On the day Cameron and Clegg shook hands, and the national unemployment figure rose to over 2.5 million, spare a thought for Elizabeth Henderson* – one of the first identifiable people to lose her job under the Coalition.
It’s only Day One but already the Conservative/LibDem coalition agreement has confirmed both parties’ long-stated intention to scrap the ID Cards Scheme. I have to admit, some of my previous scepticism was misplaced: the Coalition will scrap the Scheme as a whole (including the National Identity Register), not just the plastic cards.
The measure comes under the general rubric of Civil Liberties, and is accompanied by statements in a number of other policy areas:
“- A Freedom or Great Repeal Bill.
– The scrapping of ID card scheme, the National Identity register, the next generation of biometric passports and the Contact Point Database.
– Outlawing the finger-printing of children at school without parental permission.
– The extension of the scope of the Freedom of Information Act to provide greater transparency.
– Adopting the protections of the Scottish model for the DNA database.
– The protection of historic freedoms through the defence of trial by jury.
– The restoration of rights to non-violent protest.
– The review of libel laws to protect freedom of speech.
– Safeguards against the misuse of anti-terrorism legislation.
– Further regulation of CCTV.
– Ending of storage of internet and email records without good reason.
– A new mechanism to prevent the proliferation of unnecessary new criminal offences.”
Indeed, that list actually goes further than my recently-posted “celery-free manifesto”, though I did score a reasonable number of hits. I think, on balance, I am now cautiously optimistic, as opposed to ecstatically jubilant. After all, one doesn’t celebrate the passing of a migraine by cracking open the nearest bottle of champagne… and as migraines go, this one has been persistent.
It is now almost a decade since then Home Secretary David Blunkett set out his plans for a national “Entitlement Card” – compulsory, and in all but name, a national ID card. When challenged in Parliament by opposition MPs, he dismissed the argument as “descending into a contest with intellectual pygmies”.
Sorry, Mr Blunkett – one of the harsh realities of the information society is that, once comments like that get onto the record, they are easy to find, easy to re-publish, and impossible to delete. That, incidentally, is a critical design factor of modern identity systems which your party’s identity policies determinedly ignored for the ensuing decade.
A lot has changed in that decade, in the realms of digital identity and privacy. We have a decade’s experience – admittedly, as ever, mostly of things which turned out not to work, or not to work as well as hoped – and a decade of further technological advances. Anyone setting out to design a national identity scheme now would probably look rather foolish if they came up with a 2001-vintage design for it.
However, what I really hope we have learned that those technological advances must, if they are to succeed and be adopted, fit into an ecosystem of related elements: elements such as appropriate policy, governance and regulatory control; the right legal framework; practical, scalable deployments backed up by adequate training and resources… and a culture in which adoption by users is a rational and attractive step. As the recent history of Privacy Enhancing Technologies [PETs white paper] illustrates, if that ecosystem is absent or hostile, the best of technologies will fail to thrive.
With that in mind, I hope that the headline use of words like “freedom”, “responsibility”, “fairness” and “civil liberties” hints at something broader than just the scrapping of a number of centralising, data-intensive government programmes. Now is an opportunity to go back to the foundations of policy and re-examine the relationship between government and citizen, and the role of digital identity in that relationship. One of the persistent failings of the ID Cards scheme was that the government decided what it intended to do, and then cast around for policy objectives which might be put forward to justify that course of action.
If there is clarity of purpose, the appropriate policy goals flow naturally.
As a consequence, another failing of the ID Cards scheme was that the relationship between its stated goals and the proportionality of the scheme became ever more tenuous. If the stated principle of “fairness” leads to proportionality in measures such as public sector identity, DNA retention, data retention and data-sharing, that is to be welcomed.
A lack of proportionality in compulsory measures severly undermines the culture of adoption.
Finally, and fatally, the ID Cards scheme failed to take any account of the fact that identity in online transactions is not a universal good. There are clear and valid instances when identity is neither necessary nor beneficial, and where pseudonymous or anonymous interaction is the most desirable option. The ID Cards scheme looked backwards at traditional notions of “identity as credentials”, and in doing so failed to design for what is likely to be the majority of online activity: digital identity as a multi-faceted representation of (equally multi-faceted) digital life. Other countries have looked forwards; Costa Rica, for instance, amended its constitution so as to establish citizens’ rights to a digital identity – taking a perspective which put the citizen’s interests at the centre of legislation, policy and technological innovation.
Some forms of state-issued digital identity may have a role to play in such a system, for sure. However, a policy based on the assumption that no other forms of identity are relevant (including pseudonymity and anonymity) is doomed to be blind-sided into irrelevance by the relentless evolution of our online lives.
This holistic view requires that identity be considered in close conjunction with its siblings – privacy and self-determination. So my third hope is that the word “freedom” in the Coalition agreement will include those classic tropes of privacy:
- freedom to be let alone
- freedom to preserve intimacy
- freedom to retain anonymity
- freedom to exercise discretion
Those, it will be readily apparent, are social, political and cultural goals, not technological ones. In the information society, though, many of them will be technically-mediated, much of the time – so the policymakers cannot afford to make under- or ill-informed decisions. It is, if I may be cruel, no time for policy to be made by people who think that the “IP” in “IP Address” stands for “Intellectual Property”.
Fortunately, the last decade has also grown a community of committed, engaged, privacy-aware and technically-literate specialists who can translate between the policymakers and the technologists. Let’s hope the policymakers are willing to listen.