The Coming Online Identity 'Ecosystem'

Lora Bentley

After Sept. 11, 2001, when different government agencies and representatives began floating the idea of a national identification card, privacy advocates were immediately uneasy. And now, nearly a decade later, when word spread that the Obama Administration is working on a system of trusted Internet identities for Americans, the privacy sector is up in arms again.


Earlier this month, Switched reported the "trusted identity" project is part of the broader National Strategy for Trusted Identities in Cyberspace. White House Cyber Security Coordinator Howard Schmidt says the plan is to create an "identity ecosystem." But it won't be a mandatory system, and users will still be able to maintain their anonymity online because there are no plans for a "centralized database of user information."


Schmidt was also quick to point out that the Internet identity credential will not serve as a national ID card. And to further assuage the concerns of privacy advocates, he notes that the program will not be overseen by any of the intelligence agencies. Instead, the Department of Commerce will have that responsibility.


I don't know about you, but those revelations don't do much to alleviate my concerns. First, the fact that there will be no "centralized database" of user information doesn't mean there can't be logs of what users do online and when. So the information may not be centralized, and it may not even be linked to a user's personally identifiable information. But we've seen before that "anonymized" data is not as anonymous as many would like to hope. Remember the AOL fiasco?


Secondly, the fact that Commerce will be administrating the program actually gives me more pause than if law enforcement or intelligence agencies were going to be responsible for it. It seems that cyber security would already be within the purview of those agencies. But Commerce? Unless there's going to come a day when we need to use the Internet identity credential to engage in commerce, that doesn't make much sense. And if we will need the ID credential to buy or sell, how is that not like a national ID card?


I would love to hear from those of you who have more experience in this particular area regarding how such an "identity ecosystem" would actually work. Do you think it's a good idea?

Add Comment      Leave a comment on this blog post
Jan 21, 2011 12:33 PM David Yarbrough David Yarbrough  says:

Talk about a hackers dream come true. I can see the impact now when all our IDs a compromised. This is one of the most dangerous ideas to come out of the brain dead DC world in recent history.


Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.