The Biden White House has come up with an updated version of the US National Cybersecurity Strategy Implementation Plan (NCSIP), that, unlike the first, addresses the issue and commits to “supporting development of a digital ID ecosystem.”
We obtained a copy of the report for you here.
That initiative is included in the document as one of the strategic objectives, the stated goal being to advance research and guidance “that supports innovation in the digital identity ecosystem through public and private collaboration.”
The National Institute of Standards and Technology (NIST) has been entrusted with doing that work. Listed as contributing entities are the Department of Homeland Security (DHS) and the General Services Administration (GSA).
Some observers (such as Jeremy Grant – who under the Obama administration established NCSIP), would like things around the introduction of digital ID to move faster, and see this as status quo – NIST has already been doing the same “for years,” he commented, while the only news here is that this work has been officially mentioned in the new NCSIP.
And what NIST has been doing so far is digital identity research based on Creating Helpful Incentives to Produce Semiconductors (CHIPS) and the Science Act.
And here’s what NIST’s (continued) activities entail: publishing digital identity guidelines, evaluating facial recognition and analysis technology, and publishing considerations for Attribute Validation Services.
Meanwhile, the government promises to “encourage and enable” investments in identity solutions, with another promise being that these solutions will be secure, accessible, and interoperable while fostering all the good things like consumer privacy, economic growth, and “financial and social inclusion.”
The way it is promoted, the US government’s plans around digital IDs are not much different from how they are defended elsewhere in the world; those opposed to the schemes, however, cite a range of issues linked to the digital centralization of people’s identity such as large-scale data breaches, identity theft, as well as major privacy concerns.
The first version of NCSIP that Biden signed last spring had Q2 of 2024 as the deadline to complete 36 initiatives (33 have been completed to date).
The updated version contains 31 initiatives, including that on digital ID, with its completion date listed as Q2 of fiscal year 2025.
Overall, the current White House is pushing NCSIP as “a bold, affirmative vision for cyberspace to secure the full benefits of a safe and secure digital ecosystem for all Americans.”
Digital ID systems, which provide a way to verify an individual’s identity electronically, have sparked significant controversy from a civil liberties perspective for several reasons. Chief among these concerns is the issue of privacy. Digital IDs often involve the collection, storage, and sometimes sharing of sensitive personal data, including biometric data such as fingerprints or facial recognition scans. This raises fears about the potential for surveillance and data misuse by both government authorities and private entities. The centralization of personal data could make it a target for breaches and unauthorized access, leading to identity theft or misuse of information.
Related: Australia’s Digital ID Push Is Undermined by Data Leak Disaster
