Re-posted from archive of infinite ideas machine 2004:
Thanks to Irdial for clarifying the proposed use of a centralised database in his scheme, now christened ISLAND: “The centralized database of photographs held by the passport office is there only to do duplicate application checks.”
Setting aside the (not irrelevant) fact that I am specifically trying to counter the Home Office’s current ID card proposals – that they seem very reluctant to broadcast (e.g. correctly naming the Draft Bill!) would require the creation of a National Identity Register containing multiple biometric records for each of us – and ISLAND is tackling the UKPS biometric passport scheme, I agree that an/each issuing authority must have some way in which to check that multiple ID documents are not issued to the same person.
I further agree that such a database might be inoffensive, “…as long as no one other than the passport office has access to it and it is used for this single purpose of dupechecking.” In the case of ID cards and even the UKPS database (as Irdial later points out, regarding access by the Intelligence Services) this is unlikely to remain the case.
The problem is that the (inevitable) cost and creation of just one such database and its associated checking software seems to have provided irresistible temptation for the Government to contemplate and even start to legislate for feature creep on an unprecedented scale – i.e. allowing multiple agencies access to one big database (at least partially because it will spread the cost – now there’s Gov’t ‘efficiency savings’ for you, and it *only* comes at the price of compromising every citizen’s right to privacy!) and furthermore letting them do all sorts of different types of cross-checks – maybe even speculative trawls, in the case/cause of anti-terrorism, tackling serious (and not-so-serious?) crime and international intelligence – in an attempt to establish ‘once and for all’ a singular mechanism by which we can identify each other or, more precisely, by which ‘we’ can identify ourselves to ‘them’.
I agree fundamentally and absolutely with what Irdial says towards the end of his posting:
…Part of the reason it works well in the UK is that you have to have your application form and photographs signed by a current passport holder. This works very much like the PGP “web of trust” where you can sign the PGP key of someone you know so that you can vouch for the identity of someone when they present their public key to a third party.
In this way, if the initial seed population of passports are issued correctly, and the people are trustworthy, you can generate a large body of good passports because everyone swears that the persons that they are introducing to the British Passport are known to them. This sort of dis[tr]ibuted human trust is far better for people than centralized trust; it puts a high value on the British Passport, makes citizens take responsibility for the security of the system…
If we are going to rely on technology to establish or confirm identity then we need to marry it to existing human / social methods – which have stood us in good stead for centuries, if not millennia! – in order to maintain and build real trust within our globalised Information Society. For all sorts of reasons, the spread of Information & Communication Technologies included, the link between rights and responsibilities has been eroded. We must, if we are to have massive ICT systems permeating our lives, ensure that they are designed so as to persist and promote the best values and aspirations of our culture(s) and not use them as an excuse to give in to our worst fears and paranoias.
Just because something is easy to do – as large-scale ICT increasingly is, despite past incompetence and failures – or even if it seems immediately obvious, does not make that the best way to do it! Biometric duplicate-checking (to the extent that the software is capable, i.e. NEVER infallibly) may be able to prevent multiple ID documents being issued to the same person but it cannot, even in principle, prevent the wrong person being issued with an ID document in the name of / with details taken from a person who is not already on the system.
Maybe what we need to do is redesign, strengthen and extend/propagate the mechanisms by which we can vouch for each other (a la ‘PGP web of trust’) in such a way that the authorities can focus their attention – both positive (i.e. support & services for the most vulnerable & isolated) and negative (e.g. surveillance and capture of criminals) – on those individuals who we, the people, EQUALLY AS INDIVIDUALS identify as being difficult to trust.
N.B. there are obvious problems with this if we (attitudinally) or the authorities (institutionally) differentiate between the ‘trustability’ – i.e. ability to both trust and be trusted – of different, e.g. ethnic groups or communities of interest & circumstance, but I hope and believe that there may be enough commonality and interchange between people in all walks of life – at least at the level of individuals, especially those who advocate the rights of others – to overcome the mob thinking, media-induced hysteria and Gov’t / corporate FUD that currently seems to prevail.
Practically-speaking, therefore, it may be as important or effective (even necessary?) to come up with the design for an organisation that can provide and protect citizen identity as with a (demonstration of a) technological system for issuing ID documents. People form networks, too, and it is the rules that we agree in this (real) world that should determine / dictate the specification of technological rule-based systems not vice versa!