Original URL: http://www.theregister.co.uk/2003/09/23/blunkett_states_id_card_aims/

Blunkett states ID card aims – but can he achieve them?

How the rollout will work. Or not...

By John Lettice

Posted in Media, 23rd September 2003 15:06 GMT

UK Home Secretary David Blunkett came out fighting for his ID card scheme over the weekend, telling BBC's Breakfast with Frost programme that he still wished to see enabling legislation for a scheme introduced in the next parliamentary session, despite doubts from some of his cabinet colleagues. Blunkett's determination is hardly news at this juncture, but in the interview he provided enough information about his objectives and requirements for it to be possible for us to sketch out what it will look and feel like, how (or 'if') it will work, and the implementation challenges Blunkett will face.

Blunkett observed that he did not have a clue how many immigrants there are in the UK, which gives us one primary objective of finding out, but he put in a clearer and less rabble-rousing way by saying he wished to make sure that people don't work if they are not entitled to work, and don't use services, e.g. benefits and health, unless they are entitled to them. Then he went back to rabble-rousing with: "My own view is that the minimum is that you can't actually work, or draw on services, register for services unless you have that card."

Which boils down to either identifying everybody in the country or setting up gateways to services which block access for people who do not have a valid identity. The two obviously relate in that the gateways can act as tripwires to catch the missing and disappeared, but it wouldn't be technically or politically feasible, or even productive for every gateway to act as a tripwire. For example, although it would be productive from the point of view of immigration officials for doctors to both refuse treatment for illegals and to alert the authorities, getting doctors to refuse treatment will be quite difficult enough without turning them into narks as well.

And from the point of view of simply denying access to services, you could argue that tripwires are usually unecessary; if they definitely can't get it, then you don't need to worry over whether they exist or not. If you approach the matter in that way you're maybe rather closer to wanting to establish electronic identity than to deploying a 'Big Brother' monitoring system. The 'entitlement' to work is an exception here, in that most people don't view it as an entitlement at all, and because here people can effectively gain benefits simply by not existing, and therefore not paying tax.

You can go through the various services and arms of government and figure out the extent to which they fall into the two categories which emerge from this. You have the transactional systems which are dependent for their delivery on your establishing an ID, and those which are delivered by default (e.g. pavements, national security, good government). This second category requires a proactive approach by the state in order to combat fraud. For example, the Inland Revenue conducts raids in situations where it suspects tax evasion is taking place, and its ability to identify evasion would be significantly enhanced if it had a list of everybody who existed, and was therefore able to speculate about their means of support.

Blunkett does want a big list ("we need [to] know who's here.. who they are, that we can track them"), so it's curious that his prime examples of abuse are the transactional ones, rather than, say, national or council tax, where the big list would be most helpful.

Part of the difficulty in this kind of category is that identity isn't necessarily uniformly established. You might exist for tax purposes by having a national insurance number, but as far as the council knows, you don't exist because you're avoiding the council tax, and have taken steps not to exist from the council's point of view. You might not exist as far as the Revenue is concerned, because you work in your family store for food, and will take over the business (which does exist, or perhaps it doesn't) when your parents retire. But you could still have a national health number.

Hardly anybody doesn't exist at all, but the problem of greyness in identity/existence (if problem it is) is inherently less tractable than the relatively simple one of stopping illegal immigrants from getting stuff they're not entitled to. Blunkett is identifying the tractable one as the problem, but is proposing to address it via the kind of means that would be necessary to deal with the other one.

We'd say fuzzy thinking rather than hidden agenda, but the bottom line is that he's going for the 'collar the lot' approach. So how will he implement it?

Hurdle one is that you have to get the electronic ID associated with as near to everyone in the country as is possible, and note that this is not necessarily the same thing as getting everybody to sign for and collect their little bit of plastic. Which is as well. The Register knows and, we hope, most Register readers know plenty of potential refuseniks, but you don't give them the opportunity to refuse. Says Blunkett: "you build on what is already there, 44m passports, 38m driving licences, we can build on that, and ensure that everyone has a verifiable card."

You defang a goodly quantity of liberal opposition by deeming passport or driving licence as base ID, and you can associate the data you like without giving them the opportunity to oppose you. But note first that Blunkett does not say what the total number covered by passport and driving licence is, because he probably doesn't know (yet), and second that these nust be the only two pieces of ID that the government can rely on as accurate. Not NHS number, not NIS number, not electoral register...

