A new technology that protects our identities is by nature complex, and reaching a full understanding of its benefits, risks to citizensâ€™ privacy, and vulnerabilities is difficult.Â Only by involving a wide range of experts and balancing all the pros and cons can logical decisions be made.Â
Identity technologists â€“ to explain methods of operation, limits on performance, financial limits on enhancement, and types and likelihood of misuse.Â
Â·Â Â Â Â Â Â Â Â Privacy and consumer advocates â€“ to identify the risks associated with the use and possible misuse of a new technology.Â
Â·Â Â Â Â Â Â Â Â Policy experts â€“ to identify how the technology can and should be used procedurally.
Any decision reached without the involvement of all of these parties in an open forum will invariably result in skewed decisions that may deprive us of the proper benefits of the technology.
It is most important, however, to keep in mind that technology is merely one part of the solution to the problem of protecting our identities and validating them to others.Â The complete solution is a system that must include policies, procedures, and practices describing how people are to interact with the system.Â In the end, the strength of a system is only as great as the adherence by the people using the system to these policies and procedures.Â Technology in general, and smart cards and biometrics in particular, are powerful tools for enforcing adherence to policies and procedures.
A breeder document is so named because it is usually a source of identity to apply for (or breed) other forms of identity credentials.
A number of years ago, Australia embarked on a project to digitize all birth, death, and immigration records and maintain them centrally as electronic records.Â The thinking was "if you are here, you were either born here or you came here, and thus there should be a record on you."Â In the United States, an E-Government project known as E-Vital was initiated to digitize and make available some of the same kinds of records.Â However, only death records are currently (mostly) centralized and electronically stored, as a result of the Federal government paying the states to digitize death certificates.Â Progress on automating other vital records has beenÂ very slow.Â Birth, death, marriage, divorce, and other records may be both issued and maintained in multiple places.Â At best, such records are automated and maintained at the state level; at worst, they are not automated and are stored in counties across the country.
Australia is a good example to use to consider the concept of providing a secure and verifiable identity for every person in a country.Â Suppose that Australia decided to issue a national ID card to all of its residents.Â Australia certainly has the technology needed to produce a credential that could include biometrics, the issuerâ€™s digital signature, and PKI certificates.Â Such a credential could properly be viewed as very secure and be tied to the holder in a way that would make it very hard to counterfeit or alter.Â
By issuing such a credential, Australia would solve half the problem:Â a central database would confirm the existence and legal presence of every credential holder.Â The other half of the problem would remain unsolved, however: how to be certain that the person who presents a birth certificate or other â€œbreederâ€ document to obtain the credential is the true owner of that document.Â
The Australian example illustrates the obvious problem for the United States.Â The United States can automate a record system and put records in a central place.Â A central database can be queried to verify a personâ€™s existence and permit a very secure, biometrically linked credential to be issued.Â However, two very important things cannot be done:Â