Page 44

accumulation of latent errors is inevitable and leads to at least two problems: (1) by the time the error is discovered it may be hard to locate the information needed to verify the claim of error and (2) the act of making the correction may interfere with or delay some action that should be allowed by the system. Creating a workable nationwide identity system that can compensate in effective ways for these inevitabilities is clearly a nontrivial task.

DATA CORRELATION AND PRIVACY

A key question about a nationwide identity system database is whether it would be designed to foster consolidation of other (especially federal) databases—or whether that might happen as a side effect. Either way, proponents note that this would make information sharing among intelligence and law-enforcement agencies easier, 20 ,21 although the committee believes that it could also carry significant risks.

A centralized, nationwide identity system essentially offers adversaries a single point of failure and presents an attractive target for identity theft and fraud. The more valuable the information in the database and the credentials associated with an identity, the more they become a target for subversion. Unauthorized access might be sought by terrorists, stalkers, abusive ex-spouses, blackmailers, or organized crime. Furthermore, to the extent that important activities become dependent on the system, the system becomes an attractive target for denial-of-service attacks. Implementing a secure and reliable nationwide identity system that is resistant to credential theft or loss, 22 fraud, and attack is a significant technological challenge, with ancillary procedural challenges.

Related to consolidation, information correlation is facilitated by systems in which one individual has exactly one identity. This has both negative and positive implications. Such a system is useful for predicting

20A forthcoming CSTB report will explore issues on critical information infrastructure protection and the law, including a preliminary analysis of the issue of information sharing between the public and private sectors. For more information, see < http://www.cstb.org/web/project_cip>.

21See, for example, Larry Ellison's October 8, 2001, article in the Wall Street Journal, “Digital IDs Can Help Prevent Terrorism,” and Cara Garretson's December 2001 article in CIO, “Government Info Sharing Key to Fighting Terrorism,” at < http://www.cio.com/government/edit/122001_share.html>.

22Loss of ID cards presents its own challenges to the system; if all of the individuals with lost IDs were to become immediately “suspect” in the system, intolerable backlogs and/or overload could result.



The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement