Feeds

UK ID scheme rides again, as biggest ID fraud of them all

ID theft and the £1.3bn lie

  • alert
  • submit to reddit

Designing a Defense for Mobile Applications

Analysis Home Secretary Charles Clarke is "aware of the genuine concerns" over the UK ID scheme, but the Bill his department reintroduced to Parliament today is, according to Home Office Minister Tony McNulty, "in essence... the same Bill" as the one that fell prior to the general election. So, it would seem that the new-look listening Government hears the concerns, and says, 'tough'.

According to McNulty the new version of the Bill changes "some elements around the information commissioner", but that "some of the other [changes] are quite minor." New Labour had made a "very strong commitment" to ID cards in its manifesto, and "the essential principles are as they were then." There will however no doubt be changes in detail to look out for in the new version, which you can find here.

The pro-ID arguments the Government has put forward in the run-up to today's publication have been well-rehearsed, some of them over a period of years, and are as flimsy now as they were in previous Parliamentary sessions. It will, it claims, be necessary to have all of the biometric data to comply with global biometric passport standards, the public overwhelmingly supports ID cards, 30 (or sometimes 35) per cent of terrorists use false ID, and ID theft costs the UK over £1.3 billion a year.

Did we miss one? Possibly, but these old faithfuls serve the latest New Labour junior minister rotated into the Home Office ID card hotseat well as ammunition to bore the press with. Alongside them the form of words 'we never said ID cards were the complete answer to... [insert terrorism, ID theft, benefit fraud etc here]" comes in handy, and now they can also say (as Tony Blair did last week): "It is a manifesto commitment and we will honour it."* All of the claims are however either false or grossly misleading, the "we never said..." that the Government never mentions is what the ID scheme is the solution to, and while one might be inclined to applaud a determination to honour manifesto commitments, one can't help noticing the numerous previous commitments that haven't been honoured, and the things the Government has done in the past (e.g. the odd war, scads of repressive legislation and the attempted destruction of the judicial system) that unaccountably failed to appear in the 2001 manifesto.

The ID theft threat

This week's key pro-ID card argument is clearly ID theft, and several ministers have said £1.3 billion several times already. On Monday Charles Clarke told Parliament: "It is essential that we tackle the issues of identity fraud", while the Home Office's announcement of the new Bill (headed "Safeguarding Our Identities") quotes Tony McNulty as saying: "A secure national identity cards scheme would protect everyone's identity and help prepare the UK for the challenges of the 21st century... Our identities are incredibly valuable to us and too easily stolen. ID fraud is a growing crime which can ruin lives and underpin illegal activities from people-trafficking to credit card fraud, from abuse of our healthcare and benefits systems to terrorism."

The Home Office today also published the results of the Passport Service's biometric enrolment trial and, as we predicted it would eight months ago, spun the accompanying massaged survey up into overwhelming support for ID cards: "The majority of participants strongly agreed that biometrics will help with passport security, preventing identity fraud, preventing illegal immigration and are not an infringement of civil liberties", it claimed today.

The Government's redoubled enthusiasm for presenting the ID scheme as a way to tackle ID theft is easily explained. Various surveys report public support for ID cards as being around the 80 per cent mark, and the most recent, carried out for Intervoice and reported here, also found that 57 per cent saw ID cards as the best way to protect themselves against identity theft. As Intervoice general manager George Platt bemusedly told the Beeb: "An identity card doesn't really help the problem of identity theft other than at the point of purchase". He speculated that the result reflected general confusion about what ID theft is, and how it should be tackled.

Quite. The Government's own focus groups carried out alongside the now-geriatric Entitlement Cards consultation reported a majority supported ID cards, but that there was ignorance and misunderstanding of what they would involve, and how they would solve the problems the public perceived they would solve. Subsequent surveys, starting with the Detica one where Detica Head of Security David Porter noted that 94 per cent were aware of the ID scheme, but two thirds have little or no knowledge of how it will work, have all identified high levels of support accompanied by profound misconceptions.

Now, the Government is clearly proposing to use the public's very real concerns about what it thinks of as 'identity theft' as a major justification for ID cards. The public thinks ID cards will help deal with 'identity theft', so very well, the Government will use that in support of the ID Cards Bill. It's listening after a fashion, we suppose, besides being something of an ID fraud in its own right.

£1.3 billion - the estimate from Weimarland

The continued parroting of £1.3 billion is particularly fraudulent, and at this point it's worth us examining the origins of the figure, and what it is made up of. It appears in Identity Fraud - A Study, published by the Cabinet Office in July 2002. This document is actually on the Home Office site, but as Ministers show no sign of having read it, it's probably an oversight that it's still there. The document takes a pretty broad view of what might be classed as identity fraud, and puts forward various reports and estimates that together add up to £1.3 billion in Appendix B. We can look at the most significant of these, and in each case gauge the effectiveness of ID cards in dealing with the problem: Customs & Excise: "Missing trader" fraud, which involves avoiding paying VAT by shuffling goods between EU countries, sometimes using false identities and front people. The study guessed 10 per cent of this might involve ID fraud, giving a figure of £215 million per annum, but as one of the salient features of the fraudulent IDs here would appear to be they're non-UK, the ID card scheme does not apply. Customs & Excise also estimated (remember that these are old, old numbers Clarke and Co are basing their £1.3 billion on) that money laundering accounted for around £395 million per annum. But again, as most of those who'll actually qualify for a UK ID card will already be familiar with their banks constantly pestering them to identity themselves, the bulk of this will be carried out via non-UK ID. So that's £610 million of the £1.3 billion that ID cards would barely scratch.
Department of Work & Pensions Regular readers will know the DWP has a new wild guess for this one, an impressive £50 million. In the 2002 study the ID fraud component of welfare fraud of "£2-5 billion" (a pretty tight estimate, that) was around one per cent, i.e. £35 million. Shall we let them have that one? So the score is £610 million to £35 million.
Immigration: The Home Office claimed that in Heathrow Terminal 3 alone around 50 fraudulent documents were found each month, and that the detection rate was at most 10 per cent (it wouldn't be hard to project this up to a nationwide, annualised border control catastrophe if that was what you wanted to do), and that it could save £6 million per 1,000 reduction in clandestine entrants. This produces the somewhat dubious 'ID fraud' cost estimate of £36 million for Heathrow T3 alone, but as they're foreigners just arriving in the UK they don't qualify for ID cards. Biometric visas might qualify, but that's a different Bill, not the ID Cards one. Nul points - score, £646 million to £35 million.
Credit Card fraud: The estimate (for 2001) was of £370 million losses made up of counterfeit cards, lost and stolen cards, and card not present fraud. As George Platt noted, an identity card can only protect against identity theft at point of sale, and he might have added that it can only do so if proof of identity is demanded at point of sale. Which, in the UK currently, it generally isn't. So if your card is stolen, cloned, or used for card not present fraud (including via the Internet) the ID card as it is currently envisaged has no effect whatsoever. This is however the key area where the public thinks it would have an effect. Score now £1.16 billion versus £35 million.
Insurance: This is a fairly wild guesstimate (there's a change). The study suggests a quarter of losses here might involve identity fraud, giving a figure of £250 million. So, if insurance companies insisted that people they were underwriting had to prove their identity via a UK ID card, then ID cards might have an effect. If the £250 million figure has any substance at all. But cards wouldn't get all of it (foreigners again), and would only get a substantial slice of it if the Government compelled production of ID in the insurance industry, as is the case for money laundering in banking. We'll just leave this one out, score still £1.16 billion to £35 million.
CIFAS: CIFAS, the clearing house for the exchange of information on "applications for products or services, which are believed to be fraudulent" (we think they mean the applications, not the products or services really), provided an estimate of £62.5 million as the value of false ID or victim of impersonation fraud. Fraud in this area is undoubtedly bigger today than it was three or four years ago, and probably bigger than the CIFAS estimates. However, major growth areas are 'bin-bag ID fraud', where financial and personal data is stolen from your dustbin, and the theft of credit card company solicitations (with associated ID details) from common entrance halls. Where does the ID card come in there? Or indeed, on the Internet. The problems here are first that people do not in general keep a very good watch on how they dispose of their personal data, and second that credit card companies do not regard it as being in their overall interest to demand solid ID for new applicants. ID cards have nothing to do with it unless, again, the Government compels them to demand ID.

So, of the numbers making up the "£1.3 billion" (actually £1.364 billion in the study), only that £35 million from the DWP could be said to bear some linkage to an ID card scheme, and the number itself is pretty much a guess ("£2-5 billion" total, indeed...). You'll note if you go through the list that there are entries for other categories where the study was unable to identify numbers to work with, and that some of these categories (e.g. unpaid speeding fines and housing benefit) could be reasonably thought to have an ID fraud component in them. We could therefore think of the 2002 study as taking a pretty wild stab at guessing the order of the cost of ID fraud, but as being by no stretch of the imagination being a comprehensive or accurate assessment. It effectively says, 'ID fraud exist, it is growing, and the cost is a big number. We think.' Would many of us have a problem with that? Probably not, although it depends what you reckon ID fraud is, and we at The Register tend to think lumping together as many different kinds of theft as possible and calling it ID fraud isn't totally helpful.

By intoning the £1.3 billion mantra, however, and loudly repeating that Something Must Be Done about ID theft, the Government is encouraging the public in its erroneous belief that what it thinks of as ID theft will somehow be tackled by ID cards. Charles Clarke, who Trotted out the number just days after he took over as Home Secretary, is arguably the biggest ID fraud of them all.

Stop press While this piece was being written, Tony Blair's official spokesman said " the longer this debate had gone the more people seemed to be seeing the relevance of ID cards. What we were seeing was identity theft becoming a much more salient issue which people were becoming concerned about in their every day life. It was a growing crime which costs the economy at least £1.3 billion per year." So there it goes again. ®

* On the subject of manifesto commitments and honour, last Parliamentary session the TheyWorkForYou database was reporting that Tony Blair "sometimes" rebelled against his party. Which may strike you as strange, but investigation reveals that he voted against the Labour line twice, on the abolition of foxhunting, and on the reform of the House of Lords, both of these, we recall, being manifesto commitments.

Related stories:

ID cards: Part II
General election debate misses purpose of ID cards
Labour promises 'voluntary' compulsory ID card

Using blade systems to cut costs and sharpen efficiencies

More from The Register

next story
BBC goes offline in MASSIVE COCKUP: Stephen Fry partly muzzled
Auntie tight-lipped as major outage rolls on
iPad? More like iFAD: We reveal why Apple fell into IBM's arms
But never fear fanbois, you're still lapping up iPhones, Macs
Nadella: Apps must run on ALL WINDOWS – PCs, slabs and mobes
Phone egg, meet desktop chicken - your mother
HP, Microsoft prove it again: Big Business doesn't create jobs
SMEs get lip service - what they need is dinner at the Club
White? Male? You work in tech? Let us guess ... Twitter? We KNEW it!
Grim diversity numbers dumped alongside Facebook earnings
ITC: Seagate and LSI can infringe Realtek patents because Realtek isn't in the US
Land of the (get off scot) free, when it's a foreign owner
Dude, you're getting a Dell – with BITCOIN: IT giant slurps cryptocash
1. Buy PC with Bitcoin. 2. Mine more coins. 3. Goto step 1
There's NOTHING on TV in Europe – American video DOMINATES
Even France's mega subsidies don't stop US content onslaught
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.