|Newcomers and returning visitors, please note that you are welcome to talk to the hermit using this new invention, email.||
The voluntary alternative
to material ID cards
A Proposal by David Moss
of Business Consultancy Services Ltd (BCSL)
The paragraphs below are designed to prove one thing, in about 30 different ways, relentlessly, one argument after another that we already have a supremely effective ID voucher scheme, based on our mobile phones.
Everything else follows from that. Among other implications, there is no point arguing about whether we should have an ID voucher scheme, it is too late. Also, there is no point spending money on an additional ID voucher scheme. Certainly not if it is based on the puny technology of smart cards.
The uptake of the mobile phone is viral, nothing will stop it, there is no point resisting it and it is culpable of the government to ignore it. The mobile phone system is an ID voucher scheme.
That applies in the UK, where the government are planning to issue us all with smart cards, even though we already have mobile phones. And it applies in every other country planning to do the same.
The sooner our governments see that the ID cards emperor is not wearing any clothes, the cheaper it will be for us taxpayers. And the sooner we will be able to benefit from the technologically literate identity management, based on mobile phones, which is already evolving.
This has not gone unnoticed by the police and HM Revenue & Customs (HMRC). To support their investigations, they make 500,000 requests a year for location and timing information from the mobile phone network operators. That is one request per minute, on average, every minute of the year.
The Identity Cards Act is based on a certain idea of what ID cards should look like. The idea is that ID cards have to include your name and a photograph of you printed on a credit card-sized rectangle of plastic. This idea is copied from what other countries happen to do and from the cards many people use to get into their office buildings, for example. Thats just what an ID card looks like. You dont have to think about it.
It is the contention of this proposal that if you do take the trouble to think about it, then you realise that ID cards do not have to look like that. There are certain objectives for ID cards. The same objectives and more can be achieved and have been achieved by mobile phones. Technology has moved on since the cardboard ID cards and ration books of the Second World War. Our idea of what an ID card is can move with it.
If you once accept the fundamental premise of dematerialised ID that mobile phones are ID cards, if you once recognise what a valuable resource we already have in the global mobile phone network, then certain points follow.
We cannot keep on referring to this network as the national network of ID card readers and biometric verification equipment. BCSL suggest that it should be referred to as IDNet.
No-one knows how many billions IDNet would cost. No budget for it is included in the Home Offices July 2002 consultation paper on the ID card scheme, nor in any subsequent document of theirs. The cost would fall on public and private sector organisations alike. Yet another stealth tax.
What we do know is that IDNet is unnecessary. Mobile phones are today's ID cards and we already have four mobile phone networks up and running in the UK.
It may not be unprecedented. Indeed, thinking back to the depravities of the IRA, and thinking back to the Cold War fear of an enemy within, that seems historically inaccurate. But if the government believe that it is unprecedented, then, by their own logic, it is odd to wait six years to introduce their ID cards scheme when there is a better alternative already available and in use.
The government scheme is called universal but it only applies to those aged 16 and over, it will have trouble including the many people whose biometrics cannot be registered or used to verify their identity, it will exclude overseas visitors staying for less than six months (originally three months) and there have been suggestions that the elderly will not be forced to have ID cards. So the government scheme does not apply to 100% of the population either and, in that sense, it is not universal.
Dematerialised ID tends similarly to exclude the elderly, who often do not like using mobile phones. On the other hand, it includes all the under-16s who have mobile phones and all the overseas visitors who have mobile phones. And it does not rely on biometrics, so it includes the 19% of people whose identity cannot be verified by their fingerprints, the 31% of people whose identity cannot be verified by their facial geometry and the 10% of people who cannot register their irisprints in the first place, let alone use them to verify their identity.
Note that the 19% (p.10) figure for fingerprints is consistent with the experience of US-VISIT, the fingerprint-based US scheme which has been in operation since 5 January 2004. Also, 19% is an average. The figure rises to 30% (p.64) for those aged 65 and over, i.e. 30% of the elderly cannot have their identity verified by their fingerprints.
Note also that the 10% (p.9) figure for irisprints applies to able-bodied people only. 10% of able-bodied people would not exist according to an ID card scheme that relied on irisprints. That figure rises to 39% (p.9) for the disabled.
