TheConversation

Blog archive

Can a foreign firm safeguard American privacy?

cloud concept with man in suit

Responding to an Aug. 28 FCW article outlining the government's Federal Cloud Credential Exchange, a reader questioned the logic of having a foreign company design an American credentialing system, writing:  I'd like to see the background of how we decided having a foreign country be the epicenter of our credentialing system makes good sense. I'm sure logic was used in that decision, I'm just not seeing it.

Frank Konkel responds:

SecureKey Technologies Chief Marketing Officer Andre Boysen suggests that American citizens shouldn't worry about their information getting used outside the borders through FCCX.  

While SecureKey is headquartered in Toronto, it has an American headquarters in Washington, D.C., from which its American contracts operate. In addition, Boysen said, services and servers hosted for FCCX will be housed on U.S. soil, not in Canada or anywhere else. It should be noted that SecureKey has not yet picked a cloud provider, yet its concern for data sovereignty aligns with the company's philosophies and existing deals with Canada and the United Kingdom.

Finally, our article describes the "triple blind" process that keeps the FCCX hub and the agency involved from putting two and two together from a user's personal information. User privacy is one of the main goals of the pilot, which has one year to prove useful enough to merit a contract extension.

As for the procurement process, keep in mind that the U.S. Postal Service received nearly 20 bids on the FCCX pilot, many of which came from U.S. companies. The contract award makes clear that none matched what SecureKey could do from a technological or fiscal standpoint.

Posted by Frank Konkel on Sep 04, 2013 at 8:12 AM


Who's Fed 100-worthy?

Nominations are now open for the 2015 Federal 100 awards. Get the details and submit your picks!

Featured

Reader comments

Fri, Sep 20, 2013 Al

I think there is a big difference between Canada and, say, China or Russia on this issue. May depend on the country.

Thu, Sep 5, 2013

Canada has produced other products used by the government that are very good. Open Text products are among the best that I have seen in its genre. Also if we look back several years DoD weapon sysems used to be exclusively American made. Now that is not always the case. I feel cyber security is so important we need to look at the best ALMOST where ever we can find it. I would not choose China, the middle east area or other potential enemies for a source of this product. Even with a Canadian company the product must be properly vetted.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above