Stories I’m hearing of Black Friday sales being interrupted by outages at NICS, PICS, and other state POC systems raises the question of whether we could do better. Can we think up systems that work better, overall, than the NICS/POC system? I should note that I absolutely agree that background checks are a feel-good measure, and we’d be better off without them. See Clayton Cramer’s research that shows they are essentially useless. But for the foreseeable future, we’re stuck with them.
I’ve argued previously that I think there are issues with BIDS system, because it offers counter arguments to our opponents when trying to argue with lawmakers that we ought to modernize the system. But I think BIDS is an interesting system that I’m going to use as a basis for one of two ideas about how to make a less intrusive and more reliable system.
Modified BIDS
The chief problem with the BIDS system, as it is explained, is that in order to be able to uniquely identify a person, you generally need a least the person’s name and date of birth. If you have a common name, often that will not be enough, so you might need other data, such as a driver’s license number, or social security number as well. The problem is the more data you distribute, the more opportunity you give to identity thieves. Encryption is no solution, since if the BIDS client can decrypt the database, the key for decrypting it is in that system somewhere, and someone will find it. If everyone who was in the system was an axe murderer, maybe that wouldn’t be too much of a concern. But as we all know, there are plenty of people who end up prohibited for technical and often petty offenses.
The solution is not encryption, but hashing. Hashing allows you to go one way, but not back. If you had the NCIC, for every prohibited person, generate two hashes, one of first name, last name, date of birth, and the other the same plus a DL/ID number, you would effectively eliminate the identity theft problem. You wouldn’t even need to encrypt the data because there would be no way to take the hashes back to personalized data. This would solve the privacy issue with BIDS.
But BIDS, being a distributed system, still has a lot of other potential faults that are hard to counter. Here are arguable points opponents of this will use when trying to persuade lawmakers:
- The government doesn’t know who is buying guns, but they also don’t know when prohibited people are buying guns in order to prosecute them. You and I both know this never happens, but it will likely persuade lawmakers, especially the tough on crime, law and order types.
- There is no means by which to certify the dealer actually ran the check. You could propose a certification program, which would allow certified BIDS apps to give unique verification, but the distributed nature of the system would make this problematic, since you’d also be distributing the means by which to forge certifications.
- The nature of the distributed system creates a lot more potential for false negatives, meaning people passing a check when they shouldn’t. You can do a lot technologically to mitigate this, but much of what you’d need to do would make the system frustrating for dealers. The distributed nature of the system would mean more points of failure. That can’t be argued against.
- Right now all dealers need to run checks is a functioning telephone, copies of ATF Form 4473, and a working pen. With BIDS, they will also need a functioning PC and a reliable and constant connection to the Internet. Also consider that for ever 10 million prohibited persons, you’re talking about a database that is about 2.5 gigabytes. Today this is a lot easier than it was when people thought up the BIDS system, but this would be a problem for rural FFLs.
One possible solution is to maintain the call in system for dealers that have to use it. You could have certified call centers, run by private parties, that process a call in using BIDS data on their end.
Modified Hashing NICS
An alternative to a distributed system like BIDS is to have a the NCIC generate the same hashes, except only distribute them to NICS. In this case NICS public facing interface would accept only hashes, would check those hashes against its database, and would clear or deny a person. If the person is cleared, the system would return back a cryptographically signed response. The FBI would publish API code for running background checks, and certify applications that are permitted to act as a front end for NICS. Basically if you can pass FBI’s unit testing, you can get a certification. All the API code and unit tests would be open source, so you can be sure there isn’t any funny business going on. You could build background checks into any FFL software, or Smart Phone App. You could have certified third parties that run call centers for rural FFLs, and mail them the certificates for people who clear for the dealer’s records.
Because the FBI never sees anything except a hash, they have no idea who’s buying guns, unless the person who is buying matches a hash in the prohibited list. This would preserve the possibility of prosecution for felons who try to buy guns, which would be a key argument our opponents would use against BIDS. While it’s true that a hash doesn’t allow you to go backwards, NCIC could still identify the person who’s data matches the hash.
Here’s how it would work in a sale. I believe it’s important to preserve the ability for an uninitiated person to walk into a gun shop and walk out with a purchase. So dealers can run a background check on a person right there, and print them a check certificate, to be ultimately retained by the seller. Alternatively, you could use a certified app to run your own check and print out a cryptographically signed certificate, which can be presented to and authenticated by the dealer when you go to buy, or can be presented and authenticated by anyone who has access to an certified app by which to authenticate your certificate.
