15 November 2005

A Summary of all the Best Arguments by Opponents of ID cards.

I saw NO2ID, with their stall set up in Churchill Square on Saturday, getting people to sign a petition. No one can question they are passionate about what they believe. But in the end I don't believe their arguments actually amount to very much. At first glance they sound impressive (the emotive image of big brother is on their side) and the Government is doing them a big favour by not answering their criticisms head on and by not making a detailed case for why we need ID cards. This is NOT a reason to support NO2ID. This government have made a hash of promoting all sorts of policies that have proved to be of immense benefit when passed into legislation.

To their credit NO2ID want a debate and unfortunately there are very few arguing passionately from a pro ID perspective. People are not getting to hear both sides of the argument. There is a detailed argument in favour of ID cards from a non-racist liberal viewpoint and I hope I have got at least some of these arguments into the debate.

I've been described in all sorts of derogatory ways for doing this; ignorant, neo-labour apologist, fascist, uncaring, authoritarian, etc. etc. None of these insults bothers me that much, I've been called some of these before for arguing that religion is nonsense, for being pro-choice on abortion, for arguing for a more open immigration policy and for proportional representation for Westminster. In fact for arguing for a whole range of policies supported by different ideologies and even taken from different party manifestos. I've offended right wingers, left wingers, Labour tribalists, Blairites and just about everyone else.

I hope nobody is offended if I take a real hero's name invain. I like to think of myself as the John Peel of politics, I just argue for what I think is right, no matter whose policy it is. Of course I'm not an absolute expert on every aspect of biometrics and the government's ID scheme, but I think I've read more than most of the general public on the subject, and in the debate here I have learned a lot more about the subject.

Whether any of you believe me or not, I can only tell you I am being sincere in expressing my views, I will try to explain why I've not been persuaded by what I've heard so far from opponents and I'm hoping some of you might appreciate my point of view on this. So to a summary of what I think are their best arguments against the ID scheme and why they are wrong.

Biometrics

1. Iris scanners are less reliable at scanning the irises of ethnic minorities.

Quite simply if the technology here doesn't improve and make this discrepancy negligible, then iris scanning should be dropped. The government scheme rules nothing in and nothing out about the use of this technology. Having an efficient system is in everyone's interest.

2. Biometrics are irrevocable, so once compromised, people will be stuck.

Not quite true. It is difficult and expensive but fingerprints can be removed and facial features altered. In fact biometrics change naturally over time anyway, opponents have used this argument to argue that passports/ID cards will have to updated more frequently. Also it is very difficult and expensive to make use of biometric information. Photos and fingerprints are poor quality and easily distinguised from the real thing by high tech scanners. And the NIR security, like the banking system, will be rarely breached. It is possible to make gel moulds of someone's fingerprints, but they are conspicuous and likely to be noticed during use, and contact lens can also be detected by high tech cameras. The scanner technology is advancing all the time.

3. The storing of biometrics information, is an extra piece of personal information not previously available to hackers/fraudsters.

Not true again. Anybody that can get hold of a photo of our face or fingerprint dabs off an object we have touched, has our biometric information. Biometric information is of little or no use to a criminal anyway.

The National Identity Register

1. The NIR is a threat to our privacy and this will be detrimental to our lives.

As we already have 44 million people on databases that the government have access to, this seems to me to be the most ridiculous claim of the lot. Nobody can tell me specific examples of how people's lives have been detrimentally affected by CCTV, mobile phones, banking records, criminal and medical records, ISP records etc, and these are far more intrusive to people's lives than an NIR will be.

2. Bringing all this data together on one database is an increased security risk.

The government have already announced the security will be tighter than present database security. This same argument could be used to get rid of any database. Look at the banking system database, it has its problems of security breaches, but the system works very well for the vast majority. Very few think that the banking database hasn't been beneficial. Whoever accesses this system leaves a footprint, anybody caught looking at or changing records they shouldn't, risks getting themselves into serious trouble.

3. People on witness protection schemes and victims of domestic violence 'might' have their new identity compromised.

We are talking here about a small number of people who 'might' be affected. The claim is that an old photo could be used to locate someone's new address. However high tech cameras can recognise the difference between a photo and the real thing so a photo would be useless. Also this assumes that access to the NIR will be easy. Only someone on the inside with the technical know-how could reveal this information. For those under serious threat, they could have laser alterations to their biometric information if necessary. Outside checks wouldn't have to reveal addresses anyway, just names would be sufficient. Any suspicious activity would be quickly highlighted.

4. Racist police could abuse the NIR database by framing ethnic minorities who were in areas where crimes occurred.

This could happen anyway. By highlighting the problem of racism in the police, maybe we can go someway to fixing it. You don't fix a problem by ignoring it. For example, employers who monitor ethnic recruitment on application forms are generally the less racist employers. Courts should not convict on circumstantial evidence alone anyway.

