Tales from beyond the crypt

Just when I was ready to drop the whole British ID Card thing and head back to the beach, a reader sent me this link to a piece Gaby Hinsliff, political editor of the Observer.

Gordon Brown is planning a massive expansion of the ID cards project that would widen surveillance of everyday life by allowing high-street businesses to share confidential information with police databases.

Far from intending to dump ID cards once he is in Downing Street, Brown is quietly studying how biometric technology – identifying people by unique markers such as fingerprints and iris patterns – could be expanded over the next 20 years to fight crime.

Police could be alerted instantly when a wanted person used a cash machine or supermarket loyalty card. Cars could be fingerprint-activated, making driving bans much harder to disobey.

The plan would make the ID cards scheme cheaper, since companies would pay for access to the national identity register – a government database of biometric information being compiled for the ID cards programme. Brown's plans belie reports that the Treasury, concerned about the cost of ID cards, would ditch them when he became Prime Minister. ‘It's almost the opposite – Gordon's thinking about ID cards is that it's part of the answer but there's a much wider picture,’ said a source close to him.

There are serious questions about the existing ID cards project – designed primarily for immigration control. The Commons’ science and technology select committee last Friday said it was still unclear how cards would be used or what data would be revealed, while a Home Office consultation with the IT industry – to be published this month – is expected to argue that the cards should be phased in so that technical glitches can be sorted out.

Brown has set up a taskforce, under former HBOS bank chief executive Sir James Crosby, on identity management, and a broader review of public services, led by Sir David Varney, on optimising use of existing identity information. He is considering a fundamental redesign of the ID project to fight a wider range of crime. He believes that, as private companies acquire biometric security systems, their spread in daily life is inevitable.

'There is going to be a key issue over the next 10 to 15 years about identity management right across the public and private sectors,’ said the source close to Brown, adding that immigration control would be only part of it. ‘It's about people coming to accept that this is not only a necessary but desirable part of modern society over the next 10 years. What [the Tories] are objecting to in the political sphere is going to be absolutely commonplace in the private sphere and saying “it's not the British way” is just not going to work.’

Brown believes that, if myriad private databases develop, there is a risk that information will leak or be stolen. The Crosby review is looking at safeguards.

Critics said the ID cards project was already too troubled to be expanded. ‘It's a pretty shoddy way of cutting the costs, and it doesn't really alter the fact that all the signs are Whitehall is simply not in a position to deliver even the early stages of an ID card,’ said Nick Clegg, the Liberal Democrat spokesman for home affairs. He said giving the private sector access to centralised databases was a big step towards ‘a full surveillance state’.

David Davis, the shadow home secretary, said: ‘This is an admission that the government's ID card system as it stands is destined to fail without something else to prop it up. It is regrettable that what the government is proposing will actually worsen the assault on privacy without materially improving security.’

Tony Blair's insistence on Thursday that ID cards would be a ‘major plank’ of the next Labour manifesto was seen as an effort to tie Brown into the idea, but it appears Brown is already committed.

The Observer recently disclosed that the company analysing police DNA samples was storing them, despite assurances they would not stay in private hands. However, sharing biometric data with high-street companies would be even more controversial.

If anyone reading this knows Mr. Brown's private source, and if this is what he actually said, could you please mention that in the private sector we actually try really hard not to alienate our customers.  We try to do the things they will want us to do, that they will thank us for having done.  I for one don't have a clue how or why a company like mine would want to be associated with the type of relationship proposed above.  To me it sounds really goofy.

This ID card discussion as presented here needs a complete reset.  It's time to reboot, to install a new bios. 

Let's start all over, and begin by protecting the security of our citizens.  What is privacy except security from the point of view of the individual?  Protecting individual privacy will do more to secure the state than anything else that can be attempted – because it will result in well-designed systems that are impossible for enemies to penetrate.

New British report on identity card technologies

There is a new report by the British House of Commons Science and Technology Committee entitled, “Identity Card Technologies: Scientific Advice, Risk and Evidence“.

For those new to this blog, the ongoing discussion of a British Identity Card interests me not only because of what it means for Britain's future, but because it is a crucible in which to watch the Laws of Identity play themselves out. The initial proposal broke a number of them – with, so far, the predicted results.

Here is the summary from the multi-party Committee's report:

This Report is the final of three case studies considering the Government’s treatment of scientific advice, risk and evidence. It focuses upon the Home Office’s identity cards scheme, which uses various technologies including biometrics, information and communication technology (ICT) and smart cards. We considered this scheme in order to explore the ways in which scientific advice, risk and evidence could be managed in relation to technologies that are continually developing.