You make the certificate valid for a period, say 30 days, after which it will no longer verify. It’s possible to revoke cryptographic signatures, so if the hash comes into the system, it would be possible to revoke the signature on an outstanding hash do it won’t authenticate when the seller checks it.
The big downside to this system is that the feds have the information to make a hash on everyone if they wanted to. Using a hashing system would raise the bar to keeping tabs on everyone buying guns, but it would not make it impossible. Storing the needed SHA512 hashes for everyone in the US would only be about 75 gigabytes, which is hardly big data by today’s standards. I’ve always thought this was something that could be dealt with by publishing NICS source code, and doing third party auditing of the NICS system to ensure there’s no funny business going on.
Conclusion
There are certainly better systems one can think up than what we have now, and one could imagine hybrids of the two systems I mentioned. The trick would be convincing lawmakers, who don’t understand any of this stuff, that it would work as well, and actually far better than the current system.
You would also need to deal with the state Point of Contact (POC) systems to integrate with the federal system, or do an outright preemption of state laws to eliminate the Point of Contact system entirely. In the new system, POCs would be the certified apps, which any non-governmental party could create. The biggest problem you’re going to have in any technically sophisticated system is that you’re dealing with implementation needing to be done by a government that can’t even get a website working. I also wouldn’t be surprised to find NCIC computers and the software that runs them were essentially silicon fossils. A regularly scheduled rehashing of up to 10 million names in the system might be far more than it can handle. Maybe you can’t bring in a DL/ID number with criminal records. Nonetheless, it wouldn’t be hard for volunteers to come up with an API specification that would allow a system like this to function. Technically, this is not complicated, but conceptually, it might be a bit hard for non-technical people to understand.
Well, as of last night, the Ohio Senate just passed an “Omnibus Bill” regarding the RKBA. And it’s a GOODY! Suppressors for Hunting, expanded Reciprocity, reduced time of CCW Classes, etc. But one of the parts was allowing Buckeyes who have a Valid CHP to by-pass NICS just by showing their Card to the Dealer.
So, if it makes it to the Governor’s Desk w/o too much “Tweaking,” that should reduce the burden on the NICS system a little bit.
Now, if Pennsylvania would only recognize Ohio CHPs, then Ohio WILL recognize PA CHPs, with NO INterference from the Ohio Attorney General Allowed! Cross Your Fingers!
It should be recognized by statute. Ohio doesn’t issue licenses to non-residents, so there’s a good chance Kane will be willing to pull the trigger on recognition.
The bill now allows for nonresident licenses for people who work in Ohio but live out of state.
This is a VERY complex issue. And part of the problem is that there are several viewpoints on what a system should (& should not) do. For discussions here, the fact that the system is ineffective is true. But it is a non-starter. So is there a way to make it better? Define better.
It is important that it be structured to NOT become a gun registry. So if a LEO wants to track down how a gun passed hands to where it was found at a crime scene, we draw a line in the sand. Since there is no way criminals will comply with any laws like this, Don’t require honest folks to do it.
So all the system will do is provide information to a seller on if they should be selling a gun to a specific prospective buyer. Make it available to more than just FFL’s. Then use marketing to encourage honest gun owners to use the system when selling private party. you notice I don’t say “require” them to use the system. Because any requirement to use it, means there needs to be both penalties (if you don’t) and puts burden of proof (if you did use the system) on the seller. And if you can prove someone did or did not use the system, then you are awfully close to having a gun Registry in place.
It seems to me, that if the system makes the initial introduction of a gun into the marketplace, excludes those on a prohibited list; that’s all the anti-gun folks can really expect. After that, we all have to trust gun owners won’t sell to someone who they really shouldn’t.
I mean look at the unintended consequences of I-594 in WA. I live there. In the past, when I sold a gun, I had me and the buyer sign documents where we each state that (buyer) we can legally own guns & that (Seller) the gun is not stolen. I check and document their Drivers License and CPL. So I rely on the background check that was done when they last renewed there CPL. But now (at least for pistols), I’d be more inclined to just check their CPL and create no documentation. If asked by law enforcement, I don’t know where that gun ended up. For me it’s not the issue of paying a fee to an FFL. It’s putting one more gun in the WA DOL database of handguns. For now, I’m just sitting on the sidelines; having sold any guns I anticipated, prior to the December 4th date when I-594 went into effect.