Financial Costs and Benefits

1. The government's figures just don't add up.

Even using NO2ID's accepted figures for known ID fraud in 2003 of £150 million (they also admit known ID fraud is likely to be a significant underestimate), the benefits look immense. ID fraud cases rose 500% between 1999 and 2003. At this rate known ID fraud would be £750 million in 2008 by the start of the scheme. Compare this to the £85 million maintenance costs of the scheme and opponents claims that the figures suggest financial loss look very weak indeed.

Even if maintenance costs were doubled, it would only need savings of a fraction of known ID fraud for the scheme to be financially beneficial. Remember known ID fraud is probably only the tip of the iceberg of real ID fraud. The financial benefits of the scheme are likely to be a lot more than this. And this is only one area of benefits, there are financial gains to be made also in government efficiency. There are also other non-financial benefits to be taken into account from reductions in organised crime, terrorism and illegal immigration.

2. ID fraud largely affects the private sector, it is their problem, so they should pay to solve it.

This forgets that whoever pays for it, private sector, government, it is ultimately the consumer who pays in higher prices or taxes. ID cards is an efficient way to tackle this fraud. Only a government could take on a scheme as large as this.

3. Cardholder Not Present (CNP) fraud will not be affected.

CNP fraud is currently less than half of ID fraud. Face to face fraud is a bigger problem. With ID cards, face to face fraud will become much harder. This will mean fraudsters will target CNP transactions a lot more. Consumers could then be given the option of opting out of CNP transactions. A fraudster already avoids CNP because of the added risks of having to provide a collect address. A fraudster would not know under the new system whether a card was opted out. This would mean they would be taking a greater risk of raising suspicion about a collect address and could be caught before they collected the goods. This will mean there will be an added deterrent to CNP fraud as well as to face to face fraud.

Terrorism and illegal immigration

1. It will do nothing to stop terrorism.

Of those caught, 33% of terrorists had made use of false identities. By making it more difficult to have a false passport and ID card, this must have an impact.

2. It will do nothing to stop illegal immigration.

By making it harder to have false ID and to get work without ID, this will act as a deterrent for illegal immigrants to stay here and make it more difficult for them to make multiple attempts to enter the country once they have been refused residence.

Governments and other authority

1. Why should we trust governments with more power? They will only abuse it.

This is actually an argument against governments altogether. Governments already have enormous powers to invade our privacy and control our lives. Generally they use this power in a positive way. Think of the welfare state and the NHS and the education system, think of the Inland revenue. Think of how the inland revenue will refund overpayments when it realises its error. Generally the welfare state is quite fair about dishing out benefits, and the NHS treats all. Even the more contentious issues like CCTV and congestion charging have proven to be generally beneficial despite concerns over privacy. Unless an opponent is an anarchist and wants to see government abolished, and I don't think 'most' of them do want this, then this is not a legitimate argument against ID cards.

Conclusion

So to sum up, what does this leave us with. To me, the sum total of opponents objections seems very weak indeed.

1. 'If' the technology cannot be improved in time, iris biometrics 'might' have to be dropped from the scheme.

2. A few people (a few hundred?) 'might' have their anonimity put at risk, 'if' the security of the NIR can be breached and alternative arrangements aren't made. Think of any policy, there are winners and losers. For example, cars are considered a greater benefit to society than the 3000+ road deaths every year. Even if opponents are right about this, and they have produced no specific evidence to suggest they are, all policies have negative aspects and this seems to affect relative few people. The benefits of the ID scheme seem greater.

3. If the government's cost estimates are massively out (by around a factor of seven), the ID fraud figures are not underestimated and ID cards only solve a very small percentage of fraud then the scheme 'might' be a financial loss. This however seems a very unlikely scenario.

And that as far as I can see are the major objections. Not very much is it?

33 comments:

  1. 1. Why should we trust governments with more power? They will only abuse it ... Unless an opponent is an anarchist and wants to see government abolished, and I don't think 'most' of them do want this, then this is not a legitimate argument against ID cards.

    Honestly, Neil, if you summarise the government aspect in one glib paragraph, nobody's going to get anywhere in this discussion.

    There's a hundred possible come-backs on that, but how about this one: the welfare state is not a gift to the people from a kindly govt. but the expressed will of the people, and a solution to a real need, carried out in the clear light of day rather than in secret.

    Just because they manage some nice things for us, doesn't mean they can therefore be trusted never to overstep the bounds, perhaps because of a misguided/blinkered vision of the greater good.

    ReplyDelete
  2. Now you have gone too far. I, like you, regarded Peely as something of an icon. Unlike you, I look nothing like him (although I can do a very convincing soundalike), but you're trashing my hero if you take his name in vain for this nasty, mean minded, little Hitler scheme. I don't pretend to know if he'd have liked it, any more than you do - so please, please, take that bit out of it, it's not fair to Peel or his relatives.

