National ID cards - good idea?

[Trinity-Tom]

Anyway someone found any of those civil liberties we are supposed to be losing?

I don't really want to get into a debate about this but surely, in these circumstances, namely that this is a new scheme to be introduced which many people are wary of (for a variety of reasons including cost, civil liberties etc...), the onus is on the government and those in favour of this policy to prove why it is good and not for those who are not in favour of it to prove why it isn't beneficial.

[bickster]

No Bicks that is just wrong and yoiu know it - despite your rolly eyes type thing

Seriously I don't know it, anyway I thought this was supposed to defeat terrorism? Oh it won't OK then, it must be a good idea anyway

[Santa_Rosa]

Anyway someone found any of those civil liberties we are supposed to be losing?

I don't really want to get into a debate about this but surely, in these circumstances, namely that this is a new scheme to be introduced which many people are wary of (for a variety of reasons including cost, civil liberties etc...), the onus is on the government and those in favour of this policy to prove why it is good and not for those who are not in favour of it to prove why it isn't beneficial.

Or, as Solove's essay puts it:

"I don't need to justify my position. You need to justify yours. Come back with a warrant."

[Gringo]

A couple of points there Gringo - supposedly is the key word and how many credit card and other financial applications are refused based on your willingness to store the data?

None are processed - if you wish to obtain credit - you have to give your permission for a credit search, storage of that data and supply of data into shared groups such as Insight.

Secondly again you keep coming back to the fictional massive database. Now is there a DB structure that is big enough to store, and provide ready access to the information you are saying would be obtained and held? Plus with all of these "tracking" things that keep getting mentioned where is the provision and technology for all of those?

Secondly, I never mentioned any fictional massive database, apart from the point

Just because there are already two (three) massive databases is not a reason to have another one with even more data.

which hardly supports the strawman accusations you refer to.

Next, Experian and Equifax and lots of other companies dont just record the application for credit. Use of cards, withdraws of money, shops used in, dates in the month etc are all being processed by business on a daily basis. The figures are then used for a multitude of things, from advertising, to placement of goods to prevention of fraud etc etc. Funny how we never see any civil liberties arguments being thrown around there

Wrong - information other than the payment profile, credit limit and current balance never leaves the banks - they be processed as according to the banks own requirements, subject to the agreement of the individual that was gaine when they gained the credit. Permission, agreement, optional. Financial information. The only variation to this is people using store cards, who again sign up to their information being recorded and stored. Again, optional, permission based. If I use a an AMEX card to buy a pizza from tescos - AMEX don't know what I've spent the money on. If I also use a tesco store card, tesco knows that I've bough a pizza, AMEX still don't. Permission based, optional.

Lastly IBM dont sell Connect Direct:-)

connect:direct license fees were just a glimmer in the ibm resales team's eye in my days

As I said - the resales team sell licences (or at least use to) for the sterling product which were something ridiculous like £40k for a Z/OS license or £20k for an AS/400 licenses, where as any smart crowd would spend £1,200 for a PC license and hook it up next to the big iron box and use shared DASD instead.

[Gringo]

Or, as Solove's essay puts it:

"I don't need to justify my position. You need to justify yours. Come back with a warrant."

Santa_Rosa

Thank you for reading the essay before responding. I doubt many of the pro-voters have.

[blandy]

The thing is Pete when those people lose money due to fraud the cost is transferred to Joe Public, plus individuals (not listed there) also lose significantly.

Don't forget too ID theft is just one part of the whole set of things

Anyway someone found any of those civil liberties we are supposed to be losing?

Sure, but it's not actually "Joe Public", it's "Joe Customer" who pays. If a credity card company ends up losing a lot through fraud, they may up their interest rate, and all it's customers pay...or maybe move to another issuer with better security systems. There's no compulsion. A cusotmer can elect to not be a customer any more. A citizen is a citizen. No choice.

The same is true for all busineses.

