Sunday 16 June 2013

Tomorrow – the distributed self

After the collapse in 2010 of the Home Office's ID cards scheme, the NIS (National Identity Service), Whitehall claimed to have learned the lesson.

The 20 September 2010 meeting for Whitehall and its suppliers made it clear that the whole idea of the NIS is now anathema and the Home Office are outcasts, whose contagious touch must be kept away from the new idea – identity assurance.

At the centre of the old NIS lay the National Identity Register, the NIR, a single database with one record per person enrolled into the scheme. At least, that was the plan. It never happened.

Talking to the Information Commissioner's Conference on 6 March 2012 about the new scheme, IDAP, the Identity Assurance Programme, Francis Maude, Cabinet Officer minister, said: "at no point does information need be held on the same server to be correlated".

No NIR. IDAP in the clear?

No.

It's a conjuring trick.

More fully, what Mr Maude said was:
... the technology has moved on and so can we. There is now an option to share data momentarily allowing us to check for matches – with no Big Brother database in sight ... In a world of dispersed data sets, we can bring fragments together instantaneously and momentarily to corroborate – without ever creating a central database ... It’s about bringing together the data at a point in time - to provide the necessary confidence - and then disaggregating it again. At no point does information need be held on the same server to be correlated ...
The NIS was meant to rely on a single, central database. It's not clear but Mr Maude's plan for IDAP may be to use several distributed databases. There is nothing new about distributed databases, the technology for which "moved on" 30 years ago, in the 1980s.

Distributed databases may be geographically and physically separate. But they constitute one logical database, supporting data-matching just as well as the centralised model.

Or perhaps Mr Maude's plan is to use a Google-type program in the middle of IDAP to search far-flung, disparate databases. Again, nothing new about that.

Either way, distributed databases or Google, same effect. Same problem. There's still an NIR. Lesson not learned.

Mr Maude likes to use the term "data-linking" to distinguish IDAP from the "data-sharing" planned for the NIS. There is no distinction. IDAP threatens the same loss of privacy as the NIS.

IDAP is subject to the same law enunciated by Neil Fisher of Unisys back on 31 October 2011:
Any project with "identity" in the name is doomed to failure.
You know that's true. IDAP was meant to be "fully operational" by March 2013. It wasn't and it still isn't – despite what the Guardian call the "elite" team responsible for it at GDS, the Government Digital Service.

Keep your ears open tomorrow for Mr Maude the Conjuror's announcement about the new design principles for identity assurance.

When you hear him promise secure storage of your data in the cloud, remember, there is no such thing.

When he asserts that the suppliers are trusted third parties, ask yourself, who says they're trusted? Trust has to be earned. That takes years. It can't be granted by fiat.

When he claims that there is an "ecosystem" of private sector "identity providers" competing for your custom, just check, how many of them really are private sector companies. The Post Office? Mydex? They rely largely on central and local government contracts and on their influence over government policy.

These "identity providers" haven't adapted slowly, generation by generation, and survived a hostile nature that kills off all but the fittest. They don't exist in an ecosystem. IDAP is more like intelligent design. Or even creationism:
  • It's not an ecosystem.
  • The "identity providers" aren't all competitive private sector companies.
  • It's up to you to judge whether the suppliers are to be trusted and it could take years before you have enough evidence to reach a verdict.
  • As the media tell us every day, there's no such thing as a secure website. There are hackers out there against whom even the US military seem to be defenceless.
  • And then there's the NSA, the US National Security Agency, with PRISM and Boundless Informant, not to mention access to your mobile phone usage.
There will be three upturned cups on the table. Identity. Efficiency. And trust. Mr Maude will pop privacy under one cup and dextrously swirl them all around. After the beguiling patter and the colourful handkerchiefs, which cup contains privacy?

You know the answer to that one.

No comments:

Post a Comment