Category Archives: legislation

Clinton: There is no silver bullet in the struggle against Internet repression. There’s no “app” for that

Posted on by

0

Today in Washington, Secretary of State Clinton reiterated the State Department’s commitment to an Internet freedom policy in a speech at George Washington University. Rebecca MacKinnon, journalist, free speech activist, and expert on Chinese Internet censorship, provided some on the spot analysis immediately following Clinton’s words. MacKinnon made an interesting, and timely, point: there are limits to directly funding certain groups. “I think one of the reasons that the Egyptian and Tunisian revolutions were successful was that they were really home grown, grass roots. At the end of the day, the people in the countries concerned need to really want change and drive that change.”

MacKinnon parsed the considerable complexity of advocating for Internet freedom in the context of Wikileaks and electronic surveillance in other areas of the federal government. For those interested, she elaborated on the issues inherent in this nexus of government and technology in her Senate testimony last year. At some point this winter, there will be a hearing on “CALEA 2″ in the United States Congress that’s going to be worth paying close attention to for anyone tracking Internet freedom closer to home, so to speak.

Should the U.S. support Internet freedom through technology, whether it’s an “app” or other means? To date, so far the State Department has allocated only $20 million of the total funding it has received from Congress, according to a report on Internet censorship from the Senate Foreign Relations Committee obtained by the AFP. (Hat tip to Nick Kristof on that one).

Clinton defended the slow rollout of funding today in her speech (emphasis is added):

“The United States continues to help people in oppressive Internet environments get around filters, stay one step ahead of the censors, the hackers, and the thugs who beat them up or imprison them for what they say online. While the rights we seek to protect are clear, the various ways that these rights are violated are increasingly complex. Some have criticized us for not pouring funding into a single technology—but there is no silver bullet in the struggle against Internet repression. There’s no “app” for that. And accordingly, we are taking a comprehensive and innovative approach—one that matches our diplomacy with technology, secure distribution networks for tools, and direct support for those on the front lines.”

The caution in spending may well also be driven by the issues that the State Department encountered with Haystack, a much celebrated technology for Internet freedom tool that turned out to be closer to a fraud than a phenomenon.

There may be no silver bullet to deliver Internet freedom to the disconnected or filtered masses, per se, but there are more options beyond the Tor Project that people in repressive regimes can leverage. Today, MIT’s Technology Review reported on an app for dissidents that encrypts phone and text communications:

Two new applications for Android devices, called RedPhone and TextSecure, were released last week by Whisper Systems, a startup created by security researchers Moxie Marlinspike and Stuart Anderson. The apps are offered free of charge to users in Egypt, where protesters opposing ex-president Hosni Mubarak have clashed with police for weeks. The apps use end-to-end encryption and a private proxy server to obfuscate who is communicating with whom, and to secure the contents of messages or phone conversations. “We literally have been working night and day for the last two weeks to get an international server infrastructure set up,” says Anderson.

No word on whether they’ve received funding from State yet. For more on today’s speech, read the full report on the State department’s Internet freedom policy at the Huffington Post, Ethan Zuckerman or the ever sharp Nancy Scola on #NetFreedom, which does, in fact, now look like a “big deal.”

Malamud: add bulk open government data access to Thomas.gov

Posted on by

0

An image of (insert name here), taken at about 2:30 this afternoon. (Photo by Abby Brack/Library of Congress)

An image of (insert name here), taken at about 2:30 this afternoon. (Photo by Abby Brack/Library of Congress)

Open government advocate Carl Malamud made a succinct recommendation for improving the United States House of Representatives on January 24th: “Open it up. Bulk access, developer day, an API, long-term open source model. People’s house.” Malamud linked to a letter at House.Resource.org to Representative Eric Cantor (R-VI), House Majority Leader in which he made the case for making bulk data access to bills and corollary data available to the public online through Thomas.gov:

Access to bulk data, both for the core Thomas system and for corollary databases, would have a huge and immediate effect. Hosting a developer day and making sure stakeholders are part of the long-term development will help keep the next- generation system in tune with the needs of the Congress and of the public.

