Stephen H. Holden and Lynette I. Millett
As federal agencies move toward more sophisticated e-government offerings,
they must consider both policy and operational requirements for electronic authentication
(e-authentication). One important consideration in designing and deploying e-authentication
solutions is the balance between access, security, authentication, and privacy.
Public law and government-wide policy encourages e-government and e-authentication
simultaneously with privacy protection, creating policy and operational tensions
for e-government efforts. A review of the relevant laws and policies and analyses
of the privacy implications of authentication technologies indicates that federal
agencies have at least two analytic frameworks for balancing privacy concerns
with e-authentication. A framework offered in the 2003 National Research Council
report Who Goes There? and the privacy impact analysis requirements of the E-Government
Act of 2002 provide e-government projects with the tools for navigating the
path between privacy and openness, both required by e-government law and policy.