Study: E-government projects must advance cautiously
Because the federal government provides online services and issues identity documents, it must proceed with caution in providing e-government services that respect citizens' privacy, said a report issued Tuesday afternoon by the National Academies of Science.
Because federal agencies like the General Services Administration issue digital certificates as well as engage in online transactions, "the government has at least these dual roles and must pay attention to its decisions" and their impact on privacy, said Stephen Kent, BBN Technologies chief scientist and chairman of the NAS committee that produced the report.
Kent said two GSA authentication systems known as Advanced Certificates for Electronic Services (ACES) and E-Authenticate fail to acknowledge the significance of this dual government role.
The report, "Who Goes There? Authentication Through the Lens of Privacy," explored the privacy implications of the increasing use of digital certificates by both the private sector and the government.
A key committee conclusion is that "the way in which a specific authentication technology is used, and the scope, has a lot more to do with the privacy implications than the specific choice itself," said Kent.
In other words, whether biometrics, identity cards, passwords, or public key cryptography adequately protects privacy has less to do with the technology itself and more to do with how it is implemented.
As an example, Kent cited the contrast between a company deploying a public key infrastructure (PKI) to authenticate its employees or customers on a Web site and a "giant PKI that does everything. That does provide exactly the same kind of implications that can be used to undermine privacy."
"The same technology-PKI-can be thoroughly supportive of privacy concerns, or detrimental to privacy," he said.
Kent criticized the PKI implementation of ACES and its E-Authenticate system.
He said that ACES required users to obtain a digital certificate from a private certification authority when it could have issued digital certificates on its own. "Every time a user comes back [to the government Web site], you must pay a fee to whichever private sector certification authority" issued the credential, he said.
"That is providing a whole bunch of information to the private sector-information that we really didn't need to do," said Kent. Because individuals are generally not free to avoid doing business with the government, "the government has to be careful to not impose authentication system requirements."
The report also raised concerns about the way in which identity cards have been used in "secondary" ways for which they were not designed, as when individuals are asked to present their drivers' license as proof of age, address or name.
"Secondary uses of authentication systems often lead to privacy and security problems," the report found. "They can compromise the underlying mission of the original system."
The 16-member committee included top scientists at AT&T, Columbia University, Hewlett-Packard, IBM, Massachusetts Institute of Technology, Microsoft and the University of California at Berkeley.