I'm going to guess this one is not true. The 1976 Sunshine Act specifically exempts information where disclosure would constitute a breach of privacy from the FoIA. As in, your fellow citizen's right to privacy outrules your freedom to know things.
Most times you have Personally Identifying Information, government organizations are specifically *not* allowed to just give it out. Freedom of Information is there to let you know what the government is doing, but not anything about your fellow citizens.
Oh, and an added thought just to show that this isn't something to really fear. Imagine that a FoIA request *could* get you the ID numbers for kids. If it could do that, it could get you *any other records*. Like, say, the photo on the ID, which is probably digitally stored. The RFID tag is then not an issue, as bad guys would be able to visually identify the student, and would be unlikely to ever need the RFID at all.
It sounded unlikely to me as well (which is why I used qualifying terms around the story), but I didn't have the details to prove/disprove it. Sounds like there's a law to protect for that
Storing data on cards/RFIDs is another one of those "huh?" technologies. Sure the chip may be able to store data, but as an expert in database/networked applications, why the heck would I store data that SHOULD be on my server (aka the cloud).
Generally, the only thing I want you or your card to carry is a GUID (ex 522F275E-8293-472A-96FE-84141E706970), something machine generated, non-sensical that I can match up to your records to identify you.
In a world where everything important (credit card machines) is hooked up to the network (phone lines or direct via internet), we take your GUID, match it up to your account, and perform the monetary transaction on the data at the bank. Note, I reference GUID instead of credit card number, but it's all the same concept.
There is no need for your card to store your picture, or how much money you have when it's a quick trip to the candy shop to get the actual data when it is needed.
By doing so, a person getting your GUID or credit card number) but not knowing what system it connects to or lacking access to said system will not give them any information about you.
Note: there may be clever security schemes to embed checksum data in the storage space on the card to further validate you or something.
But storing your picture or your name or other demographics on the chip is a BAD design.
