FIPR response to the UK Entitlement Card consultation

Risk of increased fraud and identity theft

1. Reducing the incidence of identity theft has been claimed as a major benefit of an entitlement card. In announcing the consultation, the Home Secretary told the House of Commons that "in France, the level of credit card fraud is one sixth the level in this country, as a result of the technology used there."
2. In fact, credit card fraud is lower in countries such as France and Spain for reasons entirely unconnected with identity cards, such as more secure cards (which are already being introduced in the UK) and more frequent verification of transactions with card issuers.
3. Nor are identity cards useful for the fast-growing online financial sector. Internet Bank Smile told The Guardian on 30 January 2003 that "When it comes to internet banking, I don't think identity cards could help. We couldn't expect [a customer] to bring it in to us" [3]. Indeed, if new customers had to present a physical object as the only satisfactory means of identifying themselves, this could be expected to place online banks at a disadvantage and thus decrease competition in the retail banking sector.
4. Entitlement cards would certainly increase the risk of identity theft. The very large databases of personal data required would provide a highly tempting target for corrupt insiders and/or external attackers. They would contain precisely the information required to imitate those in the database. The credit card details, addresses and social security numbers of several million customers of the Russian mobile phone operator Mobile Telesystems were stolen from such a database last year [2].
5. Forged cards would also be very valuable to fraudsters. If Government and private sector organisations became reliant on a single card as a highly trusted means of identification, they would allow identity thieves to impersonate their victims all the more effectively. This could leave a stain on a victim's credit and criminal records that might prove difficult to remove.
6. It is extremely unlikely that a card that was eventually issued to around 60 million people would be secure against highly-skilled forgers. Current smartcards are still nowhere near tamper-proof, as the widespread forgery of pay-TV smartcards has made abundantly clear. A national ID smartcard scheme might simply collapse in the face of widespread forgery, as some pay-TV stations have.
7. The "biometric" security measures (such as fingerprint scans or facial recognition) that the Home Office suggested might improve card security are even easier to break. One Japanese research team found that they could produce fake "fingers" using gelatine from prints left on glass that would fool all 11 sensors they tested 80% of the time [4]. A study by the United States National Institute of Standards and Technology found a false positive rate of 43% when trying to match people to a database of photographs just 18 months old, even in perfect camera conditions [5].
8. Even humans have difficulty matching faces to photographs. A randomised controlled trial done by the University of Westminster concluded that supermarket checkout staff could not tell effectively whether photographs on credit cards corresponded to cardholders in front of them [6]. The use of photo-ID has a largely deterrent effect, which is declining over time as its ineffectiveness becomes known. It also raises issues for ethnic minorities -- of identification accuracy as well as of the frequency with which identification is demanded.
9. For all these reasons, we are deeply sceptical of the proposition that identity cards will reduce identify theft. Given that some countries have cards and some do not, such a proposition would be supported by ample evidence if true. The absence of such evidence is significant and highly damaging to the case.

Future function creep

10. If an entitlement card system was to be rolled out, experience shows that it would quickly become used for a variety of unforeseen purposes. It would certainly allow much greater linkage between government databases, as was suggested by the "Privacy and Data Sharing" report from the Performance and Innovation Unit. The government has suggested several times that such linkages could be made on the basis of secondary legislation, which provides limited opportunity for parliamentary scrutiny.
11. But even if primary legislation were required, the political climate — and indeed government — can change quickly. The Dutch data protection commissioner told the UK Information Commissioner's conference on this subject that a Dutch population register was completed just in time to be used by invading Nazi forces. Events such as terrorist atrocities can lead to sometimes hasty significant changes in legislation. It would be ironic if a Labour government was to proceed with a scheme rejected by a Conservative administration they had claimed in Opposition to be extremely right-wing.
12. The private sector would also be likely to quickly make use of an entitlement card — particularly as they would not have to bear any of the cost of doing so. Socially excluded groups such as the homeless or mentally ill might find it even more difficult in future to access services without a card they would be less likely to possess.

