Trustguide and ID Cards

Trustguide reports on our views, beliefs and needs regarding trust, security and privacy in relation to new technologies. We like it very much – It should be required reading for politicians! Over the last 15 months HP and BT, in conjunction with the DTI, hosted workshops across the UK on a broad range of topics (detailed below). The document is full of participant-responses and is a treasure trove of quotes for journalists.

Topics under consideration:

  • Trust versus risk
  • E-Commerce: Risk and Responsibility
  • Factors that impact on risk taking
  • Mitigated risk
  • ID cards: An aid to security?
  • Use of Biometric data
  • Privacy and health information
  • E-Government and Public Sector IT
  • Awareness and education
  • Use of public access terminals

On the issue of ID Cards, Trustguide concludes we are more concerned with increased vulnerability resulting from a flawed system, than the apparent threat to security which it purports to address. This attitude was revealed despite presenting ID cards as an aid to security and a means of easily identification and authentication.

“I feel more vulnerable having all my data like personal details held in one place electronically than I would having ten separate paper documents held in different places.” “Everything I’ve read on ID cards shows that they are just crossing their fingers; they actually believe that it will be secure and I don’t believe that, not at all.”

Some participants described the cards and database as significantly modifying the relationship between our government and the people, in that all pervasive surveillance is now acceptable. Indeed, some interpet the shift as a sign that government no longer trusts its citizens.

“One of the fundamental problems with ID cards to me is they change the relationship between the citizen and the government of the country.” “If ID cards are brought in it’s now officially legitimate for the government to know who I am and where I am all the time, no matter where that is and it’s officially legitimate. We can no longer complain about CCTV cameras and car registrations and GPS cell phones because we’ve passed legislation saying the government has a right to know who I am and where I am any time they want.”

Very few thought ID cards would aid personal or national security. Concerns were instead directed at Government’s ability to securely hold ID data.

“I don’t think the government are very good at IT and it’s bound to get hacked.” “It won’t make us more secure, that’s rubbish, it’s a hacker’s dream, terrorists will be the first people to hack into it.” “If the government isn’t going to be open about what they’re doing then that means the security must be poor because nobody is checking it, nobody is pointing out the mistakes they’re making, so somebody will find a way in. There may be all these secret plans for what will happen if it goes wrong but surely they should be open about it, if we’re supposed to trust them.”

As NO2ID have stated repeatedly – its not the card that is the threat, but the accompanying database. Trustguide shows the general population now also shares this concern.

“It’s not so much the card that’s the problem as the database, the fact that the government are putting all the data they have about me in one place creates vulnerability. It’s nothing to do with the card itself.”

Approximately half of workshop attendees said they would not voluntarily carry an ID card as described by the current ID Card Bill.

“Why should I allow the State to hold information about me? To what purpose? Who’s in charge of my life, me or the State?”

Concerns were also expressed in terms of function or mission creep. This results from a lack of foresight in how gathered data will be used, particulary how the data might be applied in future. Finally, there was little faith in ID cards achieving Government’s stated objectives.