In this article, the author, Shane Peterson, gets to the key point, the too often we confuse relationships we have with government with identity. The fact is we have multiple relationships.
Harper, a member of the Department of Homeland Security's Data Privacy and Integrity Advisory Committee and author of Identity Crisis: How Identification Is Overused and Misunderstood, said he and former Utah CIO Phil Windley arrived at the same conclusion."He expressed it very well [in his book, Digital Identity]," Harper said. "An identity is a relationship. There isn't just one relationship you have with the government, and that defines every other relationship you have. So the idea that we'd have an identity system structured as a government-created identity system is equally inaccurate."
This mindset is what caused the driver's-license-as-credential problem in the first place, he said, and America is still locked into the idea that there's a simple way to create a single, uniform identification system.
It's a holdover from days gone by, he explained, when so many transactions used to happen face-to-face and proving your identity was crucial to carrying out those sorts of transactions.
One great example of separation of identity and privacy is the new TSA Clear Card program.
The card is a credential that tells TSA staff the cardholder passed the TSA's security-threat assessment process and is authorized to use ClearLanes to bypass some aspects of airport security. The card does not reveal the cardholder's identity to TSA staff, effectively separating the person's identity from the physical credential.Peterson goes on to talk about issues of privacy and the fact that there "is no policy framework for the collection, use, storage, and exchange of identity information." From a programmatic standpoint, this is where the Liberty Alliance Project is hoping to fill the gap. The Identity Governance Framework aims to do just that.
No comments:
Post a Comment