    ReplyDelete
  3. By the way, I see you as more of a Simon Bates or a Dave Lee Travis, or maybe a Noel Edmunds than a Peely.

    "John Peel of politics", oh yeah, and I'm the Dylan Thomas of blogging - ha.

    ReplyDelete
  4. Neil,

    Known ID fraud rising at 500% / year.

    Except that credit card fraud is down, a lot, most types by 30%.

    http://www.apacs.org.uk/downloads/Mid%20Year%20Fraud%20Figs%2008.11.05.pdf

    The only type of credit card fraud increasing is cardholder not present fraud, which the ID card scheme can not possibly affect.

    They are expecting fraud to drop a lot next year when chip & pin becomes mandatory, rather than optional as present.

    ReplyDelete
  5. Governments already have enormous powers to invade our privacy and control our lives. Generally they use this power in a positive way. ... Think of how the inland revenue will refund overpayments when it realises its error.

    I'm thinking of those that have been badly arrested, and likely yet to be apologised to/compensated/removed from Police records. Your logic implies that everyone (sane) would rather have a government than not, and therefore we shouldn't worry about the amount of power that a government has.

    I say that governments are there to act on behalf of the public (and not tell us what we think we want), and part of that duty is accountability. To sum up, Less accountability and less transparency = bad, more of both = good. Or would you rather just hand over all power to Whitehall without any checks on how that power is being used? (And no, I don't believe those checks are in place under anti-terrorism/ID legislation.)

    ReplyDelete
  6. Well you've had a bash but you've missed a lot out and have mis-represented some others.

    For example facial recognition is even more useless than iris recognition (60% success rate). That would have to be dropped also if the system is not to be laughably useless.

    This leaves fingerprints, but even these are not good enough to be used as biomterics in the way the scheme requires. False positives will either be taken seriously, which will massively inconveniance people who are unable to prove who they are in a society that suddenly demands they prove who they are at every turn, or they are ignored and the whole idea becomes a useless joke.

    %33 of terrorists use false identities
    So would you say that the ID scheme would cut terrorism by a third. This is clearly absurd, but I cannot possibly think what else you could mean. All of the london bombers were "clean skins", in fact this holds true for most terror attacks in the last few years. ID cards would have had zero effect on recent terror attacks. Why therefore would they have any effect on future attacks.

    You also have repeatedly claimed that any attempt to limit state power is an attempt to impose anarchy, which is patently ridiculous. A democracy such as the one we (just about) still live in requires checks and balances on the powers of the branches of government to limit corruption and abuse. These are massively lacking in the ID card bill, and the NIR general population espionage database.

    ReplyDelete
  7. Neil, are you either (a) going to define what you actually mean by "identity fraud", or (b) withdraw all the nonsense you've written about it?

    ReplyDelete
  8. "CNP fraud is currently less than half of ID fraud. Face to face fraud is a bigger problem."

    http://www.apacs.org.uk/downloads/Mid%20Year%20Fraud%20Figs%2008.11.05.pdf

    CNP fraud, £90.6m +29%
    Counterfeit cards, £45.6m -31%
    Lost/stolen cards, £44.3m -27%
    Mail no-receipt, £22.8m -37%
    ID theft on card accounts, £16.1m -16%


    According to the credit card clearing house, identity fraud with credit cards is under 20% of the CNP fraud, and it is decreasing unlike CNP fraud which is rising rapidly.

    Would you explain how ID cards prevent fraud through counterfeit cards, stolen cards (directly or through the post).

    ReplyDelete
  9. Nobody can tell me specific examples of how people's lives have been detrimentally affected by CCTV, mobile phones, banking records, criminal and medical records, ISP records etc

    Obviously bollocks. Any of the victims of violations of privacy occasioned or enabled by those means could tell you.


    Oh, I see -- you mean you're too lazy to find examples yourself (and possibly fearful that you'll find some evidence against your own position) and so you want somebody else to give you examples. Sigh. How about these: (you could find them using Google with search terms in your paragraph, above, but you're plainly too lazy to bother)
    http://www.liberty-human-rights.org.uk/press/press-releases-2003/liberty-winss-key-cctv-case.shtml
    http://www.theregister.co.uk/2002/11/21/sex_text_revenge_hacking/
    http://news.bbc.co.uk/1/hi/uk/3713816.stm
    http://news.bbc.co.uk/1/hi/england/staffordshire/3951945.stm
    http://www.silicon.com/research/specialreports/offshoring/0,3800003030,39131387,00.htm
    etc.

    To be honest, I'm not really sure it's worth arguing with somebody who believes that there are no privacy risks associated with any existing intrusive technologies.

