Quantcast

White House Plan for Web Identity Ecosystem a Tough Sell So Far

National Strategy for Trusted Identities in Cyberspace Draws Criticism

Get the WebProNews Newsletter:


[ Business]

Update: Read more on this from our conversation with Google Open Web Advocate and OpenID Board member, Chris Messina. 

Original Article: The White House is working on a "National Strategy for Trusted Identities in Cyberspace" in which it has placed the Commerce Department in charge of an "Identity Ecosystem". In a nutshell, the program is about giving consumers IDs they can use to log in across sites all over the web, which they can rely on as being secure, and not have to worry about remembering countless passwords (and thereby not having to use the same password over and over again on different sites, which is incredibly helpful to cyber criminals). 

Would you rather have a single web ID than use multiple passwords? Comment here.

Of course the announcement of this strategy has already drawn plenty of skepticism, backlash, and general controversy. For example, many are skeptical that government can succeed where technology giants like Microsoft or Google have not. As some have pointed out, the company that’s probably come the closest and has the best chance of accomplishing becoming online users’ universal ID would be Facebook, given not only its enormous amount of users, but its integration into a large portion of the web through Facebook log-in. Add mobile and the rest of the world outside of the U.S. to the mix, and Facebook does have a very widespread and portable reach. Of course not everyone trusts Facebook to be their universal ID, with many very concerned with how the company treats privacy issues. 

Much of the criticism of the White House’s efforts has been over the vagueness of the strategy, and of course many simply don’t want the government involved in this. 

Here is the explanation of the strategy from Howard A. Schmidt, the Cybersecurity Coordinator and Special Assistant to President Obama (from WhiteHouse.gov):

Howard A. Schmidt Talks Identity EcosystemThis holiday season, consumers spent a record $30.81 billion in online retail spending, an increase of 13 percent over the same period the previous year.  This striking growth outshines even the notable 3.3-5.5 percent overall increase in holiday spending this past year.  While clearly a positive sign for our economy, losses from online fraud and identity theft eat away at these gains, not to mention the harm that identity crime causes directly to millions of victims. We have a major problem in cyberspace, because when we are online we do not really know if people, businesses, and organizations are who they say they are. Moreover, we now have to remember dozens of user names and passwords. This multiplicity is so inconvenient that most people re-use their passwords for different accounts, which gives the criminal who compromises their password the "keys to the kingdom."

We need a cyber world that enables people to validate their identities securely, but with minimal disclosure of information when they’re doing sensitive transactions (like banking) – and lets them stay anonymous when they’re not (like blogging). We need a vibrant marketplace that provides people with choices among multiple accredited identity providers – both private and public – and choices among multiple credentials. For example, imagine that a student could get a digital credential from her cell phone provider and another one from her university and use either of them to log-in to her bank, her e-mail, her social networking site, and so on, all without having to remember dozens of passwords. Such a marketplace will ensure that no single credential or centralized database can emerge. In this world, we can cut losses from fraud and identity theft, as well as cut costs for businesses and government by reducing inefficient identification procedures. We can put in-person services online without security trade-offs, thereby providing greater convenience for everyone.  

"We are not talking about a national ID card," U.S. Commerce Secretary Gary Locke is quoted as saying at the event where the plan was announced. "We are not talking about a government-controlled system."

That’s not enough to curb the criticism, however. For example, Pascal-Emmanuel Gobry at Silicon Alley Insider says, "The big security/IT companies with the right Washington connections to get this gig don’t reassure us any more than the government does." Gobry does also suggest that having the Commerce Department, as opposed to the Department of Homeland Security run the program feels a little less "big-brotherish."

As far as I can tell, there’s nothing here indicating that people will be required to use IDs from this program. It will be interesting to see how it is adopted around the web. Will people trust this system more than they trust Facebook? Of course there are other options like OpenID, at least for the sites that support them.

Would you use an ID like the White House is suggesting? Share your thoughts in the comments or discuss with our Facebook fans.

White House Plan for Web Identity Ecosystem a Tough Sell So Far
Top Rated White Papers and Resources
  • http://www.GiftBasketJewels.com Guest

    NO!

    I have a great memory and a rolodex. I don’t need anymore safety features, especially when an ID would jeopardize my privacy. Those ID’s have to be stored somewhere . . . And what customer wants to be tracked to make sure they pay their fair share of taxes?

    Just flat NO!

