Authentication, privacy, and the federal E-Government

As federal agencies move toward more sophisticated e-government offerings, they must consider both policy and operational requirements for electronic authentication (e-authentication). One important consideration in designing and deploying e-authentication solutions is the balance between access, security, authentication, and privacy. Public law and government-wide policy encourage e-government and e-authentication simultaneously with privacy protection, creating policy and operational tensions for e-government efforts. A review of the relevant laws and policies and analyses of the privacy implications of authentication technologies indicates that federal agencies have at least two analytic frameworks for balancing privacy concerns with e-authentication. A framework offered in the 2003 National Research Council report Who Goes There? and the privacy impact analysis requirements of the E-Government Act of 2002 provide e-government projects with the tools for navigating the path between privacy and openness, required by both e-government law and policy.