The LSE report, published on the eve of the second reading of
the Identity Cards Bill in the House of Commons, was followed by a
hard-hitting statement from Richard Thomas, the Information
Commissioner, who said that the plans “risk an unnecessary and
disproportionate intrusion into individuals’ privacy”.
He expressed the hope that “during the passage of the Bill
parliamentarians will not just focus on the desirability of
ID cards but look into the
acceptability of Government recording so many unnecessary details
of their own and their constituents’ lives.”
The Government published its proposals for the national ID card
scheme in April 2004, revealing that the cards will be supported by
a database containing detailed personal information on all
cardholders, and which could potentially create an electronic
fingerprint of everyone who uses a service, such as the
NHS, that
requires an ID card check.
The ID Cards Bill was reintroduced into Parliament several weeks
ago, and is likely to be given a rough reception in the House of
Commons today. First time round, those opposed to the Bill had
sufficient support to ensure that it ran out of time in the run up
to the General Election on 5th May. The Government is likely to
find its task even more difficult this time in view of Labour’s
reduced majority.
The timing of the LSE report, and the statement by the
Information Commissioner, can only serve to heighten tensions. In
response, the Prime Minister opened his monthly press conference
yesterday with an appeal to the public to keep an “open mind” on
the issue.
The LSE report
According to the report, The Identity Project: an assessment of
the UK Identity Cards Bill and its implications, the proposals
currently before Parliament are “too complex, technically unsafe,
overly prescriptive and lack a foundation of public trust and
confidence.”
They “miss key opportunities to establish a secure, trusted and
cost-effective identity system,” and many of the stated objectives
of the Bill could be better achieved in other ways.
The report criticises the Government’s reliance on untried
technology – particularly biometrics – on a scale unseen anywhere
in the world, for a purpose and operation that will require access
from a large number of private and public bodies. Security will
have to be “robust and resilient to malicious attacks”, says the
report.
It adds:
“The success of a national identity system
depends on a sensitive, cautious and cooperative approach involving
all key stakeholder groups including an independent and rolling
risk assessment and a regular review of management practices. We
are not confident that these conditions have been satisfied in the
development of the Identity Cards Bill. The risk of failure in the
current proposals is therefore magnified to the point where the
scheme should be regarded as a potential danger to the public
interest and to the legal rights of individuals.”
The report considers the costs involved in the scheme,
estimating that the total figure is likely to be £10.6 billion if
there are no cost over-runs or implementation problems. But
uncertainties over how citizens will behave and how the scheme will
work out in practice mean that the 'high cost' estimate could go up
to £19.2 billion.
If all the costs associated with ID cards were borne by citizens
(as Treasury rules currently require), the cost per card (plus
passport) would be around £170 on the lowest cost basis and £230 on
the median estimate, says the report.
"This report is not an argument for or against ID cards, but an
impartial effort to improve the evidence base available to
Parliament and the public," said Professor Patrick Dunleavy,
Professor of Political Science and Public Policy at LSE.
"The Home Office currently officially suggests that ID cards
will cost around £6 billion to implement over 10 years, but it has
not yet justified this estimate in detail. By contrast, we
recognise considerable uncertainties ahead with such a novel, high
tech scheme and we show how these uncertainties might affect
costings,” he added.
The report lists 10 perceived uncertainties:
The ID cards themselves
1. How much will the scheme cost the UK
Our 'best case' scenario is that it will cost around £10.6
billion (very roughly £170 per card and passport) though some of
this cost may be absorbed into Government budgets and passed on
through tax. If the scheme is fully integrated into Government IT
systems this cost may increase considerably. Worst case: £19.2
billion, with a proportionately higher unit price per person.
2. How often will the cards or the biometrics on them need to
be renewed?
Best case: once in 10 years for everyone. Worst case: once in
five years for everyone. Median: some people (for instance, some
elderly or ill people) will need to renew their biometrics every 5
years or more; some others will need to renew cards because of
personal circumstance changes; but other people can go 10
years.
