US Government Begins Rollout Of Its 'Driver's License For The Internet'

from the seizing-the-(wrong)-moment dept

An idea the government has been kicking around since 2011 is finally making its debut. Calling this move ill-timed would be the most gracious way of putting it.

A few years back, the White House had a brilliant idea: Why not create a single, secure online ID that Americans could use to verify their identity across multiple websites, starting with local government services. The New York Times described it at the time as a "driver's license for the internet."



Sound convenient? It is. Sound scary? It is.



Next month, a pilot program of the "National Strategy for Trusted Identities in Cyberspace" will begin in government agencies in two US states, to test out whether the pros of a federally verified cyber ID outweigh the cons.

[T]he Electronic Frontier Foundation immediately pointed out the red flags, arguing that the right to anonymous speech in the digital realm is protected under the First Amendment. It called the program "radical," "concerning," and pointed out that the plan "makes scant mention of the unprecedented threat such a scheme would pose to privacy and free speech online."



And the keepers of the identity credentials wouldn't be the government itself, but a third party organization. When the program was introduced in 2011, banks, technology companies or cellphone service providers were suggested for the role, so theoretically Google or Verizon could have access to a comprehensive profile of who you are that's shared with every site you visit, as mandated by the government.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community. Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis. While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

The NSTIC program has been in (slow) motion for nearly three years, but now, at a time when the public's trust in government is at an all time low, the National Institute of Standards and Technology (NIST -- itself still reeling a bit from NSA-related blowback) is testing the program in Michigan and Pennsylvania. The first tests appear to be exclusively aimed at accessing public programs, like government assistance. The government believes this ID system will help reduce fraud and overhead, by eliminating duplicated ID efforts across multiple agencies.But the program isn't strictly limited to government use. The ultimate goal is a replacement of many logins and passwords people maintain to access content and participate in comment threads and forums. This "solution," while somewhat practical, also raises considerable privacy concerns.Beyond the privacy issues (and the hints of government being unduly interested in your online activities), there are the security issues. This collected information would be housed centrally, possibly by corporate third parties. When hackers can find a wealth of information at one location, it presents a very enticing target. The government's track record on protecting confidential information is hardly encouraging.The problem is, ultimately, that this isrolling this out. Unlike corporations, citizens won't be allowed the luxury of opting out. This "internet driver's license" may be the only option the public has to do things like renew actual driver's licenses or file taxes or complete paperwork that keeps them on the right side of federal law. Whether or not you believe the government's assurances that it will keep your data safe from hackers, keep it out of the hands of law enforcement (without a warrant), or simply not look at it just because it's there, matters very little. If the government decides the positives outweigh the negatives, you'll have no choice but to participate.

Filed Under: driver's license, identification, nstic, trusted identity