Identity Ecosystem: Big Brother Logs On

By John W. Whitehead, The Rutherford Institute
Sep. 28, 2011

“Of all tyrannies, a tyranny sincerely exercised for the good of its victims may be the most oppressive. It may be better to live under robber barons than under omnipotent moral busy bodies. The robber baron’s cruelty may sometimes sleep, his cupidity may at some point be satiated; but those who torment us for our own good will torment us without end, for they do so with the approval of their own conscience.”—C.S. Lewis
As business transactions and social interactions migrate from the streets and stores to cyberspace, government and corporate officials are clamoring to exercise control over the internet, which has become the bastion of democracy, anonymity and populism. Facebook’s facial recognition technology, corporate opposition to Net Neutrality legislation, and data retention mandates by Congress are all efforts to put the internet under strict government and corporate control. Similarly, President Obama’s plan to create an online ID system which would aid in verifying the identity of internet users communicating and initiating transactions on the web is yet another thinly disguised attempt to monitor, regulate and control the internet.

Such a system will give the government unprecedented access to Americans’ internet activities—something it has sought for years through a multitude of channels. For example, just last fall, the New York Times reported that the Obama administration was preparing to submit legislation to Congress that would make it easier for the government to wiretap the internet. As Charlie Savage noted, “Essentially, officials want Congress to require all services that enable communications—including encrypted e-mail transmitters like BlackBerry, social networking Web sites like Facebook and software that allows direct ‘peer to peer’ messaging like Skype—to be technically capable of complying if served with a wiretap order.”

In late July 2011, in a 19–10 vote, the House Judiciary Committee passed H.R. 1981, the cleverly titled “Protecting Children from Internet Pornographers Act of 2011.” While the bill expands certain elements of existing child pornography laws, it also lays the groundwork for all internet traffic to be easily monitored by government officials by requiring Internet Service Providers (ISPs) to retain all user data for at least 18 months. In this way, government officials could dredge up information retroactively on anyone’s internet surfing habits, regardless of suspicion of wrongdoing and without a warrant. Rep. Zoe Lofgren (D–CA) accurately summed up the bill when she dubbed it the “Keep Every American’s Digital Data for Submission to the Federal Government Without a Warrant Act.”

Now we have the Obama administration’s “Identity Ecosystem,” would allow internet users to submit their credentials to a government or corporate agent in order to verify and catalog their identity. Users would then use a universal ID stored in a “smart” card to access a variety of online goods and services, such as shopping banking and paying bills. While neither consumers nor corporations are mandated to participate in the Identity Ecosystem, once enough corporations take part in the new program, it will be practically impossible for the average consumer to avoid registering as well.

Touted by Howard A. Schmidt, President Obama’s Cybersecurity Czar, for its convenience and so-called ability to enhance online trust and privacy, this Identity Ecosystem is yet another example of the collusion between government and corporate America, with the government providing a framework on which the market is to build an infrastructure of certifiable identification. However, if adopted, this system will certainly result in an overly-regulated bureaucratic system that will jeopardize the sanctity of one’s personal information, as well as one’s privacy and anonymity.

The information contained in the Identity Ecosystem database would be shared amongst a variety of institutions: governmental, financial, and corporate. Clearly, the potentials for abuse are many. If the government wanted to shut you out of the system, whether you’re a suspect in a crime or simply because you’ve spoken up against a government policy, they could do so quite easily. They would be able to rescind your verified credentials and tell Bank of America, Amazon.com or any other corporation to stop doing business with you until the matter is resolved.

Furthermore, corporations would have a field day with the personal information they are able to take from their customers. By observing what purchases and transactions a person makes, the corporate powers will hone their advertising to match the exact tastes of each and every one of us, eliminating the possibility for us to be introduced to new ideas or competing products. Indeed, this is already occurring on websites such as Google and Facebook.

Moreover, while the government insists that its Identity Ecosystem is not an attempt to establish a national ID card—in much the same way that Social Security numbers have come to be relied on by those outside government circles for identification purposes (everyone from cable and credit card companies to hospitals and utility companies)—it will not be long before such a universal online ID becomes a de facto national ID.

