New Urban Myth: The Internet ID Scare
Let's get this over right away: The Obama Administration is not planning to create a government ID for the Internet. In fact, the Administration is proposing just the opposite: to rely on the private sector to develop identities (note the plural) for online commerce, in system that allows individuals to have multiple identities and to engage in online activity anonymously and pseudonymously.
And let's get this straight too: I have not been criticizing the government's plan. Just the opposite: I have been praising the Administration for promoting improvements in online identity that would address concerns about identity theft, online fraud and cybersecurity without creating a centralized or government-managed system.
Don't believe me? Read the raw transcript of a public event last week at Stanford Univ. where the Secretary of Commerce discussed the Administration's lighthanded approach to online identity and where I said the Administration's proposal satisfied many of the key privacy and civil liberties criteria that I would have for a non-governmental system that preserved anonymity.
If you don't want to plow through the unedited transcript, read the stories of reporters who were in the room last week. Declan McCullagh, no fan of big government, was there and in his story he correctly wrote that the Administration proposal was "likely to please privacy and civil-liberties groups."
Check out the story on Wired by Ryan Singel, a scrupulously independent and objective reporter who frequently reports on government overreaching. Ryan was there too. This is what he wrote: "But rather than propose a big government initiative, Secretary of Commerce Gary Locke and the White House cyber czar Howard Schmidt made clear the feds want the private sector to take the lead." Ryan went on to quote the Commerce Secretary: "'Just to be clear: We’re not talking about a national ID card,' Secretary Locke said in a speech at Stanford University. 'We are not talking about a government-controlled system.'" If anything, Ryan suggests, the Administration's approach might be criticized for deferring too heavily to the private sector entities that are already creating interoperable identities for the Internet.
Despite the facts, there are stories out on the Web today citing me as a critic of the Administration's plan — just the opposite of what I actually believe. According to the transcript, I said:
"[T]he government needs an identity ecosystem or identity infrastructure. It needs it for its own services as well as as part of the solution to the broader Cybersecurity problem as well as, as one of the foundations of eCommerce, but the government cannot create that [identity]– identity infrastructure. Because if it tried to, it wouldn't be trusted."
And here's the good news: The Administration agrees. The Administration is not trying to create the identity infrastructure for the Internet. The Administration plan supports anonymity. The only centralization that was discussed by the Administration was the centralization of identity policy-making in the Department of Commerce. That's good news too, since putting policy for identity in the Commerce Department moves the center of gravity for the issues away from the National Security Agency and the Department of Homeland Security, the other contenders.
I have been skeptical of the federal government on many issues, from PATRIOT Act to FBI proposals for tapping the Internet. But this time, on Internet identities, I have to say that the Administration is on the right path. There are a lot of aspects of the online identity system that require attention, including the question of where are the privacy rules for the private entities already creating identities that operate across platforms. Let's focus on the real issues, not urban myths.
