David Cameron in a speech earlier this year suggested that Government services should be made available via the leading social networks, including Facebook. It’s an interesting and complex problem. The Tories had thought hard about their approach to Government IT and seem to be pursuing the Open Data Platform projects initiated by the previous government and championed by London’s local government. It’s axiomatic that publishing publicly available data in machine readable form is an invitation to innovate, which most of us consider to be a good thing, but handing over identity assurance to the private sector is another thing.

The Register looked at this in some depth last year, the Government is looking to provide forms of electronic identity assurance without creating a national ID database, or at least not one any more intrusive and comprehensive as the NI card. The Telegraph also looked at these issues. Francis Maude was quoted by the Register, as saying that the Cabinet Office wanted to

create a market of accredited identity assurance services delivered by a range of private sector and mutualised suppliers.

The linking of this to the oauth providers, i.e. Facebook and Google is just a piece of mindless populism, but the need for exclusive government use, means either a subsidy, a service purchase or the sale/swapping of privacy of the proposed users. (That’s us that is!). The use of Facebook in this role is inappropriate as it has a management with an untrustworthy track record with respect to its ‘users’ privacy, it’s US regulated, and thus subject to the Patriot Act.  This is undesirable as the US government’s and their corporate client’s reaction to wikileaks with the pressurising/directing both its DNS providers and payment processors shows. This may be too important to trust to the private sector although the potential role of Co-ops and other mutuals is of course underestimated

Outsourcing the e-gov identity platform to Facebook is on par with the Roman Senate issuing monopoly trading rights on commodities!

Facebook – Public Identity Assurance

One thought on “Facebook – Public Identity Assurance

  • 26th March 2016 at 1:19 pm
    Permalink

    This took years to publish from the point of original authorship and a lot changed, Facebook grew up (a bit), and Snowden told the world about US surveillance. I wrote a number of articles on privacy and maybe most relevantly learned about the weaknesses in e-voting primarily due to the need for identity assurance. I still think that oauth is important but the broader problem needs to be placed in the distributed trust model. The Bitcoin white paper and patents had been in place for about 4 years.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: