Mr. Commissioner and members of the panel, I appreciate the opportunity
to appear before you today to discuss this important issue.
INTRODUCTION
I speak today on behalf of the USACM, the U.S. Public Policy Committee of the Association for Computing (ACM). ACM, founded in 1947, is an international non-profit educational and scientific society dedicated to the development and use of information technology, and to addressing the impact information technology has on our lives. ACM's activities include the publication of scholarly journals, the sponsorship of special interest groups (SIGS) in numerous disciplines, and activities that address social issues, such as the Committee on Computers and Public Policy, chaired by Dr. Peter Neumann. The 60,000 ACM members who reside in the U.S. are academic, professional scientific, and ordinary users of technology who have a strong interest in the development of secure and private methods for obtaining personal information from the government.
USACM, which I chair, is particularly interested in policy and social issues involving privacy and security. The USACM was created by ACM to promote dialogue on technology policy issues with U.S. policy makers and the general public. We provide a World-Wide-Web site located at http://www.acm.org/usacm/.
At the site we make available government documents, reports, policy statements, and links to other science policy resources.
OBTAINING PEBES ELECTRONICALLY
When I first learned that the Social Security Administration had made Personal Earnings and Benefit Estimate Statement (PEBES) available electronically, it occurred to me that one could obtain information about a spouse or a former spouse or a close relative. You would certainly know the person's name, mother's maiden name, date and place of birth, and there is a reasonably good chance your would know the person's social security number (especially of a spouse or former spouse). This is not, I think, the kind of situation that the Social Security Administration had in mind when they started offering electronic access to PEBES on the net.
It is unfortunate that the Social Security Administration has had to temporarily halt a laudable effort.
The basic problem stems from the lack of an easy-to-use ubiquitous means for authenticating identity in an electronic environment, combined with the lack of a strong national legal privacy protection.
We favor using encryption as a tool for assuring identity because it provides a technique that is compatible with digital networks, it is unforgeable, there is widely available encryption software, and there is widespread usage.
In addition, it authenticates the individual who created the message, assures the integrity of the message, and binds the signature to the message.
Consequently, the recipient knows that the individual in question is not only who he or she purports to be, but also is the one who created the message.
THE NEED FOR A SECURE ELECTRONIC ENVIRONMENT
I understand that the Social Security Administration would like to develop a method for authentication that would be available in the short term. Since others are addressing the more immediate problem, I shall focus on the long term issues and the lessons that we can derive from the problems encountered by the SSA.
The solutions that I am advocating provide a general approach for dealing with authentication and privacy issues as they arise within government agencies, in business dealings, and in personal interactions.
The widespread use of digital signatures could be an important benefit of a secure electronic environment that includes strong encryption. In part, the purpose of a digital signature is to prove electronically that a person is who he or she claims to be.
As described in the 1996 National Research Council report "Cryptography's Role in Securing the Information Society"(1), a digital signature is "a digitized (sic) analog of a written signature, produced by a cryptographic procedure acting (commonly) on a digest of the message to be signed". In other words, you take the complete message and run it through a cryptographic procedure to create a version that could be produced only by you, assuming that you did not provide a copy of your key to someone else. Going back to my example of a person attempting to request a PEBES of a spouse or relative, if a digital signature were required and if the relative had not provided his or her digital signature, it would be impossible to improperly obtain the earnings statements.
The above example illustrates another crucial long term issue: We will need an informed and trained public with access to the appropriate user friendly functionality in their personal computers in order to have a smoothly functioning secure electronic environment in which the Social Security Administration can provide electronic services to the public in an efficient and secure fashion.
A necessary condition for a digital signature to be unambiguous proof of identity is that it be virtually impossible to forge. Hence, we need to use a cryptographic process with adequately long keys.
Quoting again from the NRC report(1),
Nonconfidentiality applications of cryptography supports reliable authentication.... To date, national cryptography policy has not fully supported these nonconfidentiality uses. Some actions have been taken in this area, but these actions have run afoul of government concerns about confidentiality.... For illustrative purposes only, the committee notes that the government could support and foster technical standards and/or standards for business practices that encourage nonconfidentiality uses based on de facto commercial standards. One example would be the promulgation of a business requirement that ALL DATA ELECTRONICALLY PROVIDED TO THE GOVERNMENT BE CERTIFIED WITH AN INTEGRITY CHECK AND A DIGITAL SIGNATURE. (Emphasis mine).
