The dangers of ‘identity management’
The implementation of the UK government’s identity card scheme is being driven by a fundamental distrust of the populace.
Two years after the passing of the Identity Cards Act in the UK, consultation on all aspects of the delivery plan for the roll-out of the National Identity Scheme is underway and will be concluded at the end of June (1). The timetable suggests that the feedback being sought will inform all subsequent secondary legislation. Given the broad scope of the Act (2), passed in March 2006, the way in which the legislation is put into effect should be a matter of considerable concern for everyone in the UK.
The Identity Cards Act created a broad-ranging scheme for ‘the provision of a secure and reliable method for registrable facts about such individuals to be ascertained or verified wherever that is necessary in the public interest’. For the purposes of the Act, ‘public interest’ means something related to national security, the prevention or detection of crime, immigration controls and unauthorised working, or the provision of public services, including welfare benefits.
Two different views of proving identity
There could be many benefits for members of the public if there was a ‘gold standard’, one-stop method of identifying yourself. So, it would be nice to be able to say that the UK government was at the cutting edge of pursuing this idea. Unfortunately, while there is talk of ‘transformational government’ changing the relationship between citizens and the authorities, and despite the fact that an ambitious scheme has been proposed from within Whitehall, the government’s actual plans represent both a wasted opportunity and a potential invasion of our privacy.
Sir James Crosby’s long awaited Treasury report, Challenges and Opportunities in Identity Assurance (3), sets out an innovative scheme that would make Britain a pioneer in the creation of a universal method for identity assurance. Underpinning his proposed assurance scheme would be the creation of a mechanism by which individuals can enable verification of their identity for all purposes, not just government-related services. The Crosby scheme has a simple and compelling logic. He proposes a single registration service that would allow individuals to establish an electronic identity. Once established, this service would provide a hub from which all future accounts set up by an individual could be associated, from online shopping to bank accounts and benefit payments.
Users would only need to register once and to a level appropriate to the services they wish to use – which could be upgraded at any time. Once verified, users could then gain access to the range of services and systems. Explaining the concept, Crosby says: ‘ID assurance is a consumer-led concept in which people prove who they are to others, be they retailers, financial institutions, domestic or foreign governments, etc.’ He also explains why his proposal is distinct from the ID scheme now being implemented by government: ‘ID management [the government approach] is designed to benefit the holder of the information. ID assurance [the Crosby option] is focused on bringing benefits to the consumer.’
Crosby acknowledges his proposal is not perfect, accepting there are barriers to it being entirely universal, but it would be a big step forward for individuals, business and government. It is a positive proposal based on the experience and advice of a variety of sectors. Importantly, the scheme assumes respect for the public scheme participants. This is clearly illustrated by the approach taken on biometric information. Fingerprints, for example, could be provided to establish your initial registration, but then only held in a form where that individual using their own real fingerprint could again verify that they own that registration. The biometric data would not be held in a format for reuse or checking by any agency or other individual. This could overcome many current concerns around identity theft by criminals or invasion of privacy by government bodies.
The government scheme, by contrast, is being built around and restricted to government services, limiting potential use. In turn, this has an impact on data quality and currency. The scheme, put forward by the Home Office, aims to strike a balance around two distinct objectives: to increase public protection – against crime, terrorism and illegal immigration and working – and to ease the day-to-day business of how you apply for jobs, use public services, travel abroad, open and manage bank accounts, etc.
ID management is driven by an impulse that seeks to form a single view of public contact with government. On one side, there is the public protection agenda that is based on an assumption of potential criminality. On the other, public service discussions are increasingly driven by prevention initiatives and underpinned by the assumption that service users suffer from some incapacity or vulnerability. It is also noticeable that a clear line does not exist between initiatives dealing with public protection and those based around public service; they often merge and mesh together. In this context, defining areas of privacy is fraught and confused.
Public protection and trust
The National Identity Register (NIR) is to be constructed in the first instance from existing government databases. This means that the development of the NIR is already closely associated with a range of systems such as those for processing passports, driving licences and benefits rather than being entirely separate. Reassurances that the scheme is not about data sharing, that the data will be used only for stated purposes and accessed by specific staff, are likely to be treated with a high degree of scepticism when such links already exist – for example, between databases for passports, driving licences, photos, road tax, traffic cameras, satellite tracking and so on. As a result, the provisions contained within the Act and the technical infrastructure being put in place need to be scrutinised in detail.
Underpinning these government schemes is a lack of trust in the public – which is ironic, given that a major strand of political discussion today focuses on the population’s lack of trust in the government. Significant government effort is being applied to developing registers and monitoring large sections of the population around initiatives closely linked to public protection concerns.
This has resulted in a panoply of surveillance and monitoring schemes. For example, we now have the proposed National ID scheme alongside a national vetting scheme for those working with children and vulnerable people. Biometrics, DNA and fingerprints may be collected and retained. Surveillance includes CCTV, community wardens, accessing mobile phone records and gathering passenger information for criminal profiling.
Compelling arguments must be presented to warrant the subjection of the whole population to this new infrastructure of registration and surveillance and to justify the cost; just the ID card scheme and the database for children, ContactPoint, will account for about £5billion. The public need to be convinced that there is either a new and significant threat posed by a minority of the population or that there is a high number of undetected criminals currently at large throughout the UK.