    ReplyDelete
  10. Think of how the inland revenue will refund overpayments when it realises its error.
    I wonder if you saw the Documentary last night on tax credits? The one in which Revenue errors and incompetence had led to people losing their homes?

    ReplyDelete
  11. Oh come on Neil, even Bloggers4Labour (last seen advocating indefinite detention of innocent people secretly without trial) is concened about your handling of the civil liberties issue. You refuse to handle the issue of power relations, declaring it "not important". You refuse to define "identity theft" in any rigorous way, using it to mean "credit card fraud".

    You yourself have noticed that the government isn't answering the criticisms. Why do you think this is? Do you approve of taxpayer's money being used to advocate Labour party policy?

    Think of how the inland revenue will refund overpayments when it realises its error.

    This is a confusing statement, given the way the IR have handled overpaying of Brown's WFTC, and the long history of the para-taxation Child Support Agency getting things wrong and hounding people.

    ReplyDelete
  12. I like to think of myself as the John Peel of politics, I just argue for what I think is right, no matter whose policy it is.

    The John Peel of politics? You seek out new and edgy policies that have been gigging their way around the live pub politics scene and give them an airing on your blog, which is renowned for being a hive of up and coming political thought, in the hopes of a passing A&R man from a big party picking one up and giving it the parliamentary time it so rightly deserves?

    You're more like the John Prescott of blogging - inarticulate and basically pointless, except as a thinly veiled cover for another of Tony Blair's ridiculous schemes.

    Anyway, Peely, how about endorsing some Tory policies then, if you really, truly, genuinely don't care about where they come from? Or is there absolutely no issue at all that the Tories are correct on? Or are you going to post next week about how Maggie had a point with those uppity miners?

    ReplyDelete
  13. Well, Michael Howard introduced the current Home Office ID card scheme, so in a way it is a Tory policy. Fortunately it seems to be flagging, with only 45% support:
    http://news.telegraph.co.uk/news/main.jhtml?xml=/news/2005/07/04/nid04.xml

    Note that if we'd had the proposed ID card scheme at the time of the miners' strike, the Home Secretary could have brought the strike to an end very quickly without all those police battles by revoking the miners' ID cards. Unable to use the NHS, or even their own bank accounts, they would have folded pretty quickly.

    ReplyDelete
  14. However high tech cameras can recognise the difference between a photo and the real thing so a photo would be useless.

    You're confusing two different things here.

    Whether a biometric scanner (for instance, an iris camera) can be designed reliably to detect an attempt to present it with a forged biometric is an open technical question.

    However, it is irrelevant to the problem at hand, which is about the nonconsensual idenfification of persons using recorded, not live, biometric information. In the case of an iris image, that would mean a photograph or a previously-captured iris code (i.e., one which had already been derived from a photograph). The government has stated (both in the Bill and in answers to written questions) that sufficient access to the NIR to do a nonconsensual biometric lookup will be granted to the police and a wide range of other official bodies.

    Do you now understand why your observation about "high tech cameras" was irrelevant?

    ReplyDelete
  15. Neil has had shot at a review article, maybe there's hope for him to become a scientist yet. He states:


    1. Iris scanners are less reliable at scanning the irises of ethnic minorities.
    [if this is true then don't use them]


    But the other biometrics are worse, without working biometrics the scheme
    can't possibly work. It can't reliably prove people are who they claim to
    be, and it can't prevent multiple enrollment.


    2. Biometrics are irrevocable, so once compromised, people will be stuck.

    Neil's argument seems to fail somewhat: he starts of by saying that
    they can be changed, for which he provides no evidence, and then goes on
    to say that the scanners are getting better and won't be fooled by the changes.
    I'm confused as to which way Neil is attempting to argue this point? Either one
    can change one's biometrics, in which case the cards are useless (see 1. above)
    or one can't in which case "people will be stuck".


    3. The storing of biometrics information, is an extra piece of personal information not previously available to hackers/fraudsters.

    Anybody that can get hold of a photo of our face or fingerprint dabs off an object we have touched, has our biometric information. Biometric information is of little or no use to a criminal anyway.


    The point Neil seems to miss here is that to collect this information now
    requires some sort of contact: the attacker has to find Neil in a pub, or meet
    him in the street, an attack that requires considerable effort. Once this
    information is entered into a database a hacker can collect all this
    information trivially. Biometric information will be of great use to hackers
    once it is the enabling method to fraud. Since Neil is very fond of analogies,
    maybe he'd like to consider the analogy of a Yale lock: Yale locks are insecure
    because it is possible to reconstruct a key from a photograph of a key. However
    if the police decided they needed a national register of photographs of keys
    linked to people, that would make the keys less secure, because a hacker can
    locate a victim and then construct the key, without the effort of having to get
    a picture of the key and work out where the lock it fits is in first place.



