About The Blog

Debate at the intersection of business, technology and culture in the world of digital identity, both commercial and government, a blog born from the Digital Identity Forum in London and sponsored by Consult Hyperion

Advertisers

Technorati

  • Add to
Technorati Favorites

License

  • Creative Commons

    Attribution Non-Commercial Share Alike

    This work is licensed under a Creative Commons Attribution - Noncommercial - Share Alike 2.0 UK: England & Wales License.

    Please note that by replying in this Forum you agree to license your comments in the same way. Your comments may be edited and used but will always be attributed.

« The long and short of it | Main | Give us the chance to do better »

Government interface

By Dave Birch posted May 19 2009 at 8:04 AM

[Dave Birch] For e-government to take off, it is transparently obvious that population scale identification and authentication infrastructure (beyond e-mail address and alphanumeric passwords) will have to be in place. If not, the pain associated with every single online interaction with the public sector will grow far beyond the point where the bulk of the population will want to get involved and there will be a hard limit on the efficiency of the delivery of public services. No-one, surely, can be against that. Yet we don't seem to making much progress towards this. Even in cases (in the UK) where online service delivery works very well indeed (eg, vehicle tax), it does so in silos.

Now, many people will (quite rightly) point out that there is a fundamental danger to the idea of using a single identity across all services. There's a particular danger to using to the same identity across public and private sector services.

In yet another security breach, the US State Department said 400 passport applicants, and maybe more, have had information stolen. Passport applications containing personal information, including Social Security numbers, were accessed and used to open fraudulent credit card accounts. A fraud ring bought information from a government employee. The information was used to apply for cards. Cards were intercepted by another insider in the post office before they were delivered. The passport applicants had no idea their identity had been stolen.

[From National ACH: Government Employees Selling Identities]

Now, that's the kind of fraud that imagine was dismissed out of hand by the government's management consultants when they were procuring the system. "Insiders in the Post Office connecting to insiders in the State Department? Oh, come on! That's like a Tom Clancy novel, it will never happen."

It this sort of thing -- and it seems to happen all the time -- that means that many people react against the very idea of a government identity or a government identity management system, although I draw a different conclusion: we need a better (privacy-enhancing) design for a government identity management system, perhaps building on the schemes used in countries such a Germany and Austria where identities are cyptographically-partitioned between service providers.

(Obviously, I trust the Government even less. I'd much rather have O2 manage my ID than the Home Secretary. SIMs are more secure, cheaper and better-managed than the UK's ridiculous Stalinist ID card system).

[From Dean Bubley's Disruptive Wireless: Thoughts on managed identity services by mobile operators]

What we want, surely, is the best of both worlds. I want my SIM to hold a number of identities, including government ones, that I can choose to use on a per-transaction basis. And I don't think it's far-fetched to expect this kind of modern infrastructure.

That's not to say that logging on is the only online problem. I recently (twice) gave up trying to apply online for a passport for one of my children. The first time, even I couldn't understand the instructions (and I do know a little about this kind of thing) and got confused to the point of abandonment. The second time, I followed the instructions to save the partially completed application but when I tried to retrieve it I was told that it didn't exist. I gave up, and got him a (cheaper) American passport instead. Now, unfortunately, most applicants will not have an American spouse to hand in these circumstances and thus will have to continue fighting their way through the online versions of paper forms. Efficient online delivery of public services isn't just about the identity management infrastructure!

These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]

TrackBack

TrackBack URL for this entry:
https://www.typepad.com/services/trackback/6a00d8341c4fd753ef01156f9e7662970c

Listed below are links to weblogs that reference Government interface:

Comments

I want the option to authenticate myself to government online services using CardSpace or any other technology I choose. I don't think that requires government-issued identity management systems or identities.

Having your identity stolen is no fun. It can cost you a bunch of money and lots of time and effort.

The comments to this entry are closed.