I've been taking occasional breaks from the long-running Christmas party and swimming upstream into my email torrent.
I have to recommend the British Ideal Government blog – “a web user's antidote to personal frustration with public services” run by William Heath as a kind of wikki with a lot discussion of eGovernment and related subjects. It seems to be a good vantage point from which we in North America can get an unofficial view of the approaching British rendezvous with government identity cards.
Having myself followed William's advice on this matter, I recommend that everyone interested in identity issues read the British Information Commissioner's perspective on the Identity Cards Bill.
Of course, government eIdentity cards run smack into the Law of Fewest Parties (Third Law of Identity):
Technical identity systems MUST be designed so the disclosure of identifying information is limited to parties having a necessary and justifiable place in a given identity relationship. (Starts here…)
Interestingly, this law is well understood by the Information Commissioner, who has obviously thought long and hard about these issues (American readers are advised not to miss the understated intensity of the words ‘myriad’ and ‘plethora’):
The problems (…administrative and technical – Kim) would be substantially exacerbated if it becomes the norm for a myriad of organisations – including commercial bodies – to check the Register for a plethora of purposes completely unconnected with those public interest objectives set out on the face of the Bill (Clause 1(4)).
One of the most thought-provoking aspects of the proposed scheme is the auditing of uses of the identity asserted by the card. This aspect of identity systems is one to which we will dedicate considerable attention going forward.
The example is given of employers being required to verify a person's right to work before hiring them. This would involve the card-holder (in conjunction with the employer?) accessing “the registry” by using the card. The card's use would in turn be recorded as part of an ever-growing audit trail of transactions associated with the subject. The commissioner points out that in this kind of scenario, much more guidance is required. Is the card to be used and audited every time you apply for a job? Only when the job offer is accepted? And above all, why?
We will all learn a lot by watching Britain grapple with these issues. In Britain there seem to be many mixed opinions. But it is encouraging that the national identification card is not proposed as a universal or commercial identity. It seems to be intended for use in official government contexts, making it conform to the Third Law.
