announced to the Stanford Institute for Economic Policy Research on Friday that President Obama intended to turn over development of a national Internet ID to the Commerce Department.White House Cybersecurity Coordinator Howard Schmidt
Pursuant to the Orwellian-sounding National Strategy for Trusted Identities in Cyberspace, which the administration is currently writing, Commerce will create a program to provide and administer an allegedly voluntary interoperable verified online ID.
An early draft makes the case for such an ID.
"(A) secure cyberspace is critical to the health of our economy and to the security of our Nation. In particular, the Federal Government must address the recent and alarming rise in online fraud, identity theft, and misuse of information online. One key step in reducing online fraud and identity theft is to increase the level of trust associated with identities in cyberspace. While this Strategy recognizes the value of anonymity for many online transactions (e.g., blog postings), for other types of transactions (e.g., online banking or accessing electronic health records) it is important that the parties to that transaction have a high degree of trust that they are interacting with known entities."
According to Commerce Secretary Gary Locke, as reported by CNET:
"We are not talking about a national ID card. We are not talking about a government-controlled system. What we are talking about is enhancing online security and privacy, and reducing and perhaps even eliminating the need to memorize a dozen passwords, through creation and use of more trusted digital identities."
We are talking about a government-controlled system. That is exactly what we are talking about. In fact, the presentation of what few facts exist is vague enough as to be good for nothing but worry.
Here are the few facts on the program that are available.
- The government will enable the creation of verified identities
- The government will create an "Identity Ecosystem"
- Getting a verified identity will be elective
- Verizon, Google, PayPal, Symantec and AT&T support the program
- A user would be able to use one login to sign in to all of their sites
So, a user would have one, "verified" ID, which would be known by the government, and a set of large corporations. Given the periodic outbreak of governmental and corporate shenanigans, we fail to see the benefit of such a system.
Further, the "Identity Ecosystem" sounds strangely like the national intranet the Chinese government has been working on, as an alternative to the Internet as a whole, and more controllable.
"The Identity Ecosystem is the embodiment of the vision. It is an online environment where individuals, organizations, services, and devices can trust each other because authoritative sources establish and authenticate their digital identities."
We write frequently here about Facebook's efforts to become the source of a universal verified online ID system, but a campaign by the US government to do something similar is another matter. It would be niave to assume that either party is motivated by nothing more than convenience on the part of users.