Crossroads Blog | CYBER SECURITY LAW AND POLICY

anonymity, Identity Management, Privacy, regulation

You’ve heard of NS-TIC. How about a world wide identities plan?

Ron Noble is the Secretary General of INTERPOL (and also a former Assistant United States Attorney in Pennsylvania). Here are excerpts from his September 15, 2010, speech at the 1st INTERPOL Information Security Conference, held in Hong Kong, China:

To strengthen this aspect of our information security management system, we are currently developing, in partnership with Entrust and EDAPS, an e-Identification Card.

This e-Identification Card is an identity management tool that will provide the highest security credentials service for INTERPOL staff and law enforcement officials worldwide working on behalf of INTERPOL. Once in place it will enable these officials to identify themselves at international borders, at the INTERPOL General Secretariat or any other INTERPOL facility, as well as to securely access INTERPOL networks and communicate from virtually any fixed or mobile location in the world.

This e-Identification Card, as Entrust CEO Bill Conner says, will “enable INTERPOL to control access to resources, prevent theft of information and comply with privacy and digital signature regulations and laws on a global basis.”

But our vision doesn’t stop here. The next frontier that INTERPOL intends to lead in transformation is Identity Based Security.

Our vision is one where, one day, all law enforcement officials worldwide involved in international policing matters will be equipped with this e-Identification Card.

As I said earlier, INTERPOL provides its member countries with a secure global police communications system. Of course, not all international police communications go through INTERPOL’s system. But even when not using INTERPOL's communication channels, law enforcement needs a way to be able to know that the person on the other end of any digital communication is who he or she purports to be, and especially when communicating across borders. In other words, law enforcement worldwide needs an international identity verification system.

I strongly believe that INTERPOL, as the largest international law enforcement organization, is in an ideal position to coordinate the development of such security standards for police worldwide and that the product we are developing with Entrust and EDAPS is the first step towards that goal.

In fact, working towards the development of international standards is not new to INTERPOL. The Organization has already played a central role in developing global standards in victim identification and in fingerprint and DNA exchange, for example.

In the field of information security, INTERPOL can play a unique role in establishing electronic trust by building bridges between the police community and information security professionals from the private and public sectors worldwide while working towards the development of common standards.

We have already taken concrete steps to become closely involved with the ISO subcommittee responsible for drafting the ISO 27001 standards. And in parallel, we strongly support the wide implementation of the G8 High-Tech Crime Sub-Group’s best practices in incident response. The INTERPOL e-Identification Card, which I just discussed, spans both the ICAO global travel standards and the EITF enterprise standards to provide strong identity for our police agents both on the road and in the office for both physical and logical access.

In short, INTERPOL is ideally positioned to represent law enforcement interests in developing global information security standards, as well as to assist in the implementation of such standards across its membership, including by developing specific standards for the police community.

* * *

Let me share an idea with you before I leave the floor.

I was reading recently an interview with Google’s CEO Eric Schmidt. He was saying that the World Wide Web would have to evolve from anonymity to what he calls “true transparency” because, he said, “in a world of asynchronous threats, it is too dangerous for there not to be some way to identify you.”

If some kind of a verified name service for the internet is to be created –– and I believe one should be –– then we will need exactly this type of bridging between police and the public and private sectors, as well as with citizens rights groups and other NGOs to be able to do it.

I think this is something we should start discussing. And here again, INTERPOL can and will play a central role as a discussion forum for law enforcement and in building bridges with all other stakeholders.

(emphasis added)

You can download a PDF file of his entire speech, here.

Leave a Reply

anonymity, Identity Management, Privacy, regulation

You’ve heard of NS-TIC. How about a world wide identities plan?

Ron Noble is the Secretary General of INTERPOL (and also a former Assistant United States Attorney in Pennsylvania). Here are excerpts from his September 15, 2010, speech at the 1st INTERPOL Information Security Conference, held in Hong Kong, China:

To strengthen this aspect of our information security management system, we are currently developing, in partnership with Entrust and EDAPS, an e-Identification Card.

Read More

Leave a Reply