As Malamud pointed out, long term plans to improve public access to the law are evolving, including the announcement that the Cornell Law Library would redesign Thomas.gov legislative/meta data models:

It’s finally official: The Library of Congress has selected us to work on a redesign of their legislative-metadata models. This sounds like really geeky stuff (and it is), but the effects for government and for citizens should be pretty big. What’s really being talked about here is (we hope) a great improvement not only in what can be retrieved from systems like THOMAS and LIS (the less-well-known internal system used by Congress itself), but also in what can be linked to and referenced. We’ll begin with a careful compilation of use cases, build functional requirements for what the data models should do, and go from there to think about prototype systems and datasets. The idea is to bring Semantic Web technology to bills, public laws, the US Code, Presidential documents, and a variety of other collections. Longtime LII friends and collaborators Diane Hillmann, John Joergensen and Rob Richards& will be working with our regular team to create the new models and systems.

Will the new GOP leadership take Malamud up on his proposal for an open developer day and bulk data? Stay tuned. As Nancy Scola wrote in techPresident that “Republicans in the House are making technology-enabled openness, transparency, and participation central to the public presentation of their core political values in a way that their Democratic counterparts never fully did.” Malamud has a track record that lends considerable credibility to his prospects: he helped to get the SEC online in 1993. More recently, “Washington’s IT guy” was able to work with the House leadership to start publishing hundreds of high-resolution videos from the House Oversight Committee hearings at House.Resource.org earlier this month.

If the new GOP leadership is serious about adopting the infrastructure to enable transparency and accountability in the House, perhaps adoption of open government data standards will be one of the enduring accomplishments of this 112th Congress.

gov.house.20110120_to http://d1.scribdassets.com/ScribdViewer.swf?document_id=47510400&access_key=key-28dgxfnpla0o1b17qgmp&page=1&viewMode=list

Pew: Disability or illness hinders many Americans from using the Internet

Posted on by

9

President Barack Obama talks with, from left, Rep. Steny Hoyer, D-Md., James Sensenbrenner, R-Wisc., Cheryl Sensenbrenner, James Langevin, D-R.I., and Sen. Tom Harkin, D-Iowa, in the Oval Office, July 26, 2010, prior to an event on the South Lawn commemorating the 20th anniversary of the Americans with Disabilities Act. (Official White House Photo by Pete Souza)

President Barack Obama talks with, from left, Rep. Steny Hoyer, D-Md., James Sensenbrenner, R-Wisc., Cheryl Sensenbrenner, James Langevin, D-R.I., and Sen. Tom Harkin, D-Iowa, in the Oval Office, July 26, 2010, prior to an event on the South Lawn commemorating the 20th anniversary of the Americans with Disabilities Act. (Official White House Photo by Pete Souza)

A new report from the Pew Internet and American Life Project includes the sobering figure that potentially hundreds of thousands of Americans live with disabilities or illness that makes it harder or impossible for them to use the Internet. According to Pew, some two percent of American adults are unable to fully make use of one of the greatest platforms for collective action in history. ‘

The survey was based on a national survey of 3,001 U.S. adults in September 2010. Here are three other data points to consider:

  • 27% of American adults live with a disability that interferes with activities of daily living.
  • 54% of adults living with a disability use the internet, compared with 81% of adults who report none of the disabilities listed in the survey.
  • 41% of adults living with a disability have broadband at home, compared with 69% of those without a disability.

“This is a correlation that we observed, not causation,” said Susannah Fox (@SusannahFox), associate director at the Pew Internet & American Life Project. “We don’t know that it’s the disability that’s causing that difference, but we do know that it’s not just lower levels of education or income, or age, all of which tend to depress Internet access rates. It’s something else.”

This research should be considered in the context of an ongoing matter before the Department of Justice (DoJ): the modernization of the Americans with Disabilities Act. When the Act was first passed, the DoJ stated in the preamble to the original 1991 ADA regulations that those regulations should be interpreted to keep pace with developing technologies. (28 CFR part 36, app. B.)

Needless to say, the Internet has come a long way since 1991. The power of technology and equality came into sharp focus this year on the 20th anniversary of the ADA. Iif the United States government intends to go forward with creating online open government platforms for all the people, accessibility and access issues are part of that picture. The country will need ability maps and to consider how to balance the accessibility needs of all Americans as more civic engagement goes digital. Disability advocates agree that transparency without accessibility would be a poor version of Gov 2.0.

