Skip to main content
The Light at the End of the Tunnel

I’ve grown a few more grey hairs since writing my last column, in part due to finding myself sitting on a Police working party on economic crime. Tony Blair has, this week, been extolling the virtues of identity cards and I’m typing this on a train as I head towards a meeting at the European Parliament offices to discuss this and other security matters.



Unlike the Prime Minister and Charles Clarke, I don’t believe that identity cards will deliver the kind of magic bullet against crime, terrorism and immigration that politicians imagine. I wish it could but for a number of well-worn technical and implementation reasons I believe we are investing too much faith in technologies that have yet to be proven on the scale that government envisages.

Cards, chip and pin solutions are a well-established technology with a strong business case to support them. I have, after all, a wallet full of such things and the financial services industry find them both useful and lucrative as a means of supporting transactional identity mechanisms. At the same time, we should not forget that all identity systems built-upon any technology platform have, to my knowledge and error of failure rate which is subsidised by the mass-market success of their underlying business model and which we see absorbed and written-off, as card fraud by banks credit card companies.

At the simplest level, if, like me, you have had a credit card stolen or cloned, a new one is delivered without delay and with no personal liability. But what happens if your identity card, built-upon a national database of personal information, in the way Tony Blair imagines, is stolen or cloned?

We have to assume, as with any computer system that a failure rate will be present, one example being today’s conversation with the Inland Revenue who sent me a letter telling me that they owed me the self assessment payment I had sent them. A coding error but a mistake none-the-less which is easily rectified at the end of a phone but not so easily resolved if my identity, like my postcode, is confused with someone else.

When I moved house eighteen months ago, it transpired that the Royal Mail postcode database had assigned my address not to number “2” but to “Flat 2 - number 25” and you can imagine what happens next, as Royal Mail sells the PAF database to tens of thousand of companies including the large insurers. All of a sudden, I couldn’t easily prove the existence of my house, which has been around since 1791 and it was quite possible that my residential credit record might be linked with the other address.

Given that the UK has the highest failure rate for large-scale eGovernment projects in Europe and possibly the world, we must reasonably assume that if the ID card programme is implemented according to plan, then some vital facet of the technology or process involved, will go “tits-up” in the near future. This sad fact of life has never prevented Government pursuing ambitious public-sector projects in the past and fails to register as an argument against the wide-ranging ambition of the ID card programme.

This month I was asked to visit a middle-eastern country and evaluate their progress towards the second phase of their eGovernment programme. “You can learn more from Britain’s mistakes than its successes”, I told them. “What you need is the Kalashnikov principle of electronic government.” What’s that?” they asked. “It’s simple, I replied, you need to start with projects that are robust enough to resist the interference and abuse from politicians, technologists and civil-servants without jamming.” The same could be said of plans for the UK’s own identity card programme, as there are too many interested involved, much like the National Programme for IT, NPfIT. We have to assume some level of “acceptable” failure within the system but with the implication of failure tied to the mission-critical nature of a personal identity mechanism, what constitutes acceptable, particularly if such data finds its way, through a process of replicative error into the hands of foreign governments or worse still, the Americans?

Incidentally, I heard at Westminster today that the NPfIT has revised its timetable to reflect the success of pilot projects, in order to attract greater support from the medical profession and achieve more realistic implementation goals. Alternatively, the programme has dropped a gear, delaying its spending in order to help the Chancellor plug a more immediate fiscal gap. You decide which statement is the more correct.

Although I believe that the prevalence of identity technology will usher in the existence of a more Orwellian society, I’d be prepared balance the security interests with the demands of modern existence, if I thought the safeguards were strong enough. However the sight of Tony Blair asking me to trust his judgement on this issue, in conjunction with the technical evidence is enough for me to call for a moratorium on the subject to prevent a headlong dash towards the light at the end of the tunnel, which may prove to be a train rushing towards us from the other direction!

Comments

Popular posts from this blog

Civilisational Data Mining

It’s a new expression I haven’t heard before. ‘Civilisational data mining.’

Let me start by putting it in some context. Every character, you or I have typed into the Google search engine or Facebook over the last decade, means something, to someone or perhaps ‘something,’ if it’s an algorithm.


In May 2014, journalists revealed that the United States National Security Agency, the NSA, was recording and archiving every single cell-phone conversation that took place in the Bahamas. In the process they managed to transform a significant proportion of a society’s day to day interactions into unstructured data; valuable information which can of course be analysed, correlated and transformed for whatever purpose the intelligence agency deems fit.

And today, I read that a GOP-hired data company in the United States has ‘leaked’ personal information, preferences and voting intentions on… wait for it… 198 million US citizens.

Within another decade or so, the cost of sequencing the human genome …

The Nature of Nurture?

Recently, I found myself in a fascinating four-way Twitter exchange, with Professor Adam Rutherford and two other science-minded friends The subject, frequently regarded as a delicate one, genetics and whether there could exist an unknown but contributory genetic factor(s) or influences in determining what we broadly understand or misunderstand as human intelligence.

I won’t discuss this subject in any great detail here, being completely unqualified to do so, but I’ll point you at the document we were discussing, and Rutherford’s excellent new book, ‘A Brief History of Everyone.”

What had sparked my own interest was the story of my own grandfather, Edmond Greville; unless you are an expert on the history of French cinema, you are unlikely to have ever hear of him but he still enjoys an almost cult-like following for his work, half a century after his death.

I've been enjoying the series "Genius" on National Geographic about the life of Albert Einstein. The four of us ha…
The Mandate of Heaven

eGov Monitor Version

“Parliament”, said my distinguished friend “has always leaked like a sieve”.

I’m researching the thorny issue of ‘Confidence in Public Sector Computing’ and we were discussing the dangers presented by the Internet. In his opinion, information security is an oxymoron, which has no place being discussed in a Parliament built upon the uninterrupted flow of information of every kind, from the politically sensitive to the most salacious and mundane.

With the threat of war hanging over us, I asked if MPs should be more aware of the risks that surround this new communications medium? More importantly, shouldn’t the same policies and precautions that any business might use to protect itself and its staff, be available to MPs?

What concerns me is that my well-respected friend mostly considers security in terms of guns, gates and guards. He now uses the Internet almost as much as he uses the telephone and the Fax machine and yet the growing collective t…