ID cards

In today’s Guardian, Polly Toynbee mounts a spirited defence of ID cards. I liked this bit:

Certainly, the accuracy of information is vital – everyone needs the right to check and amend their records. But the chance of errors will be lessened, not increased, as technology advances.

Anybody with the slightest interest in tech will know how wrong that is: the problem with technology is that sooner or later, people will use it – and they’ll screw up. Here’s some words I wrote last summer for PC Plus:

The scariest part of the ID cards scheme is the database that will underpin it. As Andy Robson of the No2ID campaign ( explains: “The government is embarking on a surveillance model for the ID card; that is, a card that is linked to a massive database. They intend to put the responsibility for the accuracy of that database on the individual, [and] the individual will be liable for the cost of all changes of errors – assuming the individual is ever aware of them.” [emphasis mine]

As anyone with even a passing knowledge of government IT projects can attest, errors are inevitable: for example in 2001 the Commons Home Affairs Select Committee found errors in 65% of records on the Police National Computer; in 2002, the Department of Transport found that the DVLA database contained 10 million extra vehicles.

“It is not clear who will have access to this database, which could ultimately be linked to health, tax and criminal records [databases],” says Robson. “AIDS and other sufferers may have information that is disclosable to minor officials along with details of their earnings; people may even erroneously acquire a criminal or other record which could have a negative effect on their lives.”

Toynbee’s quick to point out that people are generally in favour of ID cards. That’s because people are misinformed. The PC Plus article again:

In December, ICM Research found that 29% of people believe ID cards are a “very good idea” and that a further 52% think they are a “good idea”. However, it seems that this support is based upon three beliefs: that ID cards fight terrorism (56% agreed), that ID cards fight benefit fraud (65%), and that ID cards will help to control illegal immigration (60%). All three beliefs are based on very shaky foundations.

The government says that ID fraud costs the UK £1.3 billion per year, but the Home Office’s own figures report that benefit fraud accounts for just £50 million of that figure; most ID fraud is related to credit card fraud, which ID cards will do nothing to address. According to Conservative MP Peter Lilley, the cost of installing ID card readers at the Department of Work and Pensions would be £1 billion, or 20 times the annual saving.

The link between ID cards and anti-terrorism is equally tenuous. In 2004, Privacy International reported: “Of the 25 countries that have been most adversely affected by terrorism since 1986, eighty per cent have national identity cards, one third of which incorporate biometrics. This research was unable to uncover any instance where the presence of an identity card system in those countries was seen as a significant deterrent to terrorist activity.”

What about illegal immigration? As No2ID notes: “We already have laws that make it illegal to employ those without UK work permits. And we already have employers that flout those laws. An ID card would no more prevent illegal working than the current laws do; such people have no problem employing illegal (and therefore unprotected) labour, and will ignore whatever measures are introduced.”

And of course, there’s the money problem. Me again:

When ID cards were first mooted in 2002, the Home Office suggested they would cost £3.1 billion; the figure is now £5.5 billion. The UK Assocation for Payment Clearing Services (APACS) has suggested that the final bill could be much higher; APACS abandoned its own plans for biometric ID systems in favour of Chip and PIN after concerns about the reliability of biometric cards.

The London School of Economics agrees: in March, its analysis of the government’s ID card proposals noted that “registration alone [could] cost more than the projected overall cost of the system”. The LSE concluded: “The proposals are too complex, technically unsafe, overly prescriptive and lack a foundation of public trust and confidence… no scheme on this scale has been undertaken anywhere in the world; smaller and less ambitious systems have encountered substantial technological and operational problems that are likely to be amplified in a large-scale, national system.”

Given that the scheme looks unlikely to come in under budget, is unlikely to dent ID fraud, won’t stop international terrorism and will have little or no effect on illegal immigration, why is the government so hell-bent on implementing it? “It is not obvious what the motives are,” says Robson. “As Peter Lilley MP famously said, it is a solution looking for a problem.”

He continues: “There are two possible scenarios. One, pressure from the EU; countries without national ID schemes are being pushed to conform. Two, that it is part of the New Labour fetish for modernisation and efficiency. In close discussion with the Government it has become obvious that they do not fully understand the technology and have inflated expectations of its benefits – expectations inflated by advice from the companies which expect to make billions from the IT contracts.”

ID cards aren’t bad because they’re potentially Orwellian: they’re bad because they’re going to be a shocking waste of money, because the system’s going to include lots of cock-ups, and because if the system gets your data wrong – for example, by wrongly flagging you as a criminal or deciding that you’re dead – it’s going to be a complex and expensive nightmare to sort the problem out.


Sorry, I meant to include this in the original post. This is a pretty good illustration of why tech types fear ID cards (again, from PC Plus):

Being dead can be a pain, especially when you’re very much alive and kicking. US man Eugene Smith spent nearly three years trying to persuade authorities that he wasn’t dead after someone stole his wallet and, while using Smith’s driving licence as identification, died in a car crash. As the Indianapolis Star reported, “A police officer stopped Smith and told him his car registration was expired and that state computer records showed he was dead. ‘He said I was dead, and because of that I was not allowed to drive,’ said Smith. ‘I agreed that it would be a hazard for a dead person to be driving.’”

Being officially dead sounds amusing, but for Smith it had serious consequences: as a “dead” man his driving licence was cancelled, which meant he lost his job as a delivery driver; the loss of income meant he had to move from his home and find cheaper accommodation. Whenever Smith contacted the authorities for help they checked the database, discovered he was dead, and assumed he was a prankster. Eventually a local politician took an interest and persuaded the authorities that Smith was considerably less dead than the database indicated.

A Canadian woman had a similar problem, when the taxman decided she was “officially dead but gainfully employed” and refused to give her a tax rebate. The problem was due to a mix-up in her lawyer’s office, which accidentally used the woman’s social security number on her mother’s death certificate; the resulting confusion took three years to solve.