Derived credentials will let feds use smartphones for ID
August 29, 2016
Government agencies will soon be able to replace the familiar Personal Identity Verification card with a smartphone equipped with a secure chip, two vendors say.
Greg Otto is FedScoop's technology reporter, covering all of the innovative tech government is leveraging: cloud computing, mobility, cybersecurity...
A report released Tuesday looks beyond the privacy implications of the National Security Agency's PRISM program, saying that areas such as cloud computing, web-hosting services and the entire cybersecurity industry are taking severe economic hits.
The New America Foundation's Open Technology Institute said that without reforms, NSA will continue to "cause significant damage to the interests of the United States and the global Internet community."
"Too often, we have discussed [NSA]'s surveillance programs through the distorting lens of a simplistic 'security versus privacy' narrative," Danielle Kehl, a policy analyst at OTI, said in a statement. "But if you look closer, the more accurate story is that in the name of security, we're trading away not only privacy, but also the U.S. tech economy, Internet openness, America's foreign policy interests and cybersecurity."
The report says U.S.-based cloud computing companies are already starting to lose market share and stand to lose more over the coming years if the government doesn't institute reforms.
The report backs a study done by the Information Technology and Innovation Foundation that says U.S. cloud companies could lose $22 billion to $35 billion in foreign market share over the next three years due to the scandal. OTI points to a number of surveys saying global IT professionals have changed their purchasing behavior or are currently not storing data in the cloud due to NSA's actions.
"Not only do people have initial concerns about deceiving U.S. technology, but we've seen a lot of countries take steps to put policies in place that would really give an advantage to domestic or block U.S. firms out of their market," Daniel Castro, author of the ITIF report, told FedScoop.
One U.S. company, Virginia-based Servint, said international clients have declined by as much as half, dropping from approximately 60 percent of its business to 30 percent since the leaks began.
"It is abundantly clear that the NSA surveillance programs are currently having a serious, negative impact on the U.S. economy and threatening the future competitiveness of American technology companies," the OTI report says. "Not only are U.S. companies losing overseas sales and getting dropped from contracts with foreign companies and governments — they are also watching their competitive advantage in fast-growing industries like cloud computing and [web-hosting] disappear, opening the door for foreign companies who claim to offer more secure alternative products to poach their business."
The report also examines how the NSA has undermined the fundamental architecture of the Internet by weakening the National Institute of Standards and Technology's cryptography standards used worldwide.
"Weakening cryptographic standards demonstrably harms Internet security," the report says. "It also hurts the credibility of NIST, which has been directed by President Obama to draft cybersecurity guidelines for critical infrastructure, including telephone systems and power plants."
OTI said the USA FREEDOM Act, which hit the Senate floor Tuesday with revisions, "would go a long way toward stemming the costs of the NSA's spying programs and restoring trust in the American Internet industry."
"Ensuring that a strong version of USA FREEDOM becomes law is only the first step toward repairing the damage that the NSA has done to America's tech economy, its foreign relationships, and the security of the Internet itself," said Kevin Bankston, OTI's policy director.
Castro said even with meaningful reform, he doesn't think it will change the perception that companies are fighting an uphill battle with NSA in order to protect their products.
"I don't think the companies themselves can solve this problem," he said. "The issue is that these foreign and domestic buyers don't trust the U.S. government right now. Until there is a clear signal that the intelligence community is turning the page through policies, I don't think we are going to see a change in perception."