“The reality is that so much of what’s happening today in the world is online,” said Fox. “There’s a real difference between a someone in their 70s who doesn’t want to add the Internet to their life and someone in their 20s who can’t go online because of a disability.”

When the ADA was passed, Congress contemplated that the Department of Justice would apply the statute in a manner that evolved over time, and delegated authority to the Attorney General  of the United States to put forward regulations to carry out the Act´s broad mandate. How the Department of Justice does so is still a matter for debate.  The DoJ is considering extending the enforcement of the ADA to include websites operated by more entities, including the following list of 12 categories of “places of public accommodation” covered by the ADA from ADA.gov.

(1) An inn, hotel, motel, or other place of lodging, except for an establishment located within a building that contains not more than five rooms for rent or hire and that is actually occupied by the proprietor of the establishment as the residence of the proprietor;
(2) A restaurant, bar, or other establishment serving food or drink;
(3) A motion picture house, theater, concert hall, stadium, or other place of exhibition or entertainment;
(4) An auditorium, convention center, lecture hall, or other place of public gathering;
(5) A bakery, grocery store, clothing store, hardware store, shopping center, or other sales or rental establishment;
(6) A laundromat, dry-cleaner, bank, barber shop, beauty shop, travel service, shoe repair service, funeral parlor, gas station, office of an accountant or lawyer, pharmacy, insurance office, professional office of a health care provider, hospital, or other service establishment;
(7) A terminal, depot, or other station used for specified public transportation;
(8) A museum, library, gallery, or other place of public display or collection;
(9) A park, zoo, amusement park, or other place of recreation;
(10) A nursery, elementary, secondary, undergraduate, or postgraduate private school, or other place of education;
(11) A day care center, senior citizen center, homeless shelter, food bank, adoption agency, or other social service center establishment; and
(12) A gymnasium, health spa, bowling alley, golf course, or other place of exercise or recreation.

The public comment period for the Department of Justice’s notice of rulemaking regarding this extension will end on Monday, January 24th. The questions being contemplated by the DoJ are straightforward and yet potentially significant, with respect to their effects upon businesses: Do they operate a website? If so, does that website also have to be accessible?

The considerations and trade offs involved in answering those questions are complex but important. For people for whom accessibility is more than a “nice to have” feature, however, those answers will be meaningful.

“It’s not just the group today that’s having trouble going online,” said Fox, ” it’s about how the conversation today contributes towards building towards the future.”

POSTSCRIPT: Audrey Watters, a staff writer at ReadWriteWeb, referenced this article in her post, “Pew Internet Study Points to Challenges Americans with Disabilities Have with Internet Access.” One of her readers, John Mill, replied to Watters on Twitter: “Thanks for posting that. This inspires me as I’m applying for an internship and need to talk about greatest challenge faced by students with disabilities and how I might do something about it.”

Mill said that “many things have actually gone backward” with regards to Web accessibility. “Facebook, for one. Probs with Captcha for another.” When reached for further comment, he tweeted more about the challenge of navigating the social Web as a blind man:

I’d say the single biggest issue is the rate of change on websites and in software apps. Our screen-readers are constantly playing catch-up, and soon as they do another update is released that breaks things! With regards to social networking, FB is difficult also, as they change regularly. New Twitter is all but [unusable], but enterprising blind devs have created a software program called Qwitter client, found at www.qwitter-client.net. Those are a few of my thoughts. Apparently I could write a book!

According to Mill, the new version of Twitter, set to be rolled out to all users this year, “causes screen-readers to become sluggish and unresponsive. Also hard to find where to write the new tweets.” With respect to Facebook, “I can’t really access the main site, largely because I’m not sure where anything is!” tweeted Mills. “The mobile site works well enough, for the most part. All those games and such are out, but I mostly use it to update statuses and message friends and family.”

House 2.0: Building out the House.gov platform with Drupal and social media

Posted on by

4

As I reported for the O’Reilly Radar yesterday, when the House chose Drupal as the preferred web content management system for House.gov, it made the “People’s House” one of the largest government institutions to move to the open source web content management platform.

