White House says an anticipated executive order on identity theft is coming, here’s what experts want in it

White House officials have repeatedly described an anticipated executive order on identity theft as in the works, but stakeholders are expressing urgency on the matter.

White House officials have repeatedly described an anticipated executive order on identity theft as in the works, but stakeholders are expressing urgency on the matter. Jakub Porzycki/NurPhoto via Getty Images

Featured eBooks
Space Tech
Read Now

CDM

Read Now

Digital Transformation

Read Now
Natalie Alms By Natalie Alms,
Staff Reporter, Nextgov/FCW

By Natalie Alms

|

Although stakeholders have big wish lists for the anticipated proposal, few details are known about what the White House expects to include.

The White House “still plans on coming forward with an executive order” on identity theft in public benefit programs that it previously promised would be released “in the coming weeks” in March, a White House spokesperson recently told FCW.

At the time, the administration said the forthcoming order, led by American Rescue Plan coordinator Gene Sperling, would have “broad government-wide directives… to prevent and detect identity theft involving public benefits” with a focus on privacy, equity and civil liberty protections, as well as provide help for identity fraud victims. 

Stakeholders say the need for action is urgent, pointing to the promise of the White House’s agenda and its policy-setting ability to address both equity concerns and internal government policy barriers that often hinder identity proofing.

There’s obvious interest in the anticipated executive order, with stakeholders champing at the bit to see White House action. 

“I've done more government briefings in the last two years than I had in like the previous eight,” said Eva Velasquez, president and CEO of the nonprofit Identity Theft Resource Center. But “as far as doing something about it and acting on it, the jury's out… I'm not sure how much longer we can go on without at least something coming out with some kind of structure about what we're going to do.”

The issues are high stakes. In question is exactly how the government uses identity proofing and fraud prevention technology in public benefits programs like unemployment insurance, one of several government services still grappling with the spike in identity-based fraud since the onset of the pandemic.

The White House isn’t the only government actor working on this issue.

NIST is working on the first refresh of guidelines for digital identity verification in years. On Capitol Hill, a digital identity bill has made progress in moving through the House and Senate, although it’s unclear if it will make it into law in the remainder of a lame duck Congress. 

And likely incoming chair of the House Committee on Oversight and Reform, current ranking member James Comer (R-Ky.), told FCW in a comment that “investigating COVID-19 pandemic relief fraud is a top priority for Oversight Committee Republicans,” saying that the current administration has “sat on their hands for the past two years, pushed to spend more taxpayer money and allowed fraud within these federal assistance programs to run rampant.”

Given the role of identity and fraud tech in providing or preventing access to government benefits, a top concern for many is equity.

Linda Miller, fraud expert and partner at Guidehouse, told FCW that privacy and equity are the biggest issues for government identity verification, pointing to the backlash around privacy and equity concerns the IRS suffered in regards to its use of facial recognition tech via vendor ID.me.

Outgoing chairwoman of the House Oversight and Reform Committee Rep. Carolyn Maloney (D-N.Y.), whose committee has been investigating ID.me, told FCW in a statement that “millions of Americans have had to turn over their biometric information to private companies in order to access essential government services with little clarity on how their information will be safeguarded.”

The use of biometrics like facial recognition, although required by current NIST standards for certain levels of digital identity proofing, is fraught. 

Charles Romine, director of NIST's Information Technology Laboratory, told lawmakers in 2020 that there is significant variance in how facial recognition algorithms perform, with some but not all producing differential outcomes based on demographics.

But Velasquez cautioned the administration from precluding the use of consent-based biometrics, which she said “absolutely has a positive role” in identity validation.

Ben Winters, counsel at the nonprofit Electronic Privacy Information Center, is zeroed in on fraud detection and prevention tools in government programs. 

“We don't need an executive order that just increases the capacity to buy more tech that will ‘fight fraud’... but we could use any executive order that implements transparency and accountability requirements around the purchase of these tools,” he said. “The delay [of the executive order] has been frustrating because the federal government has a substantial role in the purchase of these tools, like giving grants to state and local governments.”

How exactly the government should address digital identity isn’t uniformly agreed upon. 

Although some groups have asked the White House to push the use of mobile driver’s licenses, Jordan Burris, former federal CIO chief of staff and current senior director of product market strategy for the public sector at digital identity verification company Socure, emphasized that he doesn’t think the administration should back any single solution.

Many do agree on the need for more help for victims of identity fraud. Currently, the process of recovering one’s identity is burdensome and confusing, requiring individuals to contact multiple agencies and companies depending on their situation.

And several stakeholders also told FCW that a major step the administration can take is helping to set standards.

One specific area is privacy and data-sharing, said both Miller and Burris. Government agencies don’t necessarily agree on how to approach data sharing, but confirming and triangulating data about someone is often part of the equation of digital identity proofing.

Burris also has a push for the digitization of identity documents like birth certificates on his to-do list and suggested that the White House designate identity management and services as critical infrastructure.

For now, the inaction is making it difficult for government agencies to act, said Miller.

“It is unfortunate that it’s been months and we haven’t seen this executive order,” she said. “I think a lot of agencies won’t take action until they see what the White House wants them to do… While they're waiting, identity theft based fraud is continuing at a pace.

NEXT STORY: VA Used COVID Relief Funds To Bolster IT and Digital Services

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.