Government To Back Trust Identities For Internet Surfers

by Jennifer Null from Vergent

President Obama is working together with Commerce Secretary Gary Locke in an attempt to create solutions for a more secure internet while also allying consumer’s privacy concerns. To this end, the Obama administration has backed a program called the “National Strategy for Trusted Identities in Cyberspace” which would create identity and privacy solutions designed to shore up internet security issues.

Just what kind of solutions is Locke proposing? He didn’t go into details, but he did say, “We’re not talking about a national identity card or government control, but enhancements that perhaps eliminate the need to remember a dozen passwords.”

The Trusted Identities commission is still preparing the full strategy, but a first draft should be complete in the next few months.

Locke told esecurityplanet.com : “The reality is the Internet faces something of a trust issue and it won’t reach its full potential until users feel more secure. Identity theft and spam are just some of the most commonly known invasions of a user’s privacy and security. People are worried about their personal information going out, and parents are worried about unwanted explicit material coming to their children.”

According to Howard A. Schmidt, who is also a member of the commission, this is a strategy aimed at creating an environment where people and businesses can shop or transact business online with confidence, “trusting the identities of each other and the identities of the infrastructure that the transaction runs on.”

Schmidt contradicts Locke to some extent by saying the initiative will include the creation of a credentials database wherein consumers can voluntarily sign up for a “secure, interoperable, and privacy-enhancing credential” such as a smart identity card or a digital certificate on a cell phone. Consumers can then use that identity to log into various online services, including banking, accessing electronic health records, and sending email.

Proponents of the initiative say it’s a necessary and much needed solution. Detractors, such as Internet lawyer and blogger Mike Young say the initiative is the next step in a chain of events to control the public and suppress free speech. “A government run ‘trusted identity’ program will invade your privacy with all of the inefficiencies and abuse you get from the DMV when applying for a driver’s license,” he writes. Young insists that while the program will ostensibly be run by the Department of Commerce, it’s really a Department of Homeland security project.

On the other hand, Cisco Systems blogger Jim Fenton argues that the proposed program won’t be run anything like the DMV at all. “There is a concern that this will lead to a Government-run identity system with extensive surveillance power,” he writes. “The idea. . . is much the opposite—the user should get to choose an Identity Provider the trust. Although it doesn’t specifically say this, users should have the ability to use more than one, just as they might do business with more than one bank or have more than one credit card or brokerage account. It is true that Identity Providers will be subject to legal process (e.g. subpoenas), but this isn’t really any different from the non-online world.”

But Fenton expresses concerns about language concerning a “Governance Authority.” Nowhere does the initiative define “Governance Authority,” so the identity of such an organization remains unclear.

Sound off:

What do you think? Is this initiative just a grab at more government control—Big Brother waiting to strike? Or is it a needed service that must be provided?

Is it somewhat of an oxymoron to try to boost online privacy by creating a program that would be administered and monitored by the government?

Jennifer Null is the Marketing Director at Vergent Communications, a business internet and phone service provider delivering T1 Service, VoIP, MPLS VPN, and Hosted IP PBX services to businesses nationwide.