Identity cards

12 March 2006

Click here for details of an open letter to Home Office Minister, Andy Burnham, prior to the consideration of Lords Amendments on 13 March 2006 and for a copy of his response of 16 March.

07 July 2005

When MPs were first asked to vote on the Identity Card Bill earlier this year,  I voted against the proposals at the Third Reading on 10 February 2005.  The Bill then fell because of the General Election.  A virtually identical Bill has now been re-introduced and, in my view, the new Bill is just as seriously flawed as the old one. 

I voted against the Bill at Second Reading on 28 June (click here for a link to my speech) and I explain some of my concerns below. 

It is very important that today's terrible events in London do not prevent these issues from being examined thoroughly and calmly.

Costs of the National Identity Register (NIR)

The Home Office says that the cost of complying with international requirements for biometric passports will account for 70% of the cost of implementing and running the NIR.  However, the London School of Economics has produced a  report that finds that the UK Passport Service (UKPS) figures are insufficient to run the NIR and only cover basics like putting a chip in the passport, placing a biometric on the chip, making the necessary changes to their current database for these processes to occur and secure home delivery.  Other countries are not going down this route (see below).  The proposed NIR is not comparable to the current UKPS database which only holds the details we give when we apply for a passport and is not altered (e.g. when the passport is used or checked as is proposed under the ID cards scheme) for the 10 year validity period.   Instead it will be an active database with an audit trail on each of us (a key concern of the Information Commissioner) and, with the 51 data-types outlined in the Bill, it will need constant maintenance and high level security.

In response to PQs asking for more details of the Government’s cost estimates on running the NIR, we are told that it would be inappropriate to release this information in advance of procurement.  However, MPs and Peers have only been asking for a general breakdown of the £584m per year cost given in the Regulatory Impact Assessment and not a detailed breakdown of the Government’s ‘business plan’.  Given the genuine concerns about cost of the NIR and the fact the London School of Economics put the cost at between £10.6bn and £19.2bn over 10 years (as opposed to the Government figure of £5.8bn), at the very least, we should be told what proportion of the Government £584m per year figure relates to the NIR.

Government criticisms of the LSE Report

A model from UK public-sector IT analyst, Kable, formed the basis of the London School of Economics costings.  However, Charles Clarke and other Home Office Ministers have sought to undermine the LSE report and have pronounced on the figures as "fabricated".  The only specific criticism the Home Secretary made when asked how he could justify this accusation was that the LSE academics had made an erroneous assumption that the cards need renewing every five years, stating: "This doubles the cost right off,".  However, his own department answered a Parliamentary Question (PQ) I asked on this issue 18 months ago: "We expect the validity period of the card to be 10 years," said the then home office minister, Beverley Hughes. "However, in order to ensure that the cards are reliable it may be necessary to replace them after five years."

The full text of the PQ is as follows:

10 Dec 2003 : Column 497W 

Identity Cards

Lynne Jones: To ask the Secretary of State for the Home Department for what period of time he proposes that identity cards should remain valid. [140510]

Beverley Hughes: We expect the validity period of the card to be 10 years.

However, in order to ensure that the cards, which incorporate technology features such as a microchip function, are reliable, it may be necessary to replace the cards after five years.

The costs estimates which my right hon. Friend the Home Secretary set out in Command Paper 6020 were based on the assumption that this automatic replacement card would be provided free of charge.

The scheme would also include an allowance for having a lifetime card validity period for those who have been in retirement for some time.

Foreign nationals coming to the United Kingdom for more than three months would be issued with a card valid for up to five years depending on the conditions of their clearance. For foreign nationals granted permanent residence the validity period for their cards would be on the same basis as that for British citizens.

Will the technology work?