Many government agencies can benefit from the widespread use of strong digital signatures. For example, the Internal Revenue Service would like to be able to receive electronic versions of tax returns with accompanying digital signatures, rather than the cumbersome paper versions that are currently required. We can now add the Social Security Administration to the list of government agencies whose work would be facilitated by the existence of a secure digital signature infrastructure.
There are current efforts being made to develop this needed infrastructure. I quote from an announcement made earlier this month by the National Institute of Standards and Technology (NIST).
The Digital Signature Standard, also known as Federal Information Processing Standard, or FIPS, 186, currently requires federal departments, agencies and contractors who use digital signatures to do so with the Digital Signature Algorithm. Today's announcement starts the process of looking for additional algorithms to be incorporated into the standard. FIPS do not apply to the private sector, but they frequently are used by non-federal organizations.We applaud this effort by NIST to increase the number of algorithms that can be included in the Digital Signature Standard. As NIST points out, while a FIPS may not be legally binding on the private sector, it can have a significant impact on the entire country, not just on the federal government. We hope that the open and inclusive publicly involved approach being used by NIST for digital signatures will be extended to other applications of encryption for which NIST will establish standards, notably, use of encryption to assure confidentiality of digital information either stored in a computer system or in transit in communications.
While necessary, the development of a generally accepted Digital Signature Standard is not sufficient to guarantee that such a standard will be widely used. Without easy availability of appropriate software capability on the personal computers of the public, a Digital Signature Standard will be of greatly diminished use to the Social Security Administration. There are two aspects to the creation of digital signatures: 1) the secrecy of the private key and 2) the binding between the key and the identity of the person.
Several approaches can be used to create the encryption keys required by digital signature schemes. One would be the establishment of an entity that distributes "certificates of authenticity" and keys to the general public - for example the U.S. Postal Service. Another would be to use a cryptographic system - for example PGP - that itself will generate keys which can then be registered at some key-site. Once use of digital signatures is commonplace, we anticipate that the shortfalls of the Social Security Administration's recent efforts at electronic distribution of PEBES will be accommodated.
PRIVACY PROTECTION
The ease with which one can obtain the identifying information that had been used by the SSA for on-line authentication illustrates a related problem, namely the lack of significant privacy protection in the United States.
Computer professionals tend to be very sensitive to privacy issues - probably because we realize how easy it is to compromise information that is stored in a computer or transmitted over the net unless special steps are taken to protect that information. Because of our concern, ACM issued the following statement in 1991:
Whereas the ACM greatly values the right of individual privacy;Whereas members of the computing profession have a special responsibility to ensure that computing systems do not diminish individual privacy;
Whereas the ACM's Code of Professional Conduct places a responsibility on ACM members to protect individual privacy; and
Whereas the Code of Fair Information Practices places a similar responsibility on data holders to ensure that personal information is accurate, complete, and reliable;
Therefore, be it resolved that:
(1) The ACM urges members to observe the privacy guidelines contained in the ACM Code of Professional Conduct;
(2) The ACM affirms its support for the Code of Fair Information Practices and urges its observance by all organizations that collect personal information; and
(3) The ACM supports the establishment of a proactive governmental privacy protection mechanism in those countries that do not currently have such mechanisms, including the United States, that would ensure individual privacy safeguards.
Had there been a proactive government privacy protection entity in place, it might have restricted the selling and distribution of personal information without the expressed permission of the individual. It might also have restricted the use of the social security number to only those areas directly related to its initial intended use. Had these steps been taken, it might have been possible for the SSA to use the information it initially requested to reliably authenticate an individual.
And even if such an entity were to be established only now, it could work with the SSA and other governmental agencies to assist with privacy protection and authentication issues.
SUMMARY
The problem that the Social Security Administration has had in making PEBES available electronically has served to emphasize a serious void in the electronic infrastructure of the country; namely the lack of secure, inexpensive, and easy to use digital signatures. It also illustrates some of the problems that have developed because of our lackadaisical attitudes towards significant privacy protection and assurance of confidentiality.
We strongly support the efforts of NIST to broaden the Digital Signature Standard. We encourage the SSA to enable the use of secure encryption based technologies for authentication and privacy. In so doing, the SSA could become a model for other government agencies to emulate in their dealings with the citizenry.
And we hope that the Social Security Administration will join us in urging our government to create meaningful privacy protections.
References:
1. Cryptography's Role In Securing the Information Society (a.k.a. the CRISIS report), Final Report of the National Research Council Cryptographic Policy Study Committee, National Academy Press, 2101 Constitution Ave., Washington, D.C. 20418, 1996.