I’m at a loss as to why people think there has to be a background check done at time of purchase.
Let people go to their PD had have a background check run, and receive a certification that they had passed. Call this a FOID, a purchase permit, or whatever. Doesn’t matter, so long as it’s non-discretionary, fast, and cheap.
Require that private sellers see this, or a CCW, before selling a gun to a private party.
My second system would enable people to run their own check. But I still think you need to have dealers be able to run them.
Again, you are thinking about this situation rationally, and as if your opponent is negotiating in good faith. The people who dream up these obstacles are not interested in the RKBA. They are playing the long game.
Most people would be very pleased to have a way to verify a gun buyer’s credentials to ensure that the person they are selling to is good to go. Just look at how Colburn’s proposal was laughed out of the room after Newtown. They could have easily gotten his reform of the system passed (very much a verify the buyer is good to go type of system, accessible to all). Instead they went for broke. I don’t think the Dems will ever accept taking the serial number out of the equation. That should tell you what their true intentions are.
Such a system already largely exists — see block 23 on the ATF Form 4473.
I’ve been putting some thought into this, and I think the Republicans could jiujitsu the “Universal Background Check” issue to their advantage by getting there first, thus putting Democrats on the defensive for not voting for “universal background checks”.
When I think “universal”, I think “available for everyone”, not “required for everyone”. Right now the NICS system is restricted to FFLs, which means I couldn’t take advantage of it if I wanted to. Instead, I rely on seeing a CPL, and in WA state, those are just laminated pieces of cardboard, if you paid to have it laminated.
I’m thinking of a system like the X509 certificate system that is used to create the certificates in web encryption. Here’s how I see the system of trust working:
The FBI, current operator of NICS, has a top level cert/key that is used to sign certs/keys for FFLs. Each FFL has a certificate generated from a unique key as well, and this is signed by the fedgov top level certificate. The FBI certificate has a Certificate Revocation List, which is a list of the serial numbers of the certificates of FFLs which have been revoked. Each FFLs certificate has its own certificate revokation list. (For simplification of administration, all these certs and keys are retained by the FBI on their servers, and we don’t have to teach FFLs how X509 works.)
An aspiring gun owner would go to an FFL, and go through pretty much the same process as filling out a 4473 now. Additional to this would be the recording of the specifics of the form of picture ID the aspiring gun owner wants to use for future purchases, and their mailing address. All of this is called into the NICS system. When the background check clears, NICS returns to the FFL a serial number for the certificate that has been created for the aspiring gun owner, which is signed by the FFL’s certificate. If the aspiring gun owner is buying a gun that day, that serial number is written on the Sale of Firearm paperwork the FFL has to do, but NOT the rest of the buyers details. The serial number uniquely identifies a background check certificate, which does identify the individual. The FFL can charge a nominal fee for this process, perhaps $25.
A few days later, the aspiring gun owner receives in the mail a credit-card sized card that has on the front “NICS certificate”, his name, date of birth, state of residence, beginning and ending validation dates for this certificate (no less than 5 years), and something along the lines of “This certificate only valid when presented along with this further ID” and specifying the critical details of the picture ID originally presented to the FFL. On that back is a QR code that encodes the entire signed certificate such that a smart phone or PC camera with the right software could read it.
This software is rather simple: it read the certificate, checks the CRL of the issuer to see if the serial number of the cert is on the revocation list, then checks the FBI’s master CRL to see if the issuers cert has been revoked. The FBI’s server only knows that its CRL and the CRL of the FFL have been requested. The software also caches the returned results so it has access to the CRLs if it can’t immediately make contact to the servers, but it does indicate to the user if it is using the cached result. If everything lines up mathematically, the software indicates the certificate is valid.
For prohibited people, the FBI does not issue a certificate. For those that become prohibited, the FBI searches through the issued cert database, finds the associated certificate serial numbers, and puts them on the CRL list.
If the FFL is caught doing something squirrely, its cert is revoked, and everyone that was signed by that FFL will find their cert no longer has a chain of trust that works. They’ll have to get a new cert via a different FFL, and the cost will be transferred to the revoked FFL.
In any event, at any time the gun owner wants to buy another gun, they don’t have to go through the full NICS system, but just have their certificate checked by the seller, whether that seller is an FFL or a private citizen. FFLs have to be used only to get a new NICS certificate.
