We must understand the past to not repeat it.

Please see the prior post and the post before about how we got to discussing this.

We can not forget that the Holocaust was enabled by the IBM corporation and its Hollerith machine.  How did this happen? What were these systems? How did they work? and particularly how did the private sector corporation IBM end up working a democratically elected government to do very horrible things to vast portions of its citizenry? These are questions we can not ignore.

In 2006 Stefan Brands gave a talk that made a huge impression on me he warned us and audience of very well meaning technologists that we had to be very careful because we could incrementally create a system that could lead to enabling a police state. It was shocking at the time but after a while the point he was making sunk in and stuck with me. He shared this quote (this slide is from a presentation he gave around the same time)

Stefan

It is the likability that is the challenge.

We have to have the right and freedom NOT to be required to use our “real name” and birthdate for everything.

This is the defacto linkable identifier that the government is trying to push out over everything so they can link everything they do together.

Stephan proposes another Fair Information Principle.

Stefan6

I will share more of Stephan’s slides because I think they are prescient for today.

Stephan’s slides talk about User-Centrism technology and ideas in digital identity – ideas that have virtually no space or “air time” in the NSTIC discussions because everything has been broken down (and I believe intentionally so) into “security” “standards” “privacy” “trust frameworks” silos that divide up the topic/subject in ways that inhibit really tackling user-centrism or how to build a working system that lives up to the IDEALS that were outlined in the NSTIC document.

I have tried and tried and tried again to speak up in the year and a half before the IDESG and the 2 years since its existence to make space for considering how we actually live up to ideals in the document.  Instead we are stuck in a looping process of non-consensus process (if we had consensus I wouldn’t be UN-consensusing on the issues I continue to raise).  The IDESG are not taking user-centrism seriously, we are not looking at how people are really going to have their rights protected – how people will use and experience these large enterprise federations.

Yes everyone that is what we are really talking about…Trust Framework is just a code word for Enterprise Federation.

I went to the TSCP conference a big defence/aerospace federation (who was given NSTIC grants to work on Trust Framework Development Guidance) where this lovely lady Iana from Deloitte who worked on the early versions of NSTIC and potential governance outlines for IDESG – she said very very clearly “Trust Frameworks ARE Enterprise Federations” and it was like – ahhh a breath of fresh clear honest air – talking about what we are really talking about.

So back to the Stephan Brands re-fresher slides on user-centric ID so we don’t forget what it is.

 

Stefan5

 

Stefan4

 

Stefan2

 

 

 

 

 

Stefan3

 

 

Stefan2

Look at these, take them seriously.

 

Dear IDESG, I’m sorry. I didn’t call you Nazi’s.

The complaint  by Mr. Ian Glazer was that I called my fellow IDESG colleagues Nazi’s. He was unsatisfied with my original statement about the tweet on our public management council mailing list.  Some how this led to the Ombudsman taking on the issue and after I spoke with him in Tampa it was followed by a drawn out 5 week “investigation” by the Ombudsman before he issued a recommendation.  During this time I experienced intensive trolling about the matter on twitter itself.

Here is the tweet that I authored while pondering theories of organizational dynamics in Tampa and without any intent to cause an association in the mind of a reader with IDESG, NSTIC, nor any person or persons in particular note that I did not reference anyone with a @____ or add any signifying hashtags e.g., #idesg or #nstic in this tweeted comment.

Tampa11

I own that the tweet was provocative but it was It was not my intent to cause harm to anybody or to the IDESG organization and wider identity community.

I in no way intended to imply that any member of the IDESG has any intention remotely similar to those of the NAZI party of Germany.

I in no way intended to imply that the content of the meeting of the IDESG related to the content of the meeting I referenced in the tweet.

I am very sorry if the tweet had an emotionally negative impact on people on the management council and particularly those of with Jewish Heritage.

I fully acknowledge that referencing anything relative to the Nazi era is triggering. It touches on our collective shame and surfaces vulnerability it is very hard to look at.

I also believe that we have to actually be prepared to do so. If we don’t examine the past we can’t be sure we will not repeat it. [Please click to see my my next post for this to be further expounded upon]

I’m sorry I didn’t say something along these lines sooner.

