Security management Toolkit

Story: ID cards: Aviation workers being 'used politically'

• 
• 

No2ID or No2NIR?

ADM,

Since you asked, here are my initial thoughts in respect of No2ID and more importantly, the proposed NIR (National Identity Register) System.

1. I’m not convinced a physical plastic ID card will work ("I lost mine the other day officer") nor am I for biometrics as I believe they are the most pervasive form of identification and besides, the government was not involved in my creation and therefore should have no rights to invade my ‘god given’ territorial space (iris scanning!). In fact, I believe biometrics should only apply to those who have been, or are, convicted of a particular type of crime.

2. I am however concerned by the notion that as information use increases the capacity for technology to predict a potential threat decreases. If a system like the one being proposed fails to stop an event from occurring then who is to blame, who is responsible and who determines the appropriate actions to rectify the problem?

3. There has been a strange silence from the threat of terrorism for some time now. Is something being planned? Are the appropriate authorities aware of some impending doom? Are we in fact safe at this time and for how long can our safety be assured? (I think it important to consider here that it's not just the silence from potential protagonists but from the authorities themselves who serve to protect us. Perhaps our guys know something but won't tell us or perhaps they can't read the signs as well as they thought they could?)

4. Does anyone really know exactly how much information is currently collected on each individual citizen and the data sharing and analysis thereof? Perhaps the data sharing is in fact quite disparate and as such is part of the problem? Eg. Is local doctor Y aware that patient X was prescribed a particular type of drug from doctor Z a few hours ago? Does the local pharmacy know that patient X has already received a prescribed drug or is in fact hoarding quantities of various types of drugs? This activity is commonly referred to as doctor shopping.

Beyond the above, let's get one thing straight here; there are people in this world who do not care for the safety or well being of others. There are people who believe that killing is the only rational means for communicating their beliefs. There are people who want to harm as many as possible; to inflict pain and suffering and create levels of chaos in order to disrupt the general way of life as we know it. Such people have already demonstrated their willingness to participate in heinous acts without any consideration toward their fellow human beings. It is pure speculation as to what the many innocent men, women and children who have already paid with their lives would have done, or in this case, given up, to remain alive should a system like the NIR have been proposed before they met their fate. Even so, we have to ask ourselves just how much we will take before we need some-kind-of-system that we CAN trust to deter or safeguard us from any threat.

The ability to accurately forecast a specific outcome from a vast array of seemingly disparate activities would be a dream for most people. Hence, if one had a computer that could precisely forecast the winning lotto numbers (in any part of the world) would they tell anyone? In this context, a system which has the capability to predict a potential threat before it occurs may be as equally impossible. So the NIR model, even if it were to exist, may actually not be able to foresee an outcome before it occurs but may be able to 'guess' that something might happen should certain variables (already known to the appropriate authorities) begin to interact in certain ways. This is the essence of what I think they are looking to construct. The part where each citizen must provide a certain level of identification to appropriate the system is some cause for concern as it puts the public in the position of having to be complicit with the development of a model which in fact may one day work against them. Hence, the real issue for No2ID?

The suggestion that the NIR will contain only identity-related information and that medical records, tax and benefits information and other government records will not be in the NIR, will have to be taken at face value. [Interestingly, if certain records will NOT BE IN the NIR, then where are they?] It would also be interesting to know what is meant by ‘accredited organsiations’ and who they are and the criteria for accreditation? The use of the term ‘biographical footprint’ which is described as ‘simply the basic facts of your life, for example: name, date of birth and address’ was, I believe, a mistake as it denotes the beginning of something that is built upon – a footprint becomes footprints which can be tracked or followed. And then they prove that it’s not just simple data they're after with the very next sentence: When you apply for an ID card, we will check your ‘biographical footprint’ against information held in other databases such as National Insurance or driving licence records. And on it goes. Basically, it’s all a bit light-on as far as describing what people are really in for but I guess that’s the only way it can be delivered without giving the game away. Even so, what No2ID should be examining and perhaps promoting, are any real alternative models.

My final comment is that I don’t like the idea of an all seeing, all knowing super system – one which only certain people have access to. But unless people like you or I provide alternatives or make suggestions to the system being proposed, then fundamentally we’ll get what we’re given. Overall, the whole idea just reeks of the the 1985 black comedy Brazil and its host of Orwellian methodologies.

As Scott McNealy stated in 1999 as then CEO of Sun Microsystems:…“consumer privacy issues are a red herring. You have zero privacy anyway so get over it." Though Scott may have been somewhat prophetic in his comments he nonetheless may have been right.

Where we go to from here is uncertain and I tend to agree with No2ID's point in respect of individual identity rights but at the same time I believe the only way to ensure integrity of such a system as the NIR is this:

1. That I have the same level of access to my own personal data as those who wish to review it, and;

2. That I receive a real-time 'reciept-of-view' from any person (along with their own unique ID) who has accessed it.

Beyond that, saying No2ID may simply be delaying saying yes to some other future system, unless of course, an alternative is offered.

Over to you.

TFD

• 
• 

• 
• 
• 

Full Talkback thread