This inquiry has found several areas in which the Home Office’s treatment of scientific advice and evidence appears to be following good practice: the establishment of advisory committees, the use of Office of Government Commerce (OGC) Gateway Reviews and the development of risk management strategies are examples. We welcome the Home Office’s commitment to implementing the scheme gradually rather than using a “big bang” approach, which could jeopardise the success of the programme.

We have also identified weaknesses in the use of scientific advice and evidence. We are disappointed with the lack of transparency surrounding the incorporation of scientific advice, the procurement process and the ICT system.

Potential suppliers are confused about the extent to which the scheme will be prescriptive and when technical specifications will be released. Whilst the Home Office has attempted to consult the wider community, stakeholders have complained that consultations have been unduly limited in scope and their objectives have been unclear.

As a result, the wider community does not have the level of confidence in the scheme that could reasonably be expected at this stage. Whilst the Home Office has determined some aspects of the scheme such as the biometrics, it has left other aspects such as the structure of the database undetermined. Its decisions demonstrate an inconsistent approach to scientific evidence and we are concerned that choices regarding biometric technology have preceded trials. Given that extensive trialling is still to take place, we are sceptical about the validity of costs produced at this stage. We note the danger of cost ceilings driving the choice of technology and call for the Home Office to publish a breakdown of the technology costs following the procurement process.

The identity cards scheme has at least another two years before identity cards begin to be introduced and the scheme has not yet entered its procurement phase. There is still time for the Home Office to make alterations to its processes. We encourage the Home Office to seek advice on ICT from senior and experienced professionals and to establish an ICT assurance committee.

Whilst biometric technology is an important part of the scheme, it must not detract from other aspects of the programme, in particular ICT. It is crucial that the Home Office increases clarity and transparency across the programme, not only in problem areas. We also emphasise that if evidence emerges that contradicts existing assumptions, changes must be made to the programme even if the timescale or cost of the project is extended in consequence.

Will industry rescue the identity card?

IT Week recently ran a story quoting Simon Davies, director of Privacy International, that has raised an eyebrow or two in the blogosphere.

Industry may need to lead the way if the UK is ever to get a national identity card scheme that can deliver significant security and efficiency benefits.

That is the view of Simon Davies, one of the academics behind the London School of Economics’ controversial report last year on the cost and viability of the government’s ID card scheme. Davies told IT Week that now leaked emails from Whitehall officials have revealed their doubts about the viability of the scheme, the private sector may have to step in to save the project.

“I’ve believed for some months that a ‘white knight’ consortium from industry is needed,” Davies said. “Companies that can see the benefits of the ID card idea should approach the government about effectively taking over the project.”

The Home Office has long argued that the introduction of ID cards will deliver many business benefits, such as more efficient identity verification processes, less fraud, and more secure e-business transactions, and has maintained that it has been working closely with business leaders about how the technology should be used.

Speaking in her office at the newly formed Identity and Passport Service (IPS) earlier this year, Katherine Courtney, director of business development for the government’s ID card scheme, argued that while much of the coverage of ID cards has focused on the ability to tackle fraud and terrorism, it will also deliver such significant business benefits that “we will all be asking ourselves in 10 years’ time how we ever got along without them”.

Courtney added, “Because of the mobility of society and the development of the digital economy, people are leading more complicated lives and want to be able to conduct their personal administration more easily and out of office hours. These changing social trends mean that the capability to prove your identity is vital and this scheme will deliver the enabling technology [to do that].”

The Home Office is talking to public-sector bodies, such as the police and the NHS, and private firms, including banks, retailers, e-businesses and other large employers, about how they could use ID cards. The theory is that if everyone has a national identity card that can be checked against a central register containing biometric and personal details, tapping in a personal PIN code or undergoing a biometric scan will quickly replace the need to photocopy utility bills or show a passport for tasks such as enrolling for a doctor or applying for a loan.

Perhaps unsurprisingly, firms have broadly welcomed plans that the Home Office estimates will save the private sector £425m a year through streamlined identity verification processes and reduced exposure to fraud. In fact, these benefits could prove so significant that organisations will offer incentives for customers to have cards, according to Ed Schaffner, director of enterprise security at IT supplier Unisys – one of the companies likely to bid for part of the Home Office contract…

“The cost of identity fraud is built into the cost of any service,” Schaffner said. “So businesses and banks can say that if you use this card to verify your ID you can have a discount.”

A spokesman for one bank also said identity cards could make it easier it to serve disenfranchised sections of society, such as migratory workers and students, who are less likely to have currently accepted forms of identity proof such as utility bills and passports.

Another way the Home Office hopes the cards will deliver significant benefits for businesses and consumers is by enhancing the security of online transactions. The Home Office argues that asking customers for an ID card number and PIN code that can verify identity against a national register would give organisations a more secure means of identifying online users.