One should not feed the internet trolls and I didn’t.

I was in a process were I felt it was inappropriate to speak about this more until the Ombudsman’s process had run its course.

I think that we all need to keep in mind our roles as Directors of the IDESG when we interact with the public and with each other.

The whole process left my and my attorney puzzled. My attorney wrote a letter to the Management Council/Board of Directors with a whole bunch of questions and now that this is posted we look forward to their answers to those questions.

 

 

 

Resources for HopeX Talk.

I accepted an invitation from Aestetix to present with him at HopeX (10).

It was a follow-on talk to his Hope 9 presentation that was on #nymwars.

He is on the volunteer staff of the HopeX conference and was on the press team that helped handle all the press that came for the Ellsberg – Snowden conversation that happened mid-day Saturday.  It was amazing and it went over an hour – so our talk that was already at 11pm (yes) was scheduled to start at midnight.

Here are the slides for it – I modified them enough that they make sense if you just read them.  My hope is that we explain NSTIC, how it works and the opportunity to get involved to actively shape the protocols and policies maintained.

[Read more…]

BC Government Innovation in eID + Citizen Engagement.

I wrote an article for Re:ID about the BC Government’s Citizen Engagement process that they did for their eID system.

CoverHere is the PDF: reid_spring_14-BC

BC’S CITIZEN ENGAGEMENT:A MODEL FOR FUTURE PROGRAMS 

Because of my decade long advocacy for the rights and dignity of our digital selves, I have become widely known as “Identity Woman.” The Government of British Columbia invited me to participate as an industry specialist/expert in its citizen consultation regarding the province’s Services Card. I want to share the story of BC’s unique approach, as I hope that more jurisdictions and the effort I am most involved with of late, the U.S. government’s National Strategy for Trusted Identities in Cyberspace, will choose to follow it.

The Canadian Province of British Columbia engaged the public about key issues and questions the BC Services Card raised. The well-designed process included a panel of randomly selected citizens. They met face- to-face, first to learn about the program, then to deliberate key issues and finally make implementation recommendations to government.

[Read more…]

The Trouble with Trust, & the case for Accountability Frameworks for NSTIC

There are many definitions of trust, and all people have their own internal perspective on what THEY trust.

As I outline in this next section, there is a lot of meaning packed into the word “trust” and it varies on context and scale. Given that the word trust is found 97 times in the NSTIC document and that the NSTIC governing body is going to be in charge of administering “trust marks” to “trust frameworks” it is important to review its meaning.

I can get behind this statement: There is an emergent property called trust, and if NSTIC is successful, trust on the web would go up, worldwide.

However, the way the word “trust” is used within the NSTIC document, it often includes far to broad a swath of meaning.

When spoken of in every day conversation trust is most often social trust.

[Read more…]

National! Identity! Cyberspace!: Why we shouldn’t freak out about NSTIC.

This is cross posted on my Fast Company Expert Blog with the same title.

I was very skeptical when I first learned government officials were poking around the identity community to learn from us and work with us.  Over the last two and a half years, I have witnessed dozens of dedicated government officials work with the various communities focused on digital identity to really make sure they get it right. Based on what I heard in the announcements Friday at Stanford by Secretary of Commerce Locke and White House Cybersecurity Coordinator  Howard Schmidt to put the Program Office in support of NSTIC (National Strategy for Trusted Identities in Cyberspace) within the Department of Commerce. I am optimistic about their efforts and frustrated by the lack of depth and insight displayed in the news cycle with headlines that focus on a few choice phrases to raise hackles about this initiative, like this from CBS News: Obama Eyeing Internet ID for Americans.

