Glitches in ID card kit frustrate Blunkett's pod people

Broken? Already?

The pilot for the UK national ID card scheme ran into technical problems earlier this year, cutting the period of the trial from six to three months, Parliament's Home Affairs Committee was told yesterday. Home Secretary David Blunkett was himself giving evidence, and told the Committee that people would be "queueing round the block" for ID cards - but we think he meant this would be because they wanted them, rather than because the issuing kit was broken.

The current breakages are of course of a trial system, intended to identify problems before the system goes live. However, the problem areas seem to have been all too predictable, which bodes ill for for the real thing. If the Home Office runs into enrolment problems with a system installed at the Passport Service's HQ in London, dealing with only a few thousand volunteers, what chance does it have of handling millions of people via equipment at post offices, libraries, smaller offices...?

The object of "enrolment" is to capture the biometric data which will be stored in the central database and on the ID card. This initial data reading clearly has to be of as high a quality as is feasible, the standard of the reading for different individuals has to be equivalent, and the readings taken by all of the different enrollment systems in operation also have to be equivalent. As the pilot does not have more than a handful of test systems deployed, it does not seem feasible for it to be testing, or challenged by, that last requirement at all.

The test equipment is reported to have run into "hardware, software and ergonomic problems leading to inconsistent enrolment," i.e. it faced the predictable calibration problems. The adjustments made by the contractor, ATOS Origin, gives us some signposts to where the difficulties are likely to lie, and to manifest themselves in spades when the systems (being called "enrolment pods" - we're going to be a nation of pod people) hit the sub post offices. The resolution and focus of the facial recognition camera was changed, a system to allow single fingers to be re-examined for prints was introduced, and the background in the booth (surely "pod"? -Ed) was changed to a "consistent texture" for iris scans.

Square peg in round hole

It's pretty clear what's going wrong. Facial recognition is, as we all know, pants when you're trying to deal with large numbers of people. It can be effective for a population of, say, 1,000 or less, but it's still very tricky to set up so that it operates with any degree of effectiveness. QED, the pilot is finding it very tricky to set up, and is, frankly, wasting its time with facial. It may be a system that has some utility in the roles envisaged for it by the International Civil Aviation Authority, but the Home Office's ID objectives are radically different from these, and here it is a square peg in a round hole.

As regards fingerprints, it's not entirely clear where in the process the failures have occurred. The system is intended to take a 'flat palm' reading of several fingerprints at once, then to match this against a similar reading taken from what one hopes is the real hand at a later stage. So at one or other, possibly both, of these stages one or more of the prints is not registering correctly. The 'fix' however does not sound entirely like a viable one. If you are adding in a procedure for re-entering dud digits individually, you are adding significant time to the process, adding the need for operator intervention, possibly adding confusing variables as well. If they end up having to do this live, at passport control, the scheme's in big trouble.

And the iris problem? Ah yes, you need pretty consistent lighting and ergonomic conditions in order to handle iris scanning. Conditions at enrolment should be particularly good, but you could probably get away with slightly less optimum conditions when taking later readings. Maybe you can design a standard iris scan pod and beam it down into the post office, at which point you maybe have a countrywide reading system that's approximately standard. But for how long? And how do you detect when a machine's going screwy? Then fix it? Blunkett told the Committee yesterday that "it is important to get it right rather than quickly." He failed, however, to explain how this stacked up against reducing the term of the pilot from six to three months because of the initial technical problems. So maybe he meant, 'it's important to stick to the rollout schedule, whatever...'

Blunkett's evidence does not seem to have been particularly enlightening. It was, he said, largely the media's fault that the counter-terrorism aspects of the ID scheme had been given so much attention, and he cited a Today programme interview of 14.9.2003 where he claims he said that although the ID card and the Register (the other Register - Ed) would help, they would not resolve the terrorist threat.

This latest Blunkett stance is however somewhat undermined by the alacrity with which both he and the Prime Minister have used the terror threat as a wedge to win approval for the scheme and to accelerate its introduction. Blunkett's position on the card vis a vis terrorism therefore seems to be that it is a useful weapon against terror, but when asked to explain how it will be useful against terror, he retorts that he never said it was a complete fix, and that the terror aspect had been greatly over-emphasised by the media.