And the figures for identity verification based on facial geometry are even worse. 31% (p.10) of able-bodied participants could not have their identity verified by this biometric. They would not exist and neither would 52% (sic, p.10) of the disabled.
Biometrics based on facial geometry are clearly too unreliable to be worth pursuing.
Irisprints may be worth pursuing. But it is a new technology without a long-established track record. Unlike fingerprints, and despite the film Minority Report, which is fiction, people cannot leave latent irisprints behind at the scene of a crime. And the police do not have an existing collection of irisprints on which to base watchlists, the way they do with fingerprints.
Fingerprints are the main biometric that most of the current and proposed ID card schemes in the world use. So we have, roughly, an 80-20 problem. 80% of the population can be included, 20% are excluded.
These figures are not a matter of opinion, open to debate. They are just facts. The biometrics chosen for the ID cards scheme are not capable of including all members of the chosen universe. So the scheme cannot be universal. And yet the government prospectus continues to hold it out as a universal scheme, see for example the Home Office website: "The NIR will be a new, highly secure database holding personal identity information and biometric data for everyone who has enrolled in the scheme".
The only answer BCSL has found came from Tony McNulty MP, who was at the time the Home Office Minister responsible: “… there are difficulties with the technology … not least with people with brown eyes ... none of these problems are new, but increasingly as biometrics are more and more used ... we think the technology can only get better and better and better …”.
His response is panglossian. It is facetious. It is unbusinesslike – no company would invest in a project on this basis.
The non-biometric among us cannot just be ignored. There will have to be other schemes to cater for them when it comes to fighting crime and terrorism and to the delivery of state benefits. All the security problems which are deemed to have been solved by biometrics will have to be reconsidered and solved some other way. For 20% of the population, we could spend billions on the ID cards scheme and still be no further forward.
The public anger at the waste of money will be a self-inflicted wound on the government. No company offering a false prospectus would get a listing on the stock exchange. The government will not get this issue away.
A genuinely universal scheme would tend to become the single repository of authenticated identity. It would provide a single point of attack.
Evolution and free market economics both teach us that safety/survival/fitness lie in plurality. We already have several ways to establish identity. It is not a new problem. Multiple intersecting independent schemes are safer and can cover the whole population between them without any single scheme having to be universal.
Dematerialised ID has a good claim to be one of those schemes.
At one stage, counter-terrorism was specifically downgraded as an objective of the government scheme, which was meant rather to provide an emblem of citizenship:
"After the terrorist atrocities in the United States on 11 September 2001, I was asked whether the Government was considering introducing identity cards. I said at the time that any debate about identity cards should not centre exclusively on issues of national security. Far more important are the issues of citizenship and entitlement to services and it is in this context that I would like to see the debate unfold" (David Blunkett, Home Secretary, Foreword, July 2002 consultation paper).
Now, counter-terrorism and the fight against crime are advanced as major reasons for introducing the scheme, and the notion that an ID card could be the proud embodiment of being British has disappeared.
These are two admirable and popular objectives but no statistics have been presented to show that crime is lower in countries which have ID card schemes. Even if crime is lower in these countries, is it because of the ID cards or something else?
The government admit that ID cards will not eradicate crime or stop terrorism but state that they will at least impede criminals and terrorists. It is not clear how their proposed scheme will achieve even that. Spain's compulsory ID cards did not stop the Madrid railway bombings. And a mugger pointing a knife at you remains a threat, even if he is holding his ID card in the other hand.
By contrast, it is clear how dematerialised ID, with its use of mobile phones, already impedes criminals and terrorists:
A useful one. The police may know that a particular mobile phone was in the vicinity of a crime at the right time but have no idea whose phone it is. By checking the mobile phone records, they can see who called this phone number and who was called by it. Somewhere among this set of associated phone numbers there may be a few for which the police can identify the usual bearer and so the investigation can take a step forward, there is a lead. It may be that the bearer of the unknown phone is completely blameless and can be excluded from further investigation. Or it may not.
This modus operandi is already used. Why else would there be over half a million enquiries made every year by the police and HMRC to the mobile phone network operators for location and timing data? Dematerialised ID is already with us:
"In the past five years, dozens of murderers have been convicted partly as a result of evidence about their mobile phones or those of their victims. Detectives now routinely contact the mobile phone networks and obtain details of phone calls made by and to a murder victim and from the prime suspects" (The Times, 18 December 2003).