An additional refinement would be to have the user pick a short PIN code so the QR code on the back of the certificate card wouldn’t be readable without it. This would ensure that the certificate could only be used by the appropriate owner.
Individuals that are conducting private sales, in order to assure themselves that they are not transferring a firearm to a prohibited person, can now independently check the NICS certificate card against the FBI’s certificate revocation lists. This would cost nothing, as it is no more expensive than hosting a plain text file on an SSL/TLS protected web server.
With this system in place, the following state or federal gun control measure would have no possible law enforcement purpose within the boundaries protected by the bill of rights and penumbras and would therefore be unconstitutional violations of privacy:
– firearm owner id cards
– registration of ownership of firearms
– waiting periods
– prohibition on the interstate purchase of firearms
– prohibition on the ownership of firearms or firearm accessories “in common use” in the United States, or which have “a reasonable relationship to the functioning of a well regulated militia” (US vs Miller standard).
– delays in delivery of tax stamps for NFA controlled items
– state level requirements to transfer firearms only through an FFL
The only trade-off I would be willing to make is to replace the current NICS system with the Colburn-Style “are you vetted to own” type of background check, as long as serial numbers are out. That way, they can tell if I own (which they already know), but they can’t tell what I own. The problem is that I am pretty sure that the Dems would never agree to it. And what’s to stop them from requiring that serial numbers be added to the check later on? I do not trust them a single bit on this issue. Therefore, I am not willing to make a deal.
That concern is a integral feature of the system I envisioned. The verification step for the certificate involved sending nothing to the government’s servers except a request for the lists of revoked certificate serial numbers. The only time information of going into the system is when the FFL is taking down your details for the initial background check, or when law enforcement looks up any certificates issues for a newly prohibited person so they can put those cert’s serial numbers on the CRLs. The CRLs are just static content hosted on a web server. There would be no technical scheme for submitting firearm serial numbers.
That’s actually an important feature not just for the protection of the identify of the buyer. If you’re serving just static content, no forms or inbound data, the server can be really bulletproof against hacking attempts. Considering how capable the federal government has been to date in implementing web sites… absolute technical simplicity is critical for a successful system. Any system that allows input of arbitrary data from unvetted users is inviting the whole thing to be pwned by little Bobby Tables.
“receives in the mail a credit-card sized card that has on the front “NICS certificateâ€, his name, date of birth, state of residence, beginning and ending validation dates for this certificate (no less than 5 years)”
Such already exists. See box 23 of ATF’s Form 4473.
The use of “hash” instead of transmission of personal information is a good enhancement. Access to the system by non-FFL users is also a requirement for any changes to the system. Straw purchase and thief for guns should be handled like any other similar crime, police seem to be able to handle the case of all the other tools used to commit crime without some registry. If someone steals my gun, I report it stolen and should it show up at a crime scene and the person that has it can not produce proof of ownership, it is returned to me.
I think that we are concerned about the wrong things however. Namely the idea of enforcing crimes about the possession of a gun just does not make much sense.
We need to be concerned about the bad things that people do, not the device that they used to do bad acts. If a person commits murder, the victim is dead, it does not matter if a bullet or a knife or fist was used as the method.
I don’t know why I would waste time making the background check system “better.”
Fundamentally, there are too may non-violent crimes that result in the loss of gun rights. We can make it better by reducing the number of crimes for which you lose you gun rights in the first place.
Once we do that, we can discuss what we should do with potentially violent repeat offenders trying to buy a gun retail.
The Coburn plan is the best I have heard so far.
What I want: I get MY background check performed myself. I am responsible for it.
I can use it for zero, one gun, a dozen guns or whatever with zero, one, two, or a dozen different sellers. The FFL will still have to do his/her ATF paperwork (until/unless someone changes that law separately) and I and the private seller can keep whatever records he and I agree to.
And 60 days after the background check expires, all the records of it disappear; the original background check and every (if any) verification of it evaporate. No permanent government records would exist, nothing that can be used to make a registry would exist in government hands.
“These new shackles are so much more comfortable than the old ones.” Why are we even discussing an infringement on a fundamental constitutional right? Progressives act as if having to show ID to prove that you only voted once is the return of Jim Crow and claim that background checks by private employers should be illegal. Why are we advocating making an enumerated civil right subject to ANY level of government qualification?
Because the Second Amendment, as it stands now, is treated as a second class right by the courts. I want to change that. But it’s going to take some time, and take winning elections.