It is a technique already used in Belgium, where 2.5 million people currently hold electronic ID cards and government agencies and banks are using information on the cards to authorise online access to their services. Chatrooms have also started to use ID card checks to ensure age limits are enforced.

In future, attaching card readers and fingerprint scanners, such as those already found on some laptops, to PCs could further strengthen security. If the technology proves as secure as the Home Office promises, retailers and banks would be able to authorise far larger online transactions than at present.

Like many observers, Jeremy Beale, head of e-business at the CBI, has concerns about the technical challenges the scheme will face, but he also argues that a working system could bring huge benefits. “ID cards are not so much a disruptive technology as a stabilising one,” he said. “Firms have been saying for years that they want a single secure standard for online identity verification, and if the government manages to deliver it there could be huge benefits for online commerce.”

But Davies added that despite these potential benefits the government has not been doing enough to form a partnership with industry and technology suppliers to develop a workable ID card system, and it is therefore time for business leaders to take a more proactive role. He argued that management of the scheme should be taken from the Home Office and handed to the Treasury and the Department of Trade and Industry (DTI). “Industry has been left high and dry [by the government’s failure to make its plans clear], and the DTI should be able to rebuild trust with industry,” he said.

Alan Rodger of analyst firm Butler Group said there is a growing belief among some identity management experts that the government should leave the scheme to the private sector. “There is a feeling from some that we should let the market sort it out,” he said. “It would allow the problem [of securing individuals’ identities] to be tackled without the need for huge public investment.”

Separately, Davies argued that now some senior civil servants have expressed fears that the project is likely to fail, the government ought to publish all its reports on the feasibility of the scheme. “It is now all about trust,” Davies added. “The government has to restore some faith in the project.”

Simon, who has been a relentless and towering force in the privacy movement, responded to his critics as follows:

It’s important to recognise that context can be lost in any media report. In this case the quotes are accurate, though of course not complete. I’ve made similar remarks to conferences over the past six months, and for good reason. While it would have been nice to have seen the full conversation published, we all know that’s not the way media does its business.

I doubt that anyone who has followed the UK ID card debate, or indeed the debates in other countries, would have any doubt about where I stand on identity. My views are well known, mainly because government has made a point of repeatedly expressing them in public. I don’t resile from anything I’ve everr done or said on the subject.

As for these particular remarks, I will clarify the position.

1. You will know through the recent leaked emails that it is government, rather than Privacy International, that has lost the plot over the ID card. The Home Office is in disarray and Treasury wants it scrapped or severely limited;

2. You’ll also know from the leaked Market Soundings report that industry no longer supports the goverrnment’s scheme. I’ve know that for more than a year. Industry wants a manageable project that has a light structure and that carries public trust;

3. Into this context comes the idea that industry wanting to pursue the “right” approach (no compulsion, no central register etc) now have the opportunity to do so. Companies like EDS will always support the government line. Others are moving quickly to establish an alternative position.

4. The idea of the “White Knight Consortium” has been around since mid 2005, when it was first discussed at an industry-wide meeting of the Enterprise Privacy Group. I supported the idea then because it seemed the best way to derail the government approach.

I don’t see any need to defend myself, other than to observe how odd it feels to be hailed one day as the master strategist behind the ill-fortunes of the scheme, and the next to be condemned as a guy who lost the plot.

The “plot” is something I have well and truly in mind, and maybe you just need to reflect a little more on what I’m supporting and why I’m supporting it, rather than lashing out. Strategy and tactics on an issue like this are long term game-plans.

I've met Simon – in fact he's a privacy mentor for me.  It's true he's put a few noses out of joint over the last couple of decades.  No wonder – he was so far ahead of the rest of us in his thinking.  Talk to him for two minutes and you can see that he has worked with these issues for a long time, and understands them in a many-sided way.

Incredibly, in 1994, when people like me didn't yet have a clue we might encounter privacy issues with digital technology, he had already written Touching Big Brother – How biometric technology will fuse flesh and machine.   I don't throw out the word visionary lightly, but read this article and wonder.

Through his work at the London School of Economics he has spent a lot of time talking with cryptographers and computer scientists to understand what can actually be done to replace current systems with ones which really are privacy enhancing.  After all, does anyone think the current situation represents a Nirvanna?  Not me – I've seen too many of the existing systems.

It's true that through unlikely initiatives such as the proposed UK Identity Card system, replete with panopticon observation post and massive centralized database, the handling of our personal information and threat to our privacy could actually get worse than it currently is.  But I don't think this type of initiative will succeed – it's like building a sixty-foot man.

So, surely, it is just as possible that we can take advantage of the increased awareness around these issues – and the amazing new technological possibilities that have emerged in the last few years – to allow government and business to become more secure and more privacy enhancing than they currently are.

