FT: No ID - No Comment...

In the two years since legislation for a UK national identity card scheme gained royal assent, the case against the multi-billion pound programme has become overwhelming. The government’s arguments in favour have crumpled. Now, if leaked official documents are to be believed, its roll-out is to be delayed until 2012. Some investors, concerned that it is not worth the wait, are already walking away. Gordon Brown inherited this deeply flawed plan from his predecessor as prime minister. He should follow his instincts and abandon it altogether.

Not only would ID cards be an unwelcome infringement of personal freedom – they were scrapped in Britain after the second world war because people resented being asked to prove who they were – there is no evidence their introduction would deliver tangible benefits.

No, not another of my rants, but the editorial in a little publication called the Financial Times.... (Via Open Rights Group.)

Of Lost IDs, ID Cards and Biometric IDiocy

One of the many outrageous aspects of the recent loss by HMRC of crucial data about half the UK population is how the UK government immediately tried to spin this as a reason why we needed ID cards. This follows in a long and dishonourable tradition in this country whereby every failure by the police to catch terrorists/criminals using their extensive powers of surveillance is turned into a justification for giving them even more such powers, when it ought to mean the opposite.

Fortunately a crushing refutation of the faulty logic behind the ID card argument has now been provided by some top academic security expects, who write:

biometric checks at the time of usage do not of themselves make any difference whatsoever to the possibility of the type of disaster that has just occurred at HMRC. This type of data leakage, which occurs regularly across Government, will continue to occur until there is a radical change in the culture both of system designer and system users. The safety, security and privacy of personal data has to become the primary requirement in the design, implementation, operation and auditing of systems of this kind.

The inclusion of biometric data in one's NIR record would make such a record even more valuable to fraudsters and thieves as it would - if leaked or stolen - provide the 'key' to all uses of that individual's biometrics (e.g. accessing personal or business information on a laptop, biometric access to bank accounts, etc.) for the rest of his or her life. Once lost, it would be impossible to issue a person with new fingerprints. One cannot change one's fingers as one can a bank account.

(Via The Reg.)

UK Government Loses 15 Million Bank Details

This has to be about the most stupid security lapse in the history of computing:

Confidential details of 15 million child benefit recipients are on a computer disc lost by HM Revenue and Customs, the BBC understands.

Insult is added to injury:

Revenue and Customs says it does not believe the records - names, addresses and bank accounts - have fallen into the wrong hands.

Yeah? And they know that precisely how - because they're psychic, perhaps?

And then the UK government wants us to trust them with our IDs, too? If we did, how long before the odd 60 million IDs get "lost"? At least you can change your bank details - you don't have that option with your identity.

Update 1: What's really heartening is that a surprisingly large proportion of those commenting here on the BBC story spot the ID card connection....

Update 2: Better make that 25 million bank details, plus key data on all children in the UK.

We Don't Need No Stinkin' Openness

How's this for a stunning demonstration that the UK Government has something to hide on ID cards?

Treasury officials are ordering the immediate destruction of "Gateway" internal reports into risky government IT schemes to prevent information on the projects being leaked.

...

The order for the destruction of final reports will fuel suspicion that they identify fundamental flaws in some major government IT-based projects.

The paper also tells civil servants they must securely dispose immediately after delivery of the final Gateway report “all supporting documents”.

The Information Commissioner ruled last year that early Gateway reviews on ID cards should be published, arguing that it should be public knowledge whether the programme was feasible and being well managed. The OGC appealed – and lost. It is now to fund a third appeal hearing, this time to the High Court.

Openness? We don't need no stinkin' openness.

The Guardian Identifies Itself on ID Cards

Good to see Charles Arthur coming out with a forthright attack on the madness that is the UK ID Card. Good, too, to see the Guardian returning to its roots by doing so.

Identifying ID Card Flaws

As costs for the hare-brained UK ID Card continue to spiral out of control, the LSE has put together a timely submission to the House of Commons Home Affairs Committee inquiry into “A surveillance society?” that picks apart the current scheme's weaknesses.

Openness, Surveillance and Privacy

Previous posts have noted that there is an inherent tension between openness and privacy. That tension is even more acute in the case of surveillance, which goes beyond consensual openness. Despite this, there is relatively little public debate around these issues; instead, as has been remarked, the UK is effectively sleepwalking into a surveillance society.

Against this depresseing background, the new report from the Royal Academy of Engineering, entitled Dilemmas of Privacy and Surveillance Challenges of Technological Change, is particularly welcome.

