NNSquad - Network Neutrality Squad
[ NNSquad ] Why the New Federal "Trusted Internet Identity" Proposal is Such a Very Bad Idea
Why the New Federal "Trusted Internet Identity"
Proposal is Such a Very Bad Idea
http://lauren.vortex.com/archive/000726.html
Greetings. Last Friday, in "White House Proposes Vast Federal
Internet Identity Scheme" ( http://bit.ly/dgCI63 [Lauren's Blog] ), I
posted a brief thumbnail expressing my major concerns regarding the
expansive federal Internet Trusted Identity proposal
( http://bit.ly/a98rST [Lauren's Blog] ).
Here are a few details explaining why I'm taking such a negative view
of this plan.
It's important to note that this entire proposal under discussion, at
this stage, is of course nothing but smoke. It has no functional
reality, other than as a (useful) starting point for further
discussion. But when viewed in the context of other
government-related efforts, trends, and statements, it is quite
alarming nonetheless, and it's very difficult to overstate its
potential for serious negative consequences. Though indeed, like the
vision of Christmas Future provided to Ebenezer Scrooge, it's
currently only a shadow of what might be, not of what must or
necessarily will be.
Let's look at one of the "Envision It!" boxes in the plan as posted at
the Department of Homeland Security:
- - -
An individual voluntarily requests a smart identity card from her
home state. The individual chooses to use the card to authenticate
herself for a variety of online services, including:
Credit card purchases,
Online banking,
Accessing electronic health care records,
Securely accessing her personal laptop computer,
Anonymously posting blog entries, and
Logging onto Internet email services using a pseudonym.
- - -
This is, by definition, a government-issued identity card. The plan
appears to envision a user authenticating themselves for the purposes
even of pseudonym-based or "anonymous" activities. We can call such a
posting "anonymous" if we wish -- but if the user has already
authenticated, we're then dependent on the "proper" behavior of all
players to actually treat the following transactions in a truly
anonymous manner.
And anonymous to what extent? Perhaps a blog comment would appear on
the Web anonymously, but when the lawyers show up demanding to know
who posted that critical comment -- something that's happening with
increasing frequency even now -- I'll bet you dollars to donuts that
the initial authentication records will be available through some
means to unmask the poster, or to correlate pseudo-identities that
users may prefer to use for different purposes and "roles" on the Net.
The goals behind such an all-encompassing identity regime seem clear.
While it could indeed provide some improvements over existing
authentication methods in financial transactions and the like, the
cost to civil liberties could be very high indeed, because -- as I
read the plan -- the end result would be a detailed record -- likely
captured by upcoming government proposals for expansive Internet
service data retention requirements -- that could be used to "unwind"
(unmask) anonymity on demand.
As I noted in "Saving Internet Anonymity -- The Struggle is Joined"
( http://bit.ly/92lq4w [Lauren's Blog] ), the increasingly shrill calls
to put every possible Internet transaction into government-accessible
databases has become an ever louder drumbeat.
And I believe we can easily dismiss the term "voluntary" used in the
proposal -- since there's every reason to believe that such
authentication regimes would quickly become effectively mandatory --
due to various pressures and liability concerns that don't take a lot
of imagination to understand. Identity "mission creep" is virtually a
certainty, though the conflicts that this is likely to create in an
international environment like the Internet are certainly interesting
to contemplate.
History, both long past and recent, shows us very clearly that --
human nature being what it is -- governments on the whole can't be
trusted to not abuse data about their citizens' activities. Such
abuse will almost always evolve from what initially appears to be
laudable motives of law enforcement and the public welfare, but could
rapidly degenerate into totalitarian nightmares.
Even if you (appropriately) view our current and recent federal
governments as essentially relatively benign, we've still seen many
instances of unjustifiable and even illegal surveillance and Internet
data abuse -- even in the absence of long-term data retention
requirements of the sort now being contemplated.
And even with the best of intentions, firms who are the custodians of
user data and identity info are at the mercy of the civil legal
system, above-board government demands for data, and -- as we've
seen -- "secret" government data demands as well.
What of future governments, who might not be as benign, but would have
at their fingertips the vast Internet identity infrastructure being
contemplated -- what will they do with that shiny bauble?
I'm all in favor of discussions about how the Internet industry can
improve the security and validity of transactions that need strong
authentication -- such as in the financial sector or when dealing with
medical health records. But the sort of government-entangled identity
structure being proposed by the White House in the current document
is -- perhaps even to a very significant degree unintentionally and with
genuinely good intentions -- a wolf in sheep's clothing with the
potential to decimate civil liberties on and off the Net for
generations to come.
--Lauren--
Lauren Weinstein
lauren@vortex.com
Tel: +1 (818) 225-2800
http://www.pfir.org/lauren
Co-Founder, PFIR
- People For Internet Responsibility - http://www.pfir.org
Co-Founder, NNSquad
- Network Neutrality Squad - http://www.nnsquad.org
Founder, GCTIP - Global Coalition
for Transparent Internet Performance - http://www.gctip.org
Founder, PRIVACY Forum - http://www.vortex.com
Member, ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com
Twitter: https://twitter.com/laurenweinstein