The House.gov platform is moving to Drupal but House.gov itself is not on Drupal quite yet. That will probably happen in the next several months, according to Dan Weiser, communications director of the Office of the Chief Administrative Officer in the United States House of Representatives.

In the meantime, the incoming Congressmen and Congresswomen do appear to have adopted Drupal as the platform for their official websites. For instance, Congresswoman Colleen Hanabusa‘s site, below, uses one of several templates on the Drupal platform. Notably, each of the new sites includes default modules for the leaders in the respective verticals in the social media world: Flickr, YouTube, Twitter and Facebook.

Some questions remain about the cost and choices that representatives have as they choose their online Web presences. As NextGov reported today, while House websites can move to the open source platform – they don’t have to do so.

Given the context of citizens turning to the Internet for government information, data and services in increasing numbers, however, a well-designed Congressional website with clear connections to the various digital outposts has moved from a “nice to have” to a “must have” in the eyes of the digitally connected. (For citizens on the other side of the digital divide, the House switchboards are still available via phone call at (202) 224-3121 or TTY: (202) 225-1904).

If that’s a given, then the question is then why Drupal is now the preferred web hosting environment for the House. On that count, “Drupal was chosen because it is open source and widely accepted, therefore allows Members to leverage a large community of programmers which gives them more choices and innovation,” wrote Weiser in an email. “It should also be noted that Members still will have the option to use other platforms.”

Weiser told NextGov that, because, Drupal developers are in every member’s district, “that hopefully means expanded choice and more innovation for our members.”

The current content management system limits the choice of site programmer as well as innovation, said Dan Weiser, communications director for the chief administrative officer, in an e-mail. Drupal, which uses a common framework and code that can be customized, will allow members to leverage a large community of programmers, providing more opportunities for innovation, he added.

The House expects to save some money with the transition to Drupal, since the chief administrative officer will manage the infrastructure and members pay vendors only for development time, Weiser said.

The inclusion of social media is also no longer a novelty in the beginning of 2011. “We expected there would be interest by the incoming freshmen to have social media on their sites; it just seemed natural to offer the option,” wrote Weiser.

[Disclosure: One of the vendors involved in the House’s Drupal effort is Acquia. O’Reilly AlphaTech Ventures is an investor in Acquia.]

Clay Johnson on key trends for Gov 2.0 and open government in 2011

Posted on by

5

As dozens of freshmen Representatives move into their second week of work as legislators here in the District of Columbia, they’re going to come up against a key truth that White House officials have long since discovered since the heady … Continue reading

House 2.0: Livestreams of special session on Tucson Shooting on Facebook, CSPAN.org

Posted on by

1

Today, C-SPAN’s Facebook page will host streaming video coverage of Wednesday’s special U.S. House session on the Tucson shootings. The livestream will start at 10 AM ET, when the House will consider a resolution on the shootings. The session is also … Continue reading

CPSC to launch public complaint database at SaferProducts.gov

Posted on by

4

As reported today by the Washington Post, the Consumer Product Safety Commission will launch a public database of complaints this March at SaferProducts.gov.

The new public database of consumer complaints is mandated by Section 212 of the Consumer Product Safety Improvement Act of 2008 (CPSIA), which was signed into law by President George W. Bush. The CPSIA requires the Commission to establish and maintain a publicly accessible product safety information database that is available to the public. In the 21st Century, that means online, searchable and accessible at SaferProducts.gov.

As Lyndsey Layton points out at the Washington Post, the implementation of the database is not without controversy or political context. Manufacturing and industry groups are concerned about fictitious complaints or inaccurate claims made by competitors. Opponents of the launch of SaferProducts.gov are working against it, arguing that the public database could add additional burdens for businesses in a difficult economic environment.

The CPSC already collects reports of defective products from a wide range of sources, including consumers, health-care providers, death certificates and media accounts.But most of that information is shielded from public view. Until now, the only way for consumers to access safety complaints is to file a public-records request with the CPSC. The agency is then required by law to consult with the manufacturer before releasing information about their products, and the company can protest or sue to stop disclosure. If the agency thinks a dangerous product should be pulled from the market, it must negotiate a recall with the manufacturer, a process that can take months or years.