No scheme on this scale has been undertaken anywhere in the world.  Smaller and less ambitious schemes have encountered substantial technological and operational problems that are likely to be amplified in a large-scale national system.  The use and storage of biometrics on the NIR creates particular concerns because this technology has never been used on such a scale (the article below covers this issue in more detail).  The Government has undertaken no research with the specific aim of testing the biometric technology to be used in the proposed scheme, as yet only an enrolment trial by the UKPS has been carried out.[1]

International requirements for passports

We can have biometrics on smart cards to comply with international requirements on travel documents but they do not have to be centrally held on a database.   The European Commission’s Data Protection Working Party in their publication Working Document on Biometrics looked at whether biometric information should be kept on smart cards and retained by the individual or whether it was acceptable to store the information on a centralised database.  The House of Commons Library note on Biometrics[2] states that the Working Party’s clear preference is for the former as it believes centralized storage presents an increased risk of data misuse.

The London School of Economics alternative

Most media coverage of the LSE Report has been on its criticism of the Government's figures on the cost of the scheme.  However, the LSE also provides an alternative blueprint to the Government's scheme and this significant proposal has received insufficient attention.   The LSE gives the Government an alternative that will be much cheaper and more resilient[3].  The LSE alternative ID card would also give citizens far more control over who can access data about them, and hence would be more likely to win positive public and industry support. 

Germany recently announced it would be having new biometric passports.  But their biometrics will follow the EC Working Party’s preference and so will have no centralised database (every passport will include two index-fingerprints as well as facial biometrics).  It is noteworthy that, even without a database, the cost of these passports is now reported to have more than doubled to 59 euros rather than the 23 originally cited.  Nevertheless this is still, at £40, far less than £67 our Government wants to charge for UK biometric passports (up £25 on the current cost of £42).

Australia public rejection and current position

In 1987 in the face of mass public protests, after initially high public support for the scheme, the Australian Government scrapped their ID card proposal.   On June 29 2005, Australian Associated Press reported that, in the wake of the UK debate:

Australian Attorney-General Philip Ruddock has stated that Australia will not introduce a national identification card because of the fear of identity theft by criminals and that such a scheme could actually compromise Australians' security: "We haven't supported an approach where all personal information is centralised on one database and a single form of identification is used….   Such an approach could actually increase the risk of identity fraud because only one document would need to be counterfeited to establish an identity."

Radio Frequency Identification (RFID)

RFID tagging is a form of automatic identification and data capture, widely used for example, in animal tagging, where data stored on a tag is transferred via a radio frequency link.  The principle is similar to the more familiar bar-code, however, RFID has the ability to store large amounts of data and to read many tags simultaneously.[4]

Following a PQ from Alan Simpson, the Home Office confirmed that it was considering including RFID technology in the ID card. "No decisions have been taken yet on the chip technology for ID cards", the Home Office said.[5]

Given the way that peace protestors at RAF Fairford, including my constituent, Brenda Burrell, were repeatedly searched to the point of harassment under the Terrorism Act 2000 during the Iraq war, I am concerned that we could end up with a situation where RFID technology could, amonst other things, be used by Police to record the details of those present at demonstrations without their knowledge.

 

31 May 2005

ID CARDS SCHEME - FLAWED IN PRINCIPLE AND IN PRACTICE

In reintroducing the Identity Cards Bill, the Government is again expecting MPs to take decisions on a matter that will fundamentally change the relationship between the citizen and the state without basic questions about the workings of the scheme or the justification of the spiralling costs (currently up to £5.8billion) being answered.

There have been no proper tests of the biometric technology to be used for ID cards, just some preliminary data from the UK Passport Service biometric enrolment trial published on the same day as the Bill.  The trial was designed primarily to record customer experience and attitude to the scanning process itself, which takes about 8 minutes.  However the trial also involved verification of each scan – electronic facial image, iris scan and fingerprint.  For the facial biometric, the success rate was 69%, fingerprints gave a success rate of 81% and iris scans 96% (less for disabled people in each case).  Success rates for iris scans were lower for black people and those over 59.

