Pretty much the moment Keir Starmer became Prime Minister, his esteemed predecessor Tony Blair wheeled out, yet again, a call for Digital ID. It’s a bit of a pattern: whenever something happens (generally something bad) that has even a peripheral connection to ID, Blair, his foundation or one of his acolytes will come out with the suggestion that digital ID will solve the problem. It seems to be an idée fixe: a panacea that will ‘solve’ terrorism, immigration, policing, housing etc, all at the stroke of a digital pen.
In this case, Blair was talking about immigration – somehow issuing a digital ID card to immigrants, particularly those arriving by small boats, will mean we have ‘control’ over them. We’ll be able to monitor them, know where they are, recall them when needed, and thus get to grips with the apparently overwhelming problem we have with immigration.
It won’t, of course, be able to do this – of which more later – but immediately it was announced the usual cries came out about why ID cards generally are a good idea, and we ought to bring them in immediately. After all, most of continental Europe uses them, and uses them well, so why are we so stubbornly resistant to them in the UK?
On the surface it seems a very sensible answer. Yes, we in the UK are very stubborn about it, from the famous case of Willcock v Muckle back in 1951, where Harry Willcock successfully challenged the police’s use of ID cards that had been brought in during the Second World War to the fight against Blair’s attempts to bring them in when he was Prime Minister – attempts that were frustrated right up until Gordon Brown’s time as PM finished. The abandonment of the (incomplete) ID card policy was one of the first acts of the new Coalition government in 2010. Why are we so stubborn about this, despite happily embracing CCTV cameras on every street, and accepting blithely (except for a few admirable activists) the police’s use of live facial recognition technology? Do the Brits care about privacy at all, or only just the ‘papers please’ attitude that ID cards seem to represent, because we’re still obsessed with war films and evading the Gestapo like Gordon Jackson and Richard Attenborough in the Great Escape?
I’m sure there’s something in that. We do want to feel heroic, and we do want to feel different (better) than continental Europeans, but that really isn’t the whole story. To understand why, we need to look at how identity cards can be (and would be) used in practice. There are two dimensions to this: using it to assert your identity, in order to claim rights or entitlements, or being required to produce it by some kind of authority, in order to prove who you are, so that they can in some way ‘check up’ on you.
Asserting your identity
Assertion of your identity is a positive act, and is the one that most people think about when seeing ID cards as a good thing. You can use it to prove who you are when you want to do something positive – the same way you use a passport to travel to another country. This is me, you say, and I can prove it.
Papers, please..
The other aspect is when you are required to show your ID. When a police officer stops you on the street and says ‘let’s see some ID’. When you’re minding your own business, but circumstances put you in the way of someone in authority who either wants or has the right to challenge you. This, the ‘papers please’ aspect, is the one that disturbs people – and is the one that Harry Willcock successfully challenged back in 1951. The essence of the challenge back then – and the disturbance now – is to question the right of the authorities to demand your ID without any reason. If you’re just peacefully going about your business, then your identity remains your business. That’s the logic. Britain, the opposers of ID cards would like to think, is not a ‘papers please’ society.
People who are regularly stopped and asked who they are would scoff at the idea that we’re not a papers please society – black kids in inner cities, for example – but it is still something many people cling onto as part of their image of what their country is like.
Voter ID
Voter ID does not quite fit either of these categories, but it illustrates a key point. You don’t have to vote, so it’s in some ways an option that you choose. That means it doesn’t quite fit the classic ‘papers please’ scenario. However, it’s part of normal life, and we should, if we believe in democracy, be encouraging people to vote, rather than putting barriers in their way.
That brings in the question of when is it appropriate to require ID. We require passports for international travel, because that’s what has been agreed as part of the international order. We require driving licences to drive because public safety demands that drivers be able to drive before they’re allowed on the roads – but note that we’re generally not required to produce those driving licences unless something goes wrong. We require proof of age to buy alcohol or cigarettes, because we as a society have agreed that children should not drink or smoke. We require Voter ID, theoretically, to prevent voter fraud – specifically personation. The problem with the Voter ID theory is that the evidence does not suggest that this kind of voter fraud exists in anything but a minuscule way, and certainly not enough to warrant intervention like this. That, though, is a discussion for another time. Voter ID certainly does not require a specific form of ID, just enough identification to reduce the likelihood of personation to an acceptably low level (essentially, a level low enough to remove any potential interference with the democratic process).
