Charlie's Diary

[ Site Index] [ Feedback ]

Wed, 17 May 2006

A report on the state of the National Identity Register, May 2016

I'm currently working on a novel, HALTING STATE, which is set in 2016. Being an SF author, I try to do some background legwork to make the world the novel's set in seem vaguely realistic. Extrapolating on the basis of existing large government IT projects, I figure the state of play of the National ID Card by 2016 is going to look something like this:

The National ID Register has been implemented, and (as No2ID are currently predicting) it was a train-wreck.

Large scale civil disobedience (accelerating from mid-2006, with the introduction of compulsory interviews for passports, then from 2008 with the opening of the first ID card processing centres) prevented the ID card itself from being made compulsory. Bluntly, people who are agnostic on the idea of carrying an ID card when interviewed in 2005, suddenly turn out to be rather against it when they receive a letter ordering them to show up for processing (and to fork over somewhere between £50 and £150 for the privilege). Even disguising it as a driving license or passport or proof of age in the boozer doesn't make them happy, and the proportion of goats in the population is high enough that beating the problem over the head with a stick is going to cause a crisis rather than making resistance trickle away.

So the card itself is theoretically voluntary, except there's silly shit on the books that make it an offense not to show one to the police when challenged, because the Home Office has predicated its entire legislative program since 2005 on the assumption that the ID card would be compulsory. So conformists carry them, but goats (and your typical petty criminal is always a goat, even though most goats are law-abiding) don't.

Dangerous illegal immigrant criminals (see current newspaper scandal) do not carry ID cards, by definition. Indeed, they're no more identifiable than they are now.

Businesses use the ID card for authentication ... except that the government doesn't want J. Random Corner Shop (which might be owned by a crazed Al Qaida-trained bomb maker -- you can never be too sure) poking around their super-secret database. So to keep the wheels of commerce turning, there's a chip and PIN mechanism rather than actual on-line biometric authentication against the government's database, and the PIN is stored on-chip (as with the British credit/debit card system, described in several APACS specifications). In 2006, the chip and pin system was already looking worryingly insecure just three months after its national introduction; by 2016 the system has been successfully attacked by trying to reverse-engineer the chip. (Oops.) What this means is, checking someone's identity using the ID card is no more secure than glancing at their credit card, unless you're a government agency with a biometric scanner and online access to a secure database server -- and credit card fraud is just as rife in 2016 as it was in 2005. But most folks don't realise this, because it is not in the banks' (or the government's) interest to trigger a panic. (There is a precedent for this behaviour; given a choice between sweeping it under the carpet/denying everything, and letting the UK banking system collapse, the government and regulators picked the former option. What did you think your shiny new chip'n'pin card was all about?)

The lion's share of the complexity in the ID card scheme was actually the software to manage the national identity register -- the largest single distributed database system ever implemented by the British government and its contractors. As is usual in such projects, it was farmed out to the bidder who most egregiously low-balled the initial phase costings -- that is, those that would be spent on the watch of the then Home Secretary.

The first law of British government IT contracts is "lowball the first five years", because five years is the event horizon of elected political office -- anything that happens five years and a day from now is some other guy's problem. And the contractors milk this egregiously -- you can read about it every couple of weeks in Private Eye. Unfortunately, the software development life cycle in the IT business is such that costs are always front-loaded (development is expensive, maintenance/support is cheap), and development of a large system is therefore always cash-starved just when it most needs investment. It therefore should come as no surprise to learn that the national identity register was delivered massively over-budget, several years late, and insufficiently flexible to do the jobs it was thought to be needed for. Especially as, once the system was under development, everyone ambitious greasy-pole-climbing consultant the government had hired to tell the civil service what to do kept thinking up new jobs for it. The register, with its provision for holding lots of unspecified we'll-fill-in-the-blanks-later data on its subjects, became a moving target. And we all know what happens to database projects that succumb to functional creep ... the additional work of meeting the new requirements puts the project even further behind schedule. Which means more time for idiots to dream up new requirements. It's a vicious circle.

The other big ticket job was registering individuals and handing out their cards. This was initially to be carried out at regional processing centres for registering individuals, where everybody in the adult population was to be interviewed in person. Unfortunately, the civil service is not set up to interview fifty million people every decade -- or to deal with the hospitalized, the senile, the insane, and the just plain recalcitrant. Thus, the processing centres failed to cope with the interview/registration workload. It turns out that interviewing people is a labour intensive job, labour intensive jobs are expensive, and you can't speed them up by throwing technology at them.

