Fixing it too well may be incompatible with some personal liberties and privacy. A big problem is that the Government has no really solid way to authenticate you online. If it did, you'd need to provide far less info when signing up for something. Some of the Scandinavian countries work that way.
Should the US? Should Government web sites work on the policy that you should never have to tell the Government something it already knows?
I can only speak from an Australian perspective, but you'd be surprised how sensitive many public servants (outside of the 'intelligence community') are to public backlash against a national identity system. Admittedly they're concerned for the wrong reason, political backlash, rather than the right reason, protection of citizen privacy. But their reasoning is unimportant as long as it drives them towards a privacy-enhancing solution.
Standards like OAuth (and profiles like Open ID Connect) lend themselves well to federated auth systems where user-authorised attribute disclosure by mutually trusted third-parties, rather than authenticated identity, forms the basis of access to government online services. This could even have privacy benefits outside of citizen to government transactions; an online bottleshop wouldn't need to ask for a scan of your driver's licence (causing information leakage), it would only need to ask a trusted attribute holder if the customer is over 18 (or 21).
> Should the US? Should Government web sites work on the policy that you should never have to tell the Government something it already knows?
Should is a form of judgement, so I'll weigh mine in if you don't mind :-).
As I am certain you know, while it is technically possible to have government sites pull up everything known about the citizen given a modicum of uniquely identifiable information, the US culture would likely produce a tremendous "big brother is watching us" paranoid kickback. If this is warranted or not is moot.
For a smaller scale example, some years back the Home Shopping Network (HSN) made available caller-ID to CSR's for people calling to purchase product. They still have it now, of course, but at the time it was initially made available, CSR personnel would greet the caller "by name" when answering. Something akin to, "Hello Mr. Smith, how may I help you?"
This freaked out a lot of people. Especially the elderly. In any event, as those of us reading/posting in this forum know, the information is most certainly still there. Its presence is just not revealed to the HSN consumer.
Put that same type of convenience onto a US government web site and tech-trolls will light up the web with NSA conspiracy articles ad nauseam.
Right. Suppose the Obamacare web site had been really good. You go there, and it checks your IP address with your ISP, identifies your account, and greets you with "Hello. It looks like you're Mr Smith of 1234 Scott St, Raleigh, North Carolina. Is that correct?" The user answers yes, and gets back "You're qualified to sign up for Obamacare. We've checked your tax records, and your income qualifies you to get extra assistance. You don't have any other medical coverage right now. If you sign up, your premium of $42.00 a month will be deducted from your paycheck from Walmart Inc, along with your taxes. Do you want to sign up for medical coverage?
Yes, thanks for signing up. You now have medical coverage. Here's your certificate of coverage. Print this page and you're done.
But from the 24x7 headline-starved troglodytes looking to whip the populace into a frenzy? Loud and heard from every corner. And what would those which slavishly follow their pundits-of-choice do? Would they remember the ease with which they received health coverage or would they incorporate whatever mantra was beaten into them?
Should the US? Should Government web sites work on the policy that you should never have to tell the Government something it already knows?