap yours in tin foil though, the not-really-kidding suggestion that some have made. Previously on Mefi.)
posted by pineapple at 8:50 AM on March 27, 2008


This doesn't seem like a bright idea, but I'm not sure what we can do about it.

On the whole, Americans don't travel out of their country as much as those from other countries, so it's just not that big of a deal for many people. With a shrinking dollar and increased travel document cost, it's getting too expensive to leave the US, anyway.
posted by Blazecock Pileon at 10:06 AM on March 27, 2008


Or just nuke it for about 10 seconds in the microwave...
posted by stenseng at 10:06 AM on March 27, 2008


JBennett, my passport was produced the same way (with a scanned and poorly reprinted photo) in 1999. (In contrast, the actual photo I provided for my first passport in 1991 is laminated right in.)

At the time, I assumed it was because I expedited it. But who knows.

And, hey, at least neither of them have RFID chips.

RFID chips. Can't eat just one.
posted by gohlkus at 10:07 AM on March 27, 2008


MOONIE RAG
posted by Kraftmatic Adjustable Cheese at 11:11 AM on March 27, 2008


Reading the article may prove useful:
"I am not only troubled that there may be serious security concerns with the new passport production system, but also that GPO officials may have been profiting from producing them,
And indeed
The Government Printing Office's decision to export the work has proved lucrative, allowing the agency to book more than $100 million in recent profits by charging the State Department more money for blank passports than it actually costs to make them, according to interviews with federal officials and documents obtained by The Times.
There you go. Every citizen who request a passport can't ask anybody else , but X agency to do it. It's a legal monopoly , which may be very good sometimes, but surely not when citizen don't complain about $100 passport.

Thorzdad writes "My daughter has to get a passport for an upcoming youth group trip to Mexico. I was shocked to see the cost had gone up to $100. Now I know why. Profits über alles!"

Except for Thorzdad of course, but one out of how many just pay $100? We are so used to pay we don't even question why, only how much relative to how much we have.
posted by elpapacito at 1:12 PM on March 27, 2008


Hey - my first chance to express an informed opinion on Metafilter. As opposed to the usual sort. Its a shame, though, that my "expertise", such as it is, can be easily replaced with the simple heuristic, "if it's from the fucking Moonie Times, it's probably bullshit".

It's been 8 months since I left my previous job, so I'm no longer in the loop, but I probably wrote the software that controls the machines that the GPO will use to personalize the passports (well, the most of the hostside part - there's a lot of embedded stuff in there as well which I didn't do), as well as much of the chip personalization infrastructure (although specific chip perso applications would vary from application to application.)

Yes - the chips aren't manufactured in the US. They're just standard contactless smart card chips (the same sort of thing that are used for a lot of stuff - transit applications mostly - and none of the major US chip manufacturers are in that business (maybe motorola - I can't remember). Even so, the fabs are probably in Asia anyway. Regardless, the chip isn't worth anything until it's perso'ed and activated, which wouldn't take place until long after the book is manufactured. There's nothing particularly "passporty" about that chip when it's in Thailand.

In theory, if there were security problems, someone could steal a blank book. It'd have an official US cover, the right sort of paper and a not-activated chip in it, but turning that into a useful forgery would be very difficult. They wouldn't have the holographic overlay that is applied to the holder page, and the inks would probably be wrong. There's no way anyone could get the keys to activate the chip and there's no way they could generate a valid (electronic) signature for fraudulent holder-page data.

Not that a blank book is completely worthless - we always kept close track of any test books we received and the countries (not the US while I worked there) that gave them to us counted to make sure we gave them back after running our tests - but stealing a blank book is only the beginning of creating a forgery.

Maybe the GPO are assholes, but there's nothing unusual about farming that sort of thing out to a private party. Of the three countries whose passport projects I was involved with, they all had a private company that made the passports (two of them used the same company). They were all in it to make a profit, too.

As for the cost, remember that that $14 is just for a blank book. The personalization process is yet to come. Your passport has to be personalized, any overlays have to be applied, etc. It's a relatively labor intensive process, from what I observed. Certainly, the machines that we sold weren't cheap. $100 might be a rip off, but comparing the $14 book cost with the final price doesn't tell you that any more than the cost of a bolt of cotton tells you how much a shirt should cost. The European passports cost more - although they have nice, laser engraved polycarbonate holder pages, instead of the crappy laser-printed paper books that we have.
posted by bonecrusher at 5:11 PM on March 27, 2008 [1 favorite]


I have no idea why I put "laser printed" in that last sentence. It should be "ink jet printed".

Also, Bruce Schneider is much (much much) smarter than me, so I'm loathe to bring this up, but I never got the paranoia about contactless passport chips. If someone goes through a lot of trouble, they can discover, from a distance, without your knowledge ... your name, and what city you were born in. Big whoop. And the only place where you can be certain that there are enough passports to make such a process worthwhile is an airport - one of the few places with a major, continuous security presence. There's just not that much of interest on your passport chip.
posted by bonecrusher at 5:46 PM on March 27, 2008


The RFID-wank thing always seemed to me to be just another case of Doctorow masturbating furiously into the public eye
posted by blasdelf at 7:29 AM on March 28, 2008


bonecrusher writes "There's no way anyone could get the keys to activate the chip and there's no way they could generate a valid (electronic) signature for fraudulent holder-page data."

All this impossible work is pretty easy if you just want to make a duplicate with, say, a different picture.
posted by Mitheral at 7:10 AM on March 29, 2008


If you have a passport, take it out and look at the holder page. There's a clear overlay with holograms visible (and, most likely, other details visible only under ultraviolet or infrared light). A forger needs to get that overlay, which would be very difficult. And they wouldn't have the keys to activate the chip, so there'd be no info on the chip. (Trial and error won't work - smartcards destroy themselves after N failed authentication attempts. Trust me - it's a major pain in the ass if you write smartcard personalization software). Lastly, the photo is supposed to be on the chip as well, and signed with a key that wouldn't be available to the forger.

Smartcards aren't dumb media - they aren't like floppy disks. You have to ask a smartcard to write data to itself, and if you can't authenticate yourself, it won't do it. And if you try and fail too many times, it destroys itself. (Not dramatically, Mission Impossible style or anything...)
posted by bonecrusher at 2:12 PM on March 29, 2008


« Older Viz Comics have some wonderfully puerile games for...  |  The Invisible Life of Poet... Newer »


This thread has been archived and is closed to new comments