A draft of a long-awaited executive order covering digital identity includes a push to make government-owned Login-dot-gov an option for most federal benefits programs.
The White House appears set to give Login-dot-gov, a digital identity service run by the General Services Administration, a leading role in providing access to public benefits programs, according to a draft executive order obtained by FCW.
The order was first promised in the 2022 State of the Union address as part of a plan to cut down on fraud in benefits programs in the wake of reports of massive identity theft in relief programs launched or expanded during the COVID-19 pandemic. The Government Accountability Office recently gave a low-end estimate of at least $60 billion in fraud in the unemployment system alone for the 18-month period starting in April 2020.
Under the terms of the draft, GSA would be tasked with scaling up its homegrown Login-dot-gov identity verification and authentication services to reach the entire U.S. population. The draft order also calls for Login-dot-gov services to be made available for use in state and local programs. Individual Login accounts would be reusable across agencies.
Additionally, under the draft, any public benefits program would be required to offer users access to some publicly-operated digital identity service as a way of accessing services. That could mean an agency-specific service or a shared service like Login-dot-gov.
The draft does not preclude government agencies from offering private sector options for identity verification and authentication as well, something some agencies, including the Department of Veterans Administration, already offer alongside Login.gov.
Under the draft, agencies that offer public services deemed "high impact" by the Office of Management and Budget would be tasked with developing plans to add Login-dot-gov as a sign-on and identity verification option. The list of high impact service providers includes the IRS and tax programs, Medicare, passport renewal, the Census and other programs that millions of Americans engage with every year.
The Office of Management and Budget declined to comment on the draft or when the White House expects to release the executive order. Nothing contained in the draft is official policy until it is signed by the president.
The push to prioritize Login-dot-gov is likely to draw some resistance from industry. While Login-dot-gov is built with contractor support, it is government-owned and includes some components that were developed internally at GSA. Earlier this month, two technology trade associations penned a letter to White House officials asking the Biden administration "to reaffirm the U.S. government's long-standing policy of technology neutrality."
Login-dot-gov was not called out in the letter from the Business Software Alliance and the Enterprise Cloud Coalition, but was written to convey interest "in furthering our shared cybersecurity goals, specifically with regards to improving digital identity, including by combating identity theft and public benefit fraud."
The draft order also includes provisions related to the performance of identity verification systems and their impact in terms of equity, privacy and access to government benefits, as well as support for identity theft victims.
Under the draft, GSA is instructed to pilot a new system that would notify individuals when their identity information is given to a public benefit program to be verified, and give them the option to stop the process to potentially tamp down on digital identity theft.