I was listening to the announcement with a knowledgeable ear, having spent the last seven years of my life focused on user-centric digital identity.Internet Identity Workshop Logo Our main conference Internet Identity Workshop held every 6 months since the fall of 2005 has for a logo the identity dog: an allusion to the famous New Yorker cartoon On the internet, nobody knows you are a dog. To me, this symbolizes the two big threads of our work: 1) maintaining the freedom to be who you want to be on the internet AND 2) having the freedom and ability to share verified information about yourself when you do want to.  I believe the intentions of NSTIC align with both of these, and with other core threads of our communities’ efforts: to support identifiers portable from one site to another, to reduce the number of passwords people need, to prevent one centralized identity provider from being the default identity provider for the whole internet, to support verified anonymity (sharing claims about yourself that are verified and true but not giving away “who you are”),  support broader diffusion of strong authentication technologies (USB tokens, one-time passwords on cellphones, or smart cards), and mutual authentication, allowing users to see more closely that the site they are intending to do business with is actually that site.

Looking at use cases that government agencies need to solve is the best way to to understand why the government is working with the private sector to catalyze an “Identity Ecosystem”.

[Read more…]

Thoughts on the National Strategy for Trusted Identities in Cyberspace

Update: This blog post was written while reading the first draft released in the Summer of 2010. A lot changed from then to the publishing of the document in April 2011.

Here is my answer to the NSTIC Governence Notice of Inquiry.

And an article I wrote on Fast Company: National! Identity! Cyberspace! Why you shouldn’t freak out about NSTIC.

Interestingly in paragraph two on the White House blog it says that NSTIC stands for “National Strategy for Trusted Initiatives in Cyberspace” rather than “National Strategy for Trusted Identities in Cyberspace”.

This first draft of NSTIC was developed in collaboration with key government agencies, business leaders and privacy advocates. What has emerged is a blueprint to reduce cybersecurity vulnerabilities and improve online privacy protections through the use of trusted digital identities.

[Read more…]

SSN’s can be guessed

This just in from slashdot:

“The nation’s Social Security numbering scheme has left millions of citizens vulnerable to privacy breaches, according to researchers at Carnegie Mellon University, who for the first time have used statistical techniques to predict Social Security numbers solely from an individual’s date and location of birth. The researchers used the information they gleaned to predict, in one try, the first five digits of a person’s Social Security number 44 percent of the time for 160,000 people born between 1989 and 2003.

This is from the Wired coverage:

By analyzing a public data set called the “Death Master File,” which contains SSNs and birth information for people who have died, computer scientists from Carnegie Mellon University discovered distinct patterns in how the numbers are assigned. In many cases, knowing the date and state of an individual’s birth was enough to predict a person’s SSN.

“We didn’t break any secret code or hack into an undisclosed data set,” said privacy expert Alessandro Acquisti, co-author of the study published Monday in the journal Proceedings of the National Academy of Sciences. “We used only publicly available information, and that’s why our result is of value. It shows that you can take personal information that’s not sensitive, like birth date, and combine it with other publicly available data to come up with something very sensitive and confidential.”

Basically it means we shouldn’t be honest about our date of birth and home town on Facebook (or any other social network) or we are making ourselves vulnerable to discernment of our SSN’s. I wonder if they can figure out mine? I received my as an adult when I was attending college in California.

I decided to poke around and see what Facebook had up about Identity Theft. I did find a link to this study that created a profile by “Freddi Stauer,” an anagram for “ID Fraudster,”.

Out of the 200 friend requests, Sophos received 82 responses, with 72 percent of those respondents divulging one or more e-mail address; 84 percent listing their full date of birth; 87 percent providing details about education or work; 78 percent listing their current address or location; 23 percent giving their phone number; and 26 percent providing their instant messaging screen name.

Sophos says in most cases, Freddi also got access to respondents’ photos of friends and family, plus a lot of information about personal likes and dislikes, and even details about employers.

Facebook users were all too willing to disclose the names of spouses and partners, with some even sending complete resumes. One facebook user divulging his mother’s maiden name—the old standard used by many financial and other Web sites to get access to account information.

Most people wouldn’t give this kind of information out to people on the street but their guard sometimes seems to drop in the context of a friend request on the Facebook site, O’Brien says.

According to Sophos, the results of what it calls its Facebook ID Probe has significance for the workplace as well as personal life because businesses need to be aware that this type of social-networking site may pose a threat to corporate security.

I have tried to search the Facebook blog to see what they have to say about identity theft and apparently they haven’t mentioned it.

