Menu Close

White House 2023 cybersecurity plan calls for investment in digital ID

Privacy occupies surprisingly little real estate in the just-released U.S. cybersecurity strategy and President Joe Biden namedrops biometrics just once.

The strategy is the executive branch’s annual opportunity to tell the world about its concerns, priorities and, broadly, plans. The Congress appropriates all federal money, so the 35-page document is not exactly an edict.

To be fair, biometric privacy is integral to much of what is said, but specific language is important when sizing up Washington’s intentions.

The administration does briefly discuss digital ID programs and the need for updated privacy laws, however.

Liability and accountability mark where the Biden administration is straying farthest from its predecessors.

A couple decades of the federal government hoping that software companies would put sufficient effort into tight coding and security would appear to have been in vain. (That or without the industry’s voluntary work, the online world would be a hellscape.)

In response to that track record, the Biden administration is saying accountability needs to be enforced through incentives and regulation.

“We must begin to shift liability onto those entities that fail to take reasonable precautions to secure their software while recognizing that even the most advanced software security programs cannot prevent all vulnerabilities,” according to the published strategy.

Officials in the executive branch say they will develop an “adaptable safe harbor framework to shield from liability companies that securely develop and maintain their software.”

If it sounds like the administration is trying to soften the threat of ham-fisted regulation, it is. In another passage, officials write, “We must ask more of the most capable and best-positioned actors to make our digital ecosystem secure and resilient.”

And, in reading the document, it seems as though the Biden administration wants to get more active in developing relevant standards.

That is a controversial notion. At least with the internet and mobile communications, the United States has deferred to industry leaders when it comes to data and data services.

Federal investment is another touchy subject for businessowners, and it appears Biden wants to cross that line, too. The strategy calls for the government to handicap business investment strategies, laying out tax and other incentives for promising long-term plans.

“Public and private investments in cybersecurity have long trailed the threats and challenges we face,” according to the document. “The need to address this investment gap has grown more urgent.”

Specifically, executive branch officials say they will “encourage and enable” investment in digital IDs promoting financial and social inclusion, security, consumer privacy, accessibility and interoperability.

Using National Institute of Standards and Technology work as a beginning, the government’s efforts would “include strengthening the security of digital credentials; providing attribute and credential validation services; conducting foundational research; updating standards, guidelines, and governance processes to support consistent use and interoperability; and develop digital identity platforms that promote transparency and measurement.”

Privacy might get the shortest shrift in the strategy. The document says the president “supports legislative efforts to impose robust, clear limits on the ability to collect, use, transfer, and maintain personal data and provide strong protections for sensitive data like geolocation and health information.”

Although it is notable that Biden feels individuals bear too much of the responsibility for the safety of their data. He advocates rolling that back to the many companies that collect, analyze, commercialize and share that data. Privacy occupies surprisingly little real estate in the just-released U.S. cybersecurity strategy and President Joe Biden namedrops biometrics just once.

The strategy is the executive branch’s annual opportunity to tell the world about its concerns, priorities and, broadly, plans. The Congress appropriates all federal money, so the 35-page document is not exactly an edict.

To be fair, biometric privacy is integral to much of what is said, but specific language is important when sizing up Washington’s intentions.

The administration does briefly discuss digital ID programs and the need for updated privacy laws, however.

Liability and accountability mark where the Biden administration is straying farthest from its predecessors.

A couple decades of the federal government hoping that software companies would put sufficient effort into tight coding and security would appear to have been in vain. (That or without the industry’s voluntary work, the online world would be a hellscape.)

In response to that track record, the Biden administration is saying accountability needs to be enforced through incentives and regulation.

“We must begin to shift liability onto those entities that fail to take reasonable precautions to secure their software while recognizing that even the most advanced software security programs cannot prevent all vulnerabilities,” according to the published strategy.

Officials in the executive branch say they will develop an “adaptable safe harbor framework to shield from liability companies that securely develop and maintain their software.”

If it sounds like the administration is trying to soften the threat of ham-fisted regulation, it is. In another passage, officials write, “We must ask more of the most capable and best-positioned actors to make our digital ecosystem secure and resilient.”

And, in reading the document, it seems as though the Biden administration wants to get more active in developing relevant standards.

That is a controversial notion. At least with the internet and mobile communications, the United States has deferred to industry leaders when it comes to data and data services.

Federal investment is another touchy subject for businessowners, and it appears Biden wants to cross that line, too. The strategy calls for the government to handicap business investment strategies, laying out tax and other incentives for promising long-term plans.

“Public and private investments in cybersecurity have long trailed the threats and challenges we face,” according to the document. “The need to address this investment gap has grown more urgent.”

Specifically, executive branch officials say they will “encourage and enable” investment in digital IDs promoting financial and social inclusion, security, consumer privacy, accessibility and interoperability.

Using National Institute of Standards and Technology work as a beginning, the government’s efforts would “include strengthening the security of digital credentials; providing attribute and credential validation services; conducting foundational research; updating standards, guidelines, and governance processes to support consistent use and interoperability; and develop digital identity platforms that promote transparency and measurement.”

Privacy might get the shortest shrift in the strategy. The document says the president “supports legislative efforts to impose robust, clear limits on the ability to collect, use, transfer, and maintain personal data and provide strong protections for sensitive data like geolocation and health information.”

Although it is notable that Biden feels individuals bear too much of the responsibility for the safety of their data. He advocates rolling that back to the many companies that collect, analyze, commercialize and share that data.  Read More   

Generated by Feedzy

Disclaimer

Innov8 is owned and operated by Rolling Rock Ventures. The information on this website is for general information purposes only. Any information obtained from this website should be reviewed with appropriate parties if there is any concern about the details reported herein. Innov8 is not responsible for its contents, accuracies, and any inaccuracies. Nothing on this site should be construed as professional advice for any individual or situation. This website includes information and content from external sites that is attributed accordingly and is not the intellectual property of Innov8. All feeds ("RSS Feed") and/or their contents contain material which is derived in whole or in part from material supplied by third parties and is protected by national and international copyright and trademark laws. The Site processes all information automatically using automated software without any human intervention or screening. Therefore, the Site is not responsible for any (part) of this content. The copyright of the feeds', including pictures and graphics, and its content belongs to its author or publisher.  Views and statements expressed in the content do not necessarily reflect those of Innov8 or its staff. Care and due diligence has been taken to maintain the accuracy of the information provided on this website. However, neither Innov8 nor the owners, attorneys, management, editorial team or any writers or employees are responsible for its content, errors or any consequences arising from use of the information provided on this website. The Site may modify, suspend, or discontinue any aspect of the RSS Feed at any time, including, without limitation, the availability of any Site content.  The User agrees that all RSS Feeds and news articles are for personal use only and that the User may not resell, lease, license, assign, redistribute or otherwise transfer any portion of the RSS Feed without attribution to the Site and to its originating author. The Site does not represent or warrant that every action taken with regard to your account and related activities in connection with the RSS Feed, including, without limitation, the Site Content, will be lawful in any particular jurisdiction. It is incumbent upon the user to know the laws that pertain to you in your jurisdiction and act lawfully at all times when using the RSS Feed, including, without limitation, the Site Content.  

Close Bitnami banner
Bitnami