Internet IDs are a hot topic recently, particularly in light of LulzSec’s aggressive (but abbreviated) campaign against , like, everyone ever. Proponents argue that a system of “trusted credentials”–as they’re ambiguously called now because the technology is still mostly in development–would allow for safer, more secure online transactions. The opposition says that these efforts are misguided and naive–they ignore the failure of similar plans in the past and that to truly make the Internet a safer place, anonymity is the very thing that needs to be eliminated.
PopSci’s Point/Counterpoint features on the subject are both well written and argued. It’s hard to see if there’s a one-solution-for-all that will actually be effective.
Internet security is broken, and we need to roll up our cyber-sleeves and fix it. That’s why the U.S. Chamber of Commerce announced this new proposal on April 15, designed to fight the steady increase in online crime. Entitled the National Strategy for Trusted Identities in Cyberspace, or NSTIC, it outlines the beginnings of an “identity ecosystem” to be created jointly by the private and public sector to spur more innovative and effective online authentication methods. Even if you’re not as immediately and easily swayed by snazzy, futuristic phrases like “identity ecosystem” as I am (and oh, how I am) there are still lots of other reasons to support increased Internet security.
They go by many names—trusted identities, ID ecosystems, Internet driver’s licenses—but the basic idea is always the same: Create a single online credential system that somehow increases accountability, combats fraud and identity theft, and helps deter cybercrime. Over the years we’ve seen many of these schemes trotted out in the private sector only to fail time and again. And for good reason. These plans are not only impractical, they also ignore history, confuse the primary threats we face online, and, worst of all, have the potential to do infinitely more harm than good.
I’m interested to hear what you Geeks think about this. If you’re here reading then you’re likely an upstanding Internet Citizen with an opinion on the matter. Will a new plan for unique user IDs help reduce fraud and protect our sensitive information, or is a move like that riskier than it’s worth?