Given the proper adult supervision by privacy advocates and policy experts, industry could, as Simon says, bring to life alternatives to the Dr. No blueprints that have emerged so far. 

It may still be hard to imagine a national (or international) conversation that includes notions like “directional identity”, but I think it will come.  Governments will inevitably see that the way to best strengthen their own security is to build strong social consensus by protecting the privacy of citizens at the same time they look after the interests of the state.

As always, the key here is “User Control and Consent”.  Citizens have to want to use the system.  Close behind are “Minimal Disclosure” and “Directed Identifiers” and all the other Laws of Identity.  Any successful ID card will have to be more attractive than the status quo – proving it is a step forward, not backward, and winning support.


How old are you? Are you single?

From post-gazette.com Business News, here is a nice article by Jessica E. Vascellaro of The Wall Street Journal on identity-proofing.  It's amazing how well she understands the emerging options:

Rob Barbour has found a new way of enhancing his reputation online: showcasing his newly verified identity. When he put up an eBay Inc. listing a few weeks ago, the Ashburn, Va., technology consultant embedded a link to his new online profile on verification service Trufina Inc.

He soon will paste the link in his emails and on a Web site where he sells software and offers programming advice. “I needed a tool that will prove to somebody that this is who I am,” says Mr. Barbour, 39 years old.

Proving who you are is increasingly important on the Web, amid growing concern that pervasive Internet fraud is making it difficult to know whom to trust. In response, companies are developing a slew of new tools to help people confirm their identities. The new services allow consumers to create and share verified personal profiles with people they meet or do business with online.

In recent weeks, many of these services have announced new partnerships with popular social-networking, shopping and dating sites, which face particular pressure to keep out cyber crooks. Trufina, which has recently joined up with dating sites like HonestyFirst.com and Loveaccess.com, relaunched last week with a wider menu of verification tools. Opinity Inc., a new profile-sharing service that verifies a user's age, hometown and, in coming weeks, education and employment history, has recently announced partnerships with social-networking sites like GoingOn.com, classified site Edgeio.com and technology-news site CNET.com. IDology Inc., which performs age and identity checks on customers for high-end online merchants, will this week announce a deal with Zoey's Room, a networking site for girls, marking the first time its age and identity-verification technology will be part of a social-networking site.

Whether they're shopping, chatting, doing business or looking for dates, consumers are increasingly on edge about online safety. In 2005, 59 percent of Americans “completely or strongly” agreed that Internet-based financial transactions were secure, down from 70 percent in 2003 according to Informa Research Services. A recent report from the Pew Internet & American Life Project found that 66 percent of Internet users believe online dating is dangerous because it puts personal information online.

Concerns about the safety of minors, in particular, have exposed the need for more effective ways to confirm a person's identity than a user name and a password. Social-networking sites attempt to protect their members by imposing minimum age restrictions but can't easily enforce them. News Corp.’s MySpace.com, which requires members to be at least 14 years old, told Congress in June that it is looking at age-verification technology but hasn't yet found any effective options.

Proposed solutions for protecting children from online predators are controversial. Last week the House of Representatives passed a bill that bans social-networking sites and chat rooms from schools and libraries that receive certain federal funding. The bill, which has been criticized as too broad and blunt by some online-privacy groups, has been referred to a Senate committee.

A growing number of businesses, too, are using online verification services to check out their customers. Wine company Kendall-Jackson uses IDology's age-verification technology to confirm that new customers on two of its e-commerce sites are at least 21 years old, and it plans to implement more-comprehensive identity verification soon to help combat credit-card fraud. Ice.com, an online jeweler, uses IDology's tools to authenticate buyers whom it flags as high-risk, which include those with particularly high transaction volumes or mismatched addresses.

Microsoft Corp. is addressing online-safety concerns by constructing its own identity technology from scratch. The technology, called Windows CardSpace, is in a very early stage but will be built into its upcoming Windows Vista operating system. CardSpace allows users to log into Web sites by clicking on different digital credentials, or information cards. Users could create their own information cards or they could get the credentials issued to them by a trusted party, like a bank. (Microsoft doesn't host or store the identity information; it just provides the technology for its transfer.) CardSpace is meant to be more secure and useful than passwords because information cards can hold more information, like an address or a credit-card number, and can be backed by a third party.

International Business Machines Corp., Novell Inc. and various other academics and vendors are working together on a similar project. Their technology, dubbed “Project Higgins,” would be open-source.

