Remember back about a year ago when internet hackers working for the Chinese government stole a trove of records belonging to both current and former federal employees, exposing the sensitive data of 21.5 million Americans including veterans and active-duty service members? The Office of Personnel Management (OPM) breach that was exposed last June?

Well, this nightmare can happen again, according to experts, because the government is attempting to take on a single sign-in interface through their very own General Services Administration’s digital tiger team, 18F, and their plan, which many say is “over-reaching, duplicative and out of sync with administrative policy.”

Blake Hall, founder and CEO of the veteran-owned private digital identity company ID.me, says what the government agency is proposing is downright dangerous, and tosses vets’ private lives and info as one big, fat slow-moving target for online criminals all over the world to hunt and take down (full disclosure: The SITREP Military Blog is owned by ID.me).

From FedScoop:

“They’re trying to crowd out the private sector,” said Blake Hall of the 18F government hackers’ ambitious plan to build out from scratch a single sign-on for .gov — a doorway to federal government services that citizens can use which will validate their identity once, then allow them to visit a range of sites without having to sign on anew each time.

ID.me is one of the pilots given seed money under NSTIC which envisaged a so-called ID ecosystem — private sector companies competing with each other to offer a trusted login as a service for consumers who could log in once, then securely use a variety of commercial and government services online.

In a blog post this week, and then in an interview with FedScoop, Hall charged that 18F’s vision is out of line with NSTIC, which aimed at “a federated system, where government will set standards and as identity providers [like ID.me] get accredited and certified against those standards, citizens will have choice as to who their identity provider is when they log in to a federal website.

(NSTIC, as you may recall, is the Obama administration initiative established to outsmart hackers and brainstorm policy that will effectively safeguard the online identity of all Americans)

In calling on the government to come to its senses, Hall cites the common sense capitalist model that has driven the country’s economy throughout history.

” … because they have choice, that will breed competition,” he said.

Without pitting private companies against one another and championing the breakthrough that ultimately proves itself superior, the country and its veterans are stuck with the untested, unproven whim of a federal agency.

Its defenders and 18F itself have barked back that Connect.gov, a defunct government program that was powered by ID.me and Verizon among others, failed and because of this fact the private sector shouldn’t get another shot at the identity game.

But Hall wisely points out that it was a rigged game, telling FedScoop that “instead of having a conversation with all the stakeholders” and talk through the kinks, 18F went with the “scrap everything including the president’s strategy and we’re going to build it ourselves.”

Imagine Thomas Edison plying one precious metal for his light bulb filament, discovering it doesn’t work, and resorting back to candles.

Or, you can liken the situation to that lovable blockhead Charlie Brown, which is precisely what the former head of NSTIC, Jeremy Grant, did in a tweet he posted and tagged both the GSA and ID.me Twitter handles:

Grant, Hall and numerous other cybersecurity buffs agree: Americans and their elected representatives need to step in and save the GSA and its 18F team from positioning vets and civilians alike to be vulnerable sitting ducks on the world wide web. Because if their doomed plan becomes realized, the grief it’ll purportedly cause will be anything but good.

What’s at stake is the security of the very people who serve and protect America, and that deserves a bona fide, cutting edge process.

Not peanuts.

 

Photograph by Fabien Irsara