Mission impossible? Blunkett's big biometric ID adventure

Today UK home secretary David Blunkett rolled out his plans for national ID cards. They will cost "£35" over a ten year period for individuals, but will be free for "all those who do not want or need a driving licence or passport" (which means they're already compulsory for these two groups), and the add-on cost, based on the assumption that passport and driving licence will go biometric anyway, will only be £4. Blunkett claimed support of 80 per cent of the public for this £4 bargain, which will nevertheless look remarkably like an extra £35 on passports and driving licences.

In his statement to parliament he also seemed to suggest that costs might be offset by "benefits in the commercial world". Which could be both a worry and a script for disaster, depending on what he means.

But earlier Blunkett put his personal ID card stake in the ground. Biometric identifiers on ID "will make identity theft and multiple identity impossible, not nearly impossible, impossible." That one's tougher to stand up than you think, David, and we're going to hold you to it.

Blunkett was speaking to BBC Radio 4's Today programme, where we believe he has a camp bed, prior to making the statement to parliament on his ID card rollout plans. After what have been described as "brutal" meetings on the subject, Blunkett has secured cabinet approval in principle for a compulsory national ID card, but the final green light for this is contingent on a number of criteria being fulfilled (more details of these here).

Blunkett's championship of biometric identifiers has become increasingly evident as discussion of ID cards has proceeded ('progressed' would we feel be the entirely wrong word), and this morning he has nailed his colours to the biometric mast even more emphatically. Which is appropriate, because successful implementation of biometric identifiers would prove his case, while on the other hand that very successful implementation is going to be hardest of the criteria to fulfill, by a long chalk. Will it be impossible? Read on, then you decide. Note also that Blunkett and the government (and indeed many other governments) are proceeding on the assumption that biometrics are going to be introduced for passport and driving licence anyway, so even if a national ID card scheme were abandoned forever, now, the challenges, and the costs of meeting those challenges, would still exist.

And when the government's deciding a few years down the line, remember what he said: "not nearly impossible, impossible." 'Good enough', 'near enough' will not do.

The first rollouts of biometrics for the general UK population will be in passports, then in driving licences. These are currently the two most reliable pieces of government-issued identity in the UK, but in both cases genuine documents exist which support false identities. It appears that it's even still possible to use the birth certificate loophole exposed by author Frederick Forsyth in the Day of the Jackal in 1972, and fake driving licences are readily available.

These 'relatively reliable' documents are currently used to provide proof of identity in order to obtain one another; a driving licence helps you get a passport, a passport helps you get a driving licence, and once you've got both you're pretty nearly real. National insurance number? No, there's a very good reason why the Home Office is not mooting the use of the current generation of national insurance number as a reliable basis for a unique ID system. The point here is false identities on real documents are already in the system, and that for Blunkett to achieve his "impossible" goal these will have to be shaken out. If the next generation renewal turns out to be simply adding bearer's biometrics onto an existing ID, then it will merely strengthen existing false IDs.

So far so easy, we're only talking about the UK, where the problems may be difficult, but not insuperable. We'll move out into the European Union as a whole now, and consider how you tackle multiple ID while we're about it. States within the EU need to be able to issue ID documents that use documents from other EU states, and the records of other EU states, for their verification. So Blunkett's confidence in the integrity of UK-issued documents can only be as high as his confidence in the reliability of the least reliable documents from any other EU state. No name-calling necessary here, obviously it varies, obviously the speed of implementation of relevant EU rules and directives varies, and obviously newer entrants to the EU will be less likely initially to be in the top ten.

Overcoming difficulties of this sort is again not impossible, but quite clearly high levels of standardisation in documentation and the integrity of issuing authorities throughout the EU will be necessary to achieve "impossible." And, when you consider multiple identity, high levels of data sharing.

How do you use biometric identifiers to make the issuing of multiple identity documents impossible? The biometric database, of course, which is why Blunkett is so keen on getting this set up. But you can only check that the individual in front of you is not in fact several other individuals as well if you do a look-up. At which point you arrive at an upward scale of hardness. For UK issued documents you can compare what you have locally (two pieces, mind, document and actual person have to match) with what you have on file. Determining that you do have something on file means the document is genuinely issued, determining that you (and the rest of Europe) don't have several different IDs with the same biometrics means you don't have multiple IDs present, at least at this level.

Obvious questions dealing with how you do the matching and how reliable the matching can be arise. Obviously you don't do it all every time a document is presented, but the system does require that it's all done sufficiently frequently to catch frauds. Against what would effectively have to be the giant database of the biometric identifiers of everybody in Europe, with each single identifier absolutely verified, no mistakes or frauds in issue. And with all of this shared by every authority in Europe.

The word "impossible" does start to spring to one's lips at this juncture, but not quite in the sense that Blunkett meant it.

Do we need to move out into the rest of the world? Probably not. For the sake of argument we might as well presume that the US is capable of setting up systems that are just as effective as Europe's, and will participate in the biometrics data-sharing arrangements (N.B, 'for the sake of argument' is not the same as 'lay odds on'). And the rest of the world? How confident can you be that documents from anywhere in the world have not been issued fraudulently? How effectively can you match what purports to be a genuine document with a record which may (or may not) be held anywhere else in the world? How effectively can you ring-fence issuing authorities you don't have confidence in? How do you set the boundaries?

How, indeed, do you achieve "not nearly impossible, impossible"? Mission impossible? Note also that all of these difficulties exist before you even consider whether or not it will be possible to forge the new class of ID document. Will this too be impossible? ®