California was among the first to include driver's license numbers among personal information. The earliest I can find for my state is 2019. I'd not be surprised if some double standards continue to exist where the DMV itself is selling your personal information.

> "Personal information" means an individual's first name or first initial and last name in combination with any one or more of the following data elements...

> 2. Driver's license number or California Identification Card number.

https://en.wikipedia.org/wiki/California_Senate_Bill_1386_(2...

I don't mean simply that the DMV might sell your information; I mean that given your name and some basic information, I can potentially just generate your valid ID. Millions of drivers license IDs are essentially public. It's always a little weird to me to see people treating them like hazmat. I sort of get why? Hazmat whatever you can? But an Illinois drivers license for a 40-year-old is public.

Imagine if, until relatively recently, a social security number was a truncated MD5 hash of your name and birthday. That's the flavor of the problem here.

Huh, wow, I never thought about how our licenses are encoded. I agree that it is disproportionate relative to the other records.

Perhaps it's making the same mistake as SSNs in that people use public or easily generated information to verify identity in the first place.