Will a new president scale back existing projects or add new ones?

By Zack Martin, Editor

We live in a completely different world of government identification initiatives than eight-years ago when George Bush was elected president. The U.S. Department of Defense’s Common Access Card was just getting off the ground. It was the first U.S. agency to choose a smart card for a credential and proved to be the granddaddy of the projects since.

Now the DOD has produced millions of cards, and millions more are expected to be issued to federal employees and contractors because of a Homeland Security Presidential Directive. Another HSPD was signed this summer coordinating the use of biometric screening among government agencies. Legislation also has been passed regarding driver license issuance and identification requirements for border crossings.

All of these initiatives to improve identification technology stem from the terrorist attacks of Sept. 11. Since then the Bush Administration and Congress have enacted numerous policies and legislation that have impacted how government employees and U.S. citizens are identified.

With a new administration due to take over the White House in January there has been some question as to the future of the various identification projects and also where will a new president focus. Many of the ID initiatives don’t have a partisan bias. But will a new administration start new projects? Will they look at existing projects and try to change or terminate them?

Regarding ID magazine sent a questionnaire on the various identification issues to the campaigns for Sens. John McCain and Barack Obama, but neither campaign responded. Questions were on topics such as about HSPD-12, Real ID, registered traveler, ID theft, securing online identities and privacy.

While the campaigns didn’t respond, some Washington insiders were able to give their perspectives on what they think is going to happen with either an Obama or McCain administration. Due to the sensitivity of some of these topics, some sources didn’t want to be identified.

The consensus seems to be that very little will change with existing projects. “The general theme is ‘let’s finish what we started,'” says Jeremy Grant, senior vice president and identity solutions analyst at the Stanford Group Company.

The one new initiative that both candidates have touched on is cyber security, Grant says. Obama has published a cyber security campaign platform while McCain included a large section on personal security in the digital age in his overall technology policy.

Obama’s full platform – which also includes an agenda for nuclear and bio-terrorism – lays out a 10-point plan on the cyber security front. “Today our nation still lacks a long-term strategy to address proliferating cyber espionage, to eliminate key points of vulnerability, and to help victims of everyday cyber crime ranging from online predators to identity theft,” the platform states.

The candidate also suggests creating a “national cyber advisor” who will report to the president and be responsible for coordinating federal agency efforts and development of a national cyber policy. He also recommends developing an Internet crime strategy to provide training and grants for law enforcement officials to detect and prosecute online crimes.

The platform also proposes that Obama will create standards for securing personal data to protect citizens from identity theft. “Nearly 10 million Americans are victims of identity theft each year, costing more than $55 billion,” states the platform. “We must ensure that the privacy of personnel data in computer systems is better protected. The federal government must partner with the industry and our citizens to secure personal data stored on government and private systems.”

If elected, Obama also says he will work on legislation that will require companies to notify customers if their data has been breached. “California and other states have laws requiring a company that may have disclosed a resident’s personal information without authorization to inform the victim of the disclosure,” according to the platform.

Grant says Obama’s plan isn’t much different from the National Cyber security Initiative introduced by the White House earlier this year. Obama, however, says Bush hasn’t made protecting cyberspace enough of a priority and has done too much of it behind closed doors, according to Obama’s platform.

McCain’s technology platform says that government needs to “foster more secure technologies and the adoption of safe computing practices to help establish a culture of greater personal security.”

Laws that protect citizens’ privacy and security against online predators are also necessary as are incentives for industry to develop secure technologies, McCain’s platform states.

But McCain also says industry needs to self-regulate. “Businesses know that people must continue to feel safe and secure in their use of technology. Industry must be proactive to help protect individual Americans from the ever-present threats posed by advanced technology through security tools, effective self-regulation and educational initiatives.”

All told, McCain states that government, industry, parents, children and schools must work together in order to insure privacy and security on the Internet.

This isn’t a Democrat or Republican issue, Grant says. Securing the Internet will be a main concern. “This isn’t a partisan issue,” Grant says. “Regardless of who we have in office this will be a top issue.”

Most of the identification issues are not partisan, says Jenifer Kerber, senior director of Homeland Security programs with the Information Technology Association of America. Many of the projects that are underway came out of “The National Commission on Terrorist Attacks Upon the United States,” also known as the 9-11 Commission. It’s unlikely that either of the presidential candidates will come out against them for that reason alone. “I don’t see a huge change in identity management policies with a new administration,” Kerber says.

But this hasn’t stopped the rumors. Questions on what may happen with FIPS 201, Real ID and the Western Hemisphere Travel Initiative abound.

Kerber doesn’t see anything happening with the HSPD-12, also know as FIPS 201 or PIV. The trend of establishing an identity and then tying it to a credential for physical and logical issues is the way the government needs to go.

But the millions of dollars spent, along with the slow progress of issuing and activating credentials, has led some to posit the program may be scaled back once a new administration takes power.

This summer’s solid progress, however, has convinced many involved with the program that it will continue on no matter what (See HSPD-12 update). Agencies are responding and federal employees are applying for the cards and they are being issued.

Agencies also are looking into deploying logical access systems where the card can be used for network login, PKI and other applications, the official says. Physical access systems that use the new credential are also being deployed throughout government buildings in Washington.

While there was a lot of wailing and gnashing of teeth when the project was first announced agencies feel differently now, the official says. “Agencies are starting to understand that this is a good idea and they’re starting to make it happen,” he says.

Lastly, by the time the election rolls around the project will be too well entrenched. The source says 30% to 40% of federal employees will be carrying the proper credentials by the end of October. “I don’t see anyone turning this around or dialing it down,” he says. “There’s been too much money plowed into this.”

New programs on the horizon?

While the consensus seems to be that not much will change with existing identification projects, there is a sense that that there may be opportunities for additional projects with either a McCain or Obama administration, say some beltway insiders.

“An Obama administration would have a stronger focus on identity management and using technology to make life easier,” says one Washington source. “Someone at the federal level has to take on identity management and get behind the technology. They need to look at privacy, interoperability and the larger benefits.”

Obama has positioned himself as the more tech-savvy candidate and some say he will get behind some of these new initiatives. “Obama is marketing himself to the technology community as the man with the vision,” says another DC insider. “He would appoint a chief technology officer who would oversee the issues.”

McCain has also taken a strong interest in immigration reform. He’s made comments about biometrics being used at the northern and southern borders and there could be opportunities to use different identity technology, says one source. The source, who attended a technology briefing from the McCain campaign, says that the Republican senator is aware of FIPS 201 as well.

One thing both Washington insiders can agree on is that a change of leadership in the Department of Homeland Security will be welcome. Real ID and the Western Hemisphere Travel Initiative are two programs the agency has been criticized for from a technology perspective. “DHS doesn’t have a good technical understanding of the technology available,” says one insider.

And while both those programs have come under criticism, it may be difficult for a new administration to backtrack on either of them. Pass Cards and enhanced driver licenses for WHTI are already being deployed. The RFID readers and other infrastructure necessary for the program are reportedly being installed. “If they haven’t started construction they might revisit it,” the source says.

Real ID poses a different challenge. Real ID is a law on the books and with deadlines regarding the legislation in the first half of 2009 there are some questions as to whether a new administration would have time to maneuver changes to the law through congress.

During the eight years of the Bush Administration more changes have been made to identification initiatives than any other administration. It’s impossible to look into a crystal ball and see what the future holds in terms of new projects, but it’s unlikely there will be any turning back from what’s already been started.