White Paper: What Could Kill NSTIC? A friendly threat assessment

I shouted “Death to NSTIC!” and my session filled up. This was at the Spring 2011 Internet Identity Workshop and the National Strategy for Trusted Identity in Cyberspace program office was getting its act together, meeting the identerati in Mountain View, California. We took over a room and a whiteboard and imagined what could keep NSTIC’s vision from coming true. The dozen folks in the room were diverse. We were from startups and big companies, governments and NGOs. We were tech geeks, policy wonks, and executive suits. We dredged up failures we’ve known, obvious challenges and barriers unique to the notion of an “identity ecosystem.”

Death to NSTIC!

18 months later I did it again, with a different group, at the Fall 2012 IIW. Again, a whiteboard full of threats.

"Death To NSTIC" session at IIW15

I sat down in December and correlated the two sets of findings. PDEC is putting this out as a whitepaper, full of the details. Read on Scribd or download the pdf. I have a presentation version on Slideshare or you can download the deck as a pdf too.  

Two threats stood out. First, a user experience failure could destroy user adoption, ruin trust in the ecosystem, and twist user behavior counterproductively. Second, the ecosystem’s success depends on being strong in four areas (technology, economy, policy, and culture) and in having each of those areas balance the others. An imbalance could rip the ecosystem apart. 

Something stayed constant between the two sessions: performance anxiety. Execution risk was the overarching concern. Few attempts at something this complex ever go live, let alone thrive. 

Something changed between the two sessions, however. Where the first had many outside threats, the second session focused on internal risks. Less we-may-be-tackled-by-opponents and more we-may-fumble-without-interference. [Sorry for the US football metaphor.] Speculating, it may be that people had shown up to the program, light bureaucracy was being worked out, and it had all become more real.

It’s important to get digital identity right. It affects everyone, every business, every institution.

To that end, NSTIC’s Identity Ecosystem plenary (the people and companies that make up the ecosystem) is meeting this week in Phoenix, and PDEC’s Kaliya Hamlin is there to speak for our startups as part of her “Personal Data World Tour” taking her from Arizona, to D.C. to Austria (conference) to London (seminar) to Manhattan (seminar). Starting now, Kaliya is running to represent all small businesses and entrepreneurs on the IESG’s management councilsign up to vote for her by 14 February.  

What do you think could kill NSTIC? 


PDEC Whitepaper – What Could Kill NSTIC 2013 by evanwolf on Scribd

About Phil Wolff

Phil Wolff is strategy director of PDEC, the Personal Data Ecosystem Consortium, a Small Data NGO. Wolff is a director of the DataPortability Project and co-author of the project's model Portability Policy. He's had management, technology, and marketing roles at Adecco SA, LSI Logic, Bechtel National, Wang Laboratories, Compaq Computer, the City of Long Beach, the State of California, and the U.S. Navy Supply Systems Command. On LinkedIn, ORCID 0000-0002-7815-4750, Quora top 250 of 2012. He holds the PDQ Bach Inauthentic Identity Fellowship at the University of Southern North Dakota at Hoople. Phil lives in Adams Point, Oakland, California.