IDs -- Not That Easy: Questions About Nationwide Identity Systems (2002)
Chapter: Front Matter
Page ii
NATIONAL ACADEMY PRESS 2101 Constitution Avenue, N.W. Washington DC 20418
NOTICE: The project from which this report was generated was approved by the Governing Board of the National Research Council, whose members are drawn from the councils of the National Academy of Sciences, the National Academy of Engineering, and the Institute of Medicine. The members of the committee responsible for the report were chosen for their special competences and with regard for appropriate balance.
Support for this project was provided by the National Science Foundation, the Office of Naval Research, the General Services Administration, the Federal Chief Information Officers' Council, and the Social Security Administration. Support for this special report was provided by the Vadasz Family Foundation, a contribu-tor to the Computer Science and Telecommunications Board's program on information technology and society. Any opinions, findings, conclusions, or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the sponsors.
International Standard Book Number 0-309-08430-X
Additional copies of this report are available from: National Academy Press 2101 Constitution Avenue, N.W. Box 285 Washington, DC 20055 800/624-6242 202/334-3313 (in the Washington metropolitan area)
The report is also available online at < http://www.nap.edu> and < http://www.cstb.org/>
Copyright 2002 by the National Academy of Sciences . All rights reserved.
Printed in the United States of America
Page iii
THE NATIONAL ACADEMIES
National Academy of Sciences
National Academy of Engineering
Institute of Medicine
National Research Council
The National Academy of Sciences is a private, nonprofit, self-perpetuating society of distinguished scholars engaged in scientific and engineering research, dedicated to the furtherance of science and technology and to their use for the general welfare. Upon the authority of the charter granted to it by the Congress in 1863, the Academy has a mandate that requires it to advise the federal government on scientific and technical matters. Dr. Bruce M. Alberts is president of the National Academy of Sciences.
The National Academy of Engineering was established in 1964, under the charter of the National Academy of Sciences, as a parallel organization of outstanding engineers. It is autonomous in its administration and in the selection of its members, sharing with the National Academy of Sciences the responsibility for advising the federal government. The National Academy of Engineering also sponsors engineering programs aimed at meeting national needs, encourages education and research, and recognizes the superior achievements of engineers. Dr. Wm. A. Wulf is president of the National Academy of Engineering.
The Institute of Medicine was established in 1970 by the National Academy of Sciences to secure the services of eminent members of appropriate professions in the examination of policy matters pertaining to the health of the public. The Institute acts under the responsibility given to the National Academy of Sciences by its congressional charter to be an adviser to the federal government and, upon its own initiative, to identify issues of medical care, research, and education. Dr. Kenneth I. Shine is president of the Institute of Medicine.
The National Research Council was organized by the National Academy of Sciences in 1916 to associate the broad community of science and technology with the Academy's purposes of furthering knowledge and advising the federal government. Functioning in accordance with general policies determined by the Academy, the Council has become the principal operating agency of both the National Academy of Sciences and the National Academy of Engineering in providing services to the government, the public, and the scientific and engineering communities. The Council is administered jointly by both Academies and the Institute of Medicine. Dr. Bruce M. Alberts and Dr. Wm. A. Wulf are chairman and vice chairman, respectively, of the National Research Council.
