GSA / participate-nap4

Participate in the 4th U.S. National Action Plan for Open Government
https://open.usa.gov/national-action-plan/4/
13 stars 10 forks source link

Create a Blockchain-based Identification System #44

Open akarides opened 7 years ago

akarides commented 7 years ago

Topline Description

The government currently lacks a reliable system for identifying and identifying immigrants, refugees, and social welfare recipients. A blockchain-based identification system

Key Objective(s)

Measurable Metrics

How can we quantify, verify, monitor, and report progress? Work should be completed by June 2019. Timelines encouraged.

JoshData commented 7 years ago

Normally I'm cautious about the use of blockchain technology in government, but I must say it does seem appropriate to use a permanent public ledger as the basis of Trump Administration programs that target immigrants, refugees, and social welfare recipients and that create virtual badges for people. A permanent digital badge is better than, say, a permanent tattoo because it's cryptographically secure, I guess?

bsweger commented 7 years ago

Personal beliefs aside that we should not have this kind of federated ID system, I'm not sure how such an effort relates to a plan for open and transparent government.

jstclair-HFT commented 7 years ago

Good point - As with some of the other discussions, this may be a bit "tactical" and less "strategic" to fit the NAP, but you could argue any improvements in digital identity could improve openness and transparency in "government" - Big G, little g, processes, etc

chicagomom commented 7 years ago

An identification blockchain with an embedded history of immigration or "social welfare recipient" would accompany a person everywhere, and be a huge violation of privacy. Blockchain identification with this sort of information would make it super-easy to discriminate against people selectively, though.

akarides commented 7 years ago

Please keep in mind this contribution is a reiteration of the goals drafted from the 9/8 GSA workshop.

akarides commented 7 years ago

Such a system would be designed to provide individuals complete control over the sharing and distribution of their identification information to ensure maximum privacy. Refer to ID2020.

b-k commented 7 years ago

The key problem regarding this tactical proposal is not the storage of individual data in an easily retrieved manner, but reliably linking that data to a specific human—a specific body—who is a recipient of certain social welfare benefits or an immigrant.

The obvious solution is to include some biometric information in the hash calculation for the blockchain, but which? IBM has been the leader in this problem, but as noted above, their use of tattoos is now deemed to be outdated. Facial recognition and other non-invasive systems are easily fooled (think identical twins), and easily `stolen' by anyone with a good camera. This brings us to genetic information (which can also be stolen, albeit with closer contract than a camera). For example, at a traffic stop or before allowing a passenger to board Amtrak, police would draw blood and use that information to check whether the person's claimed identity is in the blockchain of social welfare recipients or immigrants. Of course, this verification requires taking a bodily fluid sample from everyone, because there's no way to know until you check.

Unlike being a Jew, the statuses in this proposal change regularly. The proposal distinguishes between immigrants and refugees, implying that immigration status matters, which means the blockchain will need to have features that allow updates for status changes such as naturalization or simply leaving the country. The definition of social welfare is also difficult to pin down and changes often in a person's life: do we enter-five year olds on the first day of kindergarten if they receive a free lunch? Are these children ever removed, or do we simply add another block when a child has his or her own lunch money?

But given that everybody will need to submit bodily fluids to authorities upon demand to make this proposal feasible, it may be best to simply maintain blockchain entries for all people who interact with the U.S. gov't in any way, eliminating the problems of in-or-out determinations and the potential awkwardness of drawing blood from a person only to determine that they are not in the registry. Requiring bodily fluid samples from every citizen every time they interact with police, TSA, or DMV may seem a lot, but it is clearly worth it for the gain of being able to know with 100% certainty who has received government support or was not born on US soil.

theaj42 commented 7 years ago

I think this idea is highly unethical, and contains flawed thinking from both philosophical and technological perspectives.

1) Blockchain technology does not "provide individuals complete control over the sharing and distribution of their identification information to ensure maximum privacy" as stated above. In fact, it's exactly the opposite. Distributed blockchain technology allows anyone to see all the data contained in the block. It's this very fact that allows for the "integrity" part of the information security confidentiality-integrity-availability triad. This is how security researchers find ransomware hackers - they follow the flow of bitcoins from account to account by watching the blockchain.

The information is publicly available. Anyone can see it. You, right now, can go look at my Coinbase account balance, and see a record of all the transactions I've made with it since I opened it. What you can't do is change it without a record of that change being made. So that means that once you tag someone with any information in a blockchain, there is forever a trail to that tag. Tag me as being part of group L. Three years later, remove that tag. Though the tag is gone, the record of the tag is still there. The record of the tag being removed is still there. By the very nature of the blockchain, it doesn't ever go away.

2) You're really proposing a national system of checkpoints to collect bodily fluids from everyone? Aside from the fact that I don't want to be swabbed or poked several times a week (and neither, I suspect, do you), do you have any idea of how long it takes to do a DNA analysis? Boy, you think TSA is slow now...

3) This is a philosophically horrific idea that is diametrically opposed to the spirit of America, the idea of freedom, and the clear course of national prosperity through international partnerships and cooperation. This is putting irrevocable digital armbands on a segment of our populace specifically for the purpose of culling them from the crowd. It's an ignorant and cowardly thing to do.

Give me your tired, your poor, Your huddled masses yearning to breathe free, The wretched refuse of your teeming shore. Send these, the homeless, tempest-tost to me, I lift my lamp beside the golden door!

jstclair-HFT commented 7 years ago

Bodily fluids aside, the use of blockchain for centralized or de-centralized identity is very real, and supported by many developing vendors and dedicated industry groups. Additionally, it is a misconception that the crypto-currency implementation of DLT is the method, when there is an increasing diversity in design and technology that address IAM principles and security.

amhlaidgh commented 7 years ago

Wow, the possibilities boggle the mind.

Also the latent evangelical in me would suggest this would be best implemented as a mark on the hand or forehead.

jalbertbowden commented 7 years ago

This! But instead of immigrants/welfare recipients/marginalized society, do it for federal government employees on the hill, their past employers/employees, and lobbyists.