Tuesday, June 28, 2005

Second Reading Vote Results

Aye's: 314
No's: 283

BBC article. Majority of 31, down from 67.

Thursday, June 23, 2005

PFI Y/N?

The Home Office has published a set of Corporate Plans and Funding Proposals for the next few years. You can find them here.

There seems to be a bit of confusion over the PFI and the way it relates to ID cards. If you examine the Excel document (Annex D: Home Office Projects) you will see that ID cards is listed as the last item. It lays out the objectives it is designed to meet, the part of the Home Office that is dealing with it (The Communities Group under Helen Edwards), and a brief description of the project. Then there is a column labelled "PFI Y/N", and the ID cards line is labelled "No". Unfortunately there appears to be no explanation of what this column actually means.

However within the core PDF document there is a section on the "UKPS Change Programme" which is the modifications to the UKPS to, among other things, "support the Identify Cards Scheme". This project is PFI funded.

It seems that the Government is trying to perform something of a con trick - given the opposition to PFI (and the many over-budget catastrophies) they are trying to claim that the ID cards scheme will not be PFI funded while at the same time ensuring that most of the actual work is done by PFI through other departments before the new ID card department comes into being.

That is unless someone, anyone, can come up with a better explanation of the "PFI Y/N" column.

CCW

Sunday, June 19, 2005

Up to 40m credit cards 'hacked'

A harsh reminder that actually protecting the networks which details get fired over is difficult enough, even for the most secure of companies.

What makes the government think that it's ID-transferral infrastructure will be any less vulnerable? Or any less of a target? (Heh). And with a bank card, I can "simply" replace a card whose details have been stolen. What happens if, say, 5 million ID biometric details get compromised? Will I be paying 100 quid to get a new one? Would there be any point, seeing as it would be keyed to my biometrics?

I suspect there's a unique key associated with each card issued, so cards can be "cut off", etc. But I haven't seen anything yet about this level of contingency. Too many unanswered questions.

Friday, June 17, 2005

London Assembly tells Government to review its plans

The London Assembly and the SNP are both raising voices over the proposed ID card bill. Justice Minister Stewart Stevenson MSP says:

"Instead of this wasted measure, Scotland could put this money to good use and have 1500 community police officers on the street, making a real and difference to communities up and down the country"

which is a constantly-made, but interesting point, that hasn't really been looked at. Comparing an ID system to more officers could be considered as comparing apples to oranges. The plausible benefits of ID cards that don't make me shiver - more efficient processes, effectively - are obviously something you wouldn't get just be adding more community officers on the street.

But everything's swings and roundabouts. The proposal for more community officers intrigues me for one reason - the word "community" in there. Under a nation-wide ID scheme, the running of people's daily lives - their interactions with the state and with each other - are wholely intercepted, and the responsibilities and organisation of groups and individuals everywhere becomes intricately bound up with a (relatively) very small number of people in London.

The government wants, supposedly, to encourage respect, democratic participation and local decision making. Yet this scheme would indicate that they want anything but people in charge of their own lives. This ID system is the ultimate banner for a government that is afraid of its own people, and that lacks the trust to let them run themselves.

I've added the LA recommendation to my list of ID scheme reports, which admittedly is missing a few months...

Thursday, June 16, 2005

Charles Clarke is a Pot!

Oh, this has me in the aisles... Charles Clarke is accusing the LSE of running "scare stories", and comes up with some fip-foop-fabulous quotes such as:

" they are really running a media campaign with scare stories of this type which it is very difficult for us to deal with because they won't show us the basis from which they are doing the work"

and

"What I can say is that the kind of figures that have been talked about in the media based on their briefings are total nonsense"

Funny how both statements are exactly the kind of criticism that has been pointed at Charles Clarke and the whole government proponent agenda for years now. Please, make it stop...

Tuesday, June 14, 2005

Tidal power

Many places are reporting on a new ICM poll (ePolitix, silicon.com, Guardian) that puts support for ID cards at 55%, rather than the 80% oft-quoted by ministers. With a bit of luck, this'll really force a proper debate over the issue, as opposed to any "government-sanctioned" attempt to force the government's views onto the nation.

Meanwhile, still consider pledging yourself if you've not done so yet.

Monday, June 13, 2005

US Biometrics-a-no-go / Pledgetastic

The Register reports on a Sunday Times article about Ireland dropping plans for biometric passports possibly because the US is doubting the technical aspects of biometrics. Here's the original Sunday Times piece.

Global inter-compatibility is one of the main driving forces behind biometric passports in the UK, and consequently the push for bioemtric-based ID cards. Up until now, the US has been particularly enthusiastic that travellers to its shores "embrace" the latest technology, but could this news be the first chink in the technological armour of our new-world government?

I suspect, for now, the ministers will stick to their guns and claim that "the technology is mature enough to work". Behind the scenes though, I guess this will ruffle some feathers amongst those whose technical naivety is still holding out. Face save first, talk sense later.

And of course this only addresses one issue of the debate - the technical. It would be hugely amiss to think that criticism of the proposed ID system is limited to the mere technicals. However, if the proposed cost keeps going up, and the technical shortfalls are being highlighted more and more every day, maybe there's hope that people will start thinking about what it is to be "governed" too.