Government data linked together…

From Slashdot:

a story from The Guardian about FBI interest in connectivity between its own database resources and those abroad. It’s spearheading a program labeled ‘Server in the Sky’, meant to coordinate the police forces of the United States, the United Kingdom, Canada, Australia, and New Zealand to better fight international crime/terrorist groups. The group is calling itself the International Information Consortium.

“Britain’s National Policing Improvement Agency has been the lead body for the FBI project because it is responsible for IDENT1, the UK database holding 7m sets of fingerprints and other biometric details used by police forces to search for matches from scenes of crimes. Many of the prints are either from a person with no criminal record, or have yet to be matched to a named individual. IDENT1 was built by the computer technology arm of the US defence company Northrop Grumman. In future it is expected to hold palm prints, facial images and video sequences.”

From Slashdot: Most Scary to Least Scary

FBI datamining for more then just terrorists:
“Computerworld reports that the FBI is using data mining programs to track more than just terrorists. The program’s original focus was to identify potential terrorists, but additional patterns have been developed for identity theft rings, fraudulent housing transactions, Internet pharmacy fraud, automobile insurance fraud, and health-care-related fraud. From the article: ‘In a statement, Sen. Patrick Leahy (D-Vt.), chairman of the Senate Judiciary Committee, said the report [on the data mining] was four months late and raised more questions than it answered. The report “demonstrates just how dramatically the Bush administration has expanded the use of [data mining] technology, often in secret, to collect and sift through Americans’ most sensitive personal information,” he said. At the same time, the report provides an “important and all-too-rare ray of sunshine on the department’s data mining activities,” Leahy said. It would give Congress a way to conduct “meaningful oversight” he said.'”

from the just-forward-your-mail-to-homeland-security dept:
“You probably already knew that the FBI was data mining Americans in the “search” for potential terrorists, but did you know that they’re also supposed to be looking for people in the U.S. engaged in criminal activity that is not really supposed to be the province of the federal government? Now the feds are alleged to be data mining for insurance fraudsters, identity thieves, and questionable online pharmacists. That’s what they’re telling us now. What else could they be looking for that they are not telling us about?”

From the is-that-anything-like-the-lime-in-the-coconut dept:
“The kernel meets The Colonel in a just-published Microsoft patent application for an Advertising Services Architecture, which delivers targeted advertising as ‘part of the OS.’ Microsoft, who once teamed with law enforcement to protect consumers from unwanted advertising, goes on to boast that the invention can ‘take steps to verify ad consumption,’ be used to block ads from competitors, and even sneak a peek at ‘user document files, user e-mail files, user music files, downloaded podcasts, computer settings, [and] computer status messages’ to deliver more tightly targeted ads.”

From the how much can you remember department:

The research reveals that the average citizen has to remember five passwords, five pin numbers, two number plates, three security ID numbers and three bank account numbers just to get through day to day life.

Six out of ten people claimed that they suffer from “information overload,” stating that they need to write these numbers down in order to remember them.

However, more than half of the 3000 people surveyed admitted to using the same password across all accounts, leaving them at risk of potentially severe security breaches.

Professor Ian Robertson, a neuropsychology expert based at Trinity College Dublin who carried out the study, said: “People have more to remember these days, and they are relying on technology for their memory.

“But the less you use of your memory, the poorer it becomes. This may be reflected in the survey findings which show that the over 50s who grew up committing more to memory report better performance in many areas than those under 30 who are heavily reliant on technology to act as their day to day aide memoir.”

Who ownes that copy?:

‘Copyfraud is everywhere. False copyright notices appear on modern reprints of Shakespeare’s plays, Beethoven’s piano scores, greeting card versions of Monet’s Water Lilies, and even the US Constitution. Archives claim blanket copyright in everything in their collections. Vendors of microfilmed versions of historical newspapers assert copyright ownership. These false copyright claims, which are often accompanied by threatened litigation for reproducing a work without the owner’s permission, result in users seeking licenses and paying fees to reproduce works that are free for everyone to use…'”

Second Life – the real picture emerges:

The LA Times is running a story today saying that marketers are pulling out of Second Life, primarily because — surprise, surprise — the ‘more than 8 million residents’ figure on the game’s Web site is grossly inflated. Also, as it turns out, the virtual world’s regular visitors — at most 40,000 of them online at any time — are not only disinterested in in-world marketing, but actively hostile to it, staging attacks on corporate presences such as the Reebok and American Apparel stores.

