White House Rolls Out Plan to Get to Next-Generation Digital Identity
BY Nancy Scola | Friday, April 15 2011
The awaited National Strategy for Trusted Identities in Cyberspace dropped today. Let's get this out of the way at the start: yes, this is the "National Online ID Card" that you might have heard talked about, though as we've discussed in our January interview with the Center for Democracy and Technology's Aaron Brauer-Reike, that really might be the least illuminating way to think about what's being proposed by the Obama administration here.
The idea is that the federal government could be useful in fostering the creation of a standard that allows for the development of a more secure "identity ecosystem." Early Internet developers figured out that if we all used TCP/IP, we could get networks to talk to one another and that might be really awesome. The idea behind the NSTIC is that if we can similarly come up with a way to get identity systems to talk, we might actually end up with an Internet that does a better job at protecting identity. How so? Because you wouldn't, say, have to tell a website your name, rank, and serial number to get the benefits of being verified on aspects of your identity. To pick a simple example, you could prove once to your trusted identify provider that you're over 18 by showing a credit card -- and then any website you wanted to visit that required you to be over 18 (no judgment) would only need to know the results of that yes-no age test, not your Visa number.
For those of us interested in the open government space, trusted identity raises the intriguing possibility of creating threaded online transactions with governments that require the exchange of only the minimum in identifying information. For example, Brauer-Reike sketched out the idea of an urban survey that only required a certification that you lived in the relevant area. The city doesn't need to know who you are or where, exactly, you live. It only needs to know that you fit within the boundaries of the area they're interested in.
The idea of having trusted online identity providers is an intriguing one. Whether it's a good idea should be the subject of this debate. The feds see this as an another step in making the Internet safe for commerce, an attitude that triggered the executive branch's initial interest in the Internet that helped develop it into a global medium. That said, having the White House seal on the plan is a little weird, and the idea of federal branch playing a role in any sort of digital identity system prompts some queasiness in the tummy.
But after all, it's not like identity information isn't already exchanged on the Internet. One question is this is whether we're comfortable with a future where, well, Facebook is the only one saying who's who online or if we want the option of, say, having the Electronic Frontier Foundation be the keepers of our online identity? Odds are, though, that the whole discussion gets bound in by this idea of a "national online ID card" and we end up not exploring what could be.