But radically new tools like these won't be rolled out widely before next year. In the meantime, current services tend to focus on creating a trusted profile that can be used across sites or shared. The services, which collaborate with background-checking companies of the sort corporations use to research future hires, often check attributes like age, address, gender, education, employment and whether a person has a criminal record. Most services provide a basic verification of name, email, and sometimes address free of charge. Anything more can cost up to around $15 a year. The information is typically checked against credit-bureau records and other publicly available data, like property listings and databases of known criminals and sex offenders.

To sign up, users enter their personal data and are sometimes asked to answer a series of tricky multiple-choice questions no one else will likely be able to answer, such as the size of their last mortgage payment. Some details are confirmed automatically; others take time. On Trufina, a basic verification takes two to three minutes, with a background check usually taking less than 10 minutes, says Christian Madsen, chief executive of the College Park, Md., company.

Users can sign up through the services’ own home pages or through a partner site, where some of the costs are absorbed into other membership fees. Loveaccess.com, an online-dating site with two million members, charges customers $145 for a year of its premium service, which requires a Trufina background check.

Currently, the services aren't in widespread use. Indeed, some consumers complain that their verified profiles aren't yet particularly helpful. Max Markidan, a 26-year-old management consultant in Arlington, Va., says he doesn't find it useful for professional networking because few users beyond dating sites appear to have adopted it. “I am married, so I can't really use Trufina at this point,” he says.

The companies’ partnerships with popular sites will make or break their adoption, analysts say, by providing them with necessary revenue and more users.

While many of the services aim to assuage privacy concerns, they may run up against them, too. Briana Doyle, a 24-year-old from New Westminster, British Columbia, joined Opinity last month hoping it would help her aggregate personal information about herself she wished to share with other people online. But she stopped short at divulging details like her address, verifying instead her user names on other Web services like Yahoo's photo-sharing site Flickr, which the service also verifies. “I didn't see any reason to put my address front and center,” says the Web editor.

The companies stress that they don't store personal information about their users. But consumers may still shrink from a service they think knows too much about them. “The minute you aggregate identity information you aggregate risk,” says Jamie Lewis, the chief executive of the Burton Group, a Salt Lake City research firm. With hackers out looking for financial information, “you create a target,” he says.

The Verification Chain

How new identity-verification services work.

  • Users sign up for a new account on a classified, social-networking or dating site and are prompted to click through to the site of an identity verifier.
  • Verification service prompts users to create profiles with details such as their age, address, and occupation.
  • Verification services — or a separate company — electronically check data in public-record databases to verify assertions.

Once it supports Information Cards, a company like Opinity might offer a card that would assert an age or marital status and yet ensure no personally identifying information is communicated.  The most important aspect of this is that users won't need to reveal secret or identifying information to anyone but the Identity Provider (Opinity for example).

Liberty, Open Space and Information Cards for Apple

Red Hat's Pete Rowley on the recent adjoining Liberty Alliance and Open Space events in Vancouver – and Apple support for Information Cards:  

The Liberty Alliance made a bold statement in Vancouver last week when it opened its doors for the first time to the hoi polloi. Now this was something interesting enough to demand a visit in of itself, but with the addition of an Open Space after the Liberty meeting, well, you knew I was going to be there right?

The first two days consisted of the regular business of the Liberty Alliance where visitors were allowed to attend any session except for the super secret board stuff. I attended many of the technical sessions which were interesting, though sometimes hard to follow as an outsider without access to the documents under consideration. I also took part in a session around privacy concerns that not only assured me that Liberty has them but that they are serious about dealing with the issues. The conversation turned at one point to outside perceptions of Liberty itself and its lack of openess to its internal process and draft documents. Somewhat ironic was the point made that nowhere was there to be found any information regarding the location of the Liberty conference, at least not to those without access to internal websites. A consequence of this being the first open meeting no doubt. In all, an interesting and worthy meeting.

The final two days were spent on the Open Space which was run in unconference format by Kaliya Hamlin and was excellent as usual. Topics ranged from SAML to Liberty People Service to how should we rename this user centric identity thing? Kim Cameron wrapped up with a lunchtime introduction to CardSpace that by popular demand lasted for nearly two hours. At one point Kim was asked whether Apple would have an identity selector like CardSpace and Kim redirected the question to me in my capacity as OSIS representative. As the newly appointed unofficial spokesman for Apple I suggested that if Steve Jobs would call me I’d hook him up.

So Steve, call me.

Gee.  That's an interesting idea.

Like Pete I took Liberty's Open Space collaboration as being a very positive step in increasing dialog and understanding in the identity community.  It was great to speak with a number of the Liberty people who have been leaders in moving identity technology forward over the last few years.  It strengthens my conviction that we are on the road to an Identity Metasystem reaching across platforms and underlying technologies.

Learning from experience in eGovernment

The Oxford Internet Institute (OII) has posted the Webcast of Jerry Fishenden‘s talk “myGovernment.com – government the way you want it”.

