I recently attended the EEMA European Identity Management conference that took place in Tallinn, Estonia.  A key topic that carried on throughout the two-day conference was the continued penetration and evolution of government operated eID systems for citizens.  While these systems for the most part are focused on easing access to government applications, they also help crystallize what the future of Internet identity could look like.  The discussions stretched into the possibility of how these programs could be extended to address how identity is managed and controlled on the Internet as a whole.  

We also heard presentations from our Estonian hosts on their quite broadly penetrated card-based eID program (more than one million cards for approximately 1.4 million Estonians) as well as about the new German card-based eID program that is in its first year of operation.  One impressive statistic for the Estonian program is that it enabled nearly 25 percent of votes to be made online in the most recent parliamentary elections. 

In addition there were sessions on two more futuristic government programs, NSTIC from the United States and SSEDIC from Europe, that are looking to deliver on the bigger mission to improve how identity is created and consumed on the Internet at Internet scale for much more than just government applications. In my session I compared and contrasted government eID initiatives in general, and then analyzed three in particular - namely Germany, New Zealand, and the US.  You can see my conclusions near the end of that deck.

It is clear the industry is on the threshold of restructuring how identities are managed and consumed on the Internet and that this will significantly address the usability and security problems that seem so intertwined with the current identity-unaware Internet.