OH. THAT'S what Google+ is up to.

[firecat]

http://searchenginewatch.com/article/2105755/Real-Names-Google-Government-The-Identity-Ecosystem
"Real Names: Google+, Government & The Identity Ecosystem" by Kristine Schachinger. Excerpt:

Google’s ambitions for Google+ appear to go far beyond social signals, marketing, and their efforts to make a better product. Dig a little further and you’ll find something called the “National Strategy For Trusted Identities In Cyberspace” (NSTIC). [That's a PDF.]

The article quotes from that document:

“The National Strategy for Trusted Identities in Cyberspace (NSTIC or Strategy) charts a course for the public and private sectors to collaborate to raise the level of trust associated with the identities of individuals, organizations, networks, services, and devices involved in online transactions”

and

“The Federal Government commits to collaborate with the private sector; state, local, tribal, and territorial governments; and international governments–and to provide the support and action necessary to make the Identity Ecosystem a reality. With a concerted, cooperative effort from all of these parties, individuals will realize the benefits of the Identity Ecosystem through the conduct of their daily transactions in cyberspace.”

(I don't know whether the bolding is from the original document or from the author of the article discussing it.)

In other words, I think this is where they are heading: An online government ID card. A credit bureau for your identity. And Google wants to be one of the "private sector" companies helping to provide this.

I love how the document calls this an "ecosystem." They're calling it that because a lot of people have positive associations with the word "ecosystem" (it's green! we want to preserve it!) But I think ecosystem is another way of saying "only the fit survive" or "conform or you're dead."

Speculating a little farther out: The US government wants to replace social security numbers with an online ID. They probably want the online ID to be associated with tax payments, health records, and any government payouts. They are already setting things up so that all Social Security payments occur electronically. If they want to move other interactions with citizens online (which they do because it will save the government money) then they need a new way to verify identity.

OK: I don't know that it's necessarily a bad thing to have a way of verifying identity that isn't social security numbers. There are huge problems with using social security numbers for that purpose. (Identity theft.) And probably sometimes it is necessary to prove that you are a particular, unique individual.

I am worried about giving that job to the private sector. Credit card bureau records are notoriously inaccurate, for example. And I'm worried about having the information be associated with the Internet, because even if adequate security is designed in, adequate security requires human effort, and humans sometimes fuck up or get too lazy to bother. So that information would be vulnerable. Also I think it would be a bad thing to require everyone to interact with all government services online.

But mainly, I think it's a super-bad idea to tie social network activity in with official government verification. I don't want to be essentially "showing my papers" every time I say something in public.

Comments

[lilacsigil]

In Australia, a great deal of government business (including pension payments etc.) is done online already. No-one's felt the need to tie it in to social networking!

[jesse_the_k]

Huh. Give up all that privacy and we *still* have spam? Fuck that with a hot I-beam.

[chaos_by_design]

In the future, I suspect a great deal many things that used to be handled exclusively by the government will instead be handled by the private sector, at least in the US. We'll have "small" government[1] so that large corporations will have the "freedom" to operate as they choose with little oversight.




[1] Just small enough to fit in a woman's uterus.

[elainegrey]

Having participated in some of the Internet Identity Workshops on that government paper, i know the government wants to SUPPORT anonymous and pseudonymous speech. Identity Woman had some good articles about the NTSIC. Google's failing to "get it" in a major way.

[pipisafoat]

But mainly, I think it's a super-bad idea to tie social network activity in with official government verification. I don't want to be essentially "showing my papers" every time I say something in public.

at least make it OPTIONAL; I would be okay with optional.

[amadi]

I keep coming back to: did known of these people see that Sandra Bullock movie "The Net?" Because the head of Google is looking a lot like that corrupt CEO in that movie these days...

[senmut]

"When a place gets crowded enough to require ID’s, social collapse is not far away. It is time to go elsewhere." --Lazarus Long, Time Enough For Love (Robert Heinlein)

Your summary post of this all? Made that quote come RIGHT to mind.

