One of the interesting threads that runs through the National Broadband Plan
released today is a reliance on secure, trusted authentication for innovative online technologies that isn't widely available to the public. As a result, the NBP calls for certain steps to spur the growth of a marketplace for trusted identity providers that will help consumers manage their data.
Specifically, recommendation 4.15 of the Plan calls out the role of identity providers in providing privacy and security safeguards to consumers and suggests ways that Congress can help these trusted identity providers enter the market. The NBP floats an interesting idea for setting best practices, standards, and appropriately strict guidelines and audits on data protection and privacy for identity providers: a regime for identity providers that provides insurance (and possibly a safe harbor from liability) contingent upon following these best practices for trusted identity providers.
The insurance regime for identity management that is envisioned in the NBP is similar to the role the Federal Deposit Insurance Corporation (FDIC) plays in the banking space. The FDIC acts as a private entity with the backing of the government to protect consumers in the banking industry, providing confidence that the money entrusted with a private bank is insured in case the bank fails. As part of this program, the FDIC creates rules and regulations for participating banks, in order to effectively manage the risk taken in insuring these banks.
Read more »