Under the new system, consumer complaints will be posted for any reader to find at SaferProducts.gov within 15 days after they are filed. When a consumer files a complaint under the new system, the CPSC will have 5 days to notify a manufacturer, which then has 10 days to respond to the complaint by challenging it, submitting a response or arguing that it violates a trade secret. A response would be published online with the complaint at SaferProductsgov, while the CPSC would have to decide to withhold or publish a complaint if a company asserts a false complaint.

This Tuesday, at 10:30 AM EST, the CPSC will host a webcast showing the new SaferProducts.gov report form at SaferProducts.gov/live. Visit CPSC.gov or follow the @OnSafety account at Twitter for updates on the official launch of the site.

In the meantime, consumers can continue to make use of the mobile recalls app that the federal government launched last year at USA.gov. These product recall datasets have been some of the most queried data on Data.gov over the past year, no doubt helped in part by the connected applications.

The CPSC also has a widget that blogs (like this one) can embed with recall information:

Product Safety Recall Info

2011 Trends: National Strategy for Trusted Identities in Cyberspace highlights key online privacy, security challenges

Posted on by

2

Blackberrys, cell phones and communications devices are tagged with post-its during a briefing on Afghanistan and Pakistan in the Cabinet Room of the White House, March 26, 2009. (Official White House Photo by Pete Souza)

Blackberrys, cell phones and communications devices are tagged with post-its during a briefing on Afghanistan and Pakistan in the Cabinet Room of the White House, March 26, 2009. (Official White House Photo by Pete Souza)

The upcoming release of the final version of the White House “National Strategy for Trusted Identities in Cyberspace” highlights three key trends that face the world in 2011: online identity, privacy and security. Governments need ways to empower citizens to identify themselves online to realize both aspirational goals for citizen-to-government interaction and secure basic interactions for commercial purposes.

Earlier today, Stanford hosted an event today where U.S. Commerce Secretary Gary Locke and White House cybersecurity coordinator Howard Schmidt talked about the Obama administration’s efforts to improve online security and privacy at the Stanford Institute for Economic Policy Research (SIEPR). Here’s the NSTIC fact sheet the administration posted last year.

“As we look at the innovation engine that drives many of the things we’re doing, what does it mean to sit there as we’ve come together today,” asked Schmidt, “bringing these things together to overcome some of these risks associated with the technology we’ve deployed over the past 20 some odd years?”

The administration took public feedback on the document at NSTIC IdeaScale, which is now closed. (For a screenshot, see the story on IdeaScale on MSNBC.com.) “Every day at the end of the day. I would go back and read some of those comments,” said Schmidt today. “Some of them quite honestly were pretty silly. Other of them were very insight full and gave us some good thoughts about how can we do this right? How can we create a document that really does those things the secretary mentioned such as privacy enhancing but also giving us better trust?”

Schmidt took to the White House blog again today to announce a “National Program Office for Enhancing Online Trust and Privacy.”

Today, at Stanford University, Commerce Secretary Gary Locke and I were pleased to announce that the Commerce Department will host a National Program Office (NPO) in support of the National Strategy for Trusted Identities in Cyberspace (NSTIC).  As I’ve written previously, the NSTIC fulfills one of the action items in theCyberspace Policy Review (pdf) and is a key building block in our efforts to secure cyberspace.

This holiday season, consumers spent a record $30.81 billion in online retail spending, an increase of 13 percent over the same period the previous year.  This striking growth outshines even the notable 3.3-5.5 percent overall increase in holiday spending this past year.  While clearly a positive sign for our economy, losses from online fraud and identity theft eat away at these gains, not to mention the harm that identity crime causes directly to millions of victims.  We have a major problem in cyberspace, because when we are online we do not really know if people, businesses, and organizations are who they say they are. Moreover, we now have to remember dozens of user names and passwords. This multiplicity is so inconvenient that most people re-use their passwords for different accounts, which gives the criminal who compromises their password the “keys to the kingdom.”