    1. The NIR is a threat to our privacy and this will be detrimental to our lives.

    As we already have 44 million people on databases that the government have access to, this seems to me to be the most ridiculous claim of the lot.

    As has been patiently explained to Neil countless times, it is the unique
    identifier per person that makes it different. The NIR allows all databases
    everywhere to be linked together. The NIR also has an audit trail which
    stores every where and when the card has been used, which will include
    banks and all NHS services.


    Nobody can tell me specific examples of how people's lives have been
    detrimentally affected by CCTV, mobile phones, banking records, criminal and
    medical records, ISP records etc, and these are far more intrusive to people's
    lives than an NIR will be.

    Neil again seems to miss the point that the NIR is the enabling technology for
    the misuse of all these databases.


    2. Bringing all this data together on one database is an increased security risk.
    The government have already announced the security will be tighter than present database security. This same argument could be used to get rid of any database.


    Neil then goes on to cite the specific example of "the banking database"
    whatever that is, I can find no reference to a centralized national banking
    database. His argument then is "the security will be increased" and
    "the risk to the users will be less than the benefits" I don't think either
    of these merit a response. Taking a guess at what he is searching for
    he might find it instructive that banks secure their systems by giving access to
    very few people, and the bank is financially at risk if it doesn't. Data
    in the bank's systems never leaves the bank's systems, the interface to the
    account is via transactions.



    3. People on witness protection schemes and victims of domestic violence 'might' have their new identity compromised.
    We are talking here about a small..

    Neil uses scare quotes. The NIR enables any one of the 200,000 authorized users
    of the database to compromise a protected person's identity. In the current
    scheme only the protection officers have the ability to link the new and old
    identities. This is not a 'might' risk, this makes it much easier, even trivial,
    for a criminal or a terrorist to defeat the witness protection scheme. Since
    we are being sold this system on the "Defeats terrorism" and "Defeats crime"
    tag, this is a very important point. The NIR will destroy the most useful
    source of intelligence in fighting crime.



    4. Racist police could abuse the NIR database by framing ethnic minorities who were in areas where crimes occurred.

    Neil's argument is that this is a good thing because it will cause racism
    to exposed, I don't think that merits a response.



    1. The government's figures just don't add up.

    Neil repeats his statement that savings in ID fraud will more than pay for the scheme. He seems to have forgotten that:

    1) most ID fraud is card-holder not present, which the ID card won't help.
    2) these savings are made to the private sector and not the government
    or tax payer.

    There have been several cost estimates referenced on these pages.
    The only one Neil has cited doesn't agree with his statements about
    the costs of the scheme.

    http://europa.eu.int/idabc/en/document/4499/5864


    2. ID fraud largely affects the private sector, it is their problem, so they should pay to solve it.

    Neil states that that only the government is able to handle an IT project
    this large successfully. This is a controversial view, there is not one large IT
    project that the UK government has successfully undertaken, there are many
    examples in the private sector. The VISA and MasterCard networks are good
    examples.



    3. Card-holder Not Present (CNP) fraud will not be affected.
    CNP fraud is currently less than half of ID fraud.

    The arguments that Neil makes for the elimination of non-CNP fraud are
    identical to the Chip and Pin arguments, and are equally valid. Thus
    the ID card is not needed there. He offers no solution for the CNP
    problem other than by stopping it, which again doesn't need an ID card.

    The fraud report at http://www.apacs.org.uk/downloads/cardfraudthefacts05.pdf

    states that ID theft accounts for 36.9m of fraud, and CNP 150.8m.

    Those figures are pre-chip an pin, and CNP fraud is now the fastest growing
    sector.


    1. It will do nothing to stop terrorism.
    Of those caught, 33% of terrorists had made use of false identities. By making it more difficult to have a false passport and ID card, this must have an impact.

    None of the July 7th bombers nor the September 11th hijackers used false
    identities, none of whom were caught. No reference is provided for his 33%
    figure, is it possible it is based on a sample of 3 terrorists?


    2. It will do nothing to stop illegal immigration.
    deterrent
    ..
    make it more difficult for them to make multiple attempts to enter the country

    The use of the "deterrent" argument is specious, we have plenty of deterrent it
    doesn't work. Illegal immigrants enter the country by two methods, they either
    overstay a legitimate visa, or are smuggled in. ID cards will have no effect on
    the entry of these two classes. Neil states that it will make it more difficult
    for them to stay here, but provides no justification for this statement,
    indeed many illegal immigrants already live in this country and successfully
    avoid any or all contact with the state.


    1. Why should we trust governments with more power? They will only abuse it.

    I think this argument has been roundly rebutted above.

    In conclusion we've learned nothing from this excursion that
    we couldn't have learned from the careful and painstaking expositions
    that many contributors have made in this debate.