This looks at how new technologies, the emergence of Web 2.0 and the citizen/consumer as creator enable a whole new model of government services and interactions, with the citizen at their center. It was part of a day's workshop themed around “Learning from Experience in eGovernment: Why Projects Fail and Why They Succeed“.

You can find both a streaming media version (which requires Realplayer), or the downloadable version (which requires an MP4 player – I had to download Quicktime 7.1) at http://webcast.oii.ox.ac.uk/?view=Webcast&ID=20060705_151.

Jerry is Microsoft's National Technology Officer in the United Kingdom, and a person I deeply respect for his wisdom and willingness to tell it like it is.

Some recent podcasts

Cardspace screenFor those new to Identityblog and looking for an introduction, here is a short interview I did recently with PTS-TV in England:


If you are ready for something more challenging, William Heath of Ideal Government got me thinking about the problems of overly-centralized identity technology in a podcast he described as follows:

Here's an exclusive interview with Kim Cameron, speaking with Jerry Fishenden to me and my colleague Ruth Kennedy. Famous as the Identity law-maker, Kim delivered Microsoft's Damascene conversion on identity matters and has become the catalyst for a new-found cross-industry sense of purpose about what it'll take to get digital identity and authenication that works for all of us.

He speaks exclusively to Ideal Government about the UK's ID developments in the context of state-of-the-art industry developments such as the Laws of Identity, Information Cards and the imminent ID big bang.

Note from administrator: (This was a 40 minute interview – the key sections are linked to the text below.

The whole podcast is available here.

This is the first Ideal Government audioblog/podcast so please forgive any clunkiness and background noise – it was a hot day and we were glad of the aircon.) Best way to hear the audio extracts

Firefox users: right click and “Open Link in New Tab”
IE users: I dont know. But when you find out tell me.
Also, anyone can insert inline audio to Expression Engine please tell me!

He sets out what he means by “Identity” (and there are many different meanings). He explains what Information Cards are, and how Microsoft has implemented them under the brand name Cardspace. He explains why for all its regrettable clunkiness the ageing UK Government Gateway is more secure and privacy-friendly than the proposed Home Office ID system, and it's revealed that there is a working version of Information Cards showing UK Government Gateway transactions. But this isnt Passport/Hailstorm revisited: it's as clear to Microsoft as to anyone that this has to work for everyone. We need a cross-industry big Momma identity backplane, and then the identity big bang can happen. But no one entity, country or authority can be in control.

He sets out where his work stands in relation to a user requirement for the ID we need for e-enabled services in the UK. Users decide, he says. If the system isn't widely adopted, it fails. As an architect, he expresses his concerns about the Home Office's ID card system. Too much information is in the same place. It's a colossal blackmail-generation machine. Every system will be breached, he says. If you dont understand that, you don't understand security and should not be talking about it.

He's pretty frustrated about the prospect of a lugubrious ID system which will inevitably damage trust in e-services. But a combination of the difficulty of the undertaking and the common sense of the British public means it will fail. The Brits are sensible, he finds. Tall as he and I are, we all recognise there's a limit: you can't survive if you're much over 11′. “They're trying to build a 60′ man here,” he says. All the technology people he knows feel the same way.

Yet he's very optimisic: UK identity systems can be efficient, secure, privacy-friendly and cheap, he says. The example of an ideal ID architecture he offers is pretty close to home: it's the Scottish Executive. How pleased will the Scots be to have an expensive and ill-conceived UK-wide system forced upon them, in a new West Lothian twist?

Baby, you can watch my car

If you aren't following Tom Maddox's Opinity Weblog, now is a good time to start.  This piece made me wonder what will become of us all:

License plate recognition technology is going into the private sector, says Wired:

Watch this carIn recent years, police around the country have started to use powerful infrared cameras to read plates and catch carjackers and ticket scofflaws. But the technology will soon migrate into the private sector, and morph into a tool for tracking individual motorists’ movements, says former policeman Andy Bucholz, who's on the board of Virginia-based G2 Tactics, a manufacturer of the technology…   

Giant data-tracking firms such as ChoicePoint, Accurint and Acxiom already collect detailed personal and financial information on millions of Americans. Once they discover how lucrative it is to know where a person goes between the supermarket, for example, and the strip club, the LPR industry could explode, says Bucholz.

Private detectives would want the information. So would repo men or bail bondsmen. And the government, which often contracts out personal data collection — in part, so it doesn't have to deal with Freedom of Information Act requests — might encourage it.

So if you don't want to be under surveillance, I guess you'll just have to move out to the hinterlands, off the grid, and out of automobiles–at the very least.