We need a cyber world that enables people to validate their identities securely, but with minimal disclosure of information when they’re doing sensitive transactions (like banking) – and lets them stay anonymous when they’re not (like blogging). We need a vibrant marketplace that provides people with choices among multiple accredited identity providers – both private and public – and choices among multiple credentials. For example, imagine that a student could get a digital credential from her cell phone provider and another one from her university and use either of them to log-in to her bank, her e-mail, her social networking site, and so on, all without having to remember dozens of passwords. Such a marketplace will ensure that no single credential or centralized database can emerge. In this world, we can cut losses from fraud and identity theft, as well as cut costs for businesses and government by reducing inefficient identification procedures. We can put in-person services online without security trade-offs, thereby providing greater convenience for everyone.

This is the world envisioned in the NSTIC.  We call it the Identity Ecosystem.  We will be working to finalize the NSTIC in the coming months, but that is only the beginning of the process. I’m excited to be working with Secretary Locke. The Commerce Department is perfectly suited to work with the private sector to implement the NSTIC. In addition, there are other departments and agencies with strategic roles to play as well. Above all though, we look to the leadership of the private sector. Therein lies the key to success. Now is the time to move forward with our shared vision of a better, more secure cyberspace.

Why NSTIC Matters

The policy that the United States government makes towards the Internet has the potential to affect every person online in 2011, as advocates know, so how this is carried out bears close watching. The Center for Democracy and Technology filed key comments on NSTIC last year, including a key issue: “We alerted the Commerce Department to our concern about NSTIC’s current focus on the use of government credentials for private transactions: A pervasive government-run online authentication scheme is incompatible with fundamental American values,” wrote Heather West regarding the cybersecurity policy proposal.

The issue is at once simple and enormously complex, as Jim Dempsey from the Center for Democracy and Technology highlighted today. Government needs a better online identity infrastructure to improve IT security, online privacy, and support ecommerce but can’t create it itself, said Dempsey, outlining the key tension present. Dempsey advocated for a solution for online identity that lies within a broader trust framework and that is codified within a baseline federal consumer privacy law.

Some of the answers to the immense challenge of securing online privacy and identity won’t be technical or legislative at all. They lie in improving the digital literacy of for online citizens. That very human reality was highlighted after the massive Gawker database breach last year, when the number of weak passwords used online became clear. Schmidt highlighted the root caused of passwords today:

The reason most people do that is because we have to worry about remembering so many different passwords and then there’s so many layers of complexity and, complexity that we have to worry about, we have different time frame. We replace them every 30-day, 60 days, 90 days and it becomes really cumbersome. And recent survey found that 46% of the people surveyed never ever have changed their passwords and 71% use the same password with over and over and over again. From reading an on-line blog to doing sensitive financial transactions.

Others answers may be founded in creating online trust frameworks, which were a key initiative in 2010 for the federal government. Multifactor authentication, where more than one forms of identity are used in transactions, will be part of that vision. Schmidt described, loosely, what that might look like.

I go to a store. I go to a grocery store in some cases. I do some level of proofing, whatever I want to wind up doing, whether it’s the lowest level or the highest level to get an online identity stored on a token. A digital identity. Whether it’s on a USB drive or whether it’s on a smart card, I have the ability to do something beyond what I’m doing now. I go to log-in to these accounts. I use the USB device, I use a smart card. I use a one time password on my mobile device that no longer puts me in a position where I’ve been in the past where I can wind up making one small mistake and paying for it for years. But then I also get the log-in to my web mail account. That credential is passed on as well. So I have the ability to do these things seamlessly without all the baggage and overhead that goes with it. But then here comes the true test – this web mail – this phishing e-mail – comes in, and working together between the token and my digital identity and the browser, it stops me from doing things that are going to be harmful. And I had the ability to control that. I have the ability to set this up. And then it keeps me from becoming a victim of fraud.

That combination of physical tokens that interface with commercial and communications infrastructure to authenticate a consumer or online user are one vision of an identity ecosystem. Given the commercial needs of the moment, it should not be a surprise that the Department of Commerce is a key player. Secretary Locke offered perspective on the challenges that face the nation in 2011. [Full unedited transcript]

Let’s flash forward to today to 2011. Nowadays the world does an estimated $10 trillion of business online. Nearly every transaction you can think of is being done over the Internet. Consumers paying their utility bills, even from smartphones. People downloading music, movies and books online. Companies from the smallest local store to bed and breakfasts, to multinational corporations, ordering goods, paying vendors, selling to customers, all around the world. All over the Internet. E-commerce sales for the third quarter of 2010 were estimated at over $41 billion, up almost 14% over last year. And early reports indicate that the recent holiday buying season saw similar growth with year over year sales up by over 13%.

But despite these ongoing successes, the reality that the Internet still faces something of a trust issue. And it will not retch its full potential until users and consumers feel more secure than they do today when they go on-line. The threats on the Internet seem to be proliferating just as fast as the opportunities. Data breaches, malware, ID theft and spam are just some of the most commonly known invasions of a user’s privacy and security. And people are worried about their personal information going out and parents, like me, are worried about unwarranted sexually explicit material coming in before their children. And the landscape is getting more complex as dedicated hackers undertake persistent targeted attacks and develop ever more sophisticated frauds.

The approach that Locke outlined will apparently be housed within the Department of Commerce, a choice that is likely relevant to the scale and growth of e-commerce online:

The end game of course, is to create an identity ecosystem where individuals and organizations can complete online transactions with greater confidence, putting greater trust in the online identities of each other, and greater trust in the infrastructure that the transactions run over. Let’s be clear, we’re not talking about a national ID card. We’re talking about a government controlled system. But what we are talking about is enhancing online security and privacy, and reducing, and perhaps even eliminating, the need to memorize a dozen password through the creation and use of more trusted digital identities. To accomplish this, we’re going to need your help. And we need the private sector’s expertise and involvement in designing, building and implementing this identity ecosystem. To succeed we’ll also need a national program office at the Department of Commerce focused on implementing our trusted identities strategy.

For more context, look back to Schmidt’s introduction of the NSTIC at the WhiteHouse.gov blog last year:

Cyberspace has become an indispensable component of everyday life for all Americans. We have all witnessed how the application and use of this technology has increased exponentially over the years. Cyberspace includes the networks in our homes, businesses, schools, and our Nation’s critical infrastructure. It is where we exchange information, buy and sell products and services, and enable many other types of transactions across a wide range of sectors. But not all components of this technology have kept up with the pace of growth. Privacy and security require greater emphasis moving forward; and because of this, the technology that has brought many benefits to our society and has empowered us to do so much — has also empowered those who are driven to cause harm.

Today, I am pleased to announce the latest step in moving our Nation forward in securing our cyberspace with the release of the draft National Strategy for Trusted Identities in Cyberspace (NSTIC). This first draft of NSTIC was developed in collaboration with key government agencies, business leaders and privacy advocates. What has emerged is a blueprint to reduce cybersecurity vulnerabilities and improve online privacy protections through the use of trusted digital identities.

The NSTIC, which is in response to one of the near term action items in the President’s Cyberspace Policy Review, calls for the creation of an online environment, or an Identity Ecosystem as we refer to it in the strategy, where individuals and organizations can complete online transactions with confidence, trusting the identities of each other and the identities of the infrastructure that the transaction runs on. For example, no longer should individuals have to remember an ever-expanding and potentially insecure list of usernames and passwords to login into various online services. Through the strategy we seek to enable a future where individuals can voluntarily choose to obtain a secure, interoperable, and privacy-enhancing credential (e.g., a smart identity card, a digital certificate on their cell phone, etc) from a variety of service providers – both public and private – to authenticate themselves online for different types of transactions (e.g., online banking, accessing electronic health records, sending email, etc.). Another key concept in the strategy is that the Identity Ecosystem is user-centric – that means you, as a user, will be able to have more control of the private information you use to authenticate yourself on-line, and generally will not have to reveal more than is necessary to do so.

This is all wonky stuff that may seem a bit dry to some readers, but it’s important. The intertwined issues of identify, security and online privacy are increasingly relevant to every citizens as more commerce, education, communication and elements of everyday life move onto the Internet and mobile infrastructure. This strategy is central to how the United States government will work with industry, nonprofits, citizens and other states to improve the status quo. On that count, Bob Gourley, CTO of Crucial Point, commented extensively on the NSTIC at CTOVision.