But why is fraud of plcs something the government should attempt to resolve by charging every single person in the country 90 odd quid for a card which may or may not resolve the problem (not) and may or may not (not) be value for money?

That's no justification at all.

As for civil liberties. As they're not written down in a constitution, we can't discuss it factually, only in terms of opinion.

I'd like to think that an argument could be made for change, by the people proposing it, openly. With the pros and cons aired, byt the Gov't.

But they don't. In fact they hide the details. They were ordered by the information commissioner to reveal the results of their study into it, some 3 years ago. The refused and appealed. They lost the appeal. Guess what, they still refused, going to the high court, for a final appeal.

Why? What have they got to hide, if they've done nothing wrong, eh?

Utter wretches.

But anyway. Civil liberties. Liberty is freedom. Civil Liberty is freedom of the citizen, of society. Being wathced ever more closely is one thing. Being required to actively participate in the surveillance of us is a further step. And to what end? "To rule you out of enquiries".

The more and more information "they" gather on "us" the more and more opportunity there is for "them" to use the information in bad ways. There's no consent.

They play on our fear of something, our desire to have something to fear. They use fear as an advantage. "Nuclear War and the Soviet block - better spend billions on nuclear weapons"...all the way through to "Osame Bin Laden and some nutters in caves - better spend billions on computers and ID cards"

Do what? it's utter mental.

You might like all this right wing, Nazi , don't trust the people stuff, but I think it's shite.

If the Tories were proposing it, you'd be livid.

[Risso]

Leaving aside civil liberties, there hasn't been a single good reason FOR the cards yet. If they're of no use, and I fail to see how they would prevent terrorism or most ID fraud, then what's the point?

[djdabush]

Leaving aside civil liberties, there hasn't been a single good reason FOR the cards yet. If they're of no use, and I fail to see how they would prevent terrorism or most ID fraud, then what's the point?

Exactly. I really don't see how they will help. The terrorism argument is particularly laughable. I'm surprised Brown hasn't nicked the Tory policy of getting rid of them yet.

[El Zen]

Leaving aside civil liberties, there hasn't been a single good reason FOR the cards yet. If they're of no use, and I fail to see how they would prevent terrorism or most ID fraud, then what's the point?

Yeah, that's what I'm wondering too. If someone could give me an explanation as to how exactly ID cards would prevent terrorism, it could at least be debated as an option.

Now, as I'm not British, I'm not really up to date with all the details of it, so if someone could just tell me what ID cards would really be good for, I wouldn't initially have any moral objections to the introduction of ID cards. Unless they severly interfere with people's private life, that is, but someone would need to convince me of that too.

[Risso]

I honestly don't know Michelsen. They won't be compulsory to have on you, so fail to see how they will prevent people giving the police a spurious ID if arrested. I also can't see how they will stop people using fraudulent credit cards in shops or over the internet.

Any serious money launderer or terrorist probably isn't go to carry one at all, and if they do it'll be a fake.

File under "expensive white elephant".

[blandy]

The more people know about it, the more it'll be a vote loser.

I'd guess it started off quite popular, when it's just a "something" that will be some sort of panacea, particularly in the aftermath of some tragic events.

Then once costs and implications start to be understood, it's best too keep these bits of "negatitve" information away from the public eye.

Rather than sell the whole package to the public, they deliberately hide stuff away.

They're trapped in a way, because they don't want to be seen to do a U-turn on it, and they don't want to reveal the implications, as both would be bad for votes.

SO they just try to keep it out of the headlines.

If enough people are dead against it, I'd like to think that it'll go the way of the poll tax. But then the Iraq war ignored mass public opposition, so I'm not so sure it will.

[Santa_Rosa]

If enough people are dead against it, I'd like to think that it'll go the way of the poll tax. But then the Iraq war ignored mass public opposition, so I'm not so sure it will.

I'd march against it definitely.

[Gringo]

If enough people are dead against it, I'd like to think that it'll go the way of the poll tax. But then the Iraq war ignored mass public opposition, so I'm not so sure it will.