    ReplyDelete
  16. A lot of questions here. Here's a brief answer to some, tomorrow I'll work through the questions in more detail.

    B4L, 'We don't trust governments'. Opponents use this sweeping statement that we shouldn't trust govts, but the answer is we already do trust govts an awful lot. Why do the electorate already entrust such a huge amount of power to govts?

    I never said that anything was a gift from kindly govts, it is the expressed will that govts have the power they do. Why don't opponents acknowledge that a Labour Govt was elected with a clear pledge in its manifesto to introduce ID cards?

    urko: I'd imagine JP was probably against ID cards, I don't know. I wasn't trying to link his name to the scheme, I was just trying to explain that I ignore ideology and party loyalty when making my mind up about something, just like Peel ignored major record label lobbying. So when people accuse me of being a New Labour apologist, they are wide of the mark.

    As for tax credits, I think £1.9 billion has been written off so far. Yes, it was a grave error caused by govt incompetence. It has meant giving all this money to some of the poorer members of society, so its not been all bad.

    Pete: Thanks for the stats,

    CNP fraud, £90.6m +29%
    Counterfeit cards, £45.6m -31%
    Lost/stolen cards, £44.3m -27%
    Mail no-receipt, £22.8m -37%
    ID theft on card accounts, £16.1m -16%

    All the non-CNP stuff here amounts to £138.8m. Like I said, this is more than CNP fraud. All non-CNP fraud would be reduced by having ID cards. I've also explained that by making people have to enrol for CNP with an ID card, this would have an indirect effect on reducing fraud here too.

    Scribe: Nobody is telling us we should have ID cards except the electorate who voted for another Labour govt. This is our democracy, it could be better, but you can't pretend people didn't want ID cards.

    Bob: Your argument is that biometrics won't work. If you are right, you have nothing to worry about do you?

    The link to the terrorists stats is at the home office site (and I've linked to it before in articles).

    Chris: ID fraud is non-CNP fraud.

    Thanks for providing some links to some examples at last (allow me a day to read them). I'm glad I'm not having to do all the work myself for a change. (You have to remember I'm at the disadvantage of playing chess against numerous opponents simultaneously - it's time consuming).

    So do these examples mean we should get rid of all the databases that hold our info and scrap CCTV, mobile phones etc? If not, why not? I think you will find most people want to keep these things because they recognise the benefits.

    The same will be true of the ID scheme once people see it in practise (and boy am I going to remind you guys when the scheme is a success). This is why you are so desperate to stop the scheme before people experience it, because you are frightened they will get to like it (like they do in most other EU countries).

    Finally, there are already iris scanners which can tell the difference between a photo and the real thing, so it is not an 'open question' as you suggest.

    "The government has stated (both in the Bill and in answers to written questions) that sufficient access to the NIR to do a nonconsensual biometric lookup will be granted to the police and a wide range of other official bodies."

    Please would you provide me with a link for this?

    Peter Clay: You are talking about a govt that handles £520 billion every year, of course there are going to be a few cock-ups. This doesn't mean we should scrap the whole thing, or even the CSA database.

    Andrew: There are Tory policies I like, they are few and far between which is why I'm in the Labour party, but there are some. For example, (long hard think), I think some of their anti-union legislation has been useful.

    Anon: I think most of your points are answered above.

    On the 'racist police' point. You don't quite understand my argument. Look at the current problems in France, they were caused by a racist society ignoring the marginalisation of ethnic minorities. Their failure to monitor the problem is part of the problem.

    When some police officer is exposed for abusing the NIR in the way you suggest they might, this will highlight the culture in one particular police force and something would be done about that racism that otherwise would have continued.

    An ID card will actually make abuse less likely because the NIR will at least help eliminate people who couldn't have done the crime.

    ReplyDelete
  17. I've also explained that by making people have to enrol for CNP with an ID card, this would have an indirect effect on reducing fraud here too.

    I still don't get this. I understand that you imagine that there exists a group of people who might want to restrict themselves from being able to use their cards for CNP transactions, and there may well be. Let's not forget though that most people will want to use their card online and so on.

    You're proposing that at enrolment, rather than at the transaction, something should happen which is different from what happens now. For your point to be anything other than a shockingly time consuming red herring, that something has to require that ID cards be used in some way.

    What is this way? What precisely would you rather happened at "enrolment", which would affect CNP fraud in any way? I just don't think there can be any such thing.

    There's no point doing an identity check, as ex hypothesi, it's the authorised holder of the card who is being enrolled here. At some subsequent point, the card details are compromised and used in a CNP transaction by someone else. I reckon you're just proposing to cut down on the number of people whose cards can do CNP, but that's nothing to do with ID cards, is it?

    ReplyDelete
  18. I'm a little concerned by your blasé attitude towards the "few hundred" people whose anonymity might be compromised.