That point has already been made. It is made again here simply to contrast mobile phones with smart cards. Smart cards provide no comparable useful intelligence.
The point should also be made that there is a difference between having the technology and actually delivering. Dematerialised ID provides intelligence. Whether that intelligence is correctly analysed and followed up is another matter.
The same applies in the US, where 118,000 people pass through US-VISIT every day. How do the FBI track down someone the Department of Homeland Security have let through by mistake? His Border Crossing Card or visa is of little assistance in locating him. His mobile phone, by contrast, will locate him more or less continuously.
We could avoid this problem in the UK. If we were to issue entry permits and store them on people's mobile phones, the same device could be used for both immigration and subsequent location.
These are all location-based crimes, and mobile phones help to locate the victims, criminals and witnesses involved. The political benefits of reducing these crimes and thus increasing the national sense of wellbeing are obvious and it is obvious how dematerialised ID could help. Already does help, let us hope, otherwise the police are not doing their job. Smart ID cards would make little contribution. They are based on the wrong technology to help much.
Anyone looking at his monthly bill can see that there must be a set of databases somewhere which records all the numbers dialled. That is, he can see that his associates can be identified.
People know this and yet they still voluntarily use their mobile phones. Perhaps even civil liberties campaigners use mobile phones. Certainly there is no civil liberties campaign in the UK against the use of mobile phones.
A number of local authorities have voted not to use ID cards if and when they are introduced. They have not voted against the use of mobile phones.
Arguably, this neutralises the civil liberties issues raised by dematerialised ID. People have knowingly elected to forgo their privacy in exchange for the utility of the mobile phone. As a result, dematerialised ID reduces the political risks the government face in introducing an ID voucher scheme.
Regulate who has warranted access to these databases and you can manage civil liberties, people can be protected from themselves.
Or as The Law Society put it in their evidence to the Home Affairs Committee: "The biggest problem for the police is not in identifying individuals, but rather in linking an individual to a crime. An identity card would add nothing to the existing tools available to the police".
Using an ID card will locate you. It is no different in that respect from using a cashpoint card. For 40 years now, whenever you have used your cashpoint card, a record has been made showing where you were and when. But you don't use your cashpoint card very often and you can get by without using it at all. If you do not want to be located, the same will be true of ID cards. So ID cards will not frequently provide a means of locating you.
Compare that with your mobile phone, which is constantly looking for the nearest phone mast to "associate" with, as it is known. You don't have to be using the phone, you don't have to be making or receiving a call, it just has to be switched on. There are places with no mobile phone reception but that is declining. Most of the time your phone is associated with a phone mast.
Remember the HLR and the VLR, the home location register and the visitor location register.
The location of your phone is recorded all the time that it is associated with a phone mast – every second of the day for many of us – on the HLR of your provider, Vodafone or Orange or whoever. That is the case whether you are in the UK or having a cup of coffee in a medieval market town in France. A US visitor to the UK will similarly have his location recorded on his provider's HLR in the US, perhaps Verizon, even while he is in the UK.
His location will also be recorded simultaneously on the VLR of whichever provider in the UK he has roamed onto. If he is in range of a T-Mobile phone mast, and Verizon has a roaming agreement with T-Mobile, then his location will be recorded on T-Mobile's VLR. Similarly, your location in France will be recorded on a French provider's VLR.
This is continuous, instant, real-time location. What more does the government want? The UK police can call the local gendarmerie and ask for someone to go to the cafe and arrest you, as they clearly did with Hussain Osman in Italy. ID cards have nothing similar to offer. So why consider them? The mobile phone is infinitely better at locating people. It is here, now and we have already paid for it.
Why do the government want us to pay for a second, expensive and inferior system? It is not as though they don't know about the location facilities of mobile phones. BCSL have been telling them since 31 January 2003, and we cannot be alone in this.
Campaigners who complain about the ID cards scheme by comparing it to the world of George Orwell's 1984 must have a poor opinion of Big Brother's competence. It seems patently obvious to BCSL that Big Brother would do the job properly and use mobile phones. Why would he waste money on smart cards?
