Byrne explains the UK's wondrous, biometric, ID card future

Count them in, count them out, count them all about...

Reducing security risks from open source software

Immigration Minister Liam Byrne this week unveiled - to a certain amount of derision - his vision of the ID Card scheme as some sort of 21st Century equivalent of the 19th Century railway network or the 20th Century national electricity grid. It will be pervasive, and in 20 years time it will be a great British institution, "part of the fabric of British life."

More disturbingly, however, Byrne rattled off a series of areas where the scheme's pervasiveness seems most likely to be achieved at gunpoint and/or via deals stitched up with private sector stakeholders, and added happily (in an answer intended to deny allegations of function-creep) that "the more you look at identity technology, the more uses you see." So we should understand from this that Byrne's initial list of applications is by no means the end of the story.

The vision encompasses almost any existing application of biometric technology (but not, tellingly, the one currently ripping through Britain's schools like a dose of salts). In the US, said Byrne, 120,000 customers are already registered to pay at checkouts by fingerprint, work is progressing on "fingerprint technology locks that would make stolen phones and MP3 players instantly worthless" (The Register has already asked why ministers think this intensely stupid thing), nightclubs are using biometrics, and the Government has its own biometric scheme in operation in the shape of project IRIS, the iris recognition-based fast track for British airports.

Alongside these Byrne offered faster Criminal Records Bureau checks via ID cards, use of ID cards and/or the Identity & Passport Service's identity verification service for checking the employment status of foreign nationals, the prospect of ID cards being used for proof of age when shopping for alcohol, knives and solvents, the biometric visa programme, and ID-related projects with the Department of Work & Pensions and the Government Gateway to be unveiled next month.

Practically all of these examples are under way to some extent, via discussions with other departments, pilot schemes or existing systems that are being extended (e.g. IRIS and biometric visas). Which, given that the ID scheme does not yet have its 'network' in place, is pretty impressive for the equivalent of the railway network or the national grid.

And it's also worth noting that in the majority of the examples Byrne cites, the citizen will not have a great deal of choice. Employers who don't check ID ("just one document", as opposed to around 60 immigration status documents at present) will be fined, and potential employees who don't produce ID cards won't be employed. Teachers and other people subject to CRB checks will find it difficult to get work without ID cards, no ID, no beer or kitchen knives, no unemployment benefits and no access to Government online services. No health care? No doubt, but it being a hot potato, Byrne didn't list the NHS.

Other uses of biometrics in the private sector will also form an important part of the great British institution Byrne envisages for the year 2020, but they will be regulated in accordance with the Government's grand scheme of things. "If we persist with this public and private laissez-faire... the day will come when we have a mish-mash of unregulated, potentially unsafe systems, mushrooming in growth and size in a way that is just uneconomic."

So without Government intervention, in Byrne's view, there will be no safeguards for "your details" and "your fingerprints", people would be "wide open to identity theft" and unable to correct inaccuracies, systems would be uneconomic "because there would still be many cards and systems", and the world would be prone to "a new and isolating kind of digital division." In this last case Byrne argues that the costs of these unregulated and incompatible private sector systems would be such that the poor would be unable to afford to protect their identities - it will be "those that can't afford their own defences" who suffer.

"My party has always been suspicious of growth in unregulated and unaccountable power and the risk of new inequalities", says Byrne, proposing instead "a publicly accountable, national solution" that becomes in time "another part of our critical national infrastructure."

One might well look askance at the notion that a Government with such a grisly record in the implementation of critical national infrastructure, which is about to be run by a man whose current department perpetrated one of the more spectacular and expensive cases of web-based mass ID theft, is the most appropriate candidate to put your ID assets in one big pile and keep them safe for you. But that's essentially what Byrne is recommending here.

And a "publicly accountable" ID scheme? When did this happen? Accountability and close scrutiny of costs and security will be key to the success of the scheme, Byrne claims shamelessly. "I'm a great believer in the disinfectant of sunlight." An "annual report once a year is inadequate" (or, as we used to say, how they're supposed to come - but we just report this stuff). It is vital, he says, that parliament and "others" be "more dynamically involved."

It's not immediately obvious what Byrne has in mind as regards more involvement by parliament, but a major part of the "others" is likely to consist of private sector 'stakeholders', several of which are already involved in the parts of the ID octopus that Byrne has already outlined. Proof of age checks, for example, are being worked on in conjunction "with the retail industry" and recommendations are to go forward to "the Proof of Age Standard Scheme board, based on excellent engagement with industrial and individual business."

The way this kind of thing works, "dynamically", is that the Government explains what it is going to do, 'consults' groups of stakeholders in the shape of industry- and sector-specific interest groups, lobbies and trade associations about how they're going to co-operate in the implementation. Then the Government calls the outcome widespread support. The groups are effectively co-opted in order to expedite the rollout of whatever it is the Government intends to do anyway, and thus it will be with the implementation of the ID scheme. So how many stakeholders does it take to make a democracy? ®

Maximizing your infrastructure through virtualization

More from The Register

next story
Major problems beset UK ISP filth filters: But it's OK, nobody uses them
It's almost as though pr0n was actually rather popular
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
UK government officially adopts Open Document Format
Microsoft insurgency fails, earns snarky remark from UK digital services head
ITC: Seagate and LSI can infringe Realtek patents because Realtek isn't in the US
Land of the (get off scot) free, when it's a foreign owner
MPs wave through Blighty's 'EMERGENCY' surveillance laws
Only 49 politcos voted against DRIP bill
EU's top data cops to meet Google, Microsoft et al over 'right to be forgotten'
Plan to hammer out 'coherent' guidelines. Good luck chaps!
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
prev story


Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.