I agree, except for one thing. I no longer believe that the government have anything to contribute to the “identity framework”, as Mr Fishenden calls it.

The government have to learn, says Mr Fishenden. Quite right. But we have to learn, too.

And to me, the sad lesson is that the politicians and the Home Office have consistently shown themselves to be ignorant, uninterested, credulous, mendacious and malign. Their rôle has to shrink. Ideally. And society’s has to grow.

Now is a good time to be thinking about what such an identity framework might look like. If the current Act is repealed, we need an alternative, sensible set of ideas waiting in the wings. An alternative that is designed to strengthen our privacy and security, not undermine it. One that places us, as citizens, at the centre and in control – not at the centre under permanent and routine surveillance. And one that empowers us with additional safeguards and protections well beyond those that the current conman-friendly plastic cards in our wallets and purses provide.

Dematerialised ID:

What we want and need and deserve and pay for is a government which behaves rationally, which takes evidence into account, which argues logically and which obtains good value for our money. It is when those wants, needs and interests are, untypically, not forthcoming that the political environment is polluted. That is what is meant by the references above to civil liberties and climate change.

Dematerialised ID is offered for consideration as an evidence-based and logical alternative to the government’s scheme, a return to the natural order, ecologically sound in terms of its politics.

In the work of leading identity, security and privacy thinkers such as Stefan Brands and Kim Cameron,* it is possible to see the art of the possible (Cameron’s laws of identity can be found here). Stefan’s work on minimal disclosure, for example, makes it possible to prove information about ourselves (“I am over 18”, “I am over 65”, “I am a UK citizen”, etc) without disclosing any personal information, such as our full name, place and date of birth, age or address. Neither would the technology leave an audit trail …

Dematerialised ID:

190. Although it is not acknowledged in their report, the LSE’s alternative to the government’s ID card scheme, with its use of digital credentials and unconditional anonymity, owes a debt to one of these alternative PKIs, specifically the scheme devised by David Chaum in the 1980s. His insight was that you do not need to reveal your entire identity for most transactions, you simply need to demonstrate that you have the credentials required for the given transaction, you can remain otherwise unconditionally anonymous.

191. His scheme was investigated by the EC during the development of OSCIE. They were sympathetic but had to reject it for lack of software to implement Chaum’s ideas. There is a more endemic problem – Chaum certificates have to be short-dated and repeatedly renewed. If these problems have been resolved – frequent renewal and the lack of software – then Chaum’s ideas could be implemented, and they could be better implemented on mobile phones than on separate smart cards. Dematerialised ID does not exclude Chaum.

… some of the other documents and cards we typically have in our wallets or purses aren’t exactly model examples either. Take a typical bank card. Right there on its front it proudly displays your name, your bank account number and your bank sorting code. And on the back? Ah, your signature and the so-called ‘security code’ (printed for all to see). On the back too is a magnetic stripe that makes it easy to copy much of this data automatically. Other cards and documents are little better.

Dematerialised ID:

Digital certificates are not material. That is what gives dematerialised ID its name. Dematerialised ID is all about issuing digital certificates instead of material ones or, at least, in addition to material ones.

There is a successful precedent. Compare dematerialisation in the UK securities industry. We no longer have material share certificates, in the main. We still manage to invest in shares.

A conventional birth certificate, for example, is material. You could be issued with a digital certificate in addition to the material one, a dematerialised equivalent. Another example, the conventional credit card you carry around is material. You could just as well carry it around as a digital certificate stored on your mobile phone.

In general, under dematerialised ID, any supplier, who currently issues any material voucher, which entitles the bearer, to any benefit, could, instead, issue a digital certificate, to be stored on the bearer’s mobile phone.

… the current identity plan, which seems to be rooted in a 1960s view of computing, with everyone’s personal information stored in some monolithic central system and proposed identity cards that seem to be little more than plastic copies of the cardboard identity documents the UK population was forced to use during the second world war.

Dematerialised ID:

The Identity Cards Act is based on a certain idea of what ID cards should look like. The idea is that ID cards have to include your name and a photograph of you printed on a credit card-sized rectangle of plastic. This idea is copied from what other countries happen to do and from the cards many people use to get into their office buildings, for example. That’s just what an ID card looks like. You don’t have to think about it.

It is the contention of this proposal that if you do take the trouble to think about it, then you realise that ID cards do not have to look like that. There are certain objectives for ID cards. The same objectives and more can be achieved and have been achieved by mobile phones. Technology has moved on since the cardboard ID cards and ration books of the Second World War. Our idea of what an ID card is can move with it.