[elainegrey]

@IdentityWoman explained about how NSTIC is *NOT* about a single linkable identity that the government can track and needs anonymity and pseudonymity back in January http://www.fastcompany.com/1715659/national-identity-cyberspace-why-we-shouldnt-freak-out-about-nstic

A place to get involved with NSTIC is http://www.nstic.us/ says identity woman, also IIW coming in Oct. (Promising to be a fascinating time that i will likely miss.)

[evilawyer]

Yes on all of this. The Big Brother is already big enough.

[firecat]

Thanks, that's good to know, but it doesn't make me stop worrying entirely. The government's intentions today are not the government's intentions a decade from now. And if G+ is the way that the government/private sector partnership starts going about it, that's not a good sign either. (I do recognize that G+ is still in beta. Maybe they will eventually implement pseudonymous accounts. But their PR is pretty bad right now.)

[firecat]

I can't remember if I've seen that. I think so, but all those movies about computers start to run together in my mind.

[elainegrey]

Most folks i know who are supportive of NSTIC are pretty critical of G+ as missing most of the user-centric identity protections that NSTIC outlines. I wrote you a while back that i had hoped that when those folks got their hands on the G+ nympolice that G+ would see they were going about it wrong. I'm now borderline convinced that G+ would blow off NSTIC as "We Know Better, We're Google." I did get a colleague interested in going to IIW particularly for NSTIC -- i think libraries really would be a perfect place for NSTIC. Libraries start with verified identities to a certain level in establishing the library account and there's a reasonable level of trust with libraries. (I trust my library more than my bank.)

[libskrat]

I need to check into NSTIC further before I can have an informed reaction, but I have to admit that my immediate reaction was WHOA HELL NO. I don't wanna be no gummint enforcer just 'cuz I gots an MLS.

Libraries in the US tend to deal with potential privacy breaches by keeping as little personal information and history as possible. I don't see how that fits with an identity program.

But again, I clearly have some reading to do.

[elainegrey]

SAML authentication ... ok i wrote a long post in my blog that should give some grounding in how Identity Providers work in the single sign on, third party authentication model that NSTIC assumes you'll understand.

[eggcrack]

Well, insert that picture of a stick guy leaning impossibly far away from computer screen here.

[firecat]

Heh. As a person who relies on high technology to survive*, I don't know that I'm warmed by Lazarus's comment, but I know what he means.

*and believes a fairly high population level is needed to research and produce high technology

[firecat]

Hee!

[senmut]

Of course the remainder of the quote has to do with space travel having made it possible to go elsewhere, so...that kind of corroborates your point.

There is a point, though, that Big Brother becomes unavoidable.

[e4q.livejournal.com]

govt has never liked the internet with it's wild west behaviours. i think they think, and they might be right, that less grand theft music/movies will go on if everyone real names up, and there will be less lawlessness in general... more sinisterly, two guys were jailed here for 'conspiracy' - oh wait, 12. http://yro.slashdot.org/story/11/08/11/1937221/UK-Police-Arrest-12-Over-Facebook-Use-Inciting-Riots
so maybe even in the uk this is a lot more about control... we
have more CCTV here than anywhere else, which most people don't care about. i dunno... with this new govt, we might see some serious class war. i think the uk suits being a lot less hardcore, myself.

[stefanie-bean.livejournal.com]

Good grief. But I think this has been coming down the pipe for some time.

[firecat]

Not sure I understand what you mean. Facebook requires the use of real names, and its TOS definitely says "Don't use Facebook to break the law." It's similar to G+ in that respect. So I wouldn't call Facebook an example of "the Internet with its wild west behaviors." Are you saying it was good that the conspirators used Facebook, because that way the police could catch them more easily?

[firecat]

Yeah, it has.

[e4q.livejournal.com]

no. i sort of meant pre facebook.

the weird thing about the fb conspirator thing was that nothing happened from it - this has not been egypt, the riots happened organically. people have been getting serious sentences for being anywhere near any of it, though. including failed attempts at incitement to riot.

[firecat]

That makes sense.

Linketies

[pingback-bot.livejournal.com]

User moominmuppet referenced to your post from Linketies (http://moominmuppet.livejournal.com/1590546.html) saying: [...] OH. THAT'S what Google+ is up to. [...]