I'd march against it definitely.

And you'd be followed and photographed and if you wore a mildly provocative t-shirt with a slogan such as "Tony Blair - war criminal" likely to find yourself detained and lodged on the DNA database.

[Gringo]

Clegg vows to defy ID cards law

Nick Clegg, the odds-on favourite to become Liberal Democrat leader, yesterday announced that he will break the law and refuse to provide details of his identity if the government presses ahead with plans to make ID cards compulsory.

Drawing a parallel with resistance to the poll tax, he said he would also urge his fellow MPs and Lib Dem councils not to cooperate. Under the existing law, many British citizens will have their details voluntarily placed on to the ID card database when they apply for a passport or a driving licence.

After 2010 details will be automatically placed on the database. Ministers have said at that point they will pass primary legislation so individuals still not on the database will be required to provide the Home Office with relevant details.

Mr Clegg said last night: "If the legislation is passed I will lead a grassroots campaign of civil disobedience to thwart the identity cards programme ... I, and I expect thousands of people like me, will simply refuse ever to register."

Of course blue labour said they wouldn't actually make the ID cards compulsory. Until 2010 it seems.

[Awol]

^^Radical Liberalism. A genuine third way? I think Chris Huhne is better but either would be a good option against Camermoron and Broon. All they need now is some policies.

[Gringo]

I agree with you - Huhne should have won their last poll, but the party machine didn't want him, and looks like they'll reject him again in favour of cameron-lite.

[Gringo]

Mr Andrew Dismore MP

Chair, Joint Committee on Human Rights

Committee Office

House of Commons

7 Millbank

London SW1P 3JA

cc: Committee members; David Smith, Deputy Information Commissioner

26 November 2007

Dear Mr Dismore,

The government, in response to the recent HMRC Child Benefit data breach, has asserted that personal information on the proposed National Identity Register (NIR) will be 'biometrically secured':

"The key thing about identity cards is, of course, that information is protected by personal biometric information. The problem at present is that, because we do not have that protection, information is much more vulnerable than it should be." - The Chancellor, Hansard Column 1106, 20/11/07

"What we must ensure is that identity fraud is avoided, and the way to avoid identity fraud is to say that for passport information we will have the biometric support that is necessary, so that people can feel confident that their identity is protected." - The Prime Minister, Hansard Column 1181, 21/11/07

These assertions are based on a fairy-tale view of the capabilities of the technology, and in addition, only deal with one aspect of the problems that this type of data breach causes.

Ministers assert that people's information will be 'protected' because it will be much harder for someone to pass themselves off as another individual if a biometric check is made. This presupposes that:

(a) the entire population can be successfully biometrically enrolled onto the National Identity Register, and successfully matched on every occasion thereafter - which is highly unlikely, given the performance of biometrics across mass populations generally and especially their poor performance in the only, relatively small-scale, trial to date (UKPS enrolment trial, 2004). Groups found to have particular problems with biometric checks include the elderly, the disabled and some ethnic groups such as Asian women;

( biometrics are 'unforgeable' - which is demonstrably untrue. Biometric systems have been compromised by 'spoofing' and other means on numerous occasions and, as the technology develops, techniques for subverting the systems evolve too;

© every ID check will be authenticated by a live biometric check against the biometric stored on the NIR or at the very least against the biometric stored on the chip on the ID card which is itself verified against the NIR. [N.B. This would represent a huge leap in the cost of the scheme which at present proposes only to check biometrics for 'high value' transactions. The network of secure biometric readers alone (each far more complex and expensive than, e.g. a Chip & PIN card reader) would add billions to the cost of rollout and maintenance.]

Even if, in this fairy-tale land, it came to pass that (a) ( and © were true after all (which we consider most unlikely), the proposed roll-out of the National Identity Scheme would mean that this level of 'protection' would not - on the Home Office's own highly optimistic projections - be extended to the entire population before the end of the next decade (i.e. 2020) at the earliest.

