When IT Meets Politics

Jun 29 2009   5:17PM GMT

An overdue outbreak of common sense: “Safeguarding your Identity”

Philip Virgo Profile: Philip Virgo

Tags:
Identity governance

Further to my blog this morning, I have just been given a link to the notice launching the new “Safeguarding Your Identity” strategy. Do read and enjoy. I do hope none of you will then tell me what I have missed and why I should not, for once, unequivocally welcome a Government strategy paper.

3  Comments on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.
  • William
    Philip: It's late and I havent read it carefully. But the whole statement is built on the assumption that goverment should be our identity provider for online services.

    But I think there's a strong case to be made that it should not. It concentrates too much power.

    Our personal data is our own, and it's valuable. We dont want it to become concentrated in government, out of our control.

    We want a competitive market in user-friendly and flexible online identity provision services. This policy is about coercion, not choice. It says its about empowerment, but it's not.

    Far better to say:

    "People need to access stuff online, including government services. Therefore we're announcing that from today we'll accept a range of independent identifiers for all our various services. But if you want a sensitive service it'll need to be a secure one.

    "As new ID services become available we'll be happy to add them to the list of accredited services."

    0 pointsBadges:
    report
  • Andrew Hardie
    William - Two points:

    (1) We don't want the data to be concentrated anywhere - events have shown that the only sure defence against massive data leaks is not to have massive data.

    (2) Who does the accreditation and against what standards?

    0 pointsBadges:
    report
  • Anonymous
    > (1) We don't want the data to be concentrated anywhere - events have shown that the only sure defence against massive data leaks is not to have massive data.

    Quite agree. Personal data is best left to the greatest possible extent to those who care most about it and know it best: the data subject

    > (2) Who does the accreditation and against what standards?

    I guess it's best done by whoever picks up the liability if it goes wrong. The standards will have to evolve and emerge. But today I think we'd say a Google, Yahoo ID is convenient but doesnt provide any security. An Amazon or PayPal one is still quite convenient and provides some level of assurance (but not of uniqueness). A bank logon (esp with card reader) is getting quite good...

    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: