Enhancing Online Privacy
A critical element of the National Strategy for Trusted Identities in Cyberspace (NSTIC) is to substantially improve the privacy of online transactions and support civil liberties like freedom of speech and freedom of association.
Right now the Internet is not a very private place. Passwords are the main form of account protection. But cyber criminals can use simple tool kits that break them or can trick people into giving up their passwords with phishing emails and spoofed websites. Additional security features usually require consumers to share all kinds of personal information like home towns, favorite books, and pet names.
There's a better way to put people in more control of their personal information and protect their online accounts. Some media organizations and bloggers have reported inaccurately that NSTIC would require that a government ID be used on the Internet or that NSTIC aims to track people's activities online.
Here's how the Identity Ecosystem envisioned by NSTIC will improve privacy:
Fewer PII Targets: Finally, thousands of organizations large and small that currently collect personal information from individuals to conduct transactions will no longer need to store this data, dramatically reducing the number of opportunities for ID thieves and other cyber criminals to find data security weak points.
NSTIC Notes Blog Introducing 3 newest members of NSTIC pilots family NIST civic hacking challenge sparks the creation of an innovative new API Goals of NSTIC past, present, and future: NSCA guest blog interview Fourth and goal: closing in on the Identity Ecosystem Framework