Has the digital age changed the UK’s attitude to national ID cards? We’re about to find out. The government is going ahead with a compulsory Brit card. Tim Green, director of MEF’s ID and Data programme, weighs up the arguments…
The debate around a compulsory digital ID for the UK has been rumbling on all summer. Though it’s tempting, I have refrained from writing about it so far. Yes, MEF is based in the UK, but this doesn’t make the UK’s strategy on digital ID any more important than those being discussed elsewhere.
That said, now’s the time to comment.
Last week, the prime minister gave the go-ahead for a proposal to issue a “Brit card” to every UK citizen. His primary reason for doing so? To take on the problem of illegal immigration. The Labour government argues a mandatory national digital ID will make it easier for employers to check the legal status of their employees. This, it says, will deter some migrants from coming to the UK in the first place.
Now, Great Britain has a contentious history with compulsory national ID cards. We’ve never had one, and the many attempts to introduce them have all failed. Indeed the last attempt was made by Tony Blair’s Labour government around 20 years ago. So it’s interesting that the Tony Blair Institute is currently one of the most vocal agitators for this new iteration.
As expected, the announcement aroused negative responses. Around 2.5 million people signed an online petition against the idea. The civil liberties group Big Brother Watch said it would create a “checkpoint society that is wholly un-British”.
There is nothing inherently wrong with a digital identity scheme… The issue is how it is implemented and managed.“
It’s a telling choice of words. Older Brits like me grew up watching Second World War films where escapees officious foreign policemen would shout ‘papers please!’ at checkpoints. It was very alien to us. Hence the received wisdom that Brits are suspicious of state surveillance. A cherished national phrase is: “mind your own business.”
But I’m not sure this is true any more (if it ever was). Look around you. Everyone is sharing their details on social media, and clicking ‘yes’ to cookies if they make browsing one second quicker. In the battle for convenience v privacy, most people choose the latter. Add national security into the mix and the result is even more one-sided.
In fact, Ipsos revealed that 57 per cent of Britons support the introduction of a national ID card scheme.
As for me, I think I represent the majority view. There is nothing inherently wrong with a digital identity scheme (I’m MEF’s programme director for ID and Data… what do you expect me to say!?) The issue is how it is implemented and managed. And this is where many people have reservations about what we know of the Brit card so far.
On the positive side, we urgently need a digital identity infrastructure. Our economy has changed. Transactions are going online. We can’t have a system of scanning passports or filling out complex forms to do the things we want online. This is inconvenient and wildly insecure. It’s applying industrial-age thinking to a post-industrial digital world. Instead we need a robust form of digital ID that will make these processes quick and safe.
So what’s the downside of the new proposal? In a word: centralisation.
To be clear, the government hasn’t detailed the structure of its system. However the language suggests a government-controlled set-up rather than a federated approach. This raises obvious concerns around security. Any ID check will have to be verified against a single national database. Hackers will be rubbing their hands at the opportunity for ransoms and identity theft.
And we should take the ethical concerns seriously too. No, mandatory digital ID will not descend Britain into a dystopian surveillance state. But it does alter the so-called social contract. With a national ID in place, authorities will have more power to limit people’s freedoms. Even if they don’t use this power, the mere idea will worry most citizens.
Then there’s the competence question. The UK’s identity landscape is already fragmented. The tax office uses one system, the NHS another, and so on. Meanwhile, previous attempts to build national systems like ‘Verify’ failed spectacularly. Even the latest scheme, One Login (the system for accessing UK online public services) has been mired in controversy.
The conclusion is easy to reach: maybe governments should not be building and running national ID schemes. The public senses this. A recent survey found 63 percent of British citizens don’t trust the government to keep their data secure.
Is there another way? Of course there is.
ID expert and friend of MEF, Dave Birch, puts it this way: “We have all of the technologies that we need to build a digital identity for the 21st century:: zero-knowledge proofs, verifiable credentials, strong authentication. Now we need to put them to work to deliver not a National Identity Scheme but a National Entitlement Scheme.”
The difference between the two? An ID scheme is about who people are. An entitlement scheme is about what people are: such as, over 18, entitled to drive, graduate, British etc. Federated ID wallets contain encrypted credentials that the holder can share to prove these facts – without giving away any personal details.
As Dave points out, the standards that allow multiple issuers to participate in a federated system are coming together. It should now be possible to build a scheme in which anyone asking for ‘papers please’ just gets an encrypted token. Will this make the ethical objections go away. Probably not. Still, it should be an interesting next few months.
Find out more about the themes discussed – Join the MEF ID & Data Interest Group.