One ring…
We do, of course, have sufficient ID systems to do all this already. Driving licences work. Passports work. Kids have a range of ways to convince shops and pubs to let them buy alcohol. So why do we ‘need’ a universal digital ID? From a positive perspective, having a universal system seems attractive. Everyone will have one, it will be a recognisable system that anyone who needs to check will understand. If it’s ‘modern’ it will be both digital and biometric, so it will be (in the eyes of its advocates) impossible to forge, verifiable directly and so forth. Fraud will be minimised. Personation will disappear. We’ll all be protected from the fakers and criminals – that at least is the logic, and part of the attraction. Indeed, a subtext for many people is that we respectable citizens, who don’t have anything to hide, will be delighted to produce our digital ID on demand, to show the officers that we’re trustworthy good people – and that this will protect us from the dodgy people, the criminals, the ‘illegals’, the people who do have something to hide. Anyone against ID cards is supporting criminality. Anyone who refuses to produce a card on demand is obviously suspicious.
When you think about this in the context of immigration enforcement – what Tony Blair was talking about – the implications become a little starker. If immigrants are issued with ID cards and have to show them to ‘prove’ their right to be here, who do we think will be asked to produce them? How will the authorities know when to ask? It’s the people who look like they might be an immigrant, who sound like they might be an immigrant, whose name looks or sounds like an immigrant’s name. So if your skin is dark, if your accent is ‘foreign’, if your name isn’t identifiably ‘British’, the chances of being challenged to produce this ID are increased significantly. This isn’t just a ‘papers please’ society, it’s something qualitatively worse.
Then we come to the digital element of this. Having an ID card is just one part of this. The digital side is another – and an attraction to those in authority. A digital ID card links to a database – that’s the point. Your driving licence links to the DVLA database. Your biometric passport to the passport office. Your work ID card to your employer’s database (to give you access to your buildings etc). A universal digital ID would link to some kind of universal database – and through it to other governmental databases. The idea is direct – produce your ID card, and anything on those databases could get flagged up. Moreover, when you are checked, that act of being checked will produce a record to add to that database. A police officer asks for your ID at an environmental protest? You’re logged as having attended that protest.
If you build it, they will come
If you build a system that allows this kind of checking in, that links to a central database, that can be easily checked, what will happen? More uses will be found for that ID. Use it for voting? Check. Police checks at events or protests? Check. At shops to check your age to buy alcohol? Check. Access to rock festivals? Check. As a digital ID to access government websites? Check. As a proof of age to access ‘adult material’ on the internet? Check. Function creep is real – history has shown that again and again. The Regulation of Investigatory Powers Act (RIPA), ostensibly for serious crime, ended up being used for fly-tipping, dog-fouling and checking children’s catchment areas for schools, amongst other things. This is not a tinfoil-hatted conspiracy theory, but the reality of this kind of a project.
What should we do?
The first thing to understand here is that the risks mentioned are real. When embarking on a project like this, those risks have to be understood and mitigated against. There’s a reason that this kind of a project is less dangerous in most European countries than here – those countries have written constitutions with constitutional protection for privacy. In the UK, we don’t. In the UK, we do it largely on a wing and a prayer – and we have a terrible record of farming out this kind of thing to corporations who both do it on the cheap and have an incentive to try to profit from the data they gather, and indeed to find other uses.
That needs to be dealt with before even considering this kind of thing. The protections need to be in place first, and in our current situation that seems highly unlikely. The Home Office in particular needs at least a thoroughgoing reform, and more likely a replacement, before it can or should be trusted with this kind of thing.
Disclosure minimisation
We also need to think about how the whole thing should be approached. The concept of disclosure minimisation needs to come in here. People should be asked for identification in the minimum number of situations, and the minimum number of people should be authorised to ask for it. It should never be the default. When asked for information, they should be asked for the minimum information. That is, if you need to know someone is old enough to buy alcohol, you don’t need to know anything else – their name, address etc is irrelevant. An ID card system could be designed just to release the relevant attribute rather than all information. This would mean the minimum data is gathered – and, following the principles of data protection, the data should only be kept for the minimum of time. If you need to check someone’s age when they buy alcohol, the data from that check should be immediately deleted – or at least de-identified – so that it does not leave a data-trail of innocent information.
Grit in the wheels
Finally, we should remember that there are good things about a diverse, ‘messy’ situation. There’s nothing wrong with having a driving license for driving, a passport for travelling, a credit card for payment, a work ID for access to your workplace. Keeping functions separate, keeping data separate, reduces risks and protects you from misuse, from function creep – and importantly from hacks and data leaks. A universal database would be a major target for hackers. ‘HACK ME PLEASE’ might as well be written on it in letters 100 m high. Making things easier for hackers is rarely a good thing.
Why?
The biggest question for advocates of universal digital ID systems is ‘why’? Why do you need it? What problem is it solving that has not already been solved? Will it actually solve that problem?
In practice, these systems are often solutions in search of a problem – hence the reason that Blair and others wheel them out after a wide variety of events, hoping finally to convince people that now is the time.
It really isn’t.
Paul Bernal's Blog 