Feeds

'Non-compulsory' ID cards poised for a makeover?

Kinder, gentler, don't mention the database

SANS - Survey on application security programs

Ticking the boxes

The 'acceleration' of the rollout primarily involves the extension of this autumn's voluntary ID card scheme in Greater Manchester to the whole of the North West "early next year". Only a few thousand Mancunians have so far expressed an interest, and asking for £60 in exchange for little obvious benefit is a big ask. But it can be used instead of a passport for travel within Europe, and as the Home Office says, it's a form of ID that conveniently fits in your wallet or purse. It might not be anything like as solid and secure a form of ID as the Home Office first claimed it would be, but if it is defined as such by banks, shops and Government, then it's the one document box-tick that means, say, you don't get fined for employing an illegal alien.

Box ticking at retail is potentially another big market. Young people (the next phase of the voluntary rollout) already have to prove their age by various means, and supermarkets, bars and stores need to show they've taken adequate steps to make sure their customer isn't underage. The ID card, says the Home Office, is "reliable proof of age... in the fight against underage drinking and young people trying to buy knives". So, just as the card could be the de facto proof of citizenship for job hunters, it could also become the only viable proof of age document for young people.

There is a problem with that, in that nobody is allowed to demand an ID card as proof of identity until ID cards become compulsory.* So yes, where does Alan Johnson get off claiming they were never going to be compulsory when that intention is expressed in the ID Cards Act? Quite - and there are a few other things in the Act that are going to need straightening out if they'll now never be compulsory. We'll get to these, but you can see how many people might find ID cards convenient and/or necessary, and how it might turn out that only a few determined holdouts can be bothered.

So there's a market there, potentially a large one. Price point is clearly still an issue, but there are apparent advantages that the marketing people can be working with, and while overt compulsion is now off the agenda, circumstances can be engineered where it's a lot harder to, say, open a bank account, have a drink, get a job or get to your job at the airport when you don't have an ID card. Sprinkle in a few free offers and momentum could still be achieved (and incidentally, just rebranding the things as a free short-form passport handed out with the full passport would probably be quite popular).

If it weren't for the database? In common with his predecessors, Johnson puts all the focus on the cards and downplays the database. But although this is a rather different animal from the entirely new, clean database David Blunkett envisaged, it hasn't been cancelled.

So, when you apply for an ID card your data will go onto it, to be shared, lost and leaked across Government. But - between massive data leaks, anyway - that doesn't have a huge amount of traction with the general public. They'll care about being followed around (as with road-pricing), and they'll care about being taxed (ditto, or practically any other Government scheme described as "self-funding"), and they'll care about the Home Office being compulsively creepy and surveillance-happy.

But if Government contrives to lose data a little less frequently and soft-pedals the Big Brother stuff, then the public quite likely won't care about the database. The current Government probably doesn't care greatly either, for a couple of reasons. Most Ministers quite obviously don't have sufficient grasp of databases to understand the problem, and even if they did their view that their motives are pure and it's all being done for the best possible reasons blinds them to the threats.

* The Blessed Guy Herbert of No2ID points out that this is not entirely accurate:

It *can* be demanded as a condition of a public service for which you pay, while it is explicitly prohibited for obtaining benefits or free services (sop to Labour backbenchers presumably) - and that can be done by regulation s13. There are an awful lot of public services for which there are fees. ... Want to put in a planning application? Join the local authority gym? Where's your ID card?

It can also be demanded by anyone provided they offer a "reasonable" alternative. The only way you'd get to argue about what's reasonable, and to prove the demand is therefore unlawful is by seeking a declaration from the high court. Unless you are a bolshy QC you are unlikely to be prepared to do that at the drop of a hat and postpone opening that bank account or taking that job meanwhile. Cf. current demands for passports, specifically, by staff agencies, or any of the money-laundering nonsense where bank employees have no discretion over the list of acceptable items issued by head office. What's reasonable is what corporate bureaucrats, watching their own backs against the Whitehall ones say, is reasonable.

3 Big data security analytics techniques

Next page: Death by neglect

More from The Register

next story
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
Record labels sue Pandora over vintage song royalties
Companies want payout on recordings made before 1972
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Edward Snowden on his Putin TV appearance: 'Why all the criticism?'
Denies Q&A cameo was meant to slam US, big-up Russia
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Judge halts spread of zombie Nortel patents to Texas in Google trial
Epic Rockstar patent war to be waged in California
German space centre endures cyber attack
Chinese code retrieved but NSA hack not ruled out
APPLE FAILS to ditch class action suit over ebook PRICE-FIX fiasco
Do not pass go, do cough (up to) $840m in damages
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.