This is not least because it offers a depth of knowledge about the technological issues involved that is rarely encountered (these are engineers, remember). But it is also notable for its even-handedness and sensible suggestions. For example:

In this scenario, disconnection technologies are widely used in a co-ordinated manner: personal data is routinely encrypted and managed in a secure fashion, so co-ordinated connectivity does not threaten it and even substantial processing resources are not a day-to-day threat. This leads to Little Sisters who, by themselves, watch over only a fragment of a person's identity, but when co-ordinated can reveal all.

It would be possible to devise a store loyalty card which incorporated a computer chip that could perform the same functions as an ID card, but without giving away the real name of its owner. Someone might choose a loyalty card in the name of their favourite celebrity, even with the celebrity's picture on the front. If they were to use that card to logon to Internet sites, the fact that they are not really the film star whose name they have used would be irrelevant for most applications, and the privacy of the consumer would be maintained. However, if they did something they should not, such as posting abusive messages in a chat room, law enforcement agencies might then ask Little Sister (ie, the company that runs the loyalty card scheme, in this case) who the person really is, and Little Sister will tell them. In this
scenario, government departments are just more Little Sisters, sharing parts of the picture without immediate access to the whole.

This approach exploits both mathematics and economics. If it is technically possible to find out who has done what - for example when a crime has been committed - but cryptography makes it economically prohibitive to monitor people continuously on a large scale, then a reasonable privacy settlement can be achieved.

This approach suggests a interesting way of balancing the opposing requirements for privacy and accountability.

Recommended reading. (Via the Open Rights Group.)

IT's Got to be Local and Open

Nice story in the Guardian today about a local UK health system that works - unlike the massive, doomed, centralised NHS system currently being half-built at vast cost. It makes some important points:

Next week the annual Healthcare Computing conference in Harrogate will buzz with accusations that the national programme has held back progress. There are two reasons behind this charge. First, under the £1bn contracts signed early in the programme, hospitals have to replace their administrative systems which record patients' details with systems from centrally chosen suppliers. As this involves considerable local effort for little benefit, progress is painfully slow. The second problem is the potential threat to confidentiality arising from making records available on a national scale.

Quite: if there is no local benefit, there will be no buy-in, and little progress. Think local, act local, and you get local achievement. The other side is that if you impose a central system, security is correspondingly weaker. Hello, ID card....

Of course, there are many areas where you want to be able to bring together information from local stores for particular purposes. That's still possible - provided you adopt open standards everywhere. Hello, ODF....

When the Tardis Connects to the Dilithium Crystals

Chris Long tells it as it is:

my concern about all this is the ignorance of the technical thinking behind these ideas; ideas that have apparently been formulated by people who've learnt their technology from watching, James Bond, Star Trek, Dr Who and Blakes 7.

I can just imagine the conversation: "Q says we have to connect the Tardis engine to some dilithium crystals and throw some tachyon particles at it... What do you think Orac?"

Can you say ID card?

Renew for Freedom: Use It or Lose It

Brits, awake!

Why you should renew your passport, or apply for one IMMEDIATELY if you are aged 16 or over.

The Identity Cards Act 2006 turns your passport into a one-way ticket to control of your identity by the government. It means lifelong surveillance, and untold bureaucracy. This website, produced by the NO2ID campaign, is about how you can renew or apply for a passport to avoid being forced to register on the ID scheme database.

Everyone adult in the UK should do this now; I did as soon as Mad-eyed Tony pushed through his crazy ID Cards legislation, and they started building ID interrogation centres around the UK:

On March 26th 2007 the first of a new network of 69 government ID interrogation centres will open for business. If you apply for your first adult passport after this date, then you may be called for a compulsory "interview" at one of them.

So basically, you have to pay for the privilege of being interrogated; er, anybody seen the film Brazil?

Vote for ODF

Undeterred by the fact that Our Tone simply ignored our last petition to dump ID cards, I've signed up for another one, this time calling for ODF to be used in UK government. If you're a citizen of Perfidious Albion, you might like to do the same.

Not that it will make a huge difference, but I think we have a responsibility to (a) use these new tools for democracy and (b) force the UK Government to repeat its pathetic excuses for not supporting eminently reasonable ideas. There's also increasing evidence that the e-petition site is turning into a thorn in the goverment's side - reason enough to keep using it.

Thanks, Tony - But No Thanks

I received an email from Tony Blair yesterday. Not that this was so special, since he also sent it to the other 28,000 people who had signed an e-petition calling for ID cards to be scrapped. You can read the missive here (and if you're feeling really left out, you can copy it into an email to yourself and pretend that it came from our Tone).

