Yahoo, PayPal and others to enable Americans to participate in law making

Ten industry leaders — Yahoo!, PayPal, Google, Equifax, AOL, VeriSign, Acxiom, Citi, Privo and Wave Systems — announced today they will support the first pilot programs designed for the American public to engage in open government — government that is transparent, participatory, and collaborative. This open identity initiative is a key step in President Obama's memorandum to make it easy for individuals to register and participate in government websites — without having to create new usernames and passwords. Additionally, members of the public will be able to fully control how much or how little personal information they share with the government at all times. 

These companies will act as digital identity providers using OpenID and Information Card technologies. The pilot programs are being conducted by the Center for Information Technology (CIT), National Institutes of Health (NIH), U.S. Department of Health and Human Services (HHS), and related agencies. The participating companies are being certified under non-discriminatory open trust frameworks developed under collaboration between the OpenID Foundation (OIDF) and the Information Card Foundation (ICF) per the federal government Trust Framework Provider Adoption Process. 

"We are pleased with the caliber of organizations who have signed on to be active participants in this initiative," said Judy Spencer, Co-Chair of the Federal Identity, Credential, and Access Management Steering Committee (ICAM). "They represent some of the best thinking and innovation in the private sector. We also value the ongoing support and guidance of the OpenID Foundation and the Information Card Foundation in facilitating digital identity for open government." 

Since President Obama's open government memorandum earlier this year, federal agencies have been embracing Web 2.0 technologies to interact with members of the public via means such as blogs, surveys, social networks, and video casts. Today's announcement paves the way for individuals to use these new services and customize their experience on government websites without needing to reveal any personally identifiable information – including passwords. It also takes advantage of best practices from the private sector for protecting privacy and security, including making it easier for citizens to have pseudononymous interactions with government sites when desired. 

In essence, this initiative will help transform government websites from basic "brochureware" into interactive resources, saving individuals time and increasing their direct involvement in governmental decision making. OpenID and Information Card technologies make such interactive access simple and safe. For example, in the coming months the NIH intends to use OpenID and Information Cards to support a number of services including customized library searches, access to training resources, registration for conferences, and use of medical research wikis, all with strong privacy protections. 

Dr. Jack Jones, NIH CIO and Acting Director, CIT, notes, “As a world leader in science and research, NIH is pleased to participate in this next step for promoting collaboration among Assurance Level 1 applications. Initially, the NIH Single Sign-on service will accept credentials as part of an “Open For Testing” phase, with full production expected within the next several weeks. At that time, OpenID credentials will join those currently in use from InCommon, the higher education identity management federation, as external credentials trusted by NIH." 

In digital identity systems, certification programs that enable a site — such as a government agency — to trust the identity, security, and privacy assurances from an identity provider are called trust frameworks. The OIDF and ICF have worked closely with the federal government to meet the security, privacy, and reliability requirements set forth by the ICAM Trust Framework Adoption Process (TFAP), published on the IDManagement.gov website. By adopting OpenID and Information Card technologies, government agencies can cost effectively serve their constituencies in a more personalized and user friendly way. 

Under the OIDF and ICF's open trust frameworks, any organization that meets the technical and operational requirements of the framework will be able to apply for certification as an identity provider (IdP). These IdPs can then supply authentication credentials on behalf of their users. For some activities these credentials will enable the user to be completely anonymous; for others they may require personal information such as name, email address, age, gender, and so on. (Note: The Office of Management and Budget memorandum M-04-04 offers guidance on which authentication levels are appropriate for certain applications.) Open trust frameworks enable citizens to choose the identity technology, identity provider, and credential with which they are most comfortable, while enabling government websites to accept and trust these credentials. This approach leads to better innovation and lower costs for both government and citizens.