  • http://forum.smobot.com smobot

    All risk should be put into perspective, pros and cons of risks and solutions weighed simultaneously.

    US GDP = 14.12 trillion.
    Annual losses from ID theft = 50 billion.

    or

    %00.3 GDP.

    While that’s not an insignificant figure, compared with proposed federal budget cuts on the table between 100 to 500 billion, the number is dwarfed.

    What risk might be associated with an individual electing to have a single online identity? Well, what you end up with is a solution that causes another problem. The next generation of identity thieves, certain to emerge, would then have access to your entire online presence and every website you frequent – private and public. In my opinion, this poses greater risk than what is now, for the most part, a well-fragmented system.

    So now the American public has to swallow the spider to catch the fly to catch the identity thief… you end up with progressively smarter criminals, and progressively more invasive social policy.

  • Chris Crum

    Read more on this from our conversation with Google Open Web Advocate and OpenID Board member, Chris Messina. http://www.webpronews.com/topnews/2011/01/14/googles-open-web-advocate-talks-white-house-web-id-plan

  • http://www.easysecured.com Gurudatt Shenoy

    MyCloudKey requires you to register just one number or paraphrase and then use that to generate unique passwords or identities for all the websites without the user having to remember each of them.

    The unique feature of this solution is that the MyCloudKey ID is registered and locked to a device owned by the user such as their cellphone. So no one can use the key even if they know what it is from their device or cellphone.

  • aiki

    As long as the US govt will assume all responsibility for any losses occurring due to security breaches then I’m happy about this. Is that likely to happen? I think not:)

  • http://www.jaywick.net Guest

    Well as a non US citizen, I find the idea that such a system could be in any way secure Laughable.

    With the advent of all things financial being dominated by the use of Social Security Numbers in the US and the amount of fraud that has precipitated I cannot see how yet another costly Government project aimed primarily it seems at tracking individual use of the web would benefit anyone except Government and criminals, not mutually exclusive.

    In the UK we have had much discussion about the introduction of Biometric ID cards which would contain ridiculously large amounts of personal information. It seems to me that the more personal information is centralised, the more at risk it is prone to abuse.
    Lets face it the Security Services in most countries already have pretty much unfettered access to this information if they so choose.
    So I would say a definite NO to such a move, if for no other reason than where the US leads the rest of the world tends to follow.

    • Guest

      From the UK – Do you honestly think that the goverment are doing anything for the people by putting this proposal forward – NO – this is another sure way for the Three banking dynasties to get richer for taxes to be applied – and its another move forward to a Police State and Big Brother to take away any ounce of freedom you THINK you currently have. Until questions like WHY are we at war are really answered – how, what, why and when was it ok to train terrorists to kill our people and pay them off to do it, why did they blow up the twin towers – why did they let bin laden receive hospital treatment or pay his family thousands of dollars – and for us in the UK why do we let known terrorists wander our streets protected, why was the only London Bus on the day of the london bombings the only one to blow up in its non-usual route in tavistock place and why did an innocent electrician get shot in the head, and be accused of wearing thick pucka jackets and carry bags with wires sticking out – tell the truth to these and global warming and who benefits – then the American and UK people may finally realise just how much they are being deluded – democracy no – anyone who agrees with this has got to be one of them.

  • ModernFeudalism

    Don

  • http://www.glenwoodfin.com SEO

    They want to roll it out as a help to you when the purpose is to track everything you do.

    Let the Internet alone.

    • http://sansabalongdrive.info Guest

      Alibama and his band of thugs has no business in what I do on the web. Dam commies are trying to take us over.

  • http://www.oohdale.com Tommy Brown

    This will not help but, rather give the hackers a free run. Anything the government is in I am out of. Leave the internet alone please.

  • Guest

    My brother, their is only one thing left to do.

    Kill the rich and eat them.

    Sounds callous, but they could care less about what happens to you.

    Revolt, Revolt, Revolt, Revolt, Revolt, Revolt, Revolt, Revolt, Revolt.

    Just glad i am old enough that i won’t have to live through the

    New World Order!

  • Elco

    If this ID project goes on, then the government will be able to track every bit of information about you. Every search performed in a web browser, any bought item on ebay, every single transaction on your bank account, and all the info of you emails.

  • Join for Access to Our Exclusive Web Tools
  • Sidebar Top
  • Sidebar Middle
  • Sign Up For The Free Newsletter
  • Sidebar Bottom