As the Committee chairman testily remarked, this is a little like nailing jelly. But the serious point underlying this is that the Home Office's complete failure to nail down the specifics of what it wants, why and how it will work is vastly increasing the probability that the project will be a total catastrophe.

Blunkett did give some pointers to what we might deduce as the 'how' of the ID scheme's anti-terror capabilities. Fielding the now-standard 9/11 question, he told the Committee that "I'm not disputing that the US may know who's in the country and where they are, but it's never been applied to fighting organised crime and terrorism in the way it has been since the attack on New York." He gave the impression that he thinks a great part of the scheme's anti-terror utility will lie in his ability to know who is in the country, and where they are. He will be "aware of those coming in and out, those who are resident, and those who are engaged in activities around terrorism."

Pass Laws?

One can reasonable wonder how on earth he thinks he's going to know most of that. He stands some chance of knowing who is coming in and out, as this will merely need a massive and wide-ranging upgrade of systems and procedures at all entry and exit points. But he won't reliably know about visitors staying for less than three months, because as the draft bill says, these are exempt from the scheme. He will not reliably know about people who're already in the country. The ones he doesn't know about will decrease over a very long period, largely after 2013, the date at which it may become compulsory to have a card, but what procedures will he put in place to ID the ones who don't want to be found? Pass laws? These are not mentioned in the draft, but it's difficult to see how else he could do it. Nor is there any mention in the draft of the mechanism whereby he is going to know where we are. It will be compulsory to have your address on the Register, and you will have to change it when you move. But this is not the same thing as him knowing where you are.

We can however take a reasonable stab at figuring out how he will apply the scheme to "those engaged in activities around terrorism," and the obvious explanation knocks the wheels off government attempts to portray the scheme as a cuddly, citizen-friendly exercise hosting the minimum amount of personal information and well-guarded by an independent watchdog. The security services currently have lists of suspects, people related to suspects, people acquainted with suspects, and so on. This is what surveillance is all about, and we have to accept the processes to some extent if we accept that the security services should attempt to stop attacks before they happen.

Blunkett's imprecision here is strangely precise, because the people they are watching are "those engaged in activities around terrorism." Depending on how you read that, these people needn't either be doing anything illegal or knowing about any terror connection. For example, this writer used to share the odd drink with a retired IRA gun runner - MI5 surely knew all about him, and he didn't get arrested, so does he count as "activities around"? Does my drinking with him count?

It all really depends on how widely you cast the net. Blunkett is clearly anticipating the scheme as having a use in keeping track of the movements of people who are deemed surveillance candidates, but we will have no way of judging whether or not its operation against these people is justified, because the databases used will be external to the Register, and as there is a national security get-out to the oversight procedure, attempts address the issue at the junction between the external database and the Register will be blocked. So we can call this an unusually helpful piece of straight-talking from Blunkett.

Blunkett also repeated a claim he's been running with for the past couple of weeks. The security services tell him, he says, that 30 per cent of terrorists use false IDs. No further explanation of this allegedly killer fact has so far been forthcoming. We do not know what kind of false ID counts, we do not know where they use it and under what circumstances, and we certainly do not know how many terrorists use false British passports. Unless it is backed up by at least some of this data, the claim is about as useful as an Iraq WMD dossier.

For perspective, we might look at benefit fraud. The Department of Work & Pensions has come up with some fairly wild and divergent claims about the level of benefit fraud; the number seems to shift between £2bn and £7bn, depending on atmospheric pressure or something. God may know, but they sure as hell don't seem to. Giving evidence to the Committee at the end of April, however, Chris Pond MP, for the DWP, put benefit fraud related to false ID at £50m. Compared to the total DWP budget this is so low it might as well be zero. The estimated cost of the ID scheme is £3.1bn. ®

Related links

ID cards to use 'key database' of personal info
10 years jail for false ID - Blunkett PR deploys rattle of shackles
UK public wants ID cards, and thinks we'll screw up the IT

Sponsored: 10 ways wire data helps conquer IT complexity