The federal government’s watchdog agency, the Government Accountability Office (GAO), just released a report on progress by the states in developing secure driver’s licenses and ID cards. (Summary available here). In the report, the GAO tracked progress achieved by the states and detailed successful examples of fraud prevention, but it also found that loopholes still exist. The states are currently facing a January 2013 deadline for achieving the secure identity documents prescribed by the REAL ID Act of 2005.

The biggest remaining loophole identified in the report is that the states do not have the ability to check birth certificates issued in other states. This allows a person to use a stolen birth certificate from one state to create a false identity in another. The GAO tried this tactic in three states and succeeded in obtaining false driver’s licenses in all three. As a result, the GAO recommended to the Department of Homeland Security (DHS) that it further engage with the states to assist them in developing the cross-state data access (referred to as inter-operability) that was called for in the REAL ID legislation.

It is almost unheard of that an agency disagrees with GAO recommendations. But in this report, the GAO says that DHS rejected the recommendation. “DHS did not concur with these recommendations, saying its ongoing efforts are sufficient.”