Tuesday, 6 November 2012

Identity assurance – shall we vote on it?

For years now
the Cabinet Office have claimed
that they don't want to create a single, central national identity register.

Falsely, as it turns out.

They want to store a single, central identity-assured electoral roll
with the credit referencing agencies.

Lord Maxton: ... The noble Lord, Lord Rennard, in particular, roused me to my feet as I have one simple point to make. The Bill is designed to stop fraud and ought to be designed to encourage people to vote, and there is one simple way to deal with that. Unfortunately this House and the other place both voted to get rid of that simple way of dealing with this matter, which was the introduction of an identity card-a general register of all people. It would have been a compulsory identity card for everyone. It would have ensured that everyone was on the central register and we would not be in this position. The noble Lord, Lord Rennard, led the campaign, as much as anybody did, against ID cards, which was a major error on his part. By the way, the technology on ID cards, or smart cards, has moved on extensively even since we abolished the proposal less than two years ago. Now we could have a smart card that would ensure that people were on a central register and the register itself would divide and set up online registers for the whole of the country. Each constituency would have a register, not completed by a registration officer or by individual registration but automatically: by pressing a series of buttons on a computer it would come up with the right answers ...
The Electoral Registration and Administration Bill began its committee stage last Monday, 29 October 2012. Lord Maxton's contribution ignores the fact that the ID cards scheme failed despite enjoying eight years, 2002-10, of unstinting political support from the European Commission, Whitehall, two Prime Ministers and five Home Secretaries, and despite eight years of hosing unlimited public money at management consultants, software houses and biometrics experts. It's just not that easy, my lord.

One of the lessons of 2002-10 has not been lost on John Reid:
Lord Reid of Cardowan: I am very grateful to the noble Lord [Lord Rennard] for giving way. I am not in principle against what he is suggesting but, as someone who bears the scars on my back of false accusations when in government of an intention to mine data, match data and cross-match data, can he tell us when the Liberal party came to the conclusion that it was perfectly legitimate to mine and cross-match the data from DVLA, from pensions, from national insurance, which the noble Lord mentioned, and from transport? Once you have created this precedent there will be very good reasons for using it, presumably with data from HMRC and others, right across the spectrum so it is not something that should be entered upon lightly.
According to the explanatory notes on the Bill, the objective is to "reduce electoral fraud by speeding up the implementation of individual voter registration". Draft legislation for Individual Electoral Registration (IER) was published on 30 June 2011. In addition to the legislation, there was an impact assessment and a statutory instrument on the pilot schemes needed for the data-matching that Lord Reid was talking about.

The first day's debate in the committee stage of the Bill is a magnificent cornucopia of Constitutional issues:
  • Their lordships debated cross-referencing the electoral roll with DWP's National Insurance number database (NINO), with the equivalent database at the Department for Social Development (Northern Ireland), with HMRC's tax credit and child benefit databases, with Royal Mail's redirection service and with several Department for Education and Department for Transport databases. This is unprecedented. Is that legal? No. According to the impact assessment (p.2), "Key assumptions/sensitivities/risks: Data matching – national rollout would require primary legislation.".
  • Did the pilot schemes suggest that it's worth introducing new primary legislation? Don't know. Haven't seen the results. Don't know how the tests were carried out. What were the protocols? What would constitute success? Was failure possible?
  • Given that IER is meant to be voluntary, why are their lordships mooting civil penalties for failing to register? (Where have we come across that before? ID cards. Supposed to be voluntary. But anyone applying for a passport would automatically be entered on the National Identity Register. So they're not voluntary. Yes they are, says Charles Clarke, Home Secretary at the time, March 2006, because you don't have to apply for a passport, do you?)
  • Why isn't the Department of Health involved?
  • Is it true that the Department for Transport has pulled out?
  • ...
There's too much there for a single post. Too many nuggets to mine. Let's pick on just one:
Lord Wallace of Saltaire: My Lords, before I address the amendments directly, I take up some of the broader issues raised by the noble Lord, Lord Reid, which were touched on by the noble Lord, Lord Maxton, in our first Committee session before dinner. They are extremely wide issues and I agree that they are important. It was for that precise reason that I went to be briefed by the head of the Government Digital Service last week.

