On Friday, two disturbing news stories appeared. These stories should make privacy and accountability types shake in their boots.

The first story is about a new bill that is going to be introduced in the Senate. The bill would make it more illegal to disclose the existence of top-secret government programs -- for example, President Bush's illegal, warrantless, poorly-justified wiretapping program. Whoever disclosed this information may have broken the law, but the whistleblower was breaking the law so as to inform the American people about an even bigger incident of someone breaking the law. Only a few Republicans are outraged that someone revealed the existence of a clandestine spying program. The rest of us are more concerned with bigger things -- namely, the existence of a clandestine spying program.

The bill's chief author is Ohio senior senator Mike DeWine. According to The Washington Post, via the Associated Press, which saw a draft of the legislation, the bill is vague in that it makes no distinction between programs that affect national security and programs that don't. Admittedly, I haven't seen the draft legislation, so I'll add as a caveat that the above interpretation is the Associated Press's, not mine.

Next disturbing story: despite the criticisms of security experts, the US Department of State has gone ahead with its plan to include RFID chips in new US passports. The RFID chips will contain all of the information included on the passport's title page, plus a digitized photo of the passport holder. Here's the kicker: there's little or no security in the system. Security experts asked for the smallest concession of a foil-lined cover to prevent the passport from being read clandestinely at a distance (aluminum foil would block the radio signal). Anyone with an RFID reader would be able to stand several feet away and read the information on your passport. Despite your best attempts to be incognito, your passport would identify you as an American ("No, I'm Canadian!") and thus make you a prime target for robbery or kidnapping:

But civil liberties and privacy groups are uneasy about the formation of biometric information databases on US citizens and concerned that identity-theft rings, foreign government agents or even terrorist groups could "skim" information from the RFID chips or "eavesdrop" on the communication between official readers and the microchips.

But as it turns out, the United Nations' group that handles international passport standards wanted the passport to be readable at a distance. Whaaa? Why on Earth would they want the passport to be readable at a distance? That's a huge security problem that will ultimately cause more harm than good, as it would allow the same access to both people who should be able to read passports and people who shouldn't. A foil-lined passport would mean that the passport holder would have to consent to a reading of the RFID chip by opening the passport, meaning it would not be read unless he wanted it to be. A foil-lined passport would also mean that the person reading the passport would have to come into physical contact with the passport holder, ensuring that the passport couldn't be read from several yards away (despite what the US government says, or may say, RFID chips can be read from a considerable distance). We also don't know what kind of encryption scheme is being used in the passports. It could be as simple as cleartext -- meaning that there is no encryption and the data is sent to the RFID reader as it appears on the chip, allowing anyone to intercept the communication and read it.