You know, this whole pervasive surveillance thing is getting depressing, especially when you combine it with RFIDs and ubicomp and similar technologies. It's Big Brother, Little Brother, Uncle Private Eye, Little Snoopy Sister, and every other nosy parker you can think of.

If you're interested in these sorts of things, my old buddy Bruce Sterling, who surfaces in the blog from time to time, writes pretty often about them in his Wired blog, Beyond the Beyond, which I highly recommend anyway on the grounds that Bruce is about as on top of things as anyone can be without having his head explode.

For more samples try this piece on the recent Eric Norlin / Ben Laurie exchange (my attempted joke that Ben must have had a “bad-hair day” is qualified as incendiary).  And there is a beyond the fringe story on the targeting of Craigslist users for violent crime (hmmm, seems like we might want to know who we're dealing with before an in-person meeting – which happens to be Opinity's forte).

Finally, there is news of what Tom calls an “OpenID Bounty”.  He puts it this way:

Cool open source news from OSCON: The OpenID folks have announced a $5,000 bounty to be awarded to the first ten software projects that implement OpenID as an identity provider or relying party.

I'm delighted to say that Opinity is one of the sponsors of the project. (There is a full list of sponsors on the OpenID site.)

To qualify for the bounty, the projects must also be distributed under an OSI approved license and have at least 200,000 internet users of currently installed public instances and 5,000 downloads a month. (There are other technical requirements; those interested should check OpenID's site.)

This is a really innovative way of encouraging development of both open-source development and adoption. If someone develops OpenID implementations for WordPress or MediaWiki–both of which would qualify for the award–doing so would open the door for desktop identity management for users. And, of course, all sorts of cascade effects will likely follow. I can see, for instance, developers creating OpenID implementations for a wide range of other blog and wiki platforms.

At this point, user-centric identity management needs, above all, users. The technical guys are working like speed freak beavers to create protocols and systems, so it's time to get this stuff on the desktop and into operation.


The House of Lords on Pervasive Computing

Britain's Parliamentary Office of Science and Technology recently issued a briefing on Pervasive Computing that is well worth reading.  In the words of the report, “Pervasive computing has many potential applications, from health and home care to environmental monitoring and intelligent transport systems. This briefing provides an overview of pervasive computing and discusses the growing debate over privacy, safety and environmental implications.”

A few days ago, the marvellous Baroness Gardner of Parkes led a discussion of pervasive computing issues in the British House of Lords, of which she is a member.  To some, the unelected House of Lords has seemed like an anachronism.  But as a simple observer, I am struck by the facility of some of its members in understanding the transformational force of technology on our society.  I wish more political thinkers shared their cogency and interest when examining these matters.

So let's listen in as Baroness Gardner of Parkes, in the company of the Countess of Mar, Lord Avebury, the Earl of Northesk, and Lord Campbell of Alloway, question Lord Sainsbury of Turville about the issues of pervasive computing:

Baroness Gardner of Parkes asked Her Majesty’s Government:  Whether they will introduce legislation to protect privacy in response to the growth of pervasive computing.

The Parliamentary Under-Secretary of State, Department of Trade and Industry (Lord Sainsbury of Turville): My Lords, there are already in place regulations to protect privacy in the electronic communications field. The Privacy and Electronic Communications (EC Directive) Regulations 2003 and the Data Protection Act 1998 implement the relevant EC directives in this respect. The Government will keep this legislation under review as the use of technology develops over time.

Baroness Gardner of Parkes: My Lords, I thank the Minister for that reply. I am sure that he will know that 8 billion embedded microprocessors are produced each year, which is an alarming number. The Parliamentary Office of Science and Technology states in its POST note that it is important that the volume of transmitted data should be kept to a minimum, that transmissions should be encrypted and sent anonymously without reference to the owner and that security should be treated as ongoing. The Minister has said that security will be treated as ongoing. Evidently, there is some concern about whether manufacturers should be encouraged to build in safeguards from the very earliest stage. Will the Minister comment on that?

Lord Sainsbury of Turville: My Lords, I do not know whether trying to keep the amount of information to a minimum is a realistic strategy. This will clearly be a huge and developing trend in the future; now that microprocessors have in-built communications, this will be a growing field. The Privacy and Electronic Communications Regulations were introduced to address just these questions. They require, for example, a system of consents for processing location-based data. Service providers are required to take appropriate technical and organisational measures to safeguard the security of services. For the moment, that seems to be appropriate legislation but, as I said, we will need to keep it under review as the technology develops.

The Countess of Mar: My Lords, what is Her Majesty's Government’s view on the report of the Leeds NHS trust, which stated that there were 70,000 instances of illegal access to patient data in one month?

