With hacks on the rise, is it time to revisit a national ID?

Our process for verifying people's identities is broken, leading some to revisit the idea of a national ID system. But politics, cybersecurity and other concerns loom large in the debate.

ID card (mei yanotai/Shutterstock.com)
 

A national identification system has been pitched as a potential alternative to a current identity system that experts say is broken and makes it too easy for criminals and other bad actors to trick financial institutions and engage in fraud, but the idea has traditionally run up against fierce resistance. However, it is becoming more popular over the past decade as countries like India, the Philippines, Estonia and others have developed their own national ID systems.

Rep. Bill Foster (D-Ill.), who chairs the House Financial Services Committee Task Force on Artificial Intelligence, said he believes a wave of high-profile data breaches over the years combined with an epidemic of identity-based fraud has provided an opening to revisit the idea.

"I think that the political ground has been shifting on this," Foster told FCW following a Sept. 12 hearing on identity and authentication challenges. "I think that, historically, there's been a big aversion in this country to anything that smelled like a national ID card, and there's been opposition from the ACLU on the left and the 'Red Dawn' contingent on the right. But in between, there's a big hunk of people who are just sick and tired of having to replace their credit cards every time their numbers get stolen."

As an example, he pointed to an amendment that passed through the House appropriations process earlier this year that overturned a decades long ban on funding a unique patient identifier for electronic health records. While that provision still needs Senate and White House approval, Foster noted that he was able to get a Republican co-sponsor and "a pretty strong bipartisan vote" – the measure passed 246 to 178. A similar coalition, he argued, could develop around creating more trusted forms of identity and authentication, including a possible federal ID system.

"This is a thing where's there's a good chance that both sides of the aisle will be able to hold hands and jump together," said Foster.

Something most experts agree on: The status quo is not working. Data breaches and other compromises have made personal data so widely available on the black market that government-issued credentials like Social Security numbers are longer suitable for identity validation.

Financial institutions are looking to emerging tools like artificial intelligence to suck up data from sensors, transactions, phones, social media and other digital traces to identify and authenticate a customer's identity. Anne Washington, assistant professor of data policy at New York University, testified to Foster's task force that such algorithms "are not ready to disambiguate enormous sets of people," often do not require end-user authentication of scraped information and have led to individuals finding themselves unable to convince institutions they are who they say they are.

In an interview, she told FCW that organizations in the public and private sector are, by and large, unprepared to deal with situations where their data is wrong or certain groups slip through the cracks, and this needs to be addressed before larger policies or regulatory actions can be considered.

"I don't think you're going to regulate how AT&T is going to handle an identity conflict, or the DMV is going to handle an identity conflict," Washington said. "Those are going to be internal business decisions, so my point is that organizations need to start themselves figuring out what these dispute resolution processes are."

A national ID card or number will continue to face opposition from a number of civil liberties and limited government groups, who view it as a stalking horse for greater abuses by government authorities down the line.

"Just as the original restrictions on the use of the Social Security card have been all but eliminated, limits on a national I.D. number or card would be ignored or legislated away," the ACLU wrote in a policy statement on the issue. "There would be an irresistible temptation to use the data for purposes for which it was never intended, including government surveillance."

It's not just ideological groups that take issue. Jeremy Grant, a coordinator with the Better Identity Coalition, told FCW his organization doesn't support the idea, calling it a "highly politically charged" issue that tends to stop the debate around better identity practices in its tracks and doesn't address the underlying problem: the need to modernize our current identifications.

"The point we make … is that the country already has a number of nationally recognized, authoritative ID systems that we use today: driver's license, passports, Social Security numbers as well," said Grant. "We don't need a new card, in fact the biggest problem is we have too many cards, we have too much paper, and the way we're doing business these days is digital."

Rather fight over a national ID card, Grant said policymakers would be better served convincing or compelling state Departments of Motor Vehicles to develop digital versions of their own ID cards and to develop a way to "vouch for [licensees] online."

Grant, who led the Obama administration's Strategy for Trusted Identities in Cyberspace initiative, acknowledged that nothing is unhackable and some security tradeoffs could be involved, but he argued that paper-based IDs have not helped prevent an epidemic of identity-based fraud, and a digital ID would provide a trusted identifier for organizations and individuals to leverage more modern tools.

NEXT STORY: Doing digital differently at VA

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.