What's particularly galling is that this email essentially says "thanks for your request, but get lost", and then goes on to repeat all the tired old misinformation about the ID card scheme's cost, its efficacy against terrorism and how it will reduce identity theft. Although I could pick some of its arguments apart, I'd rather leave it to the master himself, The Reg's John Lettice:

The National Identity Register will allow police to add the entire adult population of the UK to their suspect list, giving them the opportunity to check fingerprints left at scenes of crime against those collected from ID card and passport applicants, says Tony Blair. Nor are fingerprints in other EU countries necessarily safe - the introduction of biometric technology, he adds, will "improve the flow of information between countries on the identity of offenders.

Blair made the pledge to collar the lot of us, and some, as part of a rag-bag of warmed-over, half-baked, misleading, and just plain untrue claims issued in an email to the near-28,000 signatories of the Downing Street petition calling for the scrapping of the ID card scheme.

ID'ing Reality

The truth begins to sink in:

The government has abandoned plans for a giant new computer system to run the national identity cards scheme.

Instead of a single multi-billion pound system, information will be held on three existing, separate databases.

Well, that's a start. Just as hopeful is the statement:

Home Secretary John Reid denied this was a "U-turn" saying it would save cash, boost efficiency and cut fraud.

So, presumably cancelling the whole thing would also not be a "U-turn", since it too "would save cash, boost efficiency and cut fraud"....

TheyWorkForYou.com and Open Politics

Today I received an email from a service I signed up to recently. I'd forgotten about it because it dealt with the apparently yawn-worthy subject of what my local Member of Parliament said. In fact, the service promises to deliver to me, freshly-baked, all the wit and wisdom of said Honourable Member.

Now, truth to tell, what the chap opined about the number of buses on Chelsea bridge was less than gripping. But the point is, I now know when he speaks, and what he says. Not only that, the information on the site TheyWorkForYou.com presents a gloriously Web 2.0-ified version of Parliamentary speeches, complete with Ajaxy popups, and links to more information about MPs than you could shake an identity card at.

In short, the service turns the whole area into a data wonderland. This is what open politics should be. Thanks: YouReallyReallyDoWorkForMe.

ID Cards: Cracked in All Senses

And talking of ID cards, here's more bad news.

Update: And how could I leave out the inimitable Mr. Lettice's wise words on the subject?

No ID, No Comment

This is what will happen if you're not carrying the ID card that nice Mr Blair wants us all to have....

An Open Letter to Our Tone

Yup.

Why ID Cards Are Idiotic: Technical Impossibility

I hate to gloat (well, not much) but this story about the scrapping of a £141 million computer system by the UK's Department for Work and Pensions, after over two years of desperate efforts to make it work, is perhaps a tiny, tiny hint why the infinitely more complex ID card system does not stand a snowflake's chance in hell of operating successfully.

I suppose I ought to be comforted by the fact that the ID card's computer system is guaranteed to fail, as it means the scheme will never be implemented in its present, megalomaniacal form. But somehow, the idea of all those billions pouring into consultants' and contractors' pockets for nothing spoils this otherwise pleasant thought.

Why ID Cards Are Idiotic: the Internal Attack

Sigh.

When are people going to learn that creating super-databases simply makes them super-irresistible - not least to the people authorised to use them? For example:

Office staff are hacking into the department's computers, putting at risk the privacy of 40million people in Britain.

The revelation undermines Government claims that sensitive information being collected for its controversial ID Cards scheme could not fall into criminal hands.

The security breaches occurred at the Identity and Passport Service, which is setting up the National Identity Register to provide access to individuals' health, financial and police records as part of the £8billion ID card scheme scheduled to begin in 2008.

(Via TechDirt.)

The Great ID FUD

When will they ever learn?

Unlike traditional forms of identification, the VeriChip can’t be lost, stolen, misplaced, or counterfeited.

That's what the human-implantable RFID VeriChip site says. And this is what happened at the Hackers on Planet Earth (HOPE) 6 conference:

two presenters demonstrated the electronic equivalent of making a copy of an implanted RFID or radio frequency ID chip.

The point was to show just how easy it is to fool a detection device that purports to uniquely identify any individual.

So let's just do a quick recap: which technologies are available for establishing identity unambiguously these days?

Irises: nope
Faces: nope
Fingerprints: nope
DNA: nope
Implanted RFID: nope

So, tell me Mr Blair, how exactly you were going to implement this ID card system in a way that it can't be spoofed to hell?