Obama is planning to give the U.S. Commerce Department authority over a system to establish unique Internet identities for people. The National Strategy for Trusted Identities in Cyberspace is a plan to create a system that will allow participants to establish who they are online through the use of some sort of identification feature. There are many systems that would allow for this identification, such as digital passcode generators, hardware keys, biometric scanners, RFID cards, voice recognition, etc.
The Obama administration is selling this as something that is voluntary and will be driven by the private sector, but the potential for future abuses must be recognized. Certainly, it would be convenient to have a single and secure Internet ID that you could use to access all of your various Internet-based accounts, but this could make you extremely vulnerable to having your entire online life hijacked in one single move.
People are probably not going to feel terribly threatened by this Internet ID program at first. We are going to be told it is for our protection, and it is completely voluntary, but that is not the way things are going to work out in reality.
If this Internet ID program takes hold, here is what is could happen step-by-step.
1) The Internet ID will be introduced. Banks will offer it to clients. People will use it and enjoy the convenience and feeling of security.
2) After a while, some banks will require users to have an Internet ID in order to access their accounts online.
3) Internet IDs will be required by all major banks for online access.
4) Mortgage companies and credit card companies will require customers to use the Internet ID system online.
5) Credit card companies will require the Internet ID be used for online purchases.
6) After several years, Internet IDs will be commonplace. Internet users may even be required to have Internet IDs to use free resources such as Web-based email accounts, social networking sites, blogging sites, etc.
Eventually, what will happen is that many Americans will have all or most of their online lives under one single Internet ID, effectively placing people's online lives under one universal account. It will be very convenient for people. People will just be able to log onto their computers and do everything without the need to worry about passwords and screen names.
Not only will this be convenient for legitimate users, it also going to be very convenient for identity thieves. We are always told systems are hack-proof, but we often find out later some hacker beat the security. Nothing is hack-proof. Right now, it is really a headache if an identity thief steals your credit card number or manages to hack your email account. Now, imagine if a hacker got hold of your Internet ID and was suddenly able to access every single one of your online accounts. Imagine if a thief had access to your bank accounts, credit cards, mortgage, driver license, cell phone, email accounts, Facebook account, Amazon account, and everything else you have. Your online life would suddenly be in the hands of someone else, and you would have very few resources available to you to correct the problem. In cyberspace, you would virtually cease to be your virtual self.
Here is an even scarier thought. Imagine if the you had your entire online life under a single Internet ID, and you had some dispute with the government. What if your tax return got lost in the mail? Imagine how easy it would be for the IRS to get hold of your Internet ID information and freeze all of your accounts until the matter was resolved. What if the Department of Homeland Security mistakenly identified you as a security threat and just decided to shut off your access to all of your online accounts during an investigation?
The potentials for abuse are tremendous. If you use the Internet ID system, know that you will be placing all of your virtual eggs in one basket. If a thief or the government decides to come along and take your basket, where is that going to leave you?
No comments:
Post a Comment