Digital ID is a danger to us all

Few things stir the imagination of conspiracy theorists like the prospect of a government-backed digital-identity scheme. The obsessive advocacy of digital ID by Tony Blair of all people is just more grist to their mill. But there are perfectly rational reasons to be wary of the British state’s digital-ID scheme. For one thing, it will make us less safe.

As I recently reported in the Telegraph, I was contacted by a senior civil servant working on One Login, the UK’s digital-identity project. Announced in 2021 and developed by the Government Digital Service (GDS), One Login has absorbed over £300million in public funds so far. It is ultimately designed to help citizens access hundreds of government services and, in the shape of the gov.uk wallet, retain digital documents including an individual’s driving licence. It currently processes the sensitive personal and biometric data for three million citizens, but that number is expected to rise as the service expands.

What the senior civil servant told me was disturbing. He arrived on the project in 2022 to set up an information-assurance team, which performs a function similar to that of an auditor, assessing risk. At One Login, he found a chaotic and insecure work culture. The system was being accessed by users with ‘do anything’ system-administrator privileges thousands of times a month. Many of these users did not have the recommended security-clearance level required to work with the sensitive personal data of millions of citizens. Moreover, the GDS did not mandate locked-down workstations for staff working from home, or for the hundreds of contractors developing the system – a legacy of the GDS’s ‘geeks in jeans’ culture once eulogised by commentators. The civil servant also discovered that part of the system was being developed in Romania, a nation named by Oxford University researchers as one of the world’s ‘key cyber-crime hotspots’.

It would only take one developer with the right administrator privileges to create havoc on the system, perhaps developing ‘back doors’ into One Login that no one would even be aware of.

There is a second-line assurance team, which supports management to help manage risks. Unfortunately, the second-line assurance team is being provided by the contractor responsible for developing One Login. Third-line assurance – that is, security and risk evaluation carried out by an external, independent team – is not being performed at all.

It all seems like a recipe for disaster. As one internationally recognised security expert put it to me, ‘Basically, it’s Horizon all over again’ – a reference to the faulty accounting software system developed by Fujitsu, which led to the wrongful prosecution and conviction of hundreds of UK subpostmasters between 1999 and 2015.

Yet instead of heeding the information-assurance team’s concerns, the senior leadership team at GDS decided to shoot the messenger. Staff on the assurance team were moved to menial tasks and a HR issue was raised against the whistleblower. New officials were then brought in. Their job was to tell management what they wanted to hear: that everything was fine and ministers’ deadlines would be met. Using the narrow rights provided under the Public Interest Disclosure Act 1998, the senior civil servant then blew the whistle.

None of this news will inspire public confidence in One Login and the state services that use it – which if all goes to plan, will be every public service except healthcare. We only have to look at the struggles of Marks & Spencer this week, which had to suspend online sales as it grappled with a cyber attack, to see how much damage an insecure piece of critical infrastructure can do. ‘Imagine if [what happened to M&S] happened to Companies House or the Land Registry’, one digital-identity expert told me.

There is significant potential for fraud in any system where someone has obtained a false identity. A fake One Login ID could allow someone to evade criminal-records checks or even take custody of a child.

For technocrats like Blair, digital identity has no downside, only an upside. They have been obsessed with expanding the state’s ability to manage citizens for decades. When in power himself during the 2000s, Blair envisaged a vast central state database of citizens, each obliged to pay over £100 for an ID card. The New Labour ID-card scheme was killed off by the coalition government in 2010. The coalition then created GDS in 2011, which then tried to establish a new digital-ID scheme called Verify. Over £400million of taxpayer’s money was spent on Verify before it, too, was finally abandoned in 2023.

One Login is the successor to Verify and New Labour’s ID-cards scheme. For Blair, it seems the dream never dies. According to the Tony Blair Institute for Global Change, introducing digital ID will ‘improve governance, facilitate greater inclusion, fuel economic growth’ and ‘make information more secure’.

The revelations from within the One Login juggernaut suggest otherwise. Digital ID will not ‘improve governance’ or ‘facilitate greater inclusion’. Far from it. What it will do is put our private data at serious risk. This is a threat to us all.

Andrew Orlowski is a weekly columnist at the Telegraph. Visit his website here. Follow him on X: @AndrewOrlowski.