ComputerWorld reports on the U.K. government set to consider legislation next year for the establishment of compulsory biometric identity cards and a central database of all U.K. subjects.
The information that the government is considering for inclusion on the card includes personal details such as a person’s home address and telephone number, his National Insurance number (the equivalent of the U.S. Social Security number), medical information and criminal convictions, as well as the biometric information, most likely in the form of an iris, fingerprint or palm print scan.
The ID cards would be rolled out in two stages, beginning with the biometric identifiers being included on renewed and newly issued passports and driver’s licenses. Also as part of the first phase, once the national database was available, the government would issue identity cards to European Union and foreign nationals seeking to remain in the U.K., and would also offer an optional card for those who do not have a passport or driver’s license. As part of the second phase of the program, to be implemented five years after its launch, the national ID card would become compulsory.
The government estimates that residents will be charged about $41 for the card and that setting up the basic system will cost taxpayers $215 million, and up to $3.59 billion to fully implement.
In a speech to the House of Commons on Nov. 11, Blunkett asserted that the development of technology that recognizes specific personal identifiers, or biometrics, “would mean that identity could not be forged or duplicated.” But the government’s own feasibility study on the use of biometrics issued in February said such methods “do not offer 100% certainty of authentication of individuals” and went on to warn that the “practicalities of deploying either iris or fingerprint recognition in such a scheme are far from straightforward.”
Bart Vansevenant, director of security strategy at Ubizen NV, said his company sees no real value for adding biometrics to ID cards, especially since it wouldn’t stop terrorism or fraud. Ubizen has been working on Belgium’s electronic ID card scheme, the first in Europe to move beyond the pilot stage, according to Vansevenant. The Belgian ID cards, which should be fully rolled out in three to four years, use digital certificate technology, which is cheaper and more reliable than biometrics, Vansevenant said.
There is no reason that is good enough to explain the use of biometrics. It is still a very immature technology, plus you have the additional costs of equipment, support and administration problems… Vansevenant also expressed serious doubts about the security of a national database. It is a pretty bad idea, especially the database, which would be an ideal target for hackers and terrorists.
Perhaps the U.K. and the U.S. [which is proposing the use of biometric data on U.S. passports] are using biometrics and related databases from a marketing point of view and trying to position it as the big solution to the problem of terrorism. But even then, it’s still a bad idea.
Quite.
Though most of the fuss has centred on the card, the database and national population register is the bigger danger. The card is a useful excuse to get the register in place. Once everyone is numbered and must report where they live, and state records link to the number, then whether there’s a card or not is not a big deal.
Whilst the national database is arguably the more dangerous part of the scheme than the card itself, I’m not sure I agree with Guy’s suggestion that the card is not a big deal once the database is established.
E.g. consider the police deciding to stop people and ask for their ID (regardless of whether they get the power to demand the ID).
Without the card, stopping people and asking them for ID won’t give you the identity number.
With the card it gives you the identity number, plus other info immediately and then you can use the identity number at your lesiure to get more info. I.e. the card, especially the universal or near universal uptake of the card, alters what the police (or anyone else) asking for or demanding the card can hope to get out of the exercise and will thus make the exercise worthwhile more often than not.
The card will thus facilitate the tracking of individuals not merely through its routine use for e.g. applying for benefits or accessing a bank account, but also through making it more informative for the police or anyone else to ask for the cards. Even if the cards are supposed to be voluntary, if they’re carried by 90% of the population, 90% of the time, asking for the card will mostly see it produced and the number can be noted.
My assumption is that once the register is established, all those organisations that currently ask for other forms of ID will automatically ask your register number. Presumably the Police will acquire the right to demand it — with Parliament told it is merely equivalent to, and easier to check than, your name and address — by a simple amendment to PACE.
As James suggests checking the biometrics won’t be the main function of the card unless one’s arrested; noting the number for monitoring purposes is what’s really required. Surveillance things won’t have to wait for the card, they’ll only require the register in place. After that, of course, the card will be in demand for convenience’s sake.
So the database will be sold on the basis that it is necessary for the card; the card offered to make it easy to cope with the necessary bureaucratic demands of the database.
I see that the government has announced the launch of a trial to pave the way for its compulsory ID card scheme.
If you’d like to take part in the trial, you can register your interest with MORI. Call Melanie Briere on 020 7347 3023 or email trial@mori.com.
I have!
David Blunkett seems to choose to believe that once the Biometric ID database is established, the ID Cards themselves will not actually always required.
He seems to think that police etc. will have soon have access to “mobile technology” to check your Biometric Identifiers directly against the Central Database without needing your ID Card to be at hand.
Technologically this is a much harder, more error prone task, and will lead to even more False Positive and False Negative matches, with potentially dire results either by letting the terrorists etc. go free, or falsely accusing innocent people.
At least the Belgians are going to get a Digital Certificate which might help with e-government services via the internet, for which the UK ID Card will be useless, especially if it conforms to the deliberately non-commercially interoperable ICAO Biometric Passport standard proposal. We are still going to have to pay extra for a Digital Certificate to pay taxes or get government ssubsidies online, on top of the ID Card.
More attention should be paid to wether or not a centralised name and address database is acceptable or not. If they only gather and store your address when the ID Card is issued, then it is of little use for catching terrorists etc. If it is to be used to help track down dangerous people, then the re-registration and change of address procedures become indistinguishable from placing everybody on the Viokent and Sexual Offender Register.
http://www.spy.org.uk/spyblog/archives/000134.html
On Tims advice (see previous comments) I have applied to take place in the test programme – what fun we shall have!!
I think what people may be missing here is just what this database and card represent.
I look from a Scripture point of view which can be viewed at http://iron-clay.cloudnine.net.nz/one_world_government.html#one_world_government
I believe there is ample evidence in the Greek and the world wide government move to prove this Biometric Data Base and system is in fact “The Mark of The Beast”.
Think I’m a crank??? go look or run your questions past me at
iron_clay@clear.net.nz
Well, 20.10.2004 I saw an article about the troubles with this ID_cards Database problems – Home Office said that they need more money ( > $ 3 bln.) to make a powerful algorithm for the fingerprint recognition (retina scan and so on) – why don’t they want to buy this algorithm from the outside ? Need to create powerful engine for search through the ID_Cards Database (or just to spend more money) ? Wanna use perfect algorithm ? Just buy it. On the fingerprint_recognition market U can find 5-7 algorithms to explore – just buy one with the best performance…We could even sell it to U 🙂 So, again, why do they need to build their own system with low FAR&FRR numbers, and create new, and again and again…