3. How often will ID cards be lost or damaged and need to be
replaced?
Best case: Loss and damage will be the same as for passports.
Worst case: More problems than with passports because ID cards are
in use much more.
The ID card service
4. How difficult will it be to initially enrol people on the ID
card scheme?
Best case: People flock to enrol speedily and there is no tail
end of resisters. Worst case: People need extensive chasing, some
people resist cards to the end, and enrolment is slow.
5. How straightforward is it to verify people's identities and
to enforce compliance with ID cards? How costly will it be to make
corrections and re-enrol people in the ID card scheme?
Best case: No verification problems, few corrections, and simple
re-enrolment. Worst case: Significant problems with verifications,
more corrections, difficulties checking other databases;
enforcement is more costly because of citizen resistance, and
re-enrolment is somewhat more complex.
Public affairs aspects
6. To what extent will the public accept the Government's
proposals?
Best case: people come to embrace the Government's scheme,
seeing benefits in having an ID card backed by a Register. Worst
case: a mass campaign of non-cooperation that creates unbearable
pressures on the system with consequent financial cost.
7. To what extent will there be civil liberties and privacy
implications in the scheme?
Best case: Government is able to maintain strict protection of
data on the register. Cards use secure technologies to limit the
threat of data misuse. Worst case: the scheme suffers from
"function creep" to the extent that a card becomes an internal
passport without which a person cannot function.
8. Will disabled people suffer hardship and discrimination
through the system's operation?
Best case: Government recognises the challenges that face many
disabled people in relation to biometrics, and incorporates
technology to meet and support these problems. Worst case: to rein
in costs the Government buys cheap technology that inherently
disadvantages disabled people, resulting in severe day-to-day
problems for them, for instance, possible denial of service and
loss of dignity.
Security
9. Are there any security concerns about the system?
Best case: the security of personal data remains much as it is
in the current environment. Worst case: if intruders or hackers
could compromise security, then large numbers of identity records
are at risk.
10. Is there a risk that new kinds of ID fraud could arise from
cards coming into pervasive use?
Best case: No new ID fraud. Worst case: Some new, high tech ID
fraud develops, with greater costs for those citizens affected.
Successful identity theft of a person's biometric data would mean
that their fingerprints or iris scans are permanently in the hands
of criminals, with little hope of revoking them.
The view of the Information Commissioner
Information Commissioner Richard Thomas yesterday reiterated his
concerns over the plans, warning, “The measures in the Bill go well
beyond establishing a secure, reliable and trustworthy ID
card.”
“The measures in relation to the National Identity Register and
data trail of identity checks on individuals risk an unnecessary
and disproportionate intrusion into individuals’ privacy,” he said.
“They are not easily reconciled with fundamental data protection
safeguards such as fair processing and deleting unnecessary
personal information.”
He pointed to the Government’s desire to make the ID card the
“gold standard” in proving identity – requiring individuals to
provide information that can be checked, and biometric details that
can link a particular card with a particular person.
The Commissioner said, “once this process is complete and the
‘gold standard’ established, there can be little justification for
retention of all such details in a central National Identity
Register.“
He was particularly concerned about the data trail that will be
built up on the Register as individuals start to use their ID card
to access services. The Commissioner believes that this must be
considered in the context of initiatives such as CCTV surveillance,
automatic number plate recognition and proposals to introduce
satellite tracking of vehicles.
Each development, said the Commissioner, “puts in place another
component in the infrastructure of a ‘surveillance society’.”
“To avoid this it is important that each component limits to the
minimum the recording of information about individuals, otherwise
we risk unleashing unwarranted intrusion into individuals lives by
government and other public bodies,” he added, pointing to
alternative, less intrusive systems – one of which has been put
forward by the LSE.
In his opinion the Government should be looking to “establish a
scheme which allows people to reliably identify themselves rather
than one which enhances its ability to identify and record what its
citizens do in their lives.”