Page iv
COMMITTEE ON AUTHENTICATION TECHNOLOGIES AND THEIR PRIVACY IMPLICATIONS
STEPHEN T. KENT, BBN Technologies, Chair
MICHAEL ANGELO, Compaq Computer Corporation
STEVEN BELLOVIN, AT&T Labs Research
BOB BLAKLEY, IBM Tivoli Software
DREW DEAN, SRI International
BARBARA FOX, Microsoft Corporation
STEPHEN H. HOLDEN, University of Maryland at Baltimore County
DEIRDRE MULLIGAN, University of California at Berkeley
JUDITH S. OLSON, University of Michigan
JOE PATO, HP Labs Cambridge
RADIA PERLMAN, Sun Microsystems
PRISCILLA M. REGAN, George Mason University
JEFFREY I. SCHILLER, Massachusetts Institute of Technology
SOUMITRA SENGUPTA, Columbia University
JAMES L. WAYMAN, San Jose State University
DANIEL J. WEITZNER, Massachusetts Institute of Technology
Staff
LYNETTE I. MILLETT, Study Director and Program Officer
JENNIFER BISHOP, Senior Project Assistant
Page v
COMPUTER SCIENCE AND TELECOMMUNICATIONS BOARD
DAVID D. CLARK, Massachusetts Institute of Technology, Chair
DAVID E. BORTH, Motorola Labs
JAMES CHIDDIX, AOL Time Warner
JOHN M. CIOFFI, Stanford University
ELAINE COHEN, University of Utah
W. BRUCE CROFT, University of Massachusetts at Amherst
THOMAS E. DARCIE, AT&T Labs Research
JOSEPH V. FARRELL, University of California at Berkeley
JEFFREY M. JAFFE, Bell Laboratories, Lucent Technologies
ANNA KARLIN, University of Washington
BUTLER W. LAMPSON, Microsoft Corporation
EDWARD D. LAZOWSKA, University of Washington
DAVID E. LIDDLE, U.S. Venture Partners
TOM M. MITCHELL, Carnegie Mellon University
DONALD A. NORMAN, Nielsen Norman Group
DAVID A. PATTERSON, University of California at Berkeley
HENRY (HANK) PERRITT, JR., Chicago-Kent College of Law
BURTON J. SMITH, Cray Inc.
TERRY R. SMITH, University of California at Santa Barbara
LEE S. SPROULL, New York University
JEANNETTE M. WING, Carnegie Mellon University
MARJORY S. BLUMENTHAL, Director
HERBERT S. LIN, Senior Scientist
ALAN S. INOUYE, Senior Program Officer
JON EISENBERG, Senior Program Officer
LYNETTE I. MILLETT, Program Officer
CYNTHIA A. PATTERSON, Program Officer
STEVEN WOO, Program Officer
JANET BRISCOE, Administrative Officer
DAVID PADGHAM, Research Associate
MARGARET HUYNH, Senior Project Assistant
DAVID DRAKE, Senior Project Assistant
JANICE SABUDA, Senior Project Assistant
JENNIFER M. BISHOP, Senior Project Assistant
BRANDYE WILLIAMS, Staff Assistant
Page vii
Preface
The terrorist attacks of September 11, 2001, and subsequent discussions have brought fresh urgency to the challenges of providing information security. In the wake of these and other recent events, numerous proposals have been circulating both in policy circles and the national media.
One proposal that has received a fair amount of attention is a national identification card—or, more precisely, a nationwide identity system. The Bush administration has indicated that a national identification card is not within the scope of options it is contemplating. Congress, however, has been considering various alternatives—for example, a measure in the Enhanced Border Security and Visa Entry Reform Act of 2001 would require biometric identifiers to be employed on visas and other travel and entry documents for aliens (H.R. 3525, Section 303). Additional suggestions include a proposal by the American Association of Motor Vehicle Administrators (AAMVA) to link state motor vehicle departments and a proposed “trusted traveler” system for airports.
The persistence of public discussion on the topic and the expectation that other proposals will be offered argue for an informed analysis and critique of the concept of a nationwide identity system.
In early 2001, the Computer Science and Telecommunications Board, (CSTB) a unit of the National Research Council with a long history of
Page viii
examining information technology, security, and related issues, 1 launched a study to examine authentication technologies and their privacy implications. Sponsored by the National Science Foundation, the Office of Naval Research, the General Services Administration, the Federal Chief Information Officers' Council, and the Social Security Administration, the study aims to assess emerging approaches to user authentication in computing and communications systems, and it specifically focuses on the implications of these authentication technologies for privacy.
The study is being conducted by the multidisciplinary Committee on Authentication Technologies and Their Privacy Implications, whose members include experts in the design, implementation, deployment, and use of information systems generally and information systems security in particular, along with experts in privacy law and policy (see Appendix A for committee and staff biographies). Given that identification and authentication systems constitute a large portion of the committee's agenda, it is well positioned to comment on the technology and policy issues surrounding a nationwide identity system and its supporting infrastructures (hereinafter referred to as a nationwide identity system). In fact, CSTB asked the committee to do so, in the interest of providing a timely contribution to the public debate. Additional resources from the Vadasz Family Foundation enabled development of this report.
