The Obama Administration is reviewing a plan called the National Strategy for Trusted Identities in Cyberspace. This would essentially mean crating Internet IDs for all Americans. An early draft of the plan indicates that the implementation would be handled via the U.S. Commerce Department and not Department of Homeland Security or the National Security Agency. Experts feel this may be in a nod to privacy concerns.
CBS News quoted the White House Cybersecurity Coordinator, Howard Schmidt, "I don't have to get a credential if I don't want to." Schmidt has also said there would not be a centralized database and they are counting on the private sector to lead how this is implemented.
U.S. Commerce Secretary, Gary Locke, was also quoted as saying at the Stanford Institute for Economic Policy Research, "We are not talking about a national ID card. We are not talking about a government-controlled system. What we are talking about is enhancing online security and privacy and reducing and perhaps even eliminating the need to memorize a dozen passwords, through creation and use of more trusted digital identities."
Some potential Pros and Cons based on what we know so far:
1. Child safety experts have long felt that an internet identity system is critical to protecting kids
2. Trusted identities could be used as another layer of authentication before accessing your personal information online, such as your bank account balance
3. There might be a way to create an economical, digital certificate that belongs to you, think of it as a password passport so you can have one digital identity vs. many passwords to access information
1. Large collections of userid/password or other identifying parts of information are targets for cybercriminals
2. Who do you trust to be the agent that holds your internet identity?
3. It is not clear what information is part of your identity or follows your internet identity around. Is it just who you are or what you like to do on the internet?
4. If this is "optional" and led by the private sector as suggested, we may be creating bureaucracy within the Commerce Department that cannot actually manage this or may not be needed
I did an informal poll and asked people what their thoughts were. The responses were surprisingly consistent. Here is a summary:
Overall many had mixed feelings:
1. Many respondents feel there is so much anonymity that it allows cybercreeps and cybercriminals to prey on others, however,
2. Respondents have followed the data privacy breaches that come with centralized ids/passwords both in the private and the public sector and they feel this could create new forms of identity theft.
Bottom line: Not one person answered and said we must have IDs for All Americans without saying in the next sentence they were concerned about privacy, security, and governance.
I would love to know your opinion. Do you see additional pros that I did not mention?
"Obama Wants Internet ID for All Americans", Kevin Parrish, Tom's Guide, January 12, 2011.
"No more passwords? Obama considers Internet ID for Americans in bid to boost web security", David Gardner, Daily Mail Online UK, January 10, 2011.
Read more: http://www.dailymail.co.uk/news/article-1345576/Obama-considers-Internet-ID-Americans-bid-boost-web-security.html#ixzz1B0T2xQyx
"Obama Administration Reportedly Plans to Create Internet ID for All Americans", Fox News, January 8, 2011.