I can die now that I’ve been a talking head on NPR!
Allow me to rewind for a minute.
On Tuesday, March 15 I had the privilege of appearing on Washington D.C.’s NPR radio station, WAMU, and the Kojo Nnamdi Show on “Cyber Security and Your Internet Identity”. Replay
My mother was excited to hear her son being interviewed, thankful that I seemed lucid, but remains clueless about the National Strategy for Trusted Identity in Cyberspace (NSTIC). A great video explaining NSTIC can be found here.
Mom did relate to the discussion of government as an identity provider because both she and social security numbers have been around for more than 75 years and because systems to identify citizens of the US have been around since the first passport was issued.
But only she could be proud of her son, the Washington DC pundit, when I pointed out the obvious “this internet stuff is different”.
Because we increasingly interact with people in internet settings where we will never meet in person, yet trust them to act according to our expectations. It’s a problem shared by everyone and across public and private sectors since we rely on multiple identities and networked technologies at home and at work.
If data is the “oil” of the internet and knowledge is power in the information age, then trust is the key! Everyone wants and needs to “trust” their email like they do the postal mail.
Trust comes with a repeatability and reliability. Just like when Mom steps on the brakes she “trusts” that it will stop the car or looks in her mailbox and “trusts” the senders.
A basic OpenID technology standard for a “mechanistic” kind of trust for identity systems was the first step. It started with a reliable single sign on function for data/identity systems at a low level of assurance, protection and control.
By adding trust frameworks to OpenID building blocks, we can create solutions that can be used in the US and by citizens worldwide to navigate with the same kind of trust that comes with stepping on the brakes or going to the post office.
The challenges are unprecedented. Many are the result of the lack of a trustworthy mechanism in the online identity technologies we use every day.
We can’t let trust fall further behind the technology. The benefits of identity technology standards are many, but they should be deployed in a framework designed to maximize benefits to all stakeholders.
In the US and in many other jurisdictions there are strong traditions of individualism and concerns about the aggregation of commercial and governmental power. But our best chance at getting things right is to work together when opportunities like NSTIC present themselves… and mom steps on the brakes.