The committee's broader and more comprehensive final report is expected in late 2002, but its members felt compelled to issue a brief report at this time because of the real possibility that further debate on a nationwide identity system, and even action on the topic, could take place prior to the final report's issuance. Thus the present effort outlines the issues the committee believes must be addressed and raises a number of questions that the committee believes should be answered as part of any consideration of a nationwide identity system.
This brief report is a product of the committee's deliberations, drawing on its members' areas of expertise. But, given time and resource limitations, it is not an exhaustive assessment. It is intended to catalyze a
1See, for example, CSTB reports such as Growing Vulnerability of the Public Switched Networks (1989), Computers at Risk (1991), Evolving the High Performance Computing and Communications Initiative to Support the Nation's Information Infrastructure (1995), Cryptography's Role in Securing the Information Society (1996), For the Record: Protecting Electronic Health Information (1997), Trust in Cyberspace (1999), The Internet's Coming of Age (2000), Embedded, Everywhere: A Research Agenda for Networked Systems of Embedded Computers (2001), and Cyber-security Today and Tomorrow: Pay Now or Pay Later (2002). See < http://www.cstb.org/web/topic_security> for a complete list of CSTB reports related to security, assurance, and privacy.
Page ix
broader and more sophisticated discussion. Clearly, the legal, policy, and technological issues associated with nationwide identity systems warrant a much more detailed and comprehensive examination. The committee invites feedback on this brief report as it continues the process of preparing its broader and more in-depth final report on the topic of authentication technologies and their implications for privacy.
The committee thanks David D. Clark, chair of the CSTB, and Marjory S. Blumenthal, CSTB's director, for their commentary and feedback on draft versions of the report. The committee also wishes to thank the various members of the CSTB staff who helped to make it happen. Jenni-fer Bishop took over as senior project assistant for the authentication study midway through the project, managing logistics, organizing materials, and coping with an unplanned brief report and review with aplomb. She also assisted in developing the diagrams in the report and designed its cover. Janet Briscoe, CSTB's administrative officer, provided crucial administrative and logistical support as well as the suggestion that ulti-mately led to the report's title. Andy White, director of the NRC's Committee on National Statistics, provided feedback during the formulation and review phases. The committee also thanks Steven J. Marcus, a free-lance editor, for assistance at multiple stages of the report's development. Liz Fikre at the National Research Council also made significant editorial contributions to the final manuscript. Lynette Millett is the study director for this project; she synthesized this report, coordinating contributions from committee members and drafting the response to reviewers.
Stephen T. Kent, Chair
Committee on Authentication
Technologies and Their
Privacy Implications
Page x
Acknowledgment of Reviewers
This report has been reviewed in draft form by individuals chosen for their diverse perspectives and technical expertise, in accordance with procedures approved by the National Research Council's Report Review Committee. The purpose of this independent review is to provide candid and critical comments that will assist the institution in making its published report as sound as possible and to ensure that the report meets institutional standards for objectivity, evidence, and responsiveness to the study charge. The review comments and draft manuscript remain confidential to protect the integrity of the deliberative process. We wish to thank the following individuals for their review of this report:
Alfred Blumstein, Carnegie Mellon University,
Michael Caloyannides, Mitretek Systems, Inc.,
Julie E. Cohen, Georgetown University Law Center,
Jerome H. Saltzer, Massachusetts Institute of Technology,
Peter Swire, George Washington University, and
Lee M. Zeichner, LegalNet Works, Inc.
Although the reviewers listed above have provided many constructive comments and suggestions, they were not asked to endorse the conclusions or recommendations, nor did they see the final draft of the report before its release. The review of this report was overseen by Willis Ware of RAND. Appointed by the National Research Council, he was responsible for making certain that an independent examination of this report was carried out in accordance with institutional procedures and that all review comments were carefully considered. Responsibility for the final content of this report rests entirely with the authoring committee and the institution.
Page xi
Contents
|
