The chief executive of the Identity and Passport Service has revealed tantalising glimpses of how security will be maintained in the upcoming UK ID cards scheme.
James Hall, chief executive of the Identity and Passport Service (IPS), said in an ID cards web chat on Tuesday that the database underpinning the scheme will be linked to the UK's critical national infrastructure, in an attempt to keep it totally secure. This database, called the National Identity Register (NIR), will hold biometric and other details about UK citizens.
The critical national infrastructure is a series of computer systems the Government deems necessary for the running of the country, including police, military, healthcare, communications, emergency services, finance, government, transport and water systems. The companies and organisations that run them are compelled to operate stringent security.
At the moment the word 'fiasco' comes to mind, in huge red letters.
Simon Davies, Privacy International
"Our intention is that the National Identity Register will form part of the critical national infrastructure of the UK and will therefore be security accredited to the highest standard, in common with existing highly secure databases," said Hall.
"Around this database we will have very tight controls to ensure that those able to access information have been security vetted; it will be a criminal offence to make unauthorised disclosures from the database. Of course, we recognise that criminals are getting increasingly sophisticated and we work continuously with the Government's security community to ensure we keep ahead of them," Hall added.
The Identity Cards Act 2006 states that the NIR can be linked to other databases. However, experts have previously called into doubt the security of such a scheme, as it will be a tempting target for hackers who could attack the interface between the various databases.
The issue of who will have access to the NIR was also in part addressed by Hall, who said that the Identity Cards Act allows information to be shared with police and security services "where it is necessary in the public interest for the prevention and detection of crime".
"The people who would have access [to the NIR] will be IPS staff who will be able to provide the information," Hall added.
According to Hall, the Identity and Passport Service today has 3,800 employees, of whom just over 3,000 are involved in authorising passports. Hall could not give the future size of the ID cards organisation, but did not expect it to be greatly larger than the current IPS organisation.
Hall said that other organisations will be able to verify their data against the National Identity Register, but their employees will not have access to the register itself. However, no further details of who would be able to access this database were given.
But privacy campaigners have expressed grave doubts about whether access rights to the NIR will be controlled.
"The NIR, if it comes to pass, will have convenient access for a whole range of authorities. I would question whether meaningful control can be maintained over who has access, and who that data is then shared with," said Simon Davies, director of Privacy International and a visiting fellow at the London School of Economics. "Will access be automated, rather than being granted on a case by case basis?"
An issue of trust
Davies said that far too little is known about the Government's plans for ID cards for the public to have trust in the scheme.
"The problem the Government is facing is one of trust," said Davies. "Only in the last year has the Government conceded there is no buy-in for the scheme across government departments and the public sector. The Government has spent over £12m in the last four months on a scheme that has no direction."
Davies said that the problems facing the Government regarding the architecture of the scheme could not be overstated. The Government wants citizens to use the card for financial transactions in the private sector, and when using services in the public sector. Davies believes this means trust would be difficult to maintain.
"Transactional government, access to private and public services, integrated security protection — the Government is trying to bring together all of these disparate elements together and make the architecture fit. It's somewhat more complex than they realised," said Davies. "At the moment the word 'fiasco' comes to mind, in huge red letters."
No exact details have yet been given by the Government on how the scheme will be implemented. Home Office parliamentary undersecretary of state Joan Ryan told ZDNet UK in October that detailed plans would be available "in the coming weeks". But the Home Office on Wednesday told ZDNet UK plans would be made available "in December".
James Hall admitted on Tuesday that various aspects of the scheme had not yet been worked out. He said that the distribution of where biometric and other information would be held had not been decided.
"We are still working through the detailed design of how this will work but biometric data will be held on the National Identity Register and we expect that at least some biometric information will be stored on the card," said Hall. "Only some parts of the information will be stored on the card itself. The full set of information will only be stored on the register itself. Just as with a passport, it will be cancelled immediately [if lost or stolen] and no-one else will be able to use your biometric," Hall claimed.
Hall also admitted that no detailed government trials of the biometrics technology to be used had taken place. It is not clear what technology will be used, as the Government has yet to start the procurement process.
"We are planning trials [of the biometrics technology] during the procurement process," Hall said in response to a question from ZDNet UK. "This is not new technology. We have already issued three million passports with facial biometrics. If you are concerned whether or not it works, and you have an ePassport, you can take it to any of our regional offices to test that it can be read. And 400 passengers a day are using IRIS at Heathrow airport."
Talkback
It is not that the cards cannot be read by the devices that are supposed to read them, although at one point there was some dispute over that, it is about who and what else can get the information and how and where and when.
I still say issue the cards in the order Tony Blair, PM, Head of the ID card department, All of the MPs and all of Whitehall, and run the test for 3 months before using any other citizens.
Also make current MPs and Ministers and consultants personally responsible for any shortfall in funding due to any "retrospectively found to be suspiciously low" cost forecasts.
I agree with you. Also of course is the notorious lack of security in all previous Government IT projects. Even the Police National Computer system after all this time can still be problematic. Even closed systems cannot be totally secure, yet, they are thinking of bringing in a system with access by so many different departments and who knows who else. The system will be hacked within the first week and if the hackers take a low key approach no one will know until it is too late.