Taking the 96% success rate for the iris scan, this means that for every 100 scans there will be 4 false matches.  On a database of 50 million, this would mean each person’s scan would match 2 million other records, making it impossible to stop someone claiming multiple identities, the whole point of having ID cards.  The accuracy of the system will be greatly improved by using more than one biometric identifier and that is why ministers have now announced that all three forms of biometric will be incorporated on the identity card/passport.  Even with a system as accurate as 99.9%, which would be fine for a relatively small database eg for criminal records, for a 48 million (all those 16 and over) population there would still be 48,000 false matches!

So fraud and accuracy questions remain.  All that the proposed identity card can guarantee is that the holder is the person whose biometrics are on the card and even then only if the person’s actual fingerprints/iris/facial characteristics are scanned to check they are the same as on the card or the same as that held on the central database - in which case carrying the card is irrelevant!  Such a system would not prevent people from getting multiple cards under different names.  As explained above, the limited accuracy for biometric systems, combined with the sheer number of people to be identified means that any extra fraudulent identities will be completely swamped by the number of false matches on the database.  Having three biometrics will substantially reduce but not eliminate this problem. However this triples the size of the database and massively increases the cost of installation and maintenance – and of things going wrong.  The largest iris scanning system currently in use has only 30,000 records.

Then there’s the issue of the security of the database itself.  Hackers who got access to the database could cause havoc.

To justify their proposals, ministers cite 80% public support from a Mori poll.  In a climate of tabloid fear about terrorism and immigration, this response is not surprising.  Once people have to start queuing up to be scanned and then pay (on Government estimates, probably an under-estimate) £93 for the privilege, perhaps they will be less keen.  Enthusiasm would no doubt also wane once people realise that they could be fined £1000 for failing to notify a change of address or they could receive a penalty of up to £2,500 for failure to attend an appointment for a fingerprint or iris scan.  This fine can be repeated for every subsequent failure to attend.  

The Government originally put the cost of biometric passports at £415 million per annum by 2008–09 but in the space of only a few months this has risen to £584 million because of the need to record, match and store three types of biometric information.  I have tabled parliamentary questions seeking more information about these costs, which experts have queried.  Although it will be necessary to meet international requirements for biometric passports (requiring facial identity and fingerprints) these do not require the same accessibility to the massive database that is behind the Government’s identity card scheme.  The Government’s record on big IT projects gives no confidence that the scheme will be introduced on time or to budget.  The National Audit Office have highlighted the serious shortages of public sector staff with the necessary project and programme management skills.

Decisions are yet to be made on the number and location of centres where biometric information may be collected but Charles Clarke has indicated there could be around 70 such centres.  Feasibility and cost issues are yet to be thoroughly evaluated.  For example, it is not known what the price tag would be on the 4,500 card readers that would be required at Jobcentres – let alone all the other places validation will be required (GPs surgeries, hospitals, employers, the list is endless).  Even if identity cards were a good idea, which I doubt, the Government just haven’t done the necessary work to find out.

ID cards will not assist in reducing the number of people employed illegally in the UK.  Many illegal immigrant workers are employed (and exploited) with the employer’s full knowledge that they do not have employment rights in this country.  Asylum seekers are already issued with identity cards - Application Registration Cards that contain photographs and fingerprints and other personal details.  And the claims that ID cards would help to combat organised crime and terrorism are clearly ludicrous.

Practicalities aside, there are crucial issues of principle at stake.   The amount of information stored about us could grow and grow without us necessarily knowing.  Already the proposal is to be able to track the occasions our identity is checked on the database, giving the Government access to our movements.  There is also a worry that data held on us could be accessible to other states.  Press reports tell us that Michael Chertoff, the newly appointed US Secretary for Homeland Security, has already had talks with the Home Secretary, Charles Clarke, and the Transport Secretary, Alistair Darling, to discuss the aim of the UK and the US getting the same technology to ensure compatibility in screening terrorist suspects.   Any measure which gives another state direct access to a database of information about UK citizens compromises our democratic control and would be completely unacceptable.  If the plans were to go ahead, we must ensure that we have a system that is not directly accessible by other states.