It hasn't happened in the four years to date but soon, surely, the government will take the point. The UK government and other governments, too. Surely, they will soon look back and ask why on earth they based their scheme on smart cards, what possessed them, what delusion they were suffering from.
Use the mobile phones people have paid for anyway and not only do you get a more effective ID voucher, not only do you know where to concentrate your efforts to manage civil liberties, but you also save £2bn.
There is no equivalent cost in dematerialised ID, which is therefore not only cheaper but also more flexible.
"... It also emerged that the project was likely to be simplified dramatically. Rather than all ten fingerprints and other “biometrics” being stored on a microchip, the slimmed-down card may have only a digital photograph, or possibly two fingerprints" (The Times, 12 July 2006).
If eCommerce is to grow, we may want our credit cards and cheque books to be stored on our ID cards, along with our stockbroker dealing account, our library card and our health insurance card, our union membership card and our cricket club membership card, which allows us to buy drinks at the bar and to turn on the squash court lights. There would simply not be room on the government's proposed ID cards. There is already room on our mobile phones.
Smart cards would inhibit the growth of eCommerce. They would block the road to expanding the economy. Mobile phones would not.
The phone may be being used, on any given occasion, by the usual user or by someone he has lent it to or by someone who has stolen it. The usual user may not be the person in whose name the phone is registered, e.g. your son may use a phone registered in your name and you may use a phone registered in the name of your employer. The phone may not be registered at all, it may be used on a pay-as-you-go basis.
There are all these problems for dematerialised ID. It is often going to be hard to establish the association between a mobile phone and a person but it is not impossible to do so and, when that association is established, the circumstantial evidence can be powerful. Look at the Holly Wells and Jessica Chapman case. Ian Huntley is known to have been in Ely, having new tyres fitted to his car, because his mobile phone records place him there. Maxine Carr is known for the same reason to have been in Grimsby, when she claimed to be in Soham.
With a smart card, your identity would be tucked away in your wallet, next to the Threshers discount card, expiry date 12/99. With a mobile phone, your identity is continuously projected onto the record.
The global mobile phone network is here with us now. It is not going to go away. It is a mistake for the government to ignore it. The great strength of the network is that it creates, in the mobile phone, a more effective ID voucher than could ever previously have been feasible. Your mobile phone identifies you, it locates you at almost all times and it identifies your associates.
This great strength is also a great danger to civil liberties. That will remain the case under the Identity Cards Act. The Act is in that sense an expensive diversion from the real ID voucher scheme.
If the government will amend its scheme to rely on mobile phones, rather than smart cards, then attention will at last be drawn back to where it is needed, to the already pressing question how to regulate the mobile phone network operators, in such a way as to protect our civil liberties.
People like mobile phones and want them and buy the best models they can. That makes them attractive to thieves and a huge number of mobile phones are stolen.
The problems for dematerialised ID are thus linked to its attraction, its success, its popularity. Half the street crime that BCSL suggests could be reduced by dematerialised ID is itself mobile phone theft or related to mobile phone theft.
These applications are technologically feasible. They amount to a mobile version of eCommerce. They will not be widely adopted until mobile phones and the applications on them can be quickly:
Making a stolen phone useless seems simple. Remember the EIR, the equipment identity register. The EIR records the IMEI of each handset. Update the EIR and mark the IMEI as stolen, and the phone becomes useless, doesn't it?
In the case of amateur thefts, yes, and if any operator does not update their EIR quickly, then it is suggested that a case be brought against them, accusing them of being accessories after the fact. More stolen phones will soon be made useless, and the rate of theft will fall.
But the more professional thefts involve changing the IMEI. Making that impossible, the industry says, will take years and will be an on-going process. Only then will mobile eCommerce become gradually safer.
In the meantime, mobile phones remain useful tools in the fights against crime and terrorism. Even if they have been lost or stolen, mobile phones can be tracked.
There is no eEMP, no europe Mobile Phone forum. Had there been, they might have produced an OMPIE, an open mobile phone infrastructure for Europe. As it is, instead of 2,000 pages of documentation, what we actually have is a working mobile phone industry.
