Is this just ‘ID cards without the cards’?

In January last year, the Identity and Passport Service (IPS) made a cack-handed attempt to curry support among the public for the introduction of ID cards. Referencing the classic Stanley Kubrick movie Spartacus, the IPS released an advert showing an army of cartoon fingerprints all claiming they were Spartacus. How could the true rebel leader be identified? By examining his ID card, naturally.

What the IPS failed to realise is that, far from suggesting to the public that ID cards would help avert identity theft, instead the ad implied that the cards would be a handy way of ensuring that there was no hiding from the British state, which – unlike the Romans – would be able to identify Spartacus and nail him to a cross. Such is the cluelessness in Whitehall when it comes to issues of privacy and state intrusion.

This cluelessness is still alive and well, it seems, despite the demise of the New Labour government and the rise of the Lib-Cons. The Lib-Con government promised to do away with New Labour’s plans to introduce ID cards, yet its proposed new Identity Assurance Scheme (IAS) shows that the intrusive, bureaucratic impulse that gave birth to the ID-card scheme still lingers. Unless privacy is put at the heart of future government data initiatives, we could well end up with a scheme akin to ID cards introduced through the backdoor.

New Labour’s ill-fated ID card scheme was literally crushed three months ago by the Lib-Con immigration minister, Damian Green, who was filmed feeding microchips that held ID data into a heavy industrial crushing machine. In melodramatic tones, Green declared that they ‘have been wiped, have been crushed and reduced to bits of metal so that everyone can be absolutely sure that the identity-card scheme is now finally dead and buried’. He added that the scrapping of the scheme was ‘a first step towards a wider agenda of freedom… We want to rebalance the security and freedom of the citizen.’

Such a clear statement of intent should have been reassuring. However, a mere three months on, IAS has worrying parallels with the ID-card scheme, except that its ideas emanate from the Cabinet Office, a department that sits at the very centre of government. The new proof-of-identity system is designed to give an individual a single username that may ultimately allow them to access all public services, across departments, online. This identity may be provided by a range of ‘trustworthy suppliers’, including those in the private sector, such as banks and mobile phone companies.

As Francis Maude, the Cabinet Office minister responsible for the proposal, put it: ‘Currently customers have to enter multiple login details and passwords to access different public services, sometimes on the same website. This involves significant duplication, is expensive to operate and is highly inconvenient for users.’ The new system will be more streamlined, says Maude, and it will also help to minimise identity fraud, meaning that the government can check whether or not Spartacus is accessing its services.

To a certain extent, this makes sense: you would obviously want to ensure that other people aren’t able to access your private data online, and it is undoubtedly convenient to have a single username and password for all government services rather than keeping a massive list of different usernames and passwords.

However, the risk is that with the centralisation of your identity across government services, a central pool of data can be collected about you and all your interactions with the government: effectively amounting to a National Identity register through the backdoor. State departments won’t just be able to access fragments of information about you, but instead build a much more complete profile.

Even if this isn’t the intention, says Guy Herbert, general secretary of campaign group NO2ID, the IAS might be ‘a whole mountain range of slippery slopes’, where data about you across government departments can be easily ‘hoovered up’ using the assurance aspect of the scheme. It could be ‘ID cards without the cards’, he says. Despite the fact that the proposed launch date of the prototype is slotted for later this year, plans for the scheme still remain at a high level of abstraction, meaning it’s hard to ascertain exactly what the IAS will turn into.

This is problematic in two ways, Herbert tells spiked. Firstly because it is insidious: ‘The more abstract it is, the more it’s not visible to the public and the less likely it is to cause trouble’, he says. And secondly because ‘the more this is progressing behind closed doors, the more dangerous it could be as the people doing it are themselves distanced from the implications of what they are doing. When it’s in the abstract, it’s far easier to abuse the privacy of two million people on a database than it is with one person standing in front of you.’

What is evident is that, despite the government’s claim that it is prioritising the freedom of the citizen, it does not actually take privacy seriously. In a draft of the government’s Identity Assurance Service Description seen by spiked, it says that privacy concerns will only be taken into consideration as one small part of this scheme – they will be ‘structured around an agreed set of principles’ at a later stage, the document says.

Far from being at the heart of new data-sharing initiatives, as Herbert puts it, privacy issues remain a ‘bolt on’. There is a degree of consultation with privacy groups such as NO2ID, but mainly to ‘discover what upsets us’ so that systems can be designed in a way that doesn’t ‘frighten the horses’.

Notably one of the central reasons given for the Identity Assurance Service by the Cabinet Office is that it will save money. This is ironic given the fact that cutting costs was also one of the main reasons for scrapping the ID-card scheme. While the immediate battle against ID cards was won, it was always for more pragmatic reasons, such as cost-cutting, rather than because the principled argument for personal privacy against state intrusion had been won in the public arena. Unless the argument for privacy and freedom from state intrusion is won, then setbacks for the database state are likely to be temporary at best.

In an era when bureaucratic efficiency and the need of a distrustful state to monitor us all constantly trump liberty and privacy, the Identity Assurance Scheme could be the start of a whole new round of official intrusion into our lives.

Patrick Hayes is a reporter for spiked.