This afternoon I wrote the following short briefing on the problems of the Bill. You can find much more at http://www.no2id.net and read about the issues in much greater depth in the London School of Economics report on the scheme, to which I contributed.
The key issues at this point remain as follows:
- The biometric technologies proposed by the government are still very far from meeting the reliability and security requirements that would be placed upon them by the Bill. The government’s own studies have found unacceptably high error rates for fingerprint, photograph and iris scan matching. The studies have shown that certain ethnic and disabled populations are particularly difficult to enroll and match using these technologies. Even those companies that would profit from supplying biometric cards have reservations. Roberto Tavano, a biometrics specialist for Unisys, was quoted in the Guardian of 21 October as saying: "A national ID card for the UK is overly ambitious, extremely expensive and will not be a panacea against terrorism or fraud, although it will make a company like mine very happy."
- The National Identity Register would quickly become a database containing intimate details of the entire UK population’s lives. Government claims that the Register will only contain basic information are irrelevant: the ID number will be used to link together databases across Whitehall, from medical records to the Police National Computer. The “audit trail” will be a record of every citizen-state interaction where a card is checked. The fingerprints and iris scans may be used in future for further purposes – despite the fact that the government has admitted that the technology will not be accurate enough to detect multiple applications for different identities, the key reason given for storing these biometrics. The secure computing technology required to keep this amount of sensitive data safe would be unprecedented on this scale, and enormously expensive. Microsoft UK’s Chief Technology Officer recently commented: “I have concerns with the current architecture and the way it looks at aggregating so much personal information and biometrics in a single place.”
- The government’s claims that biometric technologies are required by new international passport regulations are false. The United States will require a digital photo to be contained on a smart chip in a passport; this could be provided using existing data held by the Passport Agency. The Schengen agreement will require member states’ passports to contain digital photographs and fingerprints; however, the UK is not a party to this European Union initiative.