And, instead of a working ID cards scheme based on smart cards, what we have is 2,000 pages or so of documentation, and the intention among most EU countries, the UK included, to deploy ID voucher schemes based on smart cards.
eESC is no more, and OSCIE is now the responsibility of the EU's IDABC unit (Interoperable Delivery of European eGovernment Services to public Administrations, Businesses and Citizens) who say of OSCIE:
"Although smart cards were the main focus, it was also recognised that other non-card based solutions for carrying out qualified eServices are being developed. Work on mobile device technology is particularly important, as this medium potentially offers cost, security and functionality benefits over smart cards."
Dematerialised ID can abide by convention. We can store photographs on mobile phones. People already do.
The photographs should be official, of course, to have any value. There is a technology known as "PKI", the public key infrastrusture, designed specifically to ensure authenticity. PKI could be used to authenticate photographs on mobile phones, to vouch for the fact that they are official, Home Office photographs. That is the case not least because, more and more, PKI is built into the operating system of mobile phones, to support other applications which require authentication.
You need to ask yourself, though, just how useful it is to have a photograph of the bearer on an ID card or on anything else. People are not particularly good at matching the photograph to the person. The UK credit card companies paid for a trial to test the value of having people's photographs recorded on their credit cards. The results suggested that this would have the effect of increasing credit card fraud, not reducing it, and the idea was dropped.
The 16mm x 20mm photograph on the sample ID cards issued for the UKPS biometrics trials, in which BCSL took part, is less than a quarter the area of the 35mm x 45mm photograph on a conventional passport. It is tiny take a look at the picture on a photocard driving licence for comparison and any human being is going to be hard put to say whether or not it is a picture of the bearer.
Subsequently amending or revoking your material ID card would be similarly expensive and time-consuming, which would make the government unhealthily reluctant to correct or upgrade the ID cards scheme. A dematerialised equivalent can be quickly and cheaply amended or revoked, simply by making a phone call.
Consider this example. Some individuals are exempt from paying UK tax on their overseas income as long as they spend no more than 90 days a year in the UK. The number of days they spend in the country could be counted by reference to the presence of their mobile phone on UK HLRs and VLRs. It certainly can't be counted using their ID card. They won't have one. Ex hypothesi, they are spending less than six months in the country.
And that's when we're present at the point of sale. In the case of a customer-not-present payments, it is not clear that ID cards would help at all.
Remember PKI, the public key infrastructure. If your material credit card was replaced by a dematerialised, digital credit card stored on your mobile phone, then PKI could be used to authenticate all your payments, irrespective of whether you were present or not. PKI was developed so that spies could communicate securely at a distance, i.e. when they are not present in the same place. PKI is, thus, precisely the general solution to the customer-not-present problem.
In Hungary, they speak Hungarian. That is rarely advanced as a reason for us to speak Hungarian.
These other countries will look very sheepish if China, say, or India skip a generation and deploy ID voucher schemes based on mobile phones. They will be left with the under-powered and inflexible technology of an earlier generation.
There is no need for us to join the sheep. Surely we would rather see our domestic policy designed in the UK to suit the UK.
The IDNet terminals would be in fixed locations. This would be inconvenient compared with a mobile phone, which you can use more or less wherever you are, and the terminals would be subject to breakdown and to vandalism.
Mobile phone handsets are portable computers (power source, processor, memory, operating system, software applications, keyboard, screen, microphone, speaker, video, ...) with built-in telephony, messaging and networking facilities. The networking facilities include dialled connections which you have to pay for and infra-red, Bluetooth and RFID connections which are free. It is hard to imagine a device better adapted to the mass deployment of IT systems. Mere smart cards are miserably under-powered by comparison.
In a country where vandals smash bus shelters and we cant even make the trains run on time, this is manifestly unrealistic.
It is also unnecessary. The text facilities on mobile phones make them ideal communication devices for deaf and dumb people. Voice synthesisers can be fitted to handsets so that text on the screen can be read out to blind people. Wheelchair users can hold their handset to their ear at whatever height it happens to be at the time. Anyone who cannot use a mobile phone, as required by dematerialised ID, would probably not be able to use the ID card and terminals required by the government scheme.
Disabled people, like everyone else, are more likely to be shackled by schemes which rely on fixed location terminals and more likely to be empowered by dematerialised ID.