Blunkett therefore has to build ID systems that use passport and driving licence as a template, and trawl the other, doubtful ID systems to broaden the (largely enforced, in scenarios where people have no chice) take-up of new-model identity. This takes us back into entitlement card territory, although the definition of services has now been broadened sufficiently to apply to everybody. It's still a bit of a leap for him to say "ensure that everyone has a verifiable card," but he can mop up quite a few, the percentage being in direct relation to the aggression of the approach. The small percentage that slips through the net will annoy him and his ilk disproportionately, but this annoyance is surely no more than he deserves.

Verification is a much bigger hurdle, one whose size is proportionate to the strength of the verification used. The company responsible for the implementation of Belgium's ID system argues that you should only use the strength appropriate to the situation; absolute verification in all circumstances vastly increases the technical challenge and cost, and vastly increases the scope for security breaches. Blunkett historically seems to have favoured biometrics, although it may be significant that he didn't push this on Sunday, and also seems to favour online checking with a central database as a matter of course. The Belgian system uses certificate and pin, with online checking where necessary, and is probably adequate for most of the 'entitlement' purposes Blunkett has in mind.

How you ensure that the person with the card and pin is who they are without having biometrics is the logical objection here, but by requiring biometrics you're just moving the weak point, not eliminating it. Do you trust the issuing authority? The more of these you've got, the less you do, surely, and this applies to both biometrics and certificate/pin systems.

It's possible that Blunkett and the Home Office are getting hung up on biometrics because passports are an obvious nucleus for an ID system, and biometrics are coming on these anyway. The US will be requiring them at some (moveable) date in the future, and international standards for biometrics are being developed. But their existence on a piece of ID used for one purpose does not automatically mean their presence on one used for another has any utility. Equally, the fact that they're of negligible use in one scenario does not invalidate their usefulness elsewhere. A number of airports, for example, are offering retinal scans to regular customers to speed check-in - it works to the satisfaction of authorities, it's a convenience for the customer, and the deployment issues aren't too great.

Not all three of these apply in all ID card scenarios, and biometrics are the likely weak point in the case that is currently being made by the Home Office. They could well fall away because they fail the cabinet's tests on cost and technical feasibility, or they could be deemed wanting via the passport department's current pilot trial of biometric enrolment. This is intended to:

- Test the capture of biometrics for use as a one to many identity verification through a simulation of the passport process;
- Include exception cases, e.g. people who may have difficulties in enrolment;
- Measure the process time and hence estimate costs;
- Assess customer perceptions and reactions;
- Assess practical aspects of incorporation of biometrics into a biometric database and the required secure links to the database;
- Trial the use of biometrics to prevent duplicate identities;
- Qualitative testing using a pre-populated database of anonymous biometrics;
- Fingerprint and iris biometrics are to be tested for one to many identification. Facial recognition to be tested for one to one verification;
- Report on findings of above along with issues and risks, and outline implementation plan.

It's just aimed at passport biometrics right now,* but it should give indicators of the problems faced by a far vaster deployment than one confined to the immigration authorities at a fairly limited number of entry points. It seems reasonable to assume that if the cabinet reads and understands the results of this pilot, widespread biometrics will go onto the back burner.

Leaving the ID card scheme in ruins? No, we don't think so. As we've tried to explain here, you can look at identity in two different ways. You might not like them trying to define who you are, but there are numerous areas where it's to your personal benefit to establish your identity, and you don't want other people claiming to be you. Electronic identity will become established, with or without your support and approval, and with or without the efforts of David Blunkett MP. If the more repressive aspects of the scheme tend to be the ones that will be costly, difficult to implement and of dubious efficacy, then these could fall away, at least for now, leaving the opportunity for the government to consider how electronic identity can be implemented and policed as a benefit for the citizen, rather than as a tool of control.

There's still time. We doubt that Blunkett is capable of putting a sock in the knee-jerk populist soundbites, but if he could just stop saying "compulsory" it would be a start. ®

* The spec appears in the European electronic tender reporting system, TED, and those of you familiar with this open government system from hell will know why we can't give you a URL. Go here, then head for document 2003/S 46-040045 to get the full text.