your papers, please: the government discovers identity management

Your Papers, Please:The Government Discovers

Identity Management

EDUCAUSE Annual ConferenceOctober 10, 2006

Steve [email protected]

Agenda

• Handouts• Summary of 3 Federal IDM initiatives

• Real ID• HSPD-12• CALEA++

• Motivations• Applicability to campus initiatives• Risks

Excluding

• Mandatory data retention• Coming soon

• RFID-based passports• State initiatives (e.g., Illinois, California, New

Jersey)• Un-legislated activities

• NSA wiretapping• “Voluntary” telephone-company record delivery• Financial-record tracking• General data-mining

Real ID• NCSL Real ID Summary

Real ID• NCSL Real ID Summary• Financial concerns

• Congress: $100M aggregate• States: $Billions

• CA: $500M over 5 years• VA: $35M-$169M plus $63M/year

• The dreaded “National ID” spectre• Note “shared database” provision• “If all the states have to do the same thing in the same

manner…”–Leticia Van de Putte, NCSL President• DMV delays• Drivers licenses for undocumented residents

HSPD-12• Homeland Security Presidential Directive 12

• GWB: August 27, 2004• FIPS-201

• Federal Information Processing Standard 201• PIV

• Personal Identity Verification• http://csrc.nist.gov/policies/Presidential-Directive-Hspd-12.html

• Implementation_of_HSPD-12.pdf• http://www.osec.doc.gov/osy/HSPD12/EnrollmentOfficials.htm

• Quick Start for Enrollment Officials

CALEA++• Old: The term “call-identifying information” means dialing or

signaling information that identifies the origin, direction, destination, or termination of each communication generated or received by a subscriber by means of any equipment, facility, or service or a telecommunications carrier.

• New: The term “communication-identifying information” means dialing, routing, addressing or signaling information that identifies the origin, direction, destination, processing, transmission, or termination of each communication generated or received by a subscriber or other person by means of any equipment, facility, or service or a communications carrier. Such term includes source and destination Internet protocol and other protocol addresses, the port number, packet file size, and user authentication and logon information, including session time and duration.

We’re from the GovernmentAnd We’re Here to Help You

• GPEA (10/21/1998)


• GPEA (10/21/1998)• http://www.whitehouse.gov/omb/fedreg/gpea2.html• “GPEA is an important tool to improve customer service and

governmental efficiency through the use of information technology. This improvement involves transacting business electronically with Federal agencies and widespread use of the Internet and its World Wide Web.”


• GPEA (10/21/1998)• http://www.whitehouse.gov/omb/fedreg/gpea2.html• “As public awareness of electronic communications and Internet

usage increases, demand for on-line interactions with the Federal agencies also increases. Moving to electronic transactions and electronic signatures can reduce transaction costs for the agency and its partner. Transactions are quicker and information access can be more easily tailored to the specific questions that need to be answered. As a result data analysis is easier. These access and data analysis benefits often have a positive spillover effect into the rest of the agency as awareness of the agency’s operations is improved. In addition, reengineering the work process associated with the transaction…can give rise to other efficiencies.”


• GPEA (10/21/1998)• Fewer IDs

• Reduce, Recycle, Reuse



• Reduce, Recycle, Reuse• Remember



• Reduce, Recycle, Reuse• Remember

• Better user security• Identity theft

• No SSN’s• Crypto

• Data theft• Strong authentication


Ourselves!


• Authorization Ourselves!


• Authorization• Deterrence Ourse

lves!


• Authorization• Deterrence• Apprehension &

Prosecution

Ourselves!

On Campus: Same List

• GPEA• Fewer ID’s• Better user security• Authorization• Deterrence• Apprehension and Prosecution

On Campus: Leverage• Pre-existing identities

• Recall e-mail evolutionary path• Standards

• Risk assessment• Insurance• Uniformity across campus(es?)

• Economies of scale• Built-in smart-card readers• Biometric devices

• Federations• InCommon• Fed/Fed

On-Campus: Mandates

• CALEA• Most campuses exempt from current version• Even for non-exempt, no additional authentication

requirement• Data retention

• Watch this space• HSPD-12

• Most on-campus contractors/investigators exempt

Risks – Tech/Finance

• Leading-edge effects• “The sooner you start, the longer it takes”• Many unknowns• Many options

• Liability• “Why would you want to do that?”• No good deed goes unpunished• If we can make this work, we’re home free

Risks – Social/Cultural

Next week the U.S. Supreme Court will hear a case to decide whether or not all Americans must have identification on them at all times. The case has been brought by a cowboy in Nevada who was asked to show ID while he was leaning against his pickup truck on the side of the road near his ranch. The police officer did not offer any specific reason why he demanded proof of identity. Having committed no crime, Dudley Hiibel, the cowboy, refused — and was arrested. He was later convicted for “Delaying a Peace Officer.” In America, still a free country, citizens should not be required to provide identification papers at any whim of the authorities.