The final nail in the coffin was a panic measure, ordered by a computer illiterate Home Secretary (is there any other kind?) in 2009. At this point, the project was already 18 months overdue, the government was facing an election, and the ID card -- by now a core plank of Labour party policy -- was seen as vital to the credibility of the Home Office. Processing was an abject failure, so what to do? The answer was clear (to the computer illiterate Home Secretary): cut the Gordian knot, and begin merging existing data into the Identity Register without actual in-person interviews to authenticate it. (The phrase used was: "put it in the database now, we can check it's valid later -- anyway, who'd lie to us? It's a criminal offense!")

By way of illustrating how totally bone-headed this is, here's an example. If they don't have time to interview you, they can create an entry for you from existing public sources: your driving licence might be merged with that DNA sample the police took when they arrested you three years ago, along with the money launding disclosure for your mortgage application that proves you're not a front for the Medelin cartel. Except that you were never arrested three years ago -- someone else gave your name in the cop shop. And because they accepted a caution, and your spam filter ate the email from the police, you don't even know you've got a criminal record and a DNA sample on the database.

By 2016 it is believed that 5-10% of ID Register entries are false positives (i.e. false identities created by people who are illegal immigrants, or who just want a spare name for some reason -- e.g. benefits fraud), 15-20% of the population are false negatives (people who refuse register), and 30% of the actual entries that correspond to real people are just plain wrong in one or more details (e.g. the criminal conviction above). The system has been systematically poisoned by the initial influx of bad, unchecked data and by the fact that it is a nice fat central target for identity thieves (see chip'n'PIN authentication, above). Finally, there's a problem with corruption among processing centre staff (some of whom will, for a nice fee, create false identities with your own biometrics -- so you can prove you're someone else).

There are other, more subtle, problems with the national identity register. Biometric identifiers change over time. People lose fingers and eyes. A lot of protesters discovered that atropine eye drops cause their iris to dilate, to the point where it's impossible to digitize. Middle-aged Filipino women have fingerprints that just plain don't work with the recognition software -- there's insufficient variation to tell them apart. 15% of the population have eczema, half of those have it on their hands, and their fingerprints are (in many cases) differently fucked from week to week. Post-operative transsexuals who have received hormone treatments have facial bone structures that mess up attempts at face recognition. Only DNA fingerprinting works, and even that is fallible, with multiple false positives (e.g. identical twins, and even random folks with identical matching sequences).

The police hate the thing, but they're stuck with a Police and Criminal Evidence Bill (2008) that was drafted on the optimistic assumption that the thing would work as specified by the Home Office. So they have to pretend it works, even though everyone knows it doesn't. Although it is handy for fitting up people for crimes you really need an urgent clean-up on. (On the minus side, it means real villains, who want to disappear and have sufficient cash to suborn a processing centre worker, can create valid new identities for themselves that will stand up in court.)

Personally you're against it because you're stuck paying for a new card every couple of years, because you have to carry the damned thing if you want to prove your age in the pub or visit your bank manager, and we all know what the life expectancy of a piece of plastic is. Plus, you can't get that bogus caution scrubbed from your record because your DNA sample doesn't match, and -- to prevent the identity register from being corrupted -- there's no way to revoke a record attached to your identity without proving that you are the same person one the record was created for. The program is costing the country, and you personally, close to £2Bn a year, rather than the initially projected £5Bn over a decade, and it has totally failed to achieve its objectives. It is, in fact, the biggest fiasco since the Poll Tax.

... All because of the quid pro quo the French government demanded in return for closing the Sangatte refugee camp (i.e. that the UK adopt an ID card), and Tony Blair's Americanophilia (which caused him to demand that the British ID card follow the example of the US REAL ID Act and use biometric authentication), and the gravy-train instincts of the usual government IT project contractors.

[Discuss ID Cards]

posted at: 15:24 | path: /politics | permanent link to this entry


Is SF About to Go Blind? -- Popular Science article by Greg Mone
Unwirer -- an experiment in weblog mediated collaborative fiction
Inside the MIT Media Lab -- what it's like to spend a a day wandering around the Media Lab
"Nothing like this will be built again" -- inside a nuclear reactor complex

Quick links:

RSS Feed (Moved!)

