Internet Identity System Said Readied by Obama 25

Internet Identity System Said Readied by Obama Administration
2011-01-07 05:00:01.9 GMT

By James Sterngold

Jan. 7 (Bloomberg) — The Obama administration plans to
announce today plans for an Internet identity system that will
limit fraud and streamline online transactions, leading to a
surge in Web commerce, officials said.

While the White House has spearheaded development of the
framework for secure online identities, the system led by the
U.S. Commerce Department will be voluntary and maintained by
private companies, said the officials, who spoke on condition of
anonymity ahead of the announcement.

A group representing companies including Verizon
Communications Inc., Google Inc., PayPal Inc., Symantec Corp.
and AT&T Inc. has supported the program, called the National
Strategy for Trusted Identities in Cyberspace, or NSTIC.
“This is going to cause a huge shift in consumer use of
the Internet,” said John Clippinger, co-director of the Law Lab
at Harvard’s Berkman Center for Internet and Society in
Cambridge, Massachusetts. “There’s going to be a huge bump and
a huge increase in the amount and kind of data retailers are
going to have.”

Most companies have separate systems for signing on to e-
mail accounts or conducting secure online transactions,
requiring that users memorize multiple passwords and repeat
steps. Under the new program, consumers would sign in just once
and be able to move among other websites, eliminating the
inconvenience that causes consumers to drop many transactions.

Fewer Passwords

For example, once the system is in place, Google would be
able to join a trusted framework that has adopted the rules and
guidelines established by the Commerce Department. From that
point, someone who logged into a Google e-mail account would be
able to conduct other business including banking or shopping
with other members of the group without having to provide
additional information or verification.

Bruce McConnell, a senior counselor for national protection
at the Department of Homeland Security, said NSTIC may lead to a
big reduction in the size of Internet help desks, which spend
much of their time assisting users who have forgotten their
passwords. Because the systems would be more secure, he said, it
may also result in many transactions that are now done on paper,
from pharmaceutical to real estate purchases, to be done online
faster and cheaper.

A draft paper outlining NSTIC was released for comment by
the White House in June.

‘Who Do You Trust?’

“NSTIC could go a long way toward advancing one of the
fundamental challenges of the Internet today, which is — Who do
you trust?” said Don Thibeau, chairman of the Open Identity
Exchange, an industry group based in San Ramon, California,
representing companies that support development of the new

“What is holding back the growth of e-commerce is not
technology, it’s policy. This gives us the rules, the policies
that we need to really move forward.”

The new system will probably hasten the death of
traditional passwords, Clippinger said. Instead, users may rely
on devices such as smartcards with embedded chips, tokens that
generate random codes or biometric devices.

“Passwords will disappear,” said Clippinger. “They’re
buggy whips. The old privacy and security conventions don’t
work. You need a new architecture.”

Secure, Efficient

Development of a more advanced security system began in
August 2004, when President George W. Bush issued a Homeland
Security Presidential Directive that required all federal
employees be given smartcards with multiple uses, such as
gaining access to buildings, signing on to government websites
and insuring that only people with proper clearances would have
access to restricted documents. The system was intended to be
more secure and more efficient.

The Obama administration advanced the process when it
issued its “Cyberspace Policy Review” in 2009. One of the 10
priorities was the security identification system.
The federal government is facilitating what it calls a
“foundational” system in two ways. It is developing the
framework for the identification plan, and it will make a large
number of government agencies, services and products available
through the secure system, from tax returns to reserving
campsites at national parks.

“Innovation is one of the key aspects here,” said Ari
Schwartz, a senior adviser for Internet policy at the Department
of Commerce. “There’s so much that could be done if we could
trust transactions more.”

Schwartz said use of the system, once companies voluntarily
choose to participate, may spur a range of efficiencies and e-
commerce similar to the way ATM machines transformed banking,
opening the way to a growing number of services little by

Privacy Concerns

Civil libertarians have expressed concern that the system
may not protect privacy as well as the government is promising.
“If the concept were implemented in a perfect way it would
be very good,” said Jay Stanley, a senior policy analyst for
privacy and technology at the New York-based American Civil
Liberties Union. “It’s a convenience. But having a single point
of failure may not be good for protecting privacy. The devil’s
really in the details.” He said the ACLU would “vehemently
oppose” anything that resembled a national ID card.

Aaron Brauer-Rieke, a fellow at the Center for Democracy &
Technology in Washington, a civil liberties group, said it was
important that the system would be operated by private
companies, not the government. He said he was concerned about
how the data on consumer online transactions would be used.
“New identity systems will allow moving from one site to
another with less friction and open up data flows, but might
also enable new kinds of targeted advertising,” he said. “We
have to make sure privacy doesn’t get lost in this.”

Schwartz and McConnell said the new system wouldn’t be a
national identity card and that companies, not the government,
would manage the data being passed online.
“There will not be a single data base for this
information,” McConnell said.

For Related News and Information:
Internet shopping stories: TNI INTERNET RET <GO>
Top retail stories: RTOP <GO>
Top government stories: GTOP <GO>

–Editors: Elizabeth Wollman, Joe Winski

To contact the reporter on this story:
James Sterngold in New York at +1-212-617-4946 or

To contact the editor responsible for this story:
David Scheer at +1-212-617-2358 or