Power 2010’s Power Pledge

Power 2010 have decided on the five key issues for their Power Pledge.

- Introduce a proportional voting system.
- Scrap ID cards and roll back the database state.
- Replace the house of Lords with an elected chamber.
- Allow only English MPs to vote on English laws.
- Draw up a written constitution.

I am a strong supporter of the reforms to introduce proportional representation and to scrap ID cards and roll back the database state.

I believe that the current first past the post system causes many people to feel disenfranchised because they live in a constituency which has strong leanings one way or another and their vote has no effect. This system all leads to negative voting where people vote for candidates for parties they don’t particularly support but which represents the best hope of defeating the party they’d least like to win.

The ID card and National Identity Register should be opposed because of the principle that citizens in a free democracy should be allowed to go about their lives without government intrusion. The project is also so technically flawed that it will inevitably either have to be scrapped because it is unworkable in practice or because it causes one of the very problems than it is designed to combat namely an increase in identity theft.

The House of Lords should be replaced with an elected second chamber but the form of the second chamber needs to debated intelligently before it is implemented. Replacing the Lords is a major undertaking and there will not be an easy transition from the present house to a new wholly elected chamber.

HMRC could use Identity Register to enforce tax

Henry Porter of the Guardian writes that ID cards could grant the taxman access to your bank records

Secondary legislation laid before parliament last week reveals that the taxman will have access to the log of a person’s major transactions, hotel bookings, airline tickets, holidays, car payment plans etc. Naturally the subject of this inspection will have no idea that HM Revenue and Customs is examining their spending log or what deductions, false or otherwise, will be made.

It seems that the fears of opponents to the ID card system were in fact well-founded. The system isn’t even in place yet and there is already function creep.

Contracts for British National Identity Card System to be opened up.

Another grand IT project, another chance of fiasco

The technology needed for a national ID system may be hard to come by, says Michael Cross

The back end for the system will be divided into two contracts the larger of which is a GBP500m contract to supply basic passport systems and a separate GBP300m contract to supply the National Biometric Information Service, which will store fingerprints and facial images. The production of the card itself will be yet another contract to be contested at a later stage.

The division of the contracts this way is reportedly to reduce the likelihood of the ID card system being scrapped by a future government as the systems will be required even if only as part of the future passport service.

ID card fail – Nobody in UK has machines to read the newly issued cards

The Times reports that the UK has no machines to read its own ID cards

The first ID cards are here – but no one in the UK can read them
Thousands of ID cards have already been issued to foreign residents in the UK as part of the government’s £4.7 billion scheme, but no one can read the details stored on them

If the government cannot roll out a workable identity card system to cover foreign residents then this gives me great confidence that they will bungle the introduction of the ID card system that will cover all residents of the UK.

If nobody has the equipment to read the biometric data on the cards then it renders the entire system redundant and poses the question of what was the purpose of all the expense.

NO2ID reacts to news of Govt. plan for ID card coercion

BoingBoing Leaked UK gov’t doc reveals plan to “coerce” Brits into national ID register

UK campaigners NO2ID this morning enlisted the help of bloggers across the world to spread a leaked government document describing how the British government intends to go about “coercing” its citizens onto a National Identity Register. The ‘ID card’ is revealed as little more than a cover to create a official dossier and trackable ID for every UK resident – creating what NO2ID calls ‘the database state’.

The Guardian The great ID card rebellion

No2ID has attracted more than 40,000 “registered supporters”, as well as 100 or so affiliated organisations. The latter betray just what a mind-boggling coalition of people the campaign has attracted: as well as the Green party, the Lib Dems and the SNP, the list features UKIP and the ultra-libertarian Freedom Association, as well as the Association of British Drivers and Newhaven town council.

The Guardian Costs set to rule out register of fingerprints

The future of the UK’s identity card scheme was thrown into further confusion last night after it emerged that the Home Office is looking to scrap one of its key components – a national register of fingerprints.

Fingerprinting children

Britain, a nation that has sleepwalked into a surveillance state is considering a proposal to fingerprint children aged 11-15.

This is to tackle the danger posed by teenagers that might otherwise be able to avoid the all-seeing eye of the British Surveillance Society because they will have child passports free from biometric details. [via]

57% – Favor National Identity Cards

Nearly six-in-ten adult Americans (57%) favor requiring all US citizens to carry a national identity card at all times. A new Pew poll also finds the same percentage favoring allowing airport personnel to do extra checks on passengers who appear to be of Middle Eastern descent. By contrast, there is much less support for the government monitoring personal communications and credit card purchases — especially when people are asked specifically about government monitoring of their personal calls and credit card purchases.

