Basically says, in government-speak (233Kb PDF) that the Government’s ID scheme is crap, if want we want is a ‘consumer’-oriented scheme.
I have no remit to comment on the desirability or otherwise of this plan. However, in my opinion, the Strategic Action Plan (2006) will not be the catalyst for the emergence of the consumer-driven universal ID assurance system envisaged by this report.
Computer Weekly has produced a side-by-side comparison of the scheme with Crosby’s principles, which follow [with my comments]:
For that to be the case, I believe the design of any ID card scheme would need to be based on the following
ten broad principles:
1. The purpose of any scheme should be restricted to that of enabling citizens to assert their identity with ease and confidence. [that is what the Government claims is the main purpose] The scheme should set targets for the quality of assurance achieved at enrolment and verification, which should generally exceed those achieved elsewhere, and it should regularly report its performance against those targets.
2. The scheme’s governance should be designed to inspire the highest level of trust among citizens. It should be operated independently of Government (say, accountable directly to Parliament) [the Government is unlikely to go for this] and in principle its processes and security arrangements should be subject to the approval of the Information Commissioner, who should have the power periodically to review delivery.
3. As a matter of principle, the amount of data stored should be minimised. [well, the Identity Cards Act hints that isn't the plan] Full biometric images (other than photographs) should not be kept. Only non-unique digital representations of biometric images should be stored. Additional data accessed during enrolment and records of verification enquiries should not be retained. All data and systems should be protected by “state of the art” encryption technology.
4. Citizens should “own” their entry on any register in the sense that it should not be possible, other than for the purposes of national security, for any such data (to include digital representations of biometrics) to leave the register without their informed consent. Verification of identity should be performed without the release of data.
5. Enrolment processes should be different for individuals with different circumstances, and change over time so as to minimise costs and give citizens the simplest and most hassle-free experience consistent with the achievement of the published assurance targets.
6. In order to respond to consumer demand and achieve early realisation of economic and social benefits, the scheme should be capable of being rolled out at pace.
7. Citizens who lose cards or whose identity is compromised should be able to rely on their cards being replaced or their identity being repaired quickly and efficiently and in accordance with published service standards.
8. Technically the scheme’s systems should be closely aligned to those of the banks (both initially and in the future) so as to utilise their investment, de-risk the scheme’s development, and assist convergence to common standards across the ID assurance systems and processes deployed internationally by banks and other national ID card schemes.
9. To engage consumers’ hearts and minds on the scale required, enrolment and any tokens should be provided free of charge.
10. The market should play a role in delivering a universal ID assurance scheme. This will improve the ease with which consumers can use the scheme and minimise costs. I regard each aspect of these principles to be critical to the goal of creating the conditions for a consumer-driven universal ID assurance scheme to emerge and flourish.
I must say I don’t like the idea of citizens being called ‘consumers’.
But Crosby’s principles seem reasonable if what you want is a consumer- rather than Government-oriented scheme.
That is why his report was published yesterday so that it could be buried under the fuss over the European referendum.
Government lawyers have asked the High Court to throw out a ruling to publish Gateway reviews into the progress of the government’s ID cards project on the basis of a piece of 319-year-old English legislation.
The hearing is seen as a test case on whether Gateway reviews – independent assessments of high- and medium-risk IT projects at critical stages – should be subject to public scrutiny.
If the judge accepts the case put forward by government lawyers, and he has indicated that he may, Gateway reviews on ID cards and other major schemes will remain secret for at least another six months, and possibly much longer.
The government is using the 1689 Bill of Rights, which lays down the principles of parliamentary supremacy, as a central argument in its legal battle to prevent Gateway reviews becoming public. The case will decide whether a ruling by the Information Tribunal that Gateway reviews on ID cards be published should stand.
The OGC’s barrister Jonathan Swift asked judge Stanley Brunton to reject the ruling that the reviews should be made public, in the High Court last week.
Swift said Parliamentary Privilege granted by the 1689 Bill of Rights stopped the courts from questioning or examining parliamentary proceedings. [this is my emphasis]
This could undermine the Information Tribunal’s ruling, which relied heavily on an investigation into Gateway reviews by the House of Commons Work and Pensions Committee.
Swift – who was backed by Martin Chamberlain, a lawyer representing the speaker of the House of Commons – said the tribunal was wrong to quote extensively from the committee’s report.
SpyBlog has a history of the OGC FOIA requests in question. Note that two neutral decision-makers (ICO and Information Tribunal) separately ruled that the FOIA requests should be complied with.
Justice Minister Michael Wills recently made “a speech on the need for a national debate on constitutional reform to inform discussions about the new Bill of Rights and Responsibilities.“
Full of the usual waffle – with some worrying arguments against the rule of law – but the following was interesting:
the debate that will shortly begin on the Bill of Rights and Responsibilities can only make sense in the context of the wider debate about power in our society. Where it resides. Where it should reside. How it should be distributed. How we should decide how it should be distributed. Who should decide how it should be distributed.
I think it’s clear where the Government believes power should reside and who decides how it should be distributed, don’t you?