An Internet ID for Americans

Saturday, January 22, 2011

Theresa Payton


The Obama Administration is reviewing a plan called the National Strategy for Trusted Identities in Cyberspace.  This would essentially mean crating Internet IDs for all Americans. 

An early draft of the plan indicates that the implementation would be handled via the U.S. Commerce Department and not Department of Homeland Security or the National Security Agency.  Experts feel this may be in a nod to privacy concerns.

CBS News quoted the White House Cybersecurity Coordinator, Howard Schmidt, "I don't have to get a credential if I don't want to."  Schmidt has also said there would not be a centralized database and they are counting on the private sector to lead how this is implemented.

U.S. Commerce Secretary, Gary Locke, was also quoted as saying at the Stanford Institute for Economic Policy Research, "We are not talking about a national ID card. We are not talking about a government-controlled system.

What we are talking about is enhancing online security and privacy and reducing and perhaps even eliminating the need to memorize a dozen passwords, through creation and use of more trusted digital identities."

Some potential Pros and Cons based on what we know so far:


1.  Child  safety experts have long felt that an internet identity system is critical to protecting kids

2.  Trusted identities could be used as another layer of authentication before accessing your personal information online, such as your bank account balance

3.  There might be a way to create an economical, digital certificate that belongs to you, think of it as a password passport so you can have one digital identity vs. many passwords to access information


1.  Large collections of userid/password or other identifying parts of information are targets for cybercriminals

2.  Who do you trust to be the agent that holds your internet identity?

3.  It is not clear what information is part of your identity or follows your internet identity around.  Is it just who you are or what you like to do on the internet?

4.   If this is "optional" and led by the private sector as suggested, we may be creating bureaucracy within the Commerce Department that cannot actually manage this or may not be needed

I did an informal poll and asked people what their thoughts were.  The responses were surprisingly consistent.   Here is a summary:

Overall many had mixed feelings:

1.  Many respondents feel there is so much anonymity that it allows cybercreeps and cybercriminals to prey on others, however,

2.  Respondents have followed the data privacy breaches that come with centralized ids/passwords both in the private and the public sector and they feel this could create new forms of identity theft.

Bottom line:  Not one person answered and said we must have IDs for All Americans without saying in the next sentence they were concerned about privacy, security, and governance.  

I would love to know your opinion.    Do you see additional pros that I did not mention?  


"Obama Wants Internet ID for All Americans", Kevin Parrish, Tom's Guide, January 12, 2011.

"No more passwords? Obama considers Internet ID for Americans in bid to boost web security", David Gardner, Daily Mail Online UK, January 10, 2011.

Read more:

"Obama Administration Reportedly Plans to Create Internet ID for All Americans", Fox News, January 8, 2011.

Cross-posted from Fortalice

Possibly Related Articles:
Privacy Digital Identity internet Obama Commerce Department
Post Rating I Like this!
David Jordan The concept is a start. People need to consider the pros and cons. The Internet has issues that need fixing. How would this concept fix some of these issues without creating new ones. Hey, incentives for the special interest is there but what about the general Internet public? If I opt-in can I also get certified to by-pass today's airport security gauntlet? That sure would be an incentive for me ;-) Now tie in a VIP soft mobile token for dual factor authentication with my iPhone and we're cooking!
Bryce Mitchell The main downside I see to this would be forgery; which is a lingering concern with Driver's Licenses and other official paperwork that's forged on a daily basis. Maybe if they outsourced it to VeriSign, I'd trust it.
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.