Gold standard for identity. Yeah right!

BBC News: Giant ID computer plan scrapped

Not unfortunately the scrapping of a plan for a government computer the size of a building like they had at Bureau West near where I live.

P5150072 In fact the government has announced that the proposed National Identity Register which underpins their ID Card scheme will not be created anew so as to be clean and error-free but instead will be constructed from the current databases of various government agencies.

The information will be stored in three separate databases including the Department of Work and Pensions’ Customer Information Service, which holds national insurance records, and the Identity and Passport Service computer system.

Mr Reid denied IT companies had wasted millions on preparation work for an entirely new system, saying the industry had been consulted on the move.

The government has reportedly spent about £35m on IT consultants since the ID cards project began in 2004.

“Doing something sensible is not necessarily a U-turn,” Mr Reid told reporters.

“We have decided it is lower risk, more efficient and faster to take the infrastructure that already exists, although the data will be drawn from other sources.”

So we’ll have a National Identity Register that is as full of errors as the current ones are, hardly the ‘Gold Standard’ for identity that the Home Office proudly announced it would be is it.

Interestingly the Press Release from the Identity and Passport Service makes no reference to this at all other than in passing.

This news comes as Home Office Minister Liam Byrne published a Strategic Action Plan for the National Identity Scheme and the Borders, Immigration and Identity Action Plan, which follow the wider Home Office review earlier this year and signal the countdown to the introduction of ID cards to UK citizens in 2009.

The Strategic Action Plan being the document where the new plans for the National Identity Register are laid out. Instead the press release focuses on the part of the plan that describes how the fingerprinting of foreign nationals will help secure Britain’s border and crackdown on illegal working and fraudulent access to services. Immigration Minister Liam Byrne said:

We’re determined that Britain won’t be a soft touch for illegal immigration. Compulsory biometric identity for foreign nationals will help us secure our borders, shut down access to the illegal jobs, which we know attracts illegal immigrants, and help fight foreign criminals.

But all this is completely irrelevant when we are talking about the establishment of a biometric based National Identity Register of UK citizens.

As NO2ID theorize this is about the establishment of the ‘database state’.

There is a growing list of planned systems.

* So-called ‘biometric’ ePassports that log data about your travel when used – see www.RenewForFreedom.org
* Centralised medical records without privacy – see www.TheBigOptOut.org
* Biometrics in schools – see www.LeaveThemKidsAlone.com
* Recording of all car journeys as a matter of course, using ANPR.

British biometric passports’ security cracked

Earlier this year the UK Passport Service (now the Identity and Passport Service) started to introduce Biometric Passports (pdf link) in an effort to vastly improve the security of the passport system. In their words

To:
• help fight passport fraud and forgery;
• help the public and the UK to fight identity fraud;
• ensure the British Passport stays one of the most secure and respected in the world;

However it seems that according to a report in today’s Guardian that these new ultra-secure passports aren’t all they are cracked up to be and that the security has been severely undermined by a number poor decisions made in the implementation of the system.

Firstly they have opted to use RFID chips to store the data in accordance to standards drawn up by the International Civil Aviation Organization. The use of RFID to store the data is bad enough but the ICAO standard also directs that the key used to access the data should be comprised of , in the following order, the passport number, the holder’s date of birth and the passport expiry date, all of which are contained on the printed page of the passport on a “machine readable zone.”

Bruce Schneier an authority in the area of security has written a number of times about the security wreckage associated with passports containing RFIDs.

April 28, 2005 RFID Passport Security

November 03, 2005 The Security of RFID Passports

Including on August 03, 2006 Hackers Clone RFID Passports a very similar hack to the one carried out by Adam Laurie on behalf of The Guardian newspaper.

Most recently Schneier has revealed that The Data Privacy and Integrity Advisory Committee of the Department of Homeland Security has recommended against putting RFID chips in identity cards. Whether the US government heeds this advice is yet to be seen but unfortunately for us in Britain our government has already made the poor choice.

The security measures in place to prevent unauthorized access to the data held on the chip work by creating a encrypted ‘conversation’ between the chip and the reader. Interestingly they have used the Triple DES algorithm for the encryption instead of AES which was introduced to replace Triple DES in 2002 and which is much more efficient. However the choice of algorithm is a secondary concern compared with how it was implemented with a key that is comprised of non-secret information that is published in the passport itself.

As Laurie puts it so eloquently “That is the equivalent of installing a solid steel front door to your house and then putting the key under the mat.”