Many people are getting hung up on the issue of compulsion to either register or carry the cards, as though it not being compulsory represents some kind of concession or respect for civil liberties.  This is a red herring.  Even if the power in Clause 6 of the Bill to make it compulsory to register is not given the necessary approvalby Parliament, there will be compulsion through the back door as we won’t be able to do everyday things, like go to the doctor, claim benefits, get a job etc without being on the database and having our identity checked.  Because the scheme is based on a biometric database, we could be subject to database checks whether we carry a piece of plastic or not, as we all carry our biometric details on us at all times!  The existence of the database will encourage a culture of suspicion leading to random checks – and people who look or sound different will always be disproportionately affected.

Far from being the solution to problems of security, criminality and fair access to public services, identity cards offer a single point of failure.   The ID card would be seen as infallible and relied on too strongly so the benefit of the doubt is given on the presentation of the card.  This would create a false sense of security and create more opportunities for organised crime and terrorism.

At the very minimum, I can see no good reason for spending billions on introducing ID cards without far more work on the technology and a proper cost-benefits appraisal being carried out.  If, as I have reason to believe, such work is a long way off, now is not the time to expect MPs to have to vote on this issue.

December 2004

In July 2002 the Government started consulting on proposals for what they then called an 'entitlement' card. 

Now we have a Home Office Identity Card Bill. The Government has said that the Government’s proposed Identity Card scheme is intended to combat “identity theft, fraud and illegal migration”.  It is also claimed that it would help to combat terrorism, although there is little hard evidence for this.

I have serious reservations about such a scheme, and feel the following questions need to be answered:

Ø       How much information would be stored on these cards?

Ø       How many different agencies would have access to this information?

Ø       Once established, would the amount of information stored about us grow and grow? 

Ø       Given the disastrous history of major government IT projects, what are the chances of successfully delivering a secure system which works?

Ø       It seems inevitable that such a scheme would eventually become compulsory; would people really be in favour of an Identity Card that they had to carry at all times?

All that the proposed Identity Card can guarantee is that the holder is the person whose biometrics are on the card.  According to Simon Davies, an expert in information systems at the London School of Economics, such a system would not prevent people from getting multiple cards under different names.  The problem is that there is limited accuracy for biometric systems, such as iris recognition systems; and this combined with the sheer number of people to be identified will mean that any extra fraudulent identities will be completely swamped by the number of false matches on the database (this point is raised in an article in the New Scientist, 21 November 2003).

In my view ID cards will not help deal with criminality and I cannot see how they will help combat the black market in low-paid labour. I feel that an Identity Card scheme could simply give us a false sense of security, and in my view the enormous sums required to set up a scheme, estimated at some £3 billion, could be far better spent on other things, such as hospitals, education and the alleviation of poverty.

Citizen's Advice briefing on ID cards

ID Cards Bill, Second Reading, 20 December 2004

Summary

The introduction of ID cards has four stated objectives:

• cutting illegal immigration and working;
• fighting terrorism and organised crime;
• reducing identity fraud;
• improving the delivery of public services. 

Citizens Advice has concerns that the Government have not shown how the proposed scheme will achieve any of these objectives, nor has it commissioned nearly enough research and risk assessment on the dangers of the system failing under the weight of administrative burden, cost and poor compliance.

In addition, although some of the central functions seem clear and consistent, there have been enough changes in the proposals to justify some of the arguments that the Government is not clear about what it wants and that widespread concerns about rather different future usage (so called “function creep”) have not been prevented by the Bill.

We also believe that there ought to be an onus on the Government to show how they will deal with the large number of technical, financial and administrative challenges which such a scheme would have to overcome. In its response to the Fourth Report from the Home Affairs Committee and on the face of the Bill the Government has plainly failed to provide any clear plan or strategy for dealing with these challenges.

Cost to the nation

There are serious doubts as to whether this project is deliverable on budget and, were revised cost estimates to significantly rise, whether it would deliver value for money. The hidden and additional costs of administrative problems and of dealing with issues around non-compliance and database management are too significant to merit the Bill’s successful progress to Royal Assent.