    Let's leave the battered wives to one side, since if New Labour gave a damn about them they'd drop the multiple identity prevention requirement (and the reduction of benefit fraud with it).

    When we're weighing up the costs of this scheme, we need to look at both the likelihood of harm (and as you say it might be hundreds of people) and the costs borne by those people and the rest of society. Outside the battered wives scenario, we're looking at the sort of people whom society as a whole has a very grave interest in anonymising: informers in terrorist cells, undercover police officers, spies, and witnesses of violent crime.

    I'm really concerned about the first two or three categories, particularly with what's likely to go wrong if we can't protect the sources of human intelligence on planned terrorist attacks. Well may these faceless folk be few in number, but they weigh heavily in importance for the safety of us all.

    ReplyDelete
  19. Firstly, we have to remember we are talking about a 'might'. There is no evidence that the NIR will be more risky than the present situation.

    Also biometrics are changeable with laser technology, its expensive and difficult but possible, so in the cases you suggest this could be done to change their identity. Problem solved.

    ReplyDelete
  20. When people obtain a credit card with ID, unless they specifically ask for CNP transactions to be allowed, they will not be. If they change their mind in the future they would have to make the change in person using their ID card.

    What this does is lessen the number of people using CNP transactions. The very fact that ID cards have been introduced will reduce CNP transactions even more because the difference in security risk will be much greater between the two, and this will discourage people from allowing CNP.

    This creates a extra difficulty for the fraudster. They already prefer non-CNP fraud because of the dangers of a collect address, but now, (by not knowing a cards status as far as CNP transactions go and the extra difficulty in obtaining a card with false ID) they have the extra risk of raising suspicion and being caught at the collect address.

    Because of ID cards, it will also become more worthwhile for banks to increase security checks on CNP transactions. The reason they are so lax at present is because, even someone genuine can't prove their identity that well without ID cards, so the cost benefits in increasing security checks for CNP are negligible.

    ReplyDelete
  21. "Would you explain how ID cards prevent fraud through counterfeit cards, stolen cards (directly or through the post)."

    Every transaction will require an ID card.

    ReplyDelete
  22. "banks secure their systems by giving access to very few people, and the bank is financially at risk if it doesn't. Data in the bank's systems never leaves the bank's systems, the interface to the account is via transactions."

    So statements, the cash machine network, post between banks and data transfers are not leaving the bank's systems?

    There is no reason the NIR can't be even more secure than this and also have only a few people with access to its address details etc.

    Aren't the government at financial and electoral risk if it doesn't make the scheme secure?

    ReplyDelete

  23. All the non-CNP stuff here amounts to £138.8m. Like I said, this is more than CNP fraud. All non-CNP fraud would be reduced by having ID cards. I've also explained that by making people have to enrol for CNP with an ID card, this would have an indirect effect on reducing fraud here too.


    Neil explain precisely how an ID card changes CNP fraud. You realize also that
    your argument above is isomorphic to
    "Drunk drivers only account for 30%
    of road accidents, therefore sober ones
    are clearly the greater danger"

    ReplyDelete

  24. So do these examples mean we should get rid of all the databases that hold our info and scrap CCTV, mobile phones etc? If not, why not? I think you will find most people want to keep these things because they recognise the benefits.


    No Neil, they don't, since there exist judicial measure by which regulation of
    the use of information from these schemes
    may be used and corellated. No such
    oversight exists or is planned.

    It's a little childish to challenge Chris
    to provide you with examples and then
    claim that he should then take another
    position. Like all such systems the
    benefits to society and the costs to
    liberty have to be considered.

    The NIR firmly pushes the balance in the
    wrong direction with it's police state
    powers. (That's in the technical sense
    of police state, viz that the executive
    has special powers to control which
    laws apply to which citizens)

    Neil I also think you should consider
    reading a book on sentential calculus,
    it's rather hard to argue with someone
    who refuses to acknoloedge the
    prinicipals of logic and implication.
    Of course you may be a postmodernist
    rather than a rationalist in which
    case please let us know.

    ReplyDelete
  25. Neil said : "Also biometrics are changeable with laser technology, its expensive and difficult but possible, so in the cases you suggest this could be done to change their identity. Problem solved. "

    So now your advocating that a person who has their biometrics stolen through inadequate security of the NIR needs to go through surgery to get their identity back?

    Tell me, will the government foot the bill for that one, or will we have to pay for it ourselves?

    ReplyDelete
  26. "Every transaction will require an ID card."

    I'm sure the banks will love this.

    Now, let's have a look at the costs of this to just the banking industry.

    Firstly, all online and telephone banking transactions will cease - everything will have to be done in person.

    By 1999, Barclays Bank alone was saving £20million per year by using online banking compared to traditional branches.
    http://news.bbc.co.uk/1/hi/business/the_company_file/520084.stm

    Given the widespread takeup of online banking since then, and spreading this over all the banks it's likely the savings to banks from online banking is into the hundreds of millions, if not low billions.


