greenpoint design

Feds Consider ID Plan

January 11, 2011 on 11:41 am | In IdBlog, Privacy, Spin | Add a Comment

Last week, Ars Technica reported, officials from the Commerce Department and private security firms met at Stanford to discuss the development of a government administered digital identity ecosystem. “What we are talking about is enhancing online security and privacy and reducing and perhaps even eliminating the need to memorize a dozen passwords, through creation and use of more trusted digital identities,” Commerce Secretary Gary Locke told the attendees. The full text of Mr. Locke’s speech is posted on the Commerce Department’s site.

An interesting feature of the Commerce plan is the use of cellphones as security tokens. Businesses are already doing this. Bank of America, for example, issues a text message containing a security code to a customer’s cellphone as a prerequisite to larger online transactions. The customer has to input the security code to complete the transaction.

Despite what Libertarians and privacy mavens may think, there is a need for online identity verification and government may have a role to play in that process. The government already issues Social Security numbers, drivers licenses and passports, so it’s not unreasonable to look to a government agency to help administer a digital ID. In November, the German government rolled out a new national identity card with an RFID chip in it. The European Union is still wrestling with the concept of an EU identity card.

Like the other cards issued by the federal and state governments in the US, the digital ID would have to be voluntary. One would hope that a national digital identity program would also adhere to the Laws of Identity set out by Microsoft’s Kim Cameron in 2009.

Another promising feature of the plan set out by Commerce Secretary Locke was the establishment of NPEs — Non-Person Entities, such as corporations and service providers. Imagine how much spam would be eliminated if you set your mail system to only accept messages from validated NPEs and individuals.

There is still a lot of work to be done on this plan. There have already been some security flaws found in the German ID card. However, the institution of a safe and reliable identification method will ensure the viability of the net as a place for commerce and communication.