It won’t be easy. Supporting the creation of identity infrastructure and improvements to online privacy in the private sector has the potential to make the Internet more secure and convenient for users and consumers but could have unintended consequences if not carefully pursued. There’s a lot at stake. As the Stanford event organizers highlighted, “e-commerce worldwide is estimated at $10 trillion of business online annually.”

Wired’s Ryan Singel highlighted a key issue for the White House plan for online identity, perhaps even the fundamental one in today’s online identity landscape: Facebook.

Philip Kaplan, the outspoken founder of Blippy, AdBrite and Fucked Company, added a Silicon Valley developer voice to event’s panel, arguing that any system has to be simple to implement, so that developers working in their living room making a website can concentrate on building new features, not worrying about security.

The closest thing to that currently is Facebook Connect, which lets you use your Facebook credentials to login you in around the net and on mobile apps..

“I can put in one line of JavaScript and I have a login system,” Kaplan said. “But that doesn’t I’m not going to pay my taxes using Facebook Connect.”

Which is another way of it might be as dangerous for a single company to be the world’s online ID vault as it would for the government to handle that task.

And right now, with Facebook at 600 million users and $50 billion in valuation, that future seems much more likely than a standards-based, interoperative system built by geeks at the behest of the feds.

Whether an online trust framework can be a viable alternative to Facebook’s play to be the identity provider online is a first-order question, and one that deserved examination. Kudos to Singel for putting the event in that context.

Weekend Reading: The most recent version of the NSTIC follows. Look for more reporting, both here or at another outlet, once the final version is released.

National Strategy for Trusted Identities in Cyberspace http://d1.scribdassets.com/ScribdViewer.swf

Themes to watch in 2011: E-democracy in Brazil

Posted on by

2

As Nat Torkington put it this morning at O’Reilly Radar, “people who consider tech trends without considering social trends are betting on the atom bomb without considering the Summer of Love.” Torkington was annotating a link to 2011 predictions and prognostications at venture capitalist Fred Wilson’s blog which center on the following presentation that Paul Kedrosky sent him from JWT, a marketing agency.

JWT’s thirteenth prediction will be of particular interest to readers of this blog: “Brazil as E-Leader.”

This digitally savvy, economically vibrant country will prove to be an e-leader. Social media is more popular here than in developed markets, and Brazil has the highest Twitter penetration (23 percent, as of October ComScore figures). PC penetration has reached 32 percent, and many Internet cafes further broaden access. Mobile subscriptions have 86% penetration. Already Brazil is ahead in electronic democracy (with innovations like online town halls and crowd-sourced legislative consulting), and its 2010 census was paperless, conducted electronically.

JWT: 100 Things to Watch in 2011

http://static.slidesharecdn.com/swf/ssplayer2.swf?doc=2f100thingstowatchin2011-101222142649-phpapp02&stripped_title=2f-100-things-to-watch-in-2011-6306251&userName=jwtintelligence

There are many other themes that will matter to the Gov 2.0 world in 2011 in there, including smart infrastructure investment, scanning everything, home energy monitors, and mHealth. Heck, seemingly mobile everything. Of course, as Mike Loukelides pointed out in his own watchlist of 2011 themes to track, “you don’t get any points for predicting ‘Mobile is going to be big in 2011.'” He thinks that Hadoop, real-time data, the rise of the GPU, the return of P2P, social ubiquity and a new definition for privacy will all play important roles in 2011. Good bets.

JWT does get points for this set of trends, however, and that prediction about e-democracy in Brazil strikes me as apt. Last year at the International Open Government Data Conference, I met Cristiano Ferri Faria, project manager in e-democracy and legislative intelligence at the Brazilian House of Representatives. Faria talked about his work on e-Democracia, a major electronic lawmaking program in Brazil since 2008. As the 112th United States House of Representatives goes back to work today, there are definitely a few things its legislators, aides and staffers might learn from far south of the border. You can download his presentation as a PDF from Data.gov or view it below, with an added bonus: reflections on open government data in New Zealand and Australia.

One caution: Faria concluded that “this kind of practice is too complex” and that e-Democracia “needs a long-term approach.”

Looks like they’re still in an e-government in beta down there too.

Iogdc 2010 Day1 Plenary http://d1.scribdassets.com/ScribdViewer.swf