ID CARDS: THE ISSUES FOR SOCIETY
This is the text of a speech I gave as part of a panel session at today's Westminster eForum session on Identity Cards.
Over the coming months we will see the enactment of legislation that will create a National Identification Register and ID Cards. What form that legislation finally takes remains to be seen, but there is little doubt that implementing the National Identification Register will create numerous issues for society.
The Register has the potential to create a 'panopticon', an environment in which the state has a clear view of all aspects of a citizen's life with relatively little accountability for its actions; it could result in a massive, lumbering bureaucracy that sucks in taxpayer's money to support the identity edifice; it could provide a 'honeypot' for fraudsters to steal fresh identities.
But that is just one view of the future. In another, the Identity Cards scheme has the potential to springboard the British economy by facilitating e-commerce and e-government; we could genuinely address issues not only of identity theft, but also card fraud, impersonation, phishing and pharming that are so often confused with identity theft; and we could deliver genuine value to each citizen by simplifying their relationships with state and industry without infringing their civil liberties.
We have reached a tipping point in this process whereby the nature of the legislation, and the polemic around it, may result in an identity system that fails to fulfil the needs of any of the stakeholders, or one that is benign and beneficial to all components of our society. Before we can proceed into either of these alternate futures, we must address the most important issue for society: that of building stakeholder trust in the scheme.
The polemic of the past year has been an essential part of the debate about ID Cards. However, as relationships between government and advocates have broken down, that debate has been drawn into the mass media, with the inevitable accusations, arguments and revelations. The unfortunate fallout of this has been an erosion of trust between the key stakeholders: citizens, government and industry. Without mutual trust, the Identity Cards programme cannot succeed.
Building trust between the stakeholder groups is not something that can be done just by hiring public relations consultants, but will require a programme that addresses the actual components of trust, which include:
- EXPECTATION: we need to agree what the objectives of this scheme are and ensure that they reflect the needs of state, citizens and industry;
- RISK: we have to rigorously examine what the consequences might be if the programme fails to meet the needs of any stakeholder group, and clarify whether it is government, industry or the citizen that will have to bear financial liability in the event of a security breach, fraud or system failure;
- RELIABILITY: clearly we ought to ensure that the ID Cards programme does not suffer the problems faced by some other public sector IT programmes. Those of us with a background in technology recognise that no system can be maintained in a 100% secure or 100% available state, and the design must take into account these factors to ensure that it cannot be undermined by a single security attack or component failure;
- and most importantly TRANSPARENCY: this programme is too important for it to develop behind closed doors. We need to engage the stakeholder groups and ensure that all parties are satisfied with an equitable Identity Cards solution.
If we are to build and maintain stakeholder trust, we need to carry the ID Cards debate forward beyond parliamentary process, and into a public forum where the stakeholders can voice and resolve their differences. I believe passionately that an identity metasystem would be of huge benefit to Britain, and if we as a society are to achieve a future in which a benevolent ID Cards scheme supports the citizen and industry, as well as the state, then now is the time for us to start building trust so that we can build this system in a true partnership.
(Note that the views of the author do not necessarily reflect the views of the Enterprise Privacy Group's Member organisations)
7:07:07 PM 
|
