ID evidence to Science & Technology Committee
Away from the Punch & Judy sagas of the week, in a quiet corner of the Commons heard evidence about how well government listens to scientific evidence. Jerry Fishenden spoke about ID cards. As he says
the ID cards consultation to date has been focused more on the procurement process than the business requirements and technology issues. The Home Office team expressed a desire not to stifle innovation by getting into the specifics of potential architectures. But I think it would be really useful to see a UK government study into the risks, feasibility and comparative merits of centralised versus decentralised identity systems in terms of systems reliability theory, or modern computer security concepts (including the widespread contemporary experience of large scale data breaches, social engineering and phishing attacks).
- given the fastest growth in ID fraud is online (through for example phishing attacks), it was unclear how the ID card would work in online scenarios (would it default for example to just chip and PIN?). And given that the delivery of online public services is a key part of the Transformational Government agenda, this is clearly an area in which a well-designed ID card could yield major benefits and tie in well with other identity initiatives including across health, local and central government and the private sector
- some concerns arose from the limited number of publicly available scenarios of how the ID card could be used in practice. And of those available, there are potential issues with their descriptions of the card’s usage in practice. For example, the scenario here indicates that the ID card will disclose your date of birth to any third party that needs proof of age entitlement (eg to buy alcohol or to get an old age pensioner discount). However, I believe this is not good practice based on our experiences with ID fraud. All that needs to be revealed in such a situation is that the person is over 18 or over 60/65. Neither their date of birth or age needs to be revealed. In fact, handing over personal information such as date of birth to anyone who requests sight of an ID card could generate vulnerabilities elsewhere: for example, telephone banking uses date of birth as one of the ‘secrets’ to prove who you are when you phone up. We need to be very careful that the ID card does not add to any potential identity fraud issues when there is a great opportunity for it to help enhance our privacy, as Dave Birch indicated in his evidence.
Let’s hope the new Home Secretary listens to scientific evidence and is not prone to groupthink.
Published by William Heath on 05/05/06 at 1:06pm
Comments
Next entry: ID: Bangladeshi bigwigs do it on the cheap
Previous entry: Dance of the intellectual pygmies, part 2
Ideal Government
Let's say what we want from e-enabled government. Let's observe government first-hand. Let's say "Wouldn't It Be Better If" (WIBBI). Become an ethnographer of bureaucracy today! It beats getting frustrated with public services.
Categories
Comment
Anyone is free to comment. Or mail with an article if you want to be an author. I'll post it up and send you a password. This whole thing is supported by Kable.
Sponsor
Authors with password: click here to postBLOGS & CRITICAL FRIENDS
Action on Rights for Children
Big Opt-Out
Dave's public sector blogs
David Osimo
David Milliband
DFID bloggers
FIPR
FutureGov
Ian Brown
Jeff Jonas, IBM
Jerry Fishenden
Kim Cameron, MS
Light blue touchpaper
Matthew Somerville
NHS23
No2ID
Obama team blog
Public strategist
Richard Allan
Robin Wilton, Sun
Sam Smith
Schneier
Spy blog
Toby Stevens/CW
Verified Voting
Whitehall Webby
PERTINENT ART
ACLU privacy pizza
Very model of a notional identity
Swizz of the cards
Handelsman: NSA wiretaps
Handelsman: US spying
Wearcam
Googlezon
Three dead trolls
Stefanos Pantagis
ESSENTIALS
Cluetrain Manifesto
RAE Dilemmas of Privacy
NCC Playlist for public services
Sousveillance
Stefan Brands' book summary
Ross Anderson book
Engelbart Mother of all demos
OTHER ID/SECURITY
ID theft spy
Planet Identity
Pledgebank for refuseniks
Home Office ID cards
Ann Cavoukian, Ontario
MYSOCIETY & SAM'S STUFF
MySociety/
They work for you
Fax your MP
DirectionlessGov
Comment on This
Place-O-Pedia
...and the original
Stand ID card campaign
OUR 2005 MAPS MASHUPS WINNERS
Plymouth Schools
Ben's UK speed cameras
5-day weather forecast
House sale prices
g-Traffic info
More Google maps mashups:
Googlemapsmania blog
Old stuff
RSS in government blog
Stefan Brands old blog
Authors
Member ListSign up for new articles
Copyright
Designed by...
Statistics
This page has been viewed 591027 times
Entries: 1714 | Comments: 2785 | Trackbacks: 206
Most Recent Entry: 01/02/2009 12:43 pm
Most Recent Comment: 01/02/2009 04:11 pm
Members: 185 | Logged in: 0 | Guests: 25
Most recent visitor: 01/07/2009 02:15 am
Most visitors ever: 443 on 10/12/2005 02:21 pm
Full audio of this session is currently online at: http://www.parliamentlive.tv/Asx.aspx?content=content&meta=<STARTTIME Value="00:01:35"/><DURATION Value="01:50:33"/>&stream=parliament/00004684.wma&isParl=False
Reply by Jerry Fishenden on 05/05/06 at 3:23 pm
The proponent of iris scans sounded surprisingly sure of their accuracy and practicality.
But, after hearing that evidence: How can the ID Project continue in its present form?
Reply by Richard S on 05/07/06 at 12:00 am