    Now, lets look at the annual online sales,

    http://www.theregister.co.uk/2005/11/04/online_sales/

    "Brits spent a whopping £71.1bn online last year"

    That's £71.1bn of sales that would have to stop, or move through traditional channels.

    Thinking this through further, all of the following companies would have to completely change their business in order to comply with your legislation.

    Easyjet, Ryanair (all airlines)

    eBay (and everyone who sells on it)

    all Banks (it's taken then five years to move lots of people to online banking - now they'd have to move them back again).

    all Internet Service Providers

    all Supermarkets (they'd have to move to cash on delivery)

    Dominos Pizza (no credit card payment unless the delivery guys carried iris scanners with them)

    Dell, Dabs, Scan, Insight (all online computer retailers)

    I think the most amusing business that would suffer though, is Google, which owns Blogger which would make this discussion a little more difficult.


    Do you think that this is a reasonable cost to bear to eliminate under £200million of credit card fraud, or would you like to retract your statement

    "Every transaction will require an ID card."

    (I've taken this to mean, 'Every transaction with a credit card will require an ID card'. Taken literally you'd have to consider what removing direct debit, cheques and anonymous cash would do to the economy).

    ReplyDelete
  27. "The government has stated (both in the Bill and in answers to written questions) that sufficient access to the NIR to do a nonconsensual biometric lookup will be granted to the police and a wide range of other official bodies."

    Please would you provide me with a link for this?


    It's on the face of the Bill -- sections 19 through 23 (and various other bits and pieces). See also written answers by Home Office ministers on this point.

    ReplyDelete
  28. Hi Neil, cheers for the response:

    "Nobody is telling us we should have ID cards except the electorate who voted for another Labour govt."

    I'd make the distinction that people voted for Labour, not for ID cards. Isn't there a difference between voting for a party you agree with some/most things on, and voting for one that you agree with everything on? I suspect that if the latter were enforced, turnout would be even lower than it is now.

    Even some Labour MPs themselves wash their hands of parts of the Labour Manifesto, including ID cards. What then?

    ReplyDelete
  29. "The government has stated (both in the Bill and in answers to written questions) that sufficient access to the NIR to do a nonconsensual biometric lookup will be granted to the police and a wide range of other official bodies."

    Please would you provide me with a link for this?


    http://www.identitycards.gov.uk/library/2005-06-27_Identity_Cards_Scheme_Benefits_Overview.pdf
    Doing nonconsensual fingerprint lookups on everyone is a stated advantage of the scheme. I'm sure I've said this before.

    ReplyDelete
  30. "ID fraud is non-CNP fraud"

    This is silly. It's fraud. There's no reason for the word "ID" to be there at all.

    "Nobody is telling us we should have ID cards except the electorate who voted for another Labour govt. This is our democracy, it could be better, but you can't pretend people didn't want ID cards."

    http://brightonregencylabourparty.blogspot.com/2005/07/why-first-past-post-is-dangerous-for.html
    "According to the new Electoral Reform Society report on the election, only 35.2% of voters and 21.6% of the electorate voted Labour."

    That's hardly an overwhelming mandate for this kind of change. Have you actually gone out asking people whether they want identity cards? Why do you think the blogosphere is so overwhelmingly opposed to them? Why is nobody, even your fellow bloggers4labour chap, supporting you on your blog?

    "Aren't the government at financial and electoral risk if it doesn't make the scheme secure?"

    Of course they are, but that's not sufficient to make the scheme actually secure. http://www.nao.org.uk/pn/03-04/0304877.htm makes interesting reading on the success and failure of large government IT projects.

    "When people obtain a credit card with ID, unless they specifically ask for CNP transactions to be allowed, they will not be. If they change their mind in the future they would have to make the change in person using their ID card."

    This isn't in the bill and I can't imagine the credit card industry being too happy about it. When did you last interact with a credit card issuer in person?

    "Every transaction will require an ID card."

    Ah, now we get to the nub of the thing. This is how the ID card is to be made indispensible. Pete has already covered quite well the reasons why hoping to decrease the number of CNP transactions is silly. I'm concerned that some home secretary might decide that particpants in protests should have their ID revoked, possibly pre-emptively, to prevent them being able to do anything and ruin their lives. You've not addressed my miners' strike scenario - do you think it's just implausible? Why?

    ReplyDelete
  31. Oh, and another interesting point on the "democracy" angle:
    http://www.publications.parliament.uk/pa/ld199900/ldhansrd/pdvn/lds05/text/51115-15.htm


    First, it is styled as a national identity register and a national identity card. But where, can the Minister explain, does Scotland fit in? Is she aware of the resolution passed by the Scottish Parliