Feeds

Plan B from Petty France - the other UK ID card

Or more properly, the real one?

Beginner's guide to SSL certificates

Baroness Scotland helps explain the extent to which the National Identity Register already exists: "We have called the central new database 'the register', but noble Lords will be familiar with the fact that the Passport Office currently has a database. When we include the biometric data that will come from facial recognition and fingerprints, that information will have to be contained on that database. As a result of the demands made on the service, we have now piloted passport validation, a commercial service that will come on stream in 2006. It is demand-led because, even under the current legislation, there has been a demand for that from the business community.

"All of those items are coming anyway, and the passport service will have to provide for them. So if we look at the differences between the service that will be provided now and that which we anticipate will be necessary to be provided in the long term, the differences are not great. I will list them. A database of basic personal information and biometrics exists, and that will continue. An identity document that stores information, including biometrics, is already provided. The ability for banks and other organisations to validate identity documents with consent exists now in pilot form. Disclosure to the police and other agencies of data held on the passport database happens already, and this would include the equivalent audit usage data.

"So what is new? The production of cards as well as passports is new. We do not currently record changes of address, but we propose to do so in the future. The IT infrastructure will be slightly bigger; and the scheme will be enforced; that is, civil penalties, mainly post-compulsion."

You can see the inexorable logic when it's put like that. The database will exist, will include biometrics, and via passports alone will ultimately cover 80 per cent of the UK population. The Passport Service's transformation from a document-centred to a person-centred database positions it as the sole custodian of 'gold standard' identification in the UK, and the inclusion of biometric ID capabilities tying the individual to the identity document produces further potential benefits. When you go down to the bank to prove you exist, the bank can use a reader to associate you with the identity document, and all of the other claimed ID scheme benefits follow from there.

From this kind of perspective the fact that the UKPS ID Register (or, erm, "database", as Baroness Scotland puts it) can only ever cover those in the population who're UK passport holders is clearly anomalous. But if the ID scheme died and the Government nevertheless continues with the approach, and passport-linked biometric ID infrastructure begins to grow through Government and the commercial sector, we can anticipate how the tentacles will grow.

People might start demanding that ID documentation in a more convenient format (Passport Lite?) be issued. And you could envisage other Government departments (DWP, NHS and DVLA being obvious examples) increasingly using the UKPS database systems for the validation of their own existing ID documentation and systems, and dusting off plans to morph driving licences into ID cards, and to produce "entitlement cards".

The House of Lords, rightly, didn't accept that the Government's oft-quoted cost of £584 million for the ID scheme was anything like the total cost, because it's simply the running cost to the Home Office and does not include start-up costs and costs to other departments. But simply blocking ID cards will not necessarily allow us to avoid all of those other costs - they may be incurred more slowly and haphazardly, but they'll still exist.

As Baroness Scotland put it: "If we then look at the future, it would be easy to say, 'If we just put the Identity Cards Bill to one side these costs would not be expended'. As I hope that I have just indicated, that is unlikely because if we consider the way in which biometric data are being used and will be used in the future — the Passport Office is having to provide ID verification more and more now because those demands are being made upon it — we can see that this development will be necessary."

The 'it's coming anyway, so give in' argument has some strength, but we should bear in mind that the arguments that have been deployed against ID cards are equally valid deployed against a more clearly passport-led national identity scheme. The central database is just as vulnerable, the uncontrolled and unregulated linking of Government and private databases is just as invasive, and the underlying thinking is just as flawed. Which is as one should expect, given that the Passport Office plan is, to all intents and purposes, the blueprint, and the ID Cards Bill is a lot about extending the target population and tidying up the legal framework.

What legal framework? Well might you ask.

Security for virtualized datacentres

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Apple CEO Tim Cook: TV is TERRIBLE and stuck in the 1970s
The iKing thinks telly is far too fiddly and ugly – basically, iTunes
Huawei ditches new Windows Phone mobe plans, blames poor sales
Giganto mobe firm slams door shut on Microsoft. OH DEAR
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Show us your Five-Eyes SECRETS says Privacy International
Refusal to disclose GCHQ canteen menus and prices triggers Euro Human Rights Court action
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.