For those who have thought about it already, and who don't like it, I urge you to sign up to NO2ID's pledge to refuse to register, and to bung a tenner to where it matters.

Wednesday, June 08, 2005

No to Freedom Act requests for IT transparency

Another Computer Weekly article revealing just how open our government is when it comes to things they can't quite seem to get right. CW have had their FoIA requests turned down for reviews of high-risk IT projects - including those concerning the NHS, the Child Support Agency, and the up and coming ID system.

The Office of Governemnt Commerce gives the following reason: "Gateway interviewees must be able to be candid about matters which could lead to serious recommendations" which fills me with wonder and curiosity. I think they're saying that confidentiality (or "secrecy") in the process leads to people being more honest. But it sounds pretty obtuse to me. Apparently it's in the public's interest to not know what's going on - knowing how things work would somehow hinder the process? Come on...

This, combined with the whole stinky delay about getting the Home Affairs Select Committee set up should be big indicators about just how "seriously" the ID Bill process is being taken. Anyone waiting for answers to all of this, and still thinking ID Cards are here for our benefit, has a screw loose or a chauffeur outside waiting to take them to Whitehall.

(BTW, I notice the last lot of CW links seem to have expired now, so I've kept a mirror of the above article, just in case.)

Tuesday, June 07, 2005

Society: "The reality ... is more complicated."

A survey from Joseph Rowntree Foundation has some interesting figures, via ePolitix.

One in five people said that "rowdy teenagers had a 'fairly big' or 'big' impact on their lives" - whether this is more or less than most people's expectated estimate is debatable, but of more interest is how it matches up to the image portrayed by the media.

And here's some useful advice for the government: "The researchers argue that a balanced approach - where anti-social behaviour orders are only sought after less draconian responses had failed - should be more widely acknowledged and promoted." Prof Hough adds that "measures to re-build the community's own capacity to respond are also crucial." Well, fancy that.

The report can be downloaded here.

Sunday, June 05, 2005

LSE to publish ID Card Proposal

There's an article in the Sunday Telegraph on the LSE's proposals for an alternative ID card scheme due to be released during the week. They think it's better than the gov't proposals - I think it's worse. I would give you a link to the website but the article is for subscribers only so there didn't seem to be a lot of point.

Since I am quoting a newspaper it is entirely possible that mistakes have crept in - we'll know when the LSE publishes there report.

Basically the scheme as proposed contains fewer details (hooray!) with an application form countersigned by three professional referees - e.g. doctor, lawyer, teacher, police officer - all of whom have known the applicant for a time. These referees will need to provide professional details to deter fraud.

Question: How many people know *three* professionals of this type?

The applicant would go to a job centre/post office/equivalent and use a kiosk to take a digital photograph to be sent along with the application form. The form is handed in at a post office where a biometric is taken of either iris or fingerprints. The biometrics will be used to ensure that the card is handed to the right person.

Question: There are rural communities without post offices. How will they cope?
Question: Have they read their own studies on the reliability of bioemetrics?
Question: Proof that the card is handed to the right person is not the same as proof that the person currently holding the card is the right person. Will this lead to a a false sense of security?
Question: If the details and the digital photograph is considered acceptable for the purposes of other organisations proving ID, why is a biometric required at all?

A card will be prepared by the gov't using the information enclosed. It will be sent back to the post office for the applicant to collect. At this point it will be inactive. The card holder takes it to a "trusted third party" (WTF?) - e.g. a bank or post office - where the applicant is well known. The third party scans the card and connects to the gov't database. The third party takes a copy of the information on the database and the gov't deletes it's copy (WTF?!?) except for basic information (Name, ID card number, ID number).

Question: There are rural communities without high street banks or post offices. How will they cope?
Question: This proposal is that a "trusted third party" stores the data. So instead of the gov't (nominally an accountable elected party) the proposal is to use a private company that is only accountable to it's shareholders?
Question: This apparently costs less than the gov't scheme. Is this mainly because the cost of maintaining the database is passed to the "trusted third party"? If so, how many are going to sign up to this? What is their incentive (other than access to lot's of lovely data)?

The words "Ivory Towers" are springing to mind. Forgive me if I seem a little sceptical - I await the full publication with intrest and a certain amount of weariness.

CCW

Thursday, June 02, 2005

All in "public" interest, of course...

A couple of Computer Weekly articles hit my eye...

First up, ID Cards minister Andy Burnham seems reluctant to commit to openness in the implementation of ID Cards. His quote? "I think there is a limit as to what can be put into the public domain, and at some point some of these processes will become matters of commercial negotiation. But you are seeing a willingness to be open." How "convenient". Note also Burnham's implicit trust of the technology - despite significant counterpoints by "officials" - towards the end of the piece. It's not time to change this blog's name to "Andy Burnham is an arse" just yet, but rest assured that the sentiment is taking concrete form.

Secondly, it looks like fears that the bill is being rushed through are pretty much confirmed. It's expected that the Bill will be discussed before an assessment as to its readiness is completed. I think you can find more info on the Gateway process here, but haven't got the time to look into it properly right now...