Ineffective consultation

13. It is unfortunate that a consultation over an issue so closely associated with "Big Brother" has itself been filled with Newspeak. A card whose main effect would be to deny access to many services to many individuals has been continually promoted as an "entitlement" card. The government claims the card is "universal" and not "compulsory" since it would not be an offence to be stopped by police without a card — although everyone over the age of 16 would be required to obtain one. The Home Secretary has labelled those who disagree with his proposals as "intellectual pygmies".
14. This may be one reason why public engagement on the issue has been more limited than the Home Office claimed to want. We are pleased to have been able, along with Privacy International and Stand, to encourage around three times more submissions to the consultation in its last three weeks than had been received by the Home Office in the previous five months, simply through the mechanism of a web site and telephone lines publicised via the Internet.

Project risks

15. Conservative and Labour governments alike have seen the failure of a significant number of large-scale IT projects. Research by Computing magazine in 2001 found that over £1bn had been wasted on large government IT project failures since 1997.
16. The government appears to have greatly underestimated the costs of a deployed system. Research done for the Information Commissioner suggested the figure given for even a relatively simple card of £1.3bn may be a factor of ten or more too low. This is even before the potential cost overruns likely on such a complex project.
17. Once the massive infrastructure necessary for a national scheme was in place, it would be extremely difficult to install new management companies through competitive tender. The information advantage of the incumbent would be an almost insurmountable hurdle for competitors to overcome. And the scale of the system would limit competition to only the largest global IT companies. The government would risk becoming a hostage to a monopoly supplier.
18. In general, governments that consolidate a number of disparate systems into a single centralised one usually find that promised savings fail to materialise, precisely because of such lock-in effects.

Little impact on illegal working

19. We simply cannot understand how an entitlement card would reduce the illegal employment of workers without work permits. Employers are already required to verify employees' right to work in the UK, and obtain a National Insurance number which can be checked by the government. If they are illegally flouting this system, it seems unlikely that they would demand and verify an entitlement card from such workers.
20. German experience has shown that better enforcement and high penalties for employers are the most effective ways to reduce illegal working [1].

Summary

21. Entitlement cards seem to be a solution desperately searching for a problem. They would have little positive effect on identity theft, illegal working or (as even the Home Office admits) crime. They would certainly encourage increased data sharing within government, but this is a "benefit" the public may not be as impressed by.
22. A card scheme would carry significant technical, financial and privacy risks. It could cost well over £10bn. Without a far clearer idea of its benefits, these risks and costs seem foolish to assume.
23. Every few years, vested interests in the card and computer industries raise the issue of identity cards in one guise or another. This consumes the time and energy of ministers and officials, and undermines public confidence in the Home Office, until the arguments we have reiterated here cause the matter to be shelved. We recommend that this time, the Home Secretary should not simply let the matter die quietly, but should take a positive policy decision that the Government will not introduce identity cards. Given that the last Conservative government also took such a decision, officials should then receive clear and unequivocal instructions to take no actions that might tend to make administration less convenient in the absence of identity cards.

References

1. T. Baldwin, "State turns blind eye to workers in the shadows," The Times, 31 January 2003.
2. N. Farrell, "Thieves pirate Russian telco data," http://crn.vnunet.com/News/1138223
3. S.A. Mathieson, "A born identity," The Guardian, 30 January 2003.
4. T. Matsumoto, H. Matsumoto, K. Yamada, S. Hoshino, "Impact of Artificial Gummy Fingers on Fingerprint Systems," Proceedings of SPIE Vol. #4677, Optical Security and Counterfeit Deterrence Techniques IV, 2002.
5. P.J. Phillips, A. Martin, C.L. Wilson, M. Przybocki, "An Introduction to Evaluating Biometric Systems," IEEE Computer, 2000.
6. R. Kemp, N. Towell, G. Pike, "When seeing should not be believing: Photographs, credit cards and fraud," Applied Cognitive Psychology Vol 11(3) (1997) pp 211-222.