|Newcomers and returning visitors, please note that you are welcome to talk to the hermit using this new invention, email.||
The voluntary alternative
to material ID cards
A Proposal by David Moss
of Business Consultancy Services Ltd (BCSL)
For four years the government insisted that deployment of the ID cards scheme required a new database to be built, the National Identity Register (NIR). Then they noticed that they already have not one but several NIRs.
If anything, what is really needed, it is suggested, is a portal which allows the police and the security services to search several existing databases to support any current criminal or terrorist investigations.
The way taxpayers' money is wasted defies belief. It would not be tolerated in the private sector. The lessons must be learned.
... Then there is the argument that ID cards and the national register simply will not work. This rests largely on the past failures, which I accept exist, of IT projects of all governments. This, however, seems to me an argument not to drop the scheme but to ensure it is done well.
In a bid to improve performance over the years, the civil service have implemented several project management techniques.
The present technique requires the Office of Government Commerce (OGC), a department of the Treasury, to perform various gateway reviews of projects. According to the Information Commissioner, the OGC's gateway reviews of the ID cards scheme should be published.
It should be the case that publishing the reviews would boost public confidence in the scheme and lend support to the Prime Minister's position.
This has all the inauspicious signs of a project continuing to be driven by an arbitrary end date rather than reality.
I conclude that we are setting ourselves up to fail.
... the (un)affordability of all the individual programmes ... the very serious shortage of appropriately qualified staff and numbers of staff ... the lack of clear benefits from which to demonstrate a return on investment ...
The Home Office response, 27 minutes after the OGC email above, and a day before the OGC email below, was "I wouldn't argue with a lot of this ... It was a Mr Blair who wanted the 'early variant' card. Not my idea ..."
Just because ministers say do something does not mean we ignore reality - which is what seems to have happened on ID Cards.
I do not have a problem with ministers wanting a face saving solution ... a botched introduction of a descoped early variant ID Card, if it is subject to a media feeding frenzy (queues outside passport offices! and more recently IND) - which it might well be close to a general election, could put back the introduction of ID Cards for a generation and won't do much for IPS credibility nor for the Govt's election chances either (latter not our problem but might play with ministers).
My view based on present experience is that neither the Home Office or IPS should attempt challenging, they should be forced to do safe.
That is the OGC view. One of the OGC's jobs is to make sure that government IT is professionally managed. They are saying that, in this case, it is not.
And yet the Prime Minister still wants to proceed with the project. Despite "the lack of clear benefits from which to demonstrate a return on investment".
In addition, there are private sector databases that the government can use:
While the biometrics in question are not reliable, this course of action is not recommended but, if they ever do become reliable, then a new database of people's biometrics could be built, gradually, as the biometrics are collected. We have had so-called "relational databases" since the 1980s and, using relational databases, the new biometrics database could be linked/related to the existing databases.
Central government records have been heavily computerised since at least the 1980s. It follows that civil liberties objections to building the NIR are around 20 years too late. The cogent objection is that building the NIR is unnecessary. Apart from people's biometrics, it already exists.
This matter was raised during the Home Affairs Committee examination of the Identity Cards Act. The Home Secretary took the view then that it would be better to start with a clean, new database:
Q628 Mrs Dean: How confident are you that your registration procedure will ensure that all entries on the National Identity Register are accurate and there are no duplicates or false entries?
Mr Blunkett: The reason why starting from scratch and having a clean database is so important is that the moment someone presents the same biometric but with a different identity, a different name and presentation, that would automatically show up as already existing on the database ...
A duplicate registration "would automatically show up as already existing" on an old database, too. It is not clear what the Home Secretary's point is here, why he thinks that you can only identify duplicate applications if you start with a new database.
It seems that he was exercised by errors on the existing databases. Omissions. Duplicates. Out of date data. Data that was wrong from the start. But you get errors with new databases, too. New errors new omissions, new duplicates, and data that is wrong from the start in a new way.
If the government cannot implement procedures to keep the existing databases free of errors, then there is no reason to believe that they could keep a new database free of errors and so no justification for sanctioning the expenditure required to build a new database.
The prudent option must be to start with the existing databases. At least they exist.
This was recommended to the Home Office in BCSL's February 2003 proposal (para.1.4-5) and in several subsequent letters and further proposals. It was finally announced, in the Home Office's December 2006 Strategic Action Plan, that they would, after all, use existing databases (para.13-17) and in an interview with silicon.com, Mr James Hall, CEO of the Identity and Passport Service, said:
One of the key things we've been looking at is the use of existing government assets wherever useful. The Department for Work and Pensions has a very large Customer Information System (CIS) and we believe there is a huge opportunity to reuse that technology to store the biographic component of the National Identity Registry.
This change of systems design (from creating a new NIR database to using existing resources instead) was mocked by some of the press as a U-turn and a case of policy being "ditched". The more appropriate gloss on the matter is surely that given that you want an NIR in the first place it is a welcome outbreak of good sense. Four years late, four years after BCSL recommended it, but welcome nonetheless and we hope that further good sense will break out. That biometrics will be dropped until they become reliable. And that the ID cards scheme will be based on mobile phones, not smart cards.
When IPS need to check someone's identity, they can use Google-type facilities on IPSPort to search the existing databases. The search results returned may include name, sex, address, date of birth, nationality, passport photograph and number, driving licence photograph and number, National Insurance number, employer's tax reference number, car registration number, criminal record (if any), and so on, all of which help to establish the identity of a suspected criminal or terrorist.
The custodians of the databases that IPS search all have their own procedures for establishing identity. The portal approach allows IPS to take advantage of the identity verification work which has already been done.
BCSL, with dematerialised ID in mind, particularly identifies the value of linking IPSPort to the databases maintained by the mobile phone network operators. That would help the police and the security services to establish the link between people and their mobile phones. It would help them to identify people and to locate them and to identify their associates. It would impede criminals and terrorists in their pursuits.
A portal able to cross-refer between all these sources would be a very powerful tool for checking identity. It would also raise legal questions about data protection and information-sharing, questions already raised in earlier BCSL proposals (para.1.33 and para.3.2):
These questions have been raised. They have not been answered. BCSL are not lawyers.
There are assertions in the media that information-sharing is illegal. The law which is broken by information-sharing is rarely identified. The Data Protection Act is occasionally appealed to. But actions taken for the purposes of "safeguarding national security" or "the prevention or detection of crime [or] the apprehension or prosecution of offenders" are exempted under clauses 28 and 29 of the Act.
The Department for Constitutional Affairs give some guidance, which suggests that information-sharing is not automatically illegal.
It is assumed therefore that this portal suggestion the trivially obvious solution as far as any moderately capable IT consultant is concerned is legally feasible when it comes to crime and terrorism, BCSL's principal concerns in this proposal. If it is not, then the suggestion must of course be withdrawn.
The Identity Cards Act proposes that everyone aged 16 and over should be registered. Given that most people are not criminals or terrorists, most of the money spent on registration will be wasted. The portal approach advocated by BCSL directs effort to where it is needed. This is sniper fire compared with the government's blunderbuss.
People do not object at the moment to having their data recorded by HMRC, for example, or BT. It remains to be proved but people would probably not object to having their data recorded on IPSPortDB if it helped to eliminate them from terrorist investigations or helped to solve crimes of which they had been victim. If that is the case, then the portal approach advocated by BCSL may escape some of the civil liberties objections which the NIR is already attracting.