Furthermore, biometric checks at the time of usage do not of themselves make any difference whatsoever to the possibility of the type of disaster that has just occurred at HMRC. This type of data leakage, which occurs regularly across Government, will continue to occur until there is a radical change in the culture both of system designer and system users. The safety, security and privacy of personal data has to become the primary requirement in the design, implementation, operation and auditing of systems of this kind.

The inclusion of biometric data in one's NIR record would make such a record even more valuable to fraudsters and thieves as it would - if leaked or stolen - provide the 'key' to all uses of that individual's biometrics (e.g. accessing personal or business information on a laptop, biometric access to bank accounts, etc.) for the rest of his or her life. Once lost, it would be impossible to issue a person with new fingerprints. One cannot change one's fingers as one can a bank account.

However, this concentration on citizens 'verifying' their identity when making transactions is only one issue amongst many when considering the leakage of personal data. Large-scale losses of personal data can have consequences well beyond an increase in identity fraud. For example, they could be potentially fatal to individuals such as the directors of Huntingdon Life Sciences, victims of domestic violence or former Northern Ireland ministers.

It is therefore our strongest recommendation that further development of a National Identity Register or National Identity Scheme (including biometric visas and ePassports) should be suspended until such time that research and development work has established beyond reasonable doubt that these are capable of operating securely, effectively and economically on the scale envisaged.

Government systems have so far paid little attention to privacy. Last week's events have very significant implications indeed for future government information systems development.

We would be pleased to clarify any of these points or provide further information if useful to the Committee.

Yours sincerely,

Professor Ross Anderson

Dr Richard Clayton

University of Cambridge Computer Laboratory

Dr Ian Brown

Oxford Internet Institute, University of Oxford

Dr Brian Gladman

Ministry of Defence and NATO (retired)

Professor Angela Sasse

University College London Department of Computer Science

Martyn Thomas CBE FREng

A very nice letter, but the the phrase that persists is of course "fairy-tale view of the capabilities of the technology".

A doomed project.

[Gringo]

From that other right wing rag, the grauniad

There's no time to crow over the government's loss of 25 million people's details; no time to rejoice at the obvious mortification of Gordon Brown, Alistair Darling, his sidekick, Andy Burnham, Jacqui Smith and Harriet Harman.

These people will not be deterred by the calamity of last week. They are shameless. In a month or two they will bounce back. The ID card scheme will be relaunched and Jacqui Smith will continue with her plans to demand 53 pieces of information from people before they travel abroad. The Children's Index, the Children's Assessment Framework, the National Health database, the ever-expanding police DNA database will all continue to scoop up information. Why? Because the control of the masses is coded in the deepest part of Labour's being.

Now this 53 questions that every one will have to answer, I haven't seen anyone kicking off about this apart from the daily mail? So are we all OK with answering these questions every time we turn up at an airport?

This is part of the govts e-border proposal. All a bit over the top if you ask me. Unless control and not safety is your main aim. Whatever, it won't help to speed up processing times at airports which currently rate between silly and ridiculous.

[ahamaad]

Plus all that information is usually available anyway, either in the passport/itinary/e-ticket/paper ticket.

Why do they want to collect it twice?

:?

[bickster]

They want your email address - how **** naive is that!

Details of whether travel arrangements are flexible? - they can f*** right off on that as well

Whether first class? Jebus, means tested too boot

Cost of fare? er f**k off and mind your own business

travel itinerary? again, none of your bloody business

Reserved seat number? Actual seat number? I take it she's never travelled budget then!

Form of payment, again none of your sodding business

no show history, gawd help you if you've missed a flight in the past, how will they know this anyway?

Type of travel document? suely thats a ticket isn't it?

Don't tell me, they consulted the "intelligence services" over this

Can people wishing to travel abroad please be at the terminal three weeks prior to check in

Utterly ludicrous proposal