THIS IS FUN:
RunBot Robot Walks:
“The basic walking steps of Runbot, which has been built by scientists co-operating across Europe, are controlled by reflex information received by peripheral sensors on the joints and feet of the robot, as well as an accelerometer which monitors the pitch of the machine. These sensors pass data on to local neural loops – the equivalent of local circuits – which analyse the information and make adjustments to the gait of the robot in real time.”

THIS IS GODO NEWS:
from the free-at-last dept:
“IBM is making it easier to utilize its patented intellectual property to implement nearly 200 standards in the SOA, Web services, security and other spaces. Under a pledge issued by the company Wednesday, IBM is granting universal and perpetual access to intellectual property that might be necessary to implement standards designed to make software interoperable. IBM will not assert any patent rights to its technologies featured in these standards. The company believes its move in this space is the largest of its kind.”

Announcing The Virtual Rights Symposium on Digital Identity & Human Rights

This is the first of what we hope to be an annual event about Digital
Identity and Human Rights covering social issues, policy and
legislation in this arena.

The goal is to foster international cooperation on virtual rights
through high quality dialogue and deliberation between legislators,
researchers, service providers, and citizens.

The symposium will begin in September with interaction online both
synchronous and asynchronous. It will peak with a meeting in Costa Rica November 17-18th and continue online afterwards.

Virtual Rights Association is organizing the event in cooperation with Costa Rica University and the Berkman Center. Chair Jaco Aizerman please contact him at =jaco or http://public.xdi.org/=jaco

Please go to thewebsite at Virtual Rights to see the current version of the agenda.

Catalyst: Government Adoption of Federated Identity

This is drawn from David Temoshok’s Talk. He is the Director of Identity Policy and Management GSA Office of Government Policy

Homeland security directive 12
“Policy for Common Identification Standard For Federal Employees and Contractors” – August 2004

HSPD 12 Requirements

1. Secure and reliable forms of personal identification that are:

  • Based on sound criteria to verify an individual employee’s identity
  • Strongly resistant to fraud, tampering, counterfeiting, and terrorist exploitation
  • Rapidly verified electronically
  • Issued only by providers whose reliability has been established by an official accreditation process

2. Applicable to all government organizations and contractors except National Security Systems
3. Used for access to federally-controlled facilities and logical access to federally-controlled information systems
4. Flexible in selecting appropriate security level – includes graduated criteria from least secure to most secure
5. Implemented in a manner that protects citizens’ privacy

Expanding Electronic Government

Needing Common Authentication Services for

  • 280 million Citizens
  • Millions of Businesses
  • Thousands of Government Entities
  • 10+ Million Federal Civilian and Military Personnel

You can learn more on the GSA website – http://www.gsa.gov/aces

Documents for the Undocumented

This week the cover of Business week is Embracing Illegals. The frame is about how businesses see the 11 million+ ‘illegal immigrants’ as a great market opportunity. To function economically in western capitalism you need identity documents to be part of the ‘representation system‘ that enables trusted value generation and exchange.

It dives into detail about how ‘undocumented immigrants’ get documents to basically function as normal US residents.

Guided by friends and family, the couple soon discovered how to navigate the increasingly above-ground world of illegal residency. At the local Mexican consulate, the Valenzuelas each signed up for an identification card known as a matrí­cula consular, for which more than half the applicants are undocumented immigrants, according to the Pew Hispanic center, a Washington think tank. Scores of financial institutions now accept it for bank accounts, credit cards, and car loans. Next, they applied to the Internal Revenue Service for individual tax identification numbers (ITINS), allowing them to pay taxes like any U.S. citizen — and thereby to eventually get a home mortgage.