Whether maintained by the government or corporate America, the massive database necessary to store such a wealth of identifying information would also be an irresistible treasure trove for cyber thieves. Certainly, between government and corporate entities that have a sorry track record when it comes to securing and respecting the private data of technology users, and hackers and identity thieves with a knack for outfoxing and outmaneuvering security protocols, we’ll find ourselves even more vulnerable to cyber crime and bureaucratic error than ever before. Hacktivist groups such as Anonymous have been particularly successful at accessing and publicizing private information from supposedly secure databanks.

Yet Anonymous is far from being the only group to successfully hack into secure databases. Indeed, highlighting just how vulnerable these systems really are, government and corporate databases have been subjected to a multitude of high-profile attacks in recent years.

For example, in 2006, the Department of Veteran Affairs announced that the personal data of over 17.5 million veterans had been potentially compromised when a laptop containing their information was stolen from the home of an employee. The department offered to keep track of the credit of each person for one year at the cost of $160.5 million to taxpayers. Fortunately, the laptop was later recovered with the data not having been compromised.

In 2007, TJX Company Inc., whose retailers include TJ Maxx and Marshalls, announced that the personal data of more than 45 million customers had been compromised back in 2003.

In 2009, Heartland Payment Systems announced that their database of millions of credit card numbers had been compromised by a small group of hackers.

In February 2011, Aaron Barr, the CEO of HBGary Federal, a security firm with business ties to the federal government, threatened to unmask members of Anonymous, claiming that he had the identities of important members. In response, Anonymous hacked HBGary Federal’s website the next day, stealing hundreds of documents and e-mails. Anonymous stole the report which HBGary Federal was planning to sell to the FBI and released it for free. They also hacked into Aaron Barr’s Twitter account, posting his home address and Social Security number.

While the threats posed by a universal internet ID to one’s privacy and financial security are grave enough, Obama’s Identity Ecosystem would also seriously endanger anonymity and free speech, while giving the government the ultimate weapon for controlling an unruly populace. A key component of any free society is the ability to openly discuss ideas which may be unpopular with government and corporate officials without fear of retribution. Without the protections enshrined in our First Amendment, discourse over the internet would be greatly inhibited, protesters would be unable to organize, and dissidents and activists would be targeted by those in power and locked out of the system.

Similarly, online anonymity not only assures a free exchange of ideas among individuals, it also protects dissidents, victims of abuse, medical patients, and many others. As noted by the U.S. Supreme Court in McIntyre v. Ohio Election Commission, anonymous speech is part of “an honorable tradition of advocacy and dissent.” Remember, the Federalist Papers and Common Sense were both published anonymously.

Unfortunately, attacks on anonymity are coming from a variety of sources, including corporations, judges, and citizen advocates. Many of these attacks arise out of a concern that anonymity emboldens people with radical agendas, bullies, and those who defame others. Google is one such company attempting to undermine internet users’ right to anonymity. Their Google+ network, which was ostensibly a social network in the vein of Facebook, does not allow users to register accounts anonymously or with pseudonyms. By identifying users by their official names, Google is then able to track each individual’s internet activities. This is what Google Chairman Eric Schmidt characterizes as an “identity service.”

One thing to keep in mind, however, is that a system that can force people to identify themselves in all areas of their life can easily transition into a system that can shut them out altogether. For instance, a law proposed in the Italian parliament would allow anyone (corporate official or regular citizen) who believes someone is using copyrighted material without permission to report that user’s activities to government authorities. That user would then be barred from accessing the internet merely for being suspected of a crime.

Neither the government nor any single corporation has the right to know every single purchase, transaction and communication a person makes. With the Identity Ecosystem, the concept of having a private sphere of one’s life will be thrown out the window.

The last bastion of democracy may very well be the internet, and the government knows this. When all is said and done, it doesn’t really matter what party controls the White House or Congress, because the objective of our bureaucratic government remains the same: total control—of the nation, of the internet, and ultimately of you and me.
__
Constitutional attorney and author John W. Whitehead [send him mail] is founder and president of The Rutherford Institute. He is the author of The Change Manifesto (Sourcebooks).













All original InformationLiberation articles CC 4.0



About - Privacy Policy