As the noble Lord, Lord Reid, pointed out, as we move towards cloud computing, the questions of where data are stored, to what uses they are put and how far they are shared become a very delicate and important area. I also flag up that the question of what is a public database and what is a private one becomes a little more difficult than it is now. There is a whole set of issues there that we need to return to in other contexts because this has the potential to transform the way in which society, the economy and government work as a whole. I was assured that the protocols that now govern what is called identity verification-the very limited use of data sharing to ask, "Is this person real?"-are strong and, as used by the credit agencies and others, provide firewalls which prevent too much information being shared.

Some of us might differ on how far we would be happy for the DWP, HMRC and the National Health Service to share information on what people claim to be earning, claiming or whatever; those questions will also come into that debate. I strongly agree that this is an extremely important long-term issue. However, if I understand it correctly-and I am at the absolute outer limits of my knowledge of computers at this point-I am told that one does not need to amass new databases. That is the difference between what is now beginning to happen and the old ID debate ...
So we're all moving "towards cloud computing", are we? How carefully did ex-Guardian man Mike Bracken, "the head of the Government Digital Service", explain to Lord Wallace, a man "at the absolute outer limits of [his] knowledge of computers", that cloud computing means losing control of your data?

Is it right for Lord Wallace to be "assured that the protocols that now govern what is called identity verification ... are strong"? No-one else believes that. Why does ex-Guardian man Mike Bracken believe it?

Did ex-Guardian man Mike Bracken take Lord Wallace through GPG45? That's the good practice guide, no.45, issued by CESG, on Validating and Verifying the Identity of an Individual in Support of HMG Online Services. Do Facebook and Twitter meet the criteria set out there? Or didn't the matter crop up in conversation?
52. In time other forms of verification may become available which means that a person may not be required to produce their NINO and DOB when making a new application to register – the legislation has been drafted with this in mind. On 18 May 2011 the Government announced plans for the development of a consistent, customer-centric approach to digital identity assurance across all public services. The intention is to create a market of certified identity assurance services delivered by a range of private sector and mutualised suppliers so that people will be able to use the service of their choice to prove their identity when accessing any public service. The draft legislation will allow digital identity assurance to be used in future to verify an application to be added to the electoral register. Additionally it may be possible for verification to take place at local authority level using similar local arrangements. We will monitor these developments with a view to improving the verification process if it helps to simplify the system and encourages more people to register.
That's what it says in the draft legislation. Ex-Guardian man Mike Bracken was meant to announce who would be the UK's so-called "identity providers" by 30 September 2012. We're still waiting.

He'd better hurry up. He's promised to have an identity assurance service "operational" for 21 million Universal Credit claimants by Spring 2013.

Some of the proposed suppliers of identity assurance, the social networks like Facebook, the custodians of the strong protocols Lord Wallace is hoping for, have been irremediably debunked by Whitehall's own security experts who recommend lying to them if you don't want to suffer identity fraud.

And the others? The banks? And the mobile phone suppliers? Do they now see the wisdom of the Department of Health in not getting involved in the first place? Will they now follow the example of the Department for Transport and withdraw?
13. Maintaining a more accurate and complete register will deliver benefits beyond addressing the potential for fraud in elections. The full register is already made available under current legislation to a number of government organisations for official purposes, and the edited version of the full register is available to anyone for any purpose. In addition the full register is also supplied to credit reference agencies to assist financial institutions in the UK to verify a person’s identity when processing an application for credit or opening a bank account.
Damian Green MP feeding disk drives
from the failed UK ID card scheme
and the credibility of the Home Office
into an industrial shredder
Photograph: SA Mathieson/Guardian
For years now, the Cabinet Office have claimed that they've learnt the lesson, they don't want to create a single, central national identity register. Now look. Look at para.13 of the draft legislation. They just want to keep a full copy of the identity-assured electoral roll stored with the credit referencing agencies. Who, if they've got any sense, and they have, will extract themselves from this eye of newt goulash faster than a speeding ballot.

The debate in the Lords was intelligent and informed, elegant and patient, and tirelessly open. An example to us all.

No comments:

Post a comment