Michigan, Pennsylvania First For "Driver's License for the Internet" Plan

By

On the surface, the idea of having one centralized mechanism to verify a user could have some very positive aspects. There are certainly enough potential applications for such a technology that looking more closely at its use, institution and operation is a valid plan. But a closer look at a new idea from the  White House, the National Strategy for Trusted Identities in Cyberspace (NSTIC), shows that there are some very unsettling points indeed when it comes to putting the so-called “driver's license for the Internet” into play.

The idea started up back in 2011, by some reports, and began with one simple premise: to create a simple, easy-to-use basic identifier mechanism that incontrovertibly established a user's identity with several different websites, much in the same way a driver's license establishes identity at voting precincts, at a rental car business, at a liquor store, or anywhere else identity might need to be established. Now, nearly three years later, a pilot program version of this concept will be brought into play with the various government agencies in two states, the NSTIC.

The tests in question are set to start in Michigan and Pennsylvania, and seem to be aimed at getting access to government assistance programs and similar matter. With this central ID system, it's said that accessing such programs will not only be easier for the users, but also will cut down on fraud and overhead costs thanks to the removal of duplicate ID efforts across the variety of government institutions that need to identify users.

Sounds good on the surface; indeed, with all the concerns over identity theft and credit card hacking and the like, made manifest from the recent Christmas shopping season incident with Target, it might well be time to consider further the issue of log-in security just as much as password or biometric security. But the NSTIC's use as an identifier has many concerned. The NSTIC might well prove useful as a means to log into other websites, like Amazon or Netflix. This sounds like a feature as opposed to a glitch, but the further consideration of such a concept reveals one fatal flaw: NSTIC may well ultimately be used as a universal log-in mechanism for not just Amazon and Netflix, but also to various comment forums and the like. That in turn could mean that everything said under that particular NSTIC holder's account—from “I really like that movie” to “I disagree with our government”, with the particulars to be supplied as needed—could be traced back to one user.

That could have a chilling effect on free speech, a point which isn't lost on the Electronic Frontier Foundation, who raised concerns about just such a use for the NSTIC, calling it “radical” and “concerning,” amplified by noting that the NSTIC plan “...makes scant mention of the unprecedented threat such a scheme would pose to privacy and free speech online.” Plus, there's the issue of consolidating all that information in one place; such a repository of useful information would not only be prime hunting ground for hackers, but corporations would pay fortunes for access to such data.

NSTIC is an idea that has good intentions on the surface, but may ultimately be brought down by its sheer ambition. There's a lot of room for good and for value in this concept, but for it to succeed, it needs to be considerably restrained, perhaps sufficiently so that in the end it doesn't do much more good than a secure password.




Edited by Maurice Nagle

Contributing TechZone360 Writer

SHARE THIS ARTICLE
Related Articles

Coding and Invention Made Fun

By: Special Guest    10/12/2018

SAM is a series of kits that integrates hardware and software with the Internet. Combining wireless building blocks composed of sensors and actors con…

Read More

Facebook Marketplace Now Leverages AI

By: Paula Bernier    10/3/2018

Artificial intelligence is changing the way businesses interact with customers. Facebook's announcement this week is just another example of how this …

Read More

Oct. 17 Webinar to Address Apache Spark Benefits, Tools

By: Paula Bernier    10/2/2018

In the upcoming webinar "Apache Spark: The New Enterprise Backbone for ETL, Batch and Real-time Streaming," industry experts will offer details on clo…

Read More

It's Black and White: Cybercriminals Are Spending 10x More Than Enterprises to Control, Disrupt and Steal

By: Cynthia S. Artin    9/26/2018

In a stunning new report by Carbon Black, "Hacking, Escalating Attacks and The Role of Threat Hunting" the company revealed that 92% of UK companies s…

Read More

6 Challenges of 5G, and the 9 Pillars of Assurance Strategy

By: Special Guest    9/17/2018

To make 5G possible, everything will change. The 5G network will involve new antennas and chipsets, new architectures, new KPIs, new vendors, cloud di…

Read More