– The Washington Times, 2/22/04

Two Months Later (6/22/04)

In what may become a major boost to US law enforcement and antiterrorism efforts, the US Supreme Court Monday upheld a Nevada law that makes it a criminal offense for anyone suspected of wrongdoing to refuse to identify himself to police.

Civil libertarians see the decision as a significant setback. And it remains unclear to what extent it may open the door to the issuing of national identification cards or widespread identity operations keyed to terrorist profiling at bus terminals, train stations, sports stadiums, and on city streets.

[continued]

The ruling marks the first time the nation’s highest court has endorsed a provision compelling citizens to reveal information in a citizen-police encounter that may become a police investigation.

The 5-to-4 decision says that neither the Fourth Amendment’s right to privacy nor the Fifth Amendment’s guarantee against self-incrimination bars states from passing laws requiring citizens to identify themselves.

Do We Want to Live in a“Your Papers, Please” Society?

“There are good people with bad papers;and bad people with good papers.”

– Bertolt Brecht

The Identity Projecthttp://papersplease.org

What does an ID, any ID, do for security? The honest answer is “not much”. If anything, relying on ID for security purposes actually makes things worse: a false sense of security fosters complacency.

Showing ID only affects honest people. If you’re dishonest, you can obtain false documents or steal the identity of an honest person.

If a 19 year-old college student can get a fake ID to drink, why couldn’t a bad person get one, too? And no matter how sophisticated the security embedded into the ID, wouldn’t a well-financed terrorist be able to falsify that, too? The answer to both questions is obviously “yes”.

Honest people, on the other hand, go to Pro-Life rallies. Honest people go to Pro-Choice rallies, too. Honest people attend gun shows. Honest people protest the actions of the President of the United States. Honest people fly to political conventions. What if those with the power to put people on a “no fly” list decided that they didn’t like the reason for which you wanted to travel? The honest people wouldn't be going anywhere.

The Importance of Anonymity

“Anonymous pamphlets, leaflets, brochures and even books have played an important role in the progress of mankind. Persecuted groups and sects from time to time throughout history have been able to criticize oppressive practices and laws either anonymously or not at all.”

– Hugo Black, Talley v. California, 1960

Déjà Vu?“Homeland Security Monitored Students”

“…surveillance by the Pentagon … database [of] … military protests and demonstrations at institutions of higher education …”

“Although there does not appear to be any direct terrorist nexus to the event, a large gathering, especially on a college campus, may gain momentum and create public safety concerns. I do not see an issue of civil liberties being violated, rather proactive precautionary measures being taken by DHS and DoD.”

– William H. ParrishAssoc. Prof. of Homeland Security, VCU

OK to Authenticate All Net Traffic?

I II

III IV

My GovernmentYes No

My

Cam

pus

No

Y

es

The Tradeoff

“They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.”

– Benjamin Franklin (1755)

The Tradeoff

“They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.”

– Benjamin Franklin (1755)

“While the Constitution protects against invasions of individual rights, it is not a suicide pact.”

– Arthur Goldberg (1963)

“The Constitution Is Not a Suicide Pact”

Or…

“Give me Liberty or give me Death!”– Patrick Henry

(Delegate, Virginia, 1775)

Or…

“Give me Liberty or give me Death!”– Patrick Henry

(Delegate, Virginia, 1775)

“You have no civil liberties if you’re dead!”– Patrick Roberts

(Senator, Kansas, 2006)

The Tradeoff Rorschach

“Law enforcement is not supposed to be easy.

Where it is easy, it’s called a police state.”

– Jeff Schiller, in Wired (1999)

The Eternal Value of Privacy(Bruce Schneier)

The most common retort against privacy advocates is this line: “If you aren’t doing anything wrong, what do you have to hide?”

Some clever answers: “If I’m not doing anything wrong, then you have no cause to watch me.” “Because the government gets to define what’s wrong, and they keep changing the definition.” “Because you might do something wrong with my information.”

My problem with quips like these – as right as they are – is that they accept the premise that privacy is about hiding a wrong. It’s not. Privacy is an inherent human right, and a requirement for maintaining the human condition with dignity and respect.

Cardinal Richelieu understood the value of surveillance when he famously said, “If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged.” Watch someone long enough, and you’ll find something to arrest – or just blackmail – with.

Privacy protects us from abuses by those in power, even if we’re doing nothing wrong at the time of surveillance.

We do nothing wrong when we make love or go to the bathroom. We are not deliberately hiding anything when we seek out private places for reflection or conversation. We keep private journals, sing in the privacy of the shower, and write letters to secret lovers and then burn them. Privacy is a basic human need.

your papers, please: the government discovers identity management

Documents