But when you look at the extensive scope of ID-related activity covering entire sections of the population, compared to the relatively small sections of the population that appear to warrant such surveillance, one must question if the case has been made. Here is a list of the various groups targeted by the new ID and surveillance schemes (4):
Approximately 2.4 per cent of the total population has received a criminal sentence (1,482,500 people), and 25 per cent of them received custodial sentences (0.6 per cent of the total population);
- Child protection
There are around 500 known paedophiles in Britain; around 67 children are killed each year;
Estimates say there are 2,000 supporters of Islamic terrorism – but this does not mean they are active terrorists;
A few thousand people a year carry out low-level financial fraud such as false benefit claims; 0.1 per cent of the population (65,000 people) are victims of fraud;
Of the 300,000 passports lost or stolen each year, around 500 are detected as being in use by others.
In the light of these small numbers, it is not clear why ID management on the scale envisaged is required when the overwhelming majority of the population conform to social norms of behaviour and are trustworthy. The consequence of this widespread, state-organised monitoring could be to undermine the very thing the government is trying so hard to develop in other areas: trust.
Data-sharing for service improvement
The other area where the NIR/ID card is meant to deliver benefits is by making life easier for the public.
A new feature of the debate around the ID scheme is the possible use of the IT infrastructure being created around the ID card to link a whole array of service-related data. The Transformation Government strategy has at its heart an objective to join up services and information on individuals. Key service-related databases will be used to form the basis of the NIR.
Despite there being assurances that the NIR is not about data sharing, the moves to join up services with the NIR at the centre must question this assertion. Without this link, the scheme’s own rationale is called into question.
Undoubtedly, increasing the number of transactions that can be undertaken with government online seems uncontroversial. The Government Gateway project and activity at a local government level has delivered many improvements in this area. It is also fairly uncontroversial that improved links between particular agencies would reduce bureaucracy for the public.
As it happens, central government has not fallen over itself to provide funding for the secure infrastructure that would enable this. Its primary focus has been attempting to enforce the standards that allow the linking of local and central government networks rather than the research required on where the key benefits to the public will be with this approach. As a consequence, local government (estimated to provide about 80 per cent of all transactions betweens citizens and government) has generally put in place locally developed secure links required for certain services. There is scepticism at the local level about central government’s commitment to service improvement. The priorities of the delivery plan indicate that elements relating to general service transactions will not be in place or widely used until 2015.
A potentially more controversial point is to ask to what extent the public actually benefits from joining up currently discrete service areas. There are areas where common sense means some services should be linked. However, an all-encompassing and technical approach to linking services may bring its own new set of problems. Leaving aside costs – which may or may not be justified depending on how this debate is concluded – such an approach to relationship management can be seen as just as invasive of people’s private lives as those more overtly related to surveillance. This is by far the most challenging aspect of the current discussion around the NIR/ID card. The blurring of acceptable boundaries between private life and professional intervention means that many commentators find it hard to sustain an argument in favour of privacy.
The argument is not just about intrusion but also about the competence of individuals. For example, a flagship national project based in the Department for Work and Pensions, called ‘Tell us once’, is focused on the area of bereavement. It is assumed in government circles that advising the various agencies of a death is a great burden to those recently bereaved. The project aims to identify the various parties that need to be notified and to find a technical solution for how this can be done electronically. It seems obvious, and maybe it is a good idea.
Looked at from a social point of view, however, tying up all the loose ends of a bereaved friend or relative’s business is an important part of the process of grieving. Having to tell a whole number of people that someone very close to you has died is a very important way to drive this very sad fact home; it also fills an important period of time when sitting around dwelling on things is not necessarily healthy. Of course, this is not an excuse for government incompetence. However, it is a very good example of how ID management inevitably results in government-driven solutions that can’t accommodate everyday subtleties.
While there are many things to praise about Crosby’s proposal for an ID assurance scheme, one could argue that his approach would simply produce the same outcomes that an ID card is trying to achieve around the tougher end of the public protection issues; Crosby admits that a successful scheme will deliver ‘an unrivalled amount of data for national security agencies’.
The climate of distrust therefore underpins and informs both the government scheme and Crosby’s. For example, once a critical mass of take-up has been achieved, it will be possible for the intelligence services to isolate system non-participants for scrutiny or enable their activity to be focused on detecting abnormal behaviours through analysis of data trails and networks.
Given this suspicious climate, it is difficult to conceive of a way forward that would allow the maximum potential of the internet to be harnessed and ensure that the autonomy traditionally gained in adulthood is not surrendered.
Maybe we need to have a slightly different discussion – one focused on the importance of the private sphere. If we take the time to step back a bit and consider the elements driving the NIR and ID card, and the potentially missed opportunity presented by establishing a universal assurance scheme, we may have to conclude that government – central and local – intentionally or otherwise, holds the public in fairly low regard.
Is this really what we believe ‘transformation government’ is about?
Joanne Herlihy was the organiser of a recent Public Sector Forums event on identity management and data sharing. This article is based on a discussion document produced for that event.
Brendan O’Neill said the increased use of surveillance and data collection are desperate attempts by the government to make a connection with its citizens. He looked at what effects of ‘Discgate’ would have on liberty.and interviewed Chris Atkins who has been vocal in his opposition to ID cards. Dolan Cummings looked at the surveillance society. Or read more at spiked issue Privacy.
(1) National Identity Scheme: Delivery Plan 2008, Home Office
(3) Challenges and opportunities in identity assurance, HM Treasury
(4) Population/stats references:
Sentencing (Home Office); Child protection (Guardian – see also NSPCC statistics); Terrorism (Guardian); Fraud (Audit Commission); Passport misuse (Identity and Passport Service – see also Transpondia)
To enquire about republishing spiked’s content, a right to reply or to request a correction, please contact the managing editor, Viv Regan.