Private companies seeking to use the government’s igovt ID scheme may have to wait for up to five years to do so, according to the New Zealand government CIO, Laurence Millar.
Use of the service outside of government is “not part of the current work programme”, says Millar. However, it could be within “three to five years” — if there is a demand from the public.
Currently, igovt is viewed as a government-only authentication service, for people making transactions with government agencies. A private-sector extension would not only require a change in the law but also one or more formal Privacy Impact Assessments, says Millar.
Millar made his comments at a brief seminar held last week as part of the monthly Impact ’08 series. This has been jointly organised by UNESCO New Zealand, the 2020 Communications Trust and InternetNZ, to discuss the “social, cultural and ethical impact of ICT innovation”. Last week’s topic was identity.
Banks are one business which might welcome the government taking the authentication load off their shoulders — if there was support from customers for the idea, said delegates to the seminar.
Whether government can be trusted to deliver authentication services outside its sphere has been much discussed internationally. For example, Kim Cameron, chief architect of identity at Microsoft, and Vikram Kumar, one of the leaders of the igovt project at New Zealand’s State Services Commission, have been debating the issue through their blogs.
The question revolves around whether government can be a “justifiable party” to private-sector transactions.
“Digital identity systems must be designed so the disclosure of identifying information is limited to the parties having a necessary and justifiable place in a given identity relationship,” says Microsoft’s Cameron.
Kumar, as well as some of the Impact ’08 seminar attendees, believes our government’s involvement in something as crucial as banking authentication might be seen as “justifiable” in the eyes of the New Zealand public, but people in other countries, like the US, would be less comfortable with it.
Cynthia Laberge, Victoria University’s cyberlaw research fellow, who comes from the US, says it’s likely Americans would react differently because the founding ideas of the two countries’ governments are so different.