I believe a national ID card program is good for business, good for consumers and would be an excellent tool in the efforts to ensure the security of the United States.
Opinions
On the side of civil libertarians, there are the doctrinal “big brother” fears regarding abuse of the information contained in national ID databases,and additional invasions of the privacy of Americans that may result from the aggregation of this data.
The technology sector has criticized the notion that the program would be based on a single-vendor solution. It is also uncomfortable with a solution that invokes the complex and costly problems associated with real-time aggregation and access to authentication databases. Revocation of digital credentials also poses a problem.
Some in the private sector prefer non-governmental management and operation of such a program.
Some in government believe that only a federal entity such as the IRS or U.S. Postal Service has the ability to manage such a complex national program that involves the trust and scale issues that will come into play.
The fact is that most modern nations have national ID card programs, or some means of uniquely identifying their citizens at borders and for certain transactions within the country. Arguably, we already have an important part of the ID: the unique identifier would be our Social Security Number. Unfortunately, numerous times during the last few decades an effort to rationalize national identity around the SSN has met political opposition.
Reality Checks
Today numerous organizations are tracking our actions, locations and behavior. They are doing it by SSN, driver’s license number, boating license number, telephone number, IP address, cell phone ESN, passport number, grocery store discount card number and many, many other means. This is not big brother watching us. It is the credit reporting agencies, data aggregators such as Acxiom, Double-Click, or Abacus and others in the private and public sector. In this post-Sept. 11 era, it will be important to all citizens of the civilized world to make informed choices among, security, freedom, and privacy, and to understand the potential risks and benefits than can result from improving authentication. What are you willing to pay for better security? What are you willing to give up to feel safer?
Bottom Line
It’s good for business: A national ID card program will generate a lot of demand for IT products and services to support the creation and maintenance of the infrastructure and its operational components. The program will have palpable costs for certain sectors, but these costs may be offset by the benefits associated with better security and privacy, better information and knowledge of the customer through personalization and improved consumer confidence.
It’s good for individuals: Positive identification and strong authentication, while helping achieve law enforcement and intelligence objectives, also makes it easier for us to positively control access to our personal data, and potentially achieve better accuracy and access to information organizations control about us. It also actually may help discourage practices such as racial profiling or discrimination where an individual can properly identify and authenticate his or herself using biometrics, and where his/her name can be verified in real time against myriad law enforcement and intelligence databases.
It’s good for national security: There are too many disparate databases today in the law enforcement and intelligence communities on the state and local levels. This lack of data sharing makes it virtually impossible for law enforcement to detect and apprehend someone on another agency’s watch list. This single fact is one of the most important failures in our system that allowed at least one of the Sept. 11 terrorists to evade INS border controls, even though he was wanted in a Florida county.
Yes, it’s scary to think about some of the privacy implications of such a solution. Yes, Congress has been a little too quick to rush to action in some of the recent legislation. But at the end of the day, if a group of informed workgroup participants assured you that a national ID card program could be managed effectively and efficiently, would have minimal impact on your day-to-day privacy, but could improve security by significant orders of magnitude, do you think it’s worth the investment, time and energy, and the small amount of your privacy that you would sacrifice? It’s time for a broader national dialogue on this issue. We in the technology field can help ensure that such a program has tangible and long lasting benefits for everyone.
Eddie Schwartz is senior vice president and corporate evangelist at Guardent Inc. Eddie has created information risk management business processes, enterprise information assurance and technical security, and data privacy architectures for many commercial and U.S. Government entities including the U.S. Department of State, the Marriott Corporation, McDonald's Corporation, and Land O Lakes. Prior to joining Guardent, Eddie was Vice President for Enterprise Applications and Infrastructure and Chief Information Security Officer for Nationwide. Prior to Nationwide, he was National Director of the Information Risk Management practice for a large CPA consulting firm, Technical Director of the Diplomatic Security InfoSec Laboratory for the U.S. Department of State, Senior Computer Scientist for Computer Sciences Corporation (CSC), and Foreign Service Officer with the U.S. Department of State.
