Feeds

Home Office stacking the decks in ID scheme pilot?

Questionable questions

  • alert
  • submit to reddit

Internet Security Threat Report 2014

Call us suspicious-minded, but we feel sure that at some point in the very near future the UK Home Office will announce that the biometric identity system pilot scheme currently running has been a success, and that the response from participants has been positive. This might seem a remarkable achievement, under the circumstances, considering that there have been numerous reports of technical glitches and an underwhelming response to the pilot, but The Register has received indications that the Home Office has taken the precaution of loading the dice.

At least as far as the participant reactions are concerned. A questionnaire is being presented to those signing up for the pilot, but participants aren't being given copies of the questions they're being asked, and the best we can establish after some correspondence with the Home Office (we've blogged it for you below*) is that the Home Office intends to keep the questionnaire a closely-guarded secret.

But in surveys, questions are frequently used to massage the data in order to produce the desired results, and there is some evidence that this is precisely what the Home Office is up to. Marketing consultant Ben Fleming-Williams, who signed up for the trial for his own interest and kindly offered to report back to The Register, says that: "Instead of asking an absolute 'How was your experience of the trial', the question was 'How was your experience of the trial, compared to your expectations?'."

Fleming-Williams has some experience of producing questionnaires, and points out this means that "people with terrible expectations can have a bad experience, but all the questionnaire will capture would be 'Better than expected'." He also noted that the question relating to people's concerns about biometrics was limited to their concern about having their data stored for the trial, not in the long term. "I couldn’t care less about how they’ll be stored for the trial, because I know it’s not going to have any effect on how I’m treated in real life. So the question doesn’t get anywhere near what they’re meant to be trying to find out.

"The girl who was taking me through the trials said the first time she’d looked at the questionnaire she’d had the same reaction as me, but that 'we only have so much control over what goes in there', or something to that effect. I mentioned it to her boss as I left, too, who happily informed me that the people who write questionnaires (in this case, it sounds like the government did it themselves) are usually in another world!"

These questions certainly seem to have been devised by someone with a particularly narrow agenda, and will produce a response with no significant validity as far as the biometric identity scheme in general is concerned. The Home Office published the objectives of trial here, (towards the end of the page), and the relevant objective here is "to assess customer perceptions and reactions." Which could of course simply mean customer perceptions and reactions to the pilot, but in that case, when it presents the results the Home Office ought not to claim broader relevance.

This part of the pilot is being managed by MORI, and the report will be the property of the Home Office, which is the client. The nature and content of the survey will have been devised in consultation with, and with the approval of, the Home Office, and MORI as the contractor is clearly not able to release information or comment. MORI will produce a report for the Home Office, and the Home Office will be free to use this as it sees fit.

The results are also likely to be skewed for another reason; a low response rate could be undermining the objective "to ensure a representative sample of the UK population." a Scotland on Sunday report in June claimed that a lower than expected applications meant the shortfall would have to be made by people being "dragged off the street" outside processing centres. And just last week Guardian journalist Martin Wainwright reported that when the ID roadshow made its appearance in Harrogate the pilot was still 1,500 volunteers short. Wainwright also reports that his fingerprints " were compared by satellite in a matter of seconds with some 1,000,000 records, including a temporary library of biometric volunteers", which is interesting, if true, as it suggests the data from the trial is compatible with at least some existing fingerprint data. It could of course be sample data produced by the equipment vendors.

As regards the survey data, the proof of the pudding will be clear when we see how the Home Office presents the conclusions. To The Register's knowledge, however, the Home Office has played fast and loose with the presentation (to the public, and to Parliament) of other data in relation to the identity scheme, and we have grave doubts that things will be different this time.

* Is it or isn't it? It was one of those simple fact-checking calls that we just knew was not going to be simple. Open and shut case, MORI is conducting the thing, so call the MORI press office and ask for some help. Yes, we understand that MORI is simply the contractor here and that it therefore can't comment on the pilot, but it's just a simple query: is it possible for either a volunteer or the press to have a copy of the questions?

They'll get someone to get back to us. And shortly afterwards we have an email from Home Office press officer Peter Wilson saying "I don't have a copy of the questionnaire to give out - though of course you can see it if you go and take part in the trial. It basically asks questions covers questions for each biometric (facial, iris, fingerprint) on: privacy; how concerned they were having it taken; was it intrusive; how long it took; positioning; overall feeling about it, how the experience measured up to expectations. The same goes for the verification process. There is also a question asking how useful the volunteer thinks biometrics could be in increasing passport security and stopping ID fraud, and whether they are an infringement of civil liberties."

So we have a gloss of the questions telling us what the Home Office says they cover, but we do not have questions. We seize on his not actually saying we can't have a copy by mailing back: "Thanks Peter, but that doesn't quite answer the question of whether I or people enrolling can have a copy of the questionnaire. If I can, then can you point me at someone who does have one to give out, and if I can't, can you confirm that to me?"

That's a simple one, isn't it? Apparently not. Replies Wilson: "No, we don't have copies to give out." Which still doesn't answer the question, and that's absolutely all he said. Argh... Rather than engage in some protracted, nightmare declension (I don't have copies, we don't have copies, he don't have copies, it don't have copies), we decide to hit the eject button. We respond: "That still does not answer the question. I propose to presume that you mean that the Home Office refuses to release the questionnaire into the public domain. Here I am assuming that by 'we' you mean the Home Office, and that by 'do not have copies to give out' you mean, refuse to give copies out. If that is not the situation, then do let me know what the situation actually is."

That was Friday, it is now Tuesday, and the Home Office remains silent. We suppose we could always mail him asking if he's officially refusing to confirm that we can't have copies and see if he'd refuse to confirm that too, but life's too short. ®

Related stories

Data watchdog slams ID card plans

CBI wishes for the ID scheme we're not getting

ID cards: a bad idea, but we'll do it anyway

Tag, track, watch, analyse- UK goes mad on crime and terror IT

Blunkett appoints development partner for ID card project

Glitches in ID card kit frustrate Blunkett's pod people

ID cards to use 'key database' of personal info

UK public wants ID cards, and thinks we'll screw up the IT

ID cards: a guide for technically-challenged PMs (special report)

Remote control for virtualized desktops

More from The Register

next story
I'll be back (and forward): Hollywood's time travel tribulations
Quick, call the Time Cops to sort out this paradox!
Musicians sue UK.gov over 'zero pay' copyright fix
Everyone else in Europe compensates us - why can't you?
Megaupload overlord Kim Dotcom: The US HAS RADICALISED ME!
Now my lawyers have bailed 'cos I'm 'OFFICIALLY' BROKE
MI6 oversight report on Lee Rigby murder: US web giants offer 'safe haven for TERRORISM'
PM urged to 'prioritise issue' after Facebook hindsight find
BT said to have pulled patent-infringing boxes from DSL network
Take your license demand and stick it in your ASSIA
Right to be forgotten should apply to Google.com too: EU
And hey - no need to tell the website you've de-listed. That'll make it easier ...
prev story

Whitepapers

Go beyond APM with real-time IT operations analytics
How IT operations teams can harness the wealth of wire data already flowing through their environment for real-time operational intelligence.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.