Feeds

Blunkett risks ID card battle with EU

Legal questions as real cost exceeds £3.1bn

  • alert
  • submit to reddit

Remote control for virtualized desktops

The total cost of the UK's ID card scheme is likely to be considerably in excess of the Home Office's £3.1bn, it became clear from evidence given by Home Secretary David Blunkett to the Home Affairs Committee earlier this week. Considerable expenditure outside of the core of the scheme will be effectively "laundered" via other government departments and private sector organisations, which is somewhat ironic considering that one of the things the scheme is supposed to do is tackle, er, money laundering.

And Blunkett is setting himself up for a possible collision with Brussels, because the justification for forcing EU citizens to have a card is at least arguably fraudulent.

This last revelation came just at the tail end of his evidence to the Committee. Asked by Committee chairman John Denham: "Is it legal for us to impose a requirement on EU citizens that would not be required at that stage of British citizens?", Blunkett responded: "It is... It is so long as we build into the legislation that we are intending to apply compulsion at some point to our own population."

This perhaps hinges on who he thinks "we" is, at this juncture. Blunkett most certainly intends to apply compulsion, but the position as far as the legislation is concerned is that a decision on compulsion will be taken by Parliament after the card has a significant level of penetration and a report has been delivered to Parliament. The strength of the intent would therefore seem debatable. Non-UK EU citizens will be compelled to have a UK ID card during the "voluntary" phase if they are resident for more than three months, and there would seem to be some grounds for them to complain to Brussels.

The total cost of the scheme, meanwhile, will clearly be more than £3.1bn, and the deeper the penetration of the ID into UK society, the more the cost will climb. And Blunkett would like its penetration to be very deep indeed. Asked if the cost included, "for example, the biometric readers and equipment which is going to be installed in other Government departments, such as the the Department for Work and Pensions, the Health Service and so forth?" Blunkett replied:

"It does not, and the reason it does not, and this is another reason why taking this incrementally makes sense, is having made the decision... to publish the draft Bill and to indicate that we will legislate and we are serious in going forward on this... we are now in a position to say to department agencies and to the private sector that you will over the next ten years be in a position where if you choose to do so, or if we designate a service to do so, the technology that you are using for other purposes should now be presumed to have an appropriate reader for your proposes, depending on what it is. As with the Minister of State, who I think gave evidence to you last week, we would have a situation where as the electronic medical record programme is developed across the whole of the NHS, that it is done so in a way that the equipment they are using and the computers that they are operating can also build in this facility." (our emphasis)

So effectively, Blunkett will be hitching a lift on the efforts of departments throughout government. The NHS electronic record programme is a particularly impressive example, as this vast and expensive project is already rolling, and now being anticipated as making what will surely be a very substantial contribution to the national scheme, without needing to figure in the latter's budget. The flexibility of the individual departments to embrace or ignore the national scheme is also perhaps questionable, given the words "if we designate a service to do so".

Blunkett goes on to add to the compatibility list:

"That will be true of JobCentres, that will be true of GP practices, it will be true of the commercial sector. We are giving fair warning that we will be developing over the next few years the capacity of everyone to be able to build in. I think this would be a tremendous opportunity commercially in this country if we were ahead of the rest of Europe and North America. We know they are moving in the same direction and what a tremendous piece of enterprise and innovation can now be offered by British companies and by us in terms of delivering a set market for them to be able to determine their likely take-up, to be ahead of the game, and I hope that British enterprise will rise to the occasion."

Blunkett's dream of British technology leadership remains treasurably unsullied by expressions like "bleeding edge" and "out on a limb." He also had a few things to say about the extent to which commercial operations would have to be able to access the system. The Home Office is apparently much exercised by the difficulties in actually imposing the requirement of the 1996 Asylum Act that employers should have to check immigration status of potential employees. The ID scheme will make it possible for a check to be made with the identity Register, and this will be compulsory. This does not mean that all employers will need to have Register accreditation, but all employers will have to check. So, in Blunkett's example, a corner shop owner will have, say, two weeks to run a check through an accredited agency. These do not yet exist, but clearly they will have to, so we have a whole new category of private sector service imposed by the government. Readers will also be present in local libraries, so it's possible anyone will be able to use them.

How this corner shop owner's check is actually carried out and what the checks against abuse are is not entirely clear. The Home Office pitch is that the presence of your card in a reader is, effectively, your permission that your ID be checked. But if the employer (or anybody else) is not going to do it on the spot, then the card is not going to be present, and it's a telephone check. So did you give your permission for that? Or you lost your card. So did you give your permission for it to be in a reader? All of this is would of course be illegal, and the Home Office goes on about the penalties quite a lot, but stealing credit cards is illegal too, and people still do it.

It's also clear from the evidence that it is Blunkett's intention that the police perform online ID queries using mobile readers. This, as we've argued here before, promises to be a costly technical minefield of doubtful utility. But he mentions current police experiments with mobile fingerprint readers, so may anticipate this as being one of the police budget areas that their share of the ID card expenditure is going to go through. ®

Related stories:

Everything you never wanted to know about the UK ID card
Draft bill and consultation
Glitches in ID card kit frustrate Blunkett's pod people
UK public wants ID cards, and thinks we'll screw up the IT
Fingerprints as ID - good, bad, ugly?
ID cards: a guide for technically-challenged PMs

Beginner's guide to SSL certificates

Whitepapers

Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.