Lord Sainsbury of Turville: My Lords, patient data would be covered by the Data Protection Act. Clearly, if there is that number of instances of illegal access to data, there is something wrong with the systems in that place. That should be taken up in the light of the Data Protection Act.

Lord Avebury: My Lords, is the Minister aware that the British Computer Society has appointed an expert committee to look into the implications of pervasive computing? If any legislative changes are required, it would be sensible to wait until that committee had reported. On medical applications, does the Minister agree that the use of devices for sending data from within a patient’s body to outside recorders has proved to be an enormously valuable diagnostic tool, with no privacy implications for the patients?

Lord Sainsbury of Turville: My Lords, we must wait and see how the technology develops before we rush into any kind of regulation to control it. There have, as yet, been no complaints to the Information Commissioner on this area of location-based services. Information taken out of people’s bodies by such technology can clearly be enormously helpful medically.

The Earl of Northesk: My Lords, does the Minister agree that the issue is as much about ownership of the huge amount of data routinely collected about all of us as it is about privacy? If so, what stance do the Government take on the questionable legality of the Home Office authorising the DNA database to be used by the Forensic Science Service to research whether race and ethnicity can be determined from DNA samples?

Lord Sainsbury of Turville: My Lords, the Question was about pervasive computing, which is a specific area. The whole area of data protection is covered by the Data Protection Act 1998. Pervasive computing is a completely different subject.

Baroness Gardner of Parkes: My Lords, does not the Minister agree that there is—according to this POST note, for example—debate about whether the Data Protection Act covers the matter? The National Consumer Council is concerned about whether people could have all their information transmitted from, say, their home—or even their body, as was described in relation to medical things—and not know that it was being obtained or what use it was likely to be put to. That could be a bad use.

Lord Sainsbury of Turville: My Lords, as I said, there are two pieces of legislation: the Data Protection Act 1998 and the Privacy and Electronic Communications Regulations. The second obviously covers the security of data communication from one place to another. As I said, that involves issues of consent and security, which are well covered in that legislation. Of course, it may turn out that the legislation does not properly cover the subject and that there are issues to be considered. As I said, however, there have been no complaints on that point as yet.

Lord Campbell of Alloway: My Lords, will the Minister explain what pervasive computing is?

Lord Sainsbury of Turville: Yes, my Lords. This is an interesting subject. Some microprocessors now have in-built communication facilities. The most obvious example of that is radio identification. I do not suppose that the noble Lord ever goes to the back of his local supermarket, but if he did he would see that packages that are brought in have an identification code that can be read electronically without taking the goods off the pallet. That is done by radio communication and is an enormous step forward in efficiency. The same principle applies to smart keys; one can open a car door from a range of three feet with a smart key, using the same technology.



Via Terrell Russell a report on Will Harris's piece on the danger that Web 2.0 represents “the end of privacy”.

Will Harris recently wrote about his views on the end of privacy. He blames the Web 2.0 phenomenon and all the data users are willingly posting and publishing on the network. Well, mostly he blames big business.

“My firm belief is that the net effect of the Web 2.0 movement will be a marked loss of privacy on the internet, one which leads to big business knowing more about you than it ever did before.”

He then moves quickly into talking about how these conglomerates will eventually own all the marketing data it can buy and proceed to advertise, advertise, advertise.

When the Web 2.0 bubble bursts – when the massive buyouts are done, the millionaires are made and the sites we love today are in the hands of big business – the innovation will grind to a halt, and what’s left will be the endless grinding of the marketeering machine.

If anything, I think this is the blunt end of the stick.

The other end is much more dangerous as, once this data is aggregated and compiled, it can be singularly lost or sold to more unscrupulous characters. Big business being what it is – is not the boogeyman here. I am concerned, same as Will, about large corporations feeling they can advertise personally to me whenever and wherever they want – but I’m much more concerned about their potentially cavalier tossing around of all this personally aggregated data without scrubbing it for merely statistical purposes.

Ideally, we move to an identity metasystem (with identity providers and identity brokers) and these companies only know what we let them know about us. Arguably, we can do that today without more software or more technical tools to trickle into mass adoption, simply by not playing – not participating – but that kind of defeats the point of having the conversation, doesn’t it? We need tools to protect us AND that let us do what we want to do online – buy, sell, communicate.

Eventually, online life and offline life will be a blurry distinction that nobody bothers to make. It will just be life.

I do like Will's piece.  Everyone should check it out, even though he has completely missed the central point.  

I speak, as usual, in the architectural conditional.

Will get's what's happening, but not what will start happening when Web 2.0 gets serious about long-term business strategy.  One day people will get to, er, the “things that will destroy our business model” phase. 

Luckily, the fix isn't so hard, if people tune in now.  More when the rest of me has arrived back from Europe.