Building the Future of Identity Privacy

On Data Privacy Day, the NSTIC National Program Office is taking some time to reflect on our own efforts to improve privacy online. Fulfilling the promise of enhanced privacy is a critical element of building trusted interaction online. The first of the Strategy’s guiding principles, finding new solutions that are privacy-enhancing and voluntary has been a key driver of pilot project selection and the NPO’s work to drive innovative approaches to online identity. One of the primary methods for improving privacy we have been encouraging is the use of privacy-enhancing technologies (PETs) – a topic I will be discussing at the upcoming RSA Conference, in a P2P session - Privacy-enhancing Technologies: Pipe Dream or Unfulfilled Promise? The NSTIC envisions an “Identity Ecosystem” that curbs unneeded sharing of personal data and helps limit comprehensive tracking of people through their identity transactions, while still providing for a robust marketplace of trustworthy and secure digital credentials. Trusted identities can provide a variety of benefits: enhanced security, improved privacy, new types of transactions, reduced costs, easier to use credentials, and better customer service. Minimizing the data transmitted in transactions not only protects consumers’ privacy, it can enhance businesses’ ability to protect their reputation. However, there are high-value services that require effectively validating that customers are who they claim to be – such as in the financial and health care sectors as they move into the mobile economy. Certain types of PETs employ well-researched methods of cryptography and can provide strong assurances about users’ credentials without the need for detailed exchanges of personal information. Imagine a customer providing a valid driver’s license to prove her age without actually revealing her full birth date or other unnecessary information. Moreover, privacy-enhancing cryptography can prevent the credential issuer from tracking service providers while still providing valid identification. In other words, service providers can realize the benefits of outsourcing identity management without also enabling credential issuers to build profiles of their customers to sell to competitors. While PETs that can provide the fundamental cryptographic support for anonymous transactions online have existed for some time, private sector adoption of these technologies has been almost non-existent. Despite growing demand for enhanced privacy online, online service providers have failed to provide solutions that would give users the ability to authenticate for privilege escalation with, for example, “zero-knowledge.” As a result, users often must disclose a large amount of personal information unrelated to purpose of their request in order to realize their desired transactional outcome. The use and storage of this personal information creates a fundamental and unnecessary barrier to building trusted transactions online. The Federal Cloud Credential Exchange (FCCX), a cloud-based identity federation pilot being implemented by the United States Post Office, the General Administration Services and the NPO, is a developing example of how we can manage the privacy of identity interactions between citizens and the Federal government. Currently, the FCCX supports “unlinkable” interactions through the system – meaning that a broker in the middle prevents credential providers from knowing at which agencies citizens are using their credentials and prevents agencies from knowing which credential provider citizens are using. But more work must be done, and the FCCX team is currently investigating PETs to support truly unobservable transactions, so citizens can access government services without fear of outside tracking or exposure of their identities. So why aren’t PETs more widespread? I’ll be exploring how to achieve commercial viability for PETs in identity systems at the upcoming RSA Conference in San Francisco. If you’re in the Bay Area for the conference, please grab a seat at my session, in the Peer2Peer track on February 26^th. It’s time to fulfill the promise of privacy-enhancing technologies.