Saturday, 28 June 2008

High level reports confirm dangers of government’s looney ID-database scheme

Quite a lot has been going on recently. Among other things, the public’s attention is now temporarily focused on the issue of excessive surveillance. NO2ID is certainly concerned about the burgeoning surveillance society, and we would question, for example, whether it was really necessary to set up such an expensive, though essentially limited, high-tech surveillance operation at the recent Margate Land Air Show, which you can observe in this video.

It seems the police had those cameras there as a means to enforce good behaviour. The terrible message given to the public is: we don’t trust you. But this kind of high-tech surveillance is actually far inferior to having two police officers just walking about keeping there eyes open for trouble. The impression you get is that the police are actually hiding behind their technology.

Last month an important Home Affairs Committee report posed the question: “A Surveillance Society?” The report makes fascinating reading, not least because it clearly highlights the dangerous propensity of the current government to engage in obsessive surveillance and unnecessarily grab information. Interestingly, in this report one senior detective testified to the committee that only about three percent of crimes were solved thanks to CCTV evidence—a lot less than one might imagine—and that “billions” spent on high-tech kit could have been better spent on, for example, having more trained police on the streets.

But it was what the Home Affairs report had to say about databases that really struck a chord with me, and with all those fighting against the government’s looney ID-database scheme: “In the design of its policies and systems for collecting data, the government should adopt a principle of data minimisation. It should collect only what is essential, to be stored only for as long as necessary.”

Bang on. But the government’s ID-database scheme operates on totally different principles: it operates on the principle of data maximisation. It wants to collect all kinds of information about you, including biometric information which cannot be replaced. It wants to store this information on a centralised database and keep it forever. Your identity, in other words, will become government property, and it will be shared about willy-nilly.

The government’s database-linked Identity cards are so dangerous because, as the Home Affairs report notes, technologies such as internet search engines potentially make our personal information available to anybody at the click of a mouse. And once your info is out there in cyberspace, your privacy has gone forever. In addition, the National Identity Register—the centralised database where the government plans to keep your information—will allow government to start profiling people, a very sinister prospect but one that is very much on the cards.

The government’s misuse and loss of data, and obsessive surveillance will, the Home Affairs report suggests, contribute to individual’s withdrawing co-operation from authority: “…the risks associated with the collection and use of personal information in databases in particular and the monitoring of individual’s behaviour in general, should not be underestimated. Mistakes or misuse of data can result in serious practical harm to individuals. Those less demonstrable risks which relate to the erosion of one’s sense of privacy or individual liberty also have a practical aspect and a broad application in that they affect the way in which citizens interacts with the state.”

Speaking of privacy, should you surrender and sign up on the National Identity Register (NIR) you simply won’t have any privacy left. You’ll be tagged for life. In a barely concealed criticism of the government’s database-linked Identity scheme, the Home Affairs report calls on the government to stop the blanket collection of identifiable transaction data—that’s the audit trail created every time you use your ID card. The government should change their mindset of collecting more data than is needed, says the report. Are the government listening? Nope. Andy Burnham, Secretary of State for Culture, Media and Sport, recently had the temerity to suggest that no one in this country had a right to anonymity.

The Home Affairs report calls for an “explicit statement that the NIR will not be used as a matter of routine to monitor the activities of individuals.” Here NO2ID parts company with the report; we say: the NIR places far too much power in the hands of the state, DON’T REGISTER ON THE NIR IN THE FIRST PLACE. We cannot trust government “assurances” which are mere platitudes but not legal rights. Why the hell should the Home Secretary have the right to know everything about me when I do not have a similar right to view her information? Why should no less than one hundred people—we discover from testimony in the Home Affairs report—have total access to all my personal information when experience in the private banking sector shows that at least one in a hundred people will do something corrupt given half the chance?

Think on good people of Thanet. “If you have nothing to hide you have nothing to fear”—what a load rubbish! Governments kill a lot more people than terrorists do, and we must make government accountable to us and not the other way round. What about Germany in the 1930s—all those nice respectable Jewish people had nothing to hide, and look what happened to them. I am obviously not trying to equate the present British government with the Nazis here, but rather am emphasising a point: in a democracy we are in charge of the government, and it is the government who must be accountable to us. We have to stay in charge, and keeping control of our identities is integral to the democratic project.

Which brings me on to the Treasury’s “Challenges and Opportunities in identity assurance” report published the month prior to the Home Affairs report thus far referred to. Bless you, Sir James Crosby, a voice of reason. The Treasury in this neat report put forward a very good case for having a universal identity scheme. But, crucially, they lay out the democratic principles on which such a scheme must be based:

1. The purpose of any scheme should be restricted to enabling citizens to assert their identity

2. Governance should inspire trust. It should be independent of Government

3. The amount of data stored should be minimised. Full biometric images (other than photographs) should not be kept

4. Citizens should "own" their entry. It should not be possible, except for national security, for any data to be shared without informed consent

5. Enrolment should minimise costs and give citizens a hassle-free experience

6. To respond to consumers and give benefits, it should be capable of being rolled out quickly

7. Citizens who lose cards or whose identity is compromised should be able to get it fixed quickly and efficiently

8. The scheme's systems should work with existing, efficient, bank systems to reduce risks

9. To engage consumers enrolment and cards should be provided free of charge

10. The market should play a role in creating standards, to ensure ease of use and minimise costs

All this is perfectly reasonable and sensible and could form the basis of an alternative identity scheme—NO2ID is not opposed to identity cards per se. But in fact the present Identity scheme, being implemented by the Home Office, breaks every one of the Treasury’s summary list of principles. What we cannot accept is the shape of the present Identity scheme, the lunatic grab for power, the obsession with surveillance. Commenting on the Treasury’s idea of Identity assurance, Sir James notes: “ID assurance is not ID management, in which an organisation keeps close track of people and their movement. The distinction between the two is fundamental. ID management is designed to benefit the holder of the information; ID assurance is focused on bringing benefits to the consumer.”

All this is old news though. “The LSE Identity Report”, authored by a whole slew experts sponsored by the London School of Economics in 2005, convincingly demonstrated that the present Identity-database scheme is flawed in both principle and in design, and would be ridiculously expensive to implement. The report, constructively, went on to suggest an alternative model for an identity card, one in line with the Treasury’s principles. The government’s reaction was to nitpick over some details of the LSE’s suggested alternative, and deny the super high costs of their own scheme. You see, the government does not listen, not even to the many bright people within its own party, the government executive and in academia.

Conclusion: New Labour’s identity-database scheme is in the long run doomed, another example of hubris. But how much damage to democracy can we accept in the meanwhile? People of Thanet take up the cudgels and join NO2ID right now.

1 comment:

Anonymous said...

I suspect it is doomed in the short run too. The grasp of the underlying IT seems to have escaped the planners. They should have hired me.