The corporate Establishment’s new hunger for the undocumenteds’ business could have far-reaching implications for America’s stance on immigration policy, which remains unresolved. Corporations are helping, essentially, to bring a huge chunk of the underground economy into the mainstream.


The political implications are less clear-cut. Further integration of illegals into the U.S. could help President George W. Bush in his uphill struggle over the past two years to launch a guest worker program. His plan would provide a path to amnesty and full legalization for many unauthorized residents. Companies are taking a position similar to the President’s, in effect saying: There’s no point in pretending that millions of people aren’t here, so let’s find ways to deal with them.

It quickly became apparent. Largely via word of mouth in Hispanic neighborhoods, Wells Fargo has opened 525,000 matrícula accounts, which now represent 6% of the bank’s total. It opens 800 new accounts a day across the 23 states in which it does business.

The success of the matrí­cula has encouraged the expansion of other financial products, such as home mortgages, using the ITIN. Created for people such as foreigners with U.S. investments who aren’t eligible for a Social Security number but still may owe U.S. income taxes, the agency issued 900,000 ITINs last year and a total of 8 million since 1996. In Chicago, Second Federal Savings has 620 ITIN loans worth $90 million.

MS/HP – National Identity System Kim does it Follow the Laws?

So I wondered reading the below quote if the MS/HP National Identity System followed the Identity Laws that Kim has authored. The frame of this Techsploits column Hot for Data By Annalee Newitz does not make it sound like it does.

I was particularly squicked to hear about a new product from Hewlett-Packard and Microsoft that is designed to be an integrated identity-tracking suite for repressive government regimes.

It seems that virtual rights surrounding identity and the Kim’s Identity Laws surrounding proper use should be universal not just something US Citizens and perhaps Canadians enjoy. It is clear the web is global and thus the nature of the laws of identity for use in digital systems using the web also must be. I am wondering what Kim and others at Microsoft are doing to ensure the emergence of systems that are not going to be used by oppressive regimes.

Called the National Identity System, the product is touted for its ability to create smart ID documents, which can be checked at borders or across entire regions. It also has the fun ability to add biometric data to each identity profile. It’s plug-and-play surveillance! Now you don’t need to build your own repressive state apparatus, because HP has done it for you. Plus HP and Microsoft promise to set up training centers all over the world to help governments implement the system.

Luckily, it’s Windows-based, so my favorite hackers will be exploiting the hell out of it as soon as it gets widely deployed. I can’t wait for the underground how-to book to come out—they can call it National Identity System Hacks.

Belgium Identity Cards

From ID Corner comes this story about Belgium Identity Cards.

The card provides strong security against traditional outsider attacks, but unfortunately has not been designed with privacy in mind. In fact, it features one of the worst privacy designs imaginable. Two glaring problems:

The citizen certificates on each ID chipcard contain the cardholder’s name and RRN (the œrijksregistratienummer,” a single government-wide identification number for each natural person). The name and RRN are disclosed whenever a card is used at a relying party. The RRN (which has a simple structure based on the citizen’s birthday) serves as the key to numerous databases containing citizen information; on the basis of this number, all cardholder actions and movements with the eID chipcard can be electronically traced and linked (not merely by the government itself!).

The eID card specifies the following information, both visibly on the card itself and stored within the card’s chip: cardholder’s photo, surname and first names, gender, nationality, place and date of birth, signature, RRN, and the validity period of the card. In addition, the chip also stores the cardholder’s current address. Some of this information is privacy-sensitive, yet the cardholder has no control over its disclosure. (Historically, this is the same information as has always been on Belgium identity cards, and so arguably this does not constitute a reduction in privacy; however, in most countries around the world an information-rich national identity card would not pass in the first place.)

The privacy problems do not stop here. Each eID chip contains two X.509v3 identity certificates (each specifying the citizen’s name and RRN number, one for authentication and one for digital signing), as well as a basic signature key to authenticate the card with respect to the RRN. The certificates and public keys, which are assigned by the central issuing authority, by themselves serve as “omni-directional” identifiers that are globally unique. For a detailed account on the various privacy problems caused by this use of PKI, see, for instance, here.