Who am I?

Contact me

Buy my books: (FAQ)

Missile Gap
Via Subterranean Press (US HC -- due Jan, 2007)

The Jennifer Morgue
Via Golden Gryphon (US HC -- due Nov, 2006)

Via (US HC -- due June 30, 2006)

The Clan Corporate
Via (US HC -- out now)

Via (US HC)
Via (US PB -- due June 27, 2006)
Via (UK HC)
Via (UK PB)
Free download

The Hidden Family
Via (US HC)
Via (US PB)

The Family Trade
Via (US HC)
Via (US PB)

Iron Sunrise
Via (US HC)
Via (US PB)
Via (UK HC)
Via (UK PB)

The Atrocity Archives
Via (Trade PB)
Via (Trade PB)
Via Golden Gryphon (HC)
Via (HC)
Via (HC)

Singularity Sky
Via (US HC)
Via (US PB)
Via (US ebook)
Via (UK HC)
Via (UK PB)


Some webby stuff I'm reading:

Engadget ]
Gizmodo ]
The Memory Hole ]
Boing!Boing! ]
Futurismic ]
Walter Jon Williams ]
Making Light (TNH) ]
Crooked Timber ]
Junius (Chris Bertram) ]
Baghdad Burning (Riverbend) ]
Bruce Sterling ]
Ian McDonald ]
Amygdala (Gary Farber) ]
Cyborg Democracy ]
Body and Soul (Jeanne d'Arc)  ]
Atrios ]
The Sideshow (Avedon Carol) ]
This Modern World (Tom Tomorrow) ]
Jesus's General ]
Mick Farren ]
Early days of a Better Nation (Ken MacLeod) ]
Respectful of Otters (Rivka) ]
Tangent Online ]
Grouse Today ]
Hacktivismo ]
Terra Nova ]
Whatever (John Scalzi) ]
Justine Larbalestier ]
Yankee Fog ]
The Law west of Ealing Broadway ]
Cough the Lot ]
The Yorkshire Ranter ]
Newshog ]
Kung Fu Monkey ]
S1ngularity ]
Pagan Prattle ]
Gwyneth Jones ]
Calpundit ]
Lenin's Tomb ]
Progressive Gold ]
Kathryn Cramer ]
Halfway down the Danube ]
Fistful of Euros ]
Orcinus ]
Shrillblog ]
Steve Gilliard ]
Frankenstein Journal (Chris Lawson) ]
The Panda's Thumb ]
Martin Wisse ]
Kuro5hin ]
Advogato ]
Talking Points Memo ]
The Register ]
Cryptome ]
Juan Cole: Informed comment ]
Global Guerillas (John Robb) ]
Shadow of the Hegemon (Demosthenes) ]
Simon Bisson's Journal ]
Max Sawicky's weblog ]
Guy Kewney's mobile campaign ]
Hitherby Dragons ]
Counterspin Central ]
MetaFilter ]
NTKnow ]
Encyclopaedia Astronautica ]
Fafblog ]
BBC News (Scotland) ]
Pravda ]
Meerkat open wire service ]
Warren Ellis ]
Brad DeLong ]
Hullabaloo (Digby) ]
Jeff Vail ]
The Whiskey Bar (Billmon) ]
Groupthink Central (Yuval Rubinstein) ]
Unmedia (Aziz Poonawalla) ]
Rebecca's Pocket (Rebecca Blood) ]

Older stuff:

June 2006
May 2006
April 2006
March 2006
February 2006
January 2006
December 2005
November 2005
October 2005
September 2005
August 2005
July 2005
June 2005
May 2005
April 2005
March 2005
February 2005
January 2005
December 2004
November 2004
October 2004
September 2004
August 2004
July 2004
June 2004
May 2004
April 2004
March 2004
February 2004
January 2004
December 2003
November 2003
October 2003
September 2003
August 2003
July 2003
June 2003
May 2003
April 2003
March 2003
February 2003
January 2003
December 2002
November 2002
October 2002
September 2002
August 2002
July 2002
June 2002
May 2002
April 2002
March 2002
(I screwed the pooch in respect of the blosxom entry datestamps on March 28th, 2002, so everything before then shows up as being from the same time)

[ Site Index] [ Feedback ]

Powered by Blosxom!