Cost to the consumer

If citizens living in poverty are to be able to afford to participate in this scheme there needs to be a clear and fair charging regime. The Government has so far failed to make any undertakings about easing the burden for the financially excluded, and we share a level of scepticism about the figures that have been bandied about. If an equitable exemption and subsidy system were to be devised (not only for initial fees, but also subsequent transactions) this would inevitably have an impact on the overall cost.

IT problems and complexity

Citizens Advice deals with millions of problems every year in which citizens have suffered detriment from the failure of IT administrative systems dealing with benefits and many other public services. We are very concerned that there have been no public risk assessments of the types of technical glitches to which all large IT projects are invariably prone, as evidenced by our clients’ experiences of IT in the NHS and the benefits and tax credits systems.

Compliance

No risk assessment has taken place on potential rates of deliberate or accidental non-compliance and of the effect of the Secretary of State enforcing his right to remove someone’s ID card without replacing it. Nor of the projected permeation of the scheme into those parts of the “hardest to reach” population, including people with itinerant, counterculture or chaotic lifestyles, and those with mental health or mental capacity problems which have proved so elusive to other statutory schemes (the Census, benefit take-up, passports, tax, NI numbers and so on).

Detailed assessments of the propensity of this system to incentivise black market activities, and of the displaced costs of dealing with significant numbers of newly “flushed-out” people working around the edges of legality have not been conducted. The use of biometric data will form a significant disincentive, for example, to those who have ever been involved in anti-social and criminal activity.

Administrative questions

The Government is asking for an awful lot if it believes that this Bill should be passed when it has said nothing about the vast array of administrative problems which Citizens Advice, from its dealings with many analogous systems, and many others organisations have identified as being inevitable.

Entry requirements, accuracy of data input, changes in circumstance and protocols for lost, damaged, mislaid and stolen ID cards are all central issues which require examination in advance of the commitment to proceed with the scheme. Virtually all countries with ID cards report that their loss or damage causes immense problems. Up to five per cent of cards are lost, stolen or damaged each year, and the result can be denial of service and benefits, and, in the broadest sense, loss of identity.

There exists a paradox in the replacement of cards. The replacement of a high security, high integrity card involves significant administrative involvement. Documents must be presented in person to an official. Cards must be processed centrally. This process can take some weeks. However, a low value card can be replaced in a lesser time, but its loss poses security threats because of the risk of fraud and misuse. People who lose a wallet full of cards quickly understand the misfortune and inconvenience that can result. A single ID card when lost or stolen can have precisely the same impact in a persons’ life.

Function creep

The EU has expressed concern that the wide scale use of biometrics circumvents data protection legislation and: "substantially increases the risk of the data being used in a manner that was disproportionate to, or incompatible with, the original purposes for which they were collected"

One of the things that concerns many people about ID Cards is "function creep". Even if it is not technically compulsory to carry them, the cards will become so essential to everyday life that there may develop a de facto compulsion to carry. If this is either the implicit intention of the Bill or a recognised and designed “possibility”, there ought to be primary legislation and parliamentary scrutiny on the matter.

Crime and Human Rights

The success of ID cards as a means of fighting crime or illegal immigration will depend on discretionary checking procedures, which might disproportionately target minorities.

However, we do have longstanding concerns over the use of stolen identities in criminal activity, to obtain goods or services by deception. Currently, the use of a false identity or the adoption of another person’s identity is not a criminal offence unless it can be proved that there was some conspiracy to commit a criminal act or fraud, or that a criminal act or fraud took place. We consider that there is a case for a new offence in this area, but this would be better carried out within the framework of the Law Commission proposals on fraud so that the implications are properly considered.

Conclusion

Citizens Advice do not believe that the Government have begun to answer enough of the questions that have been raised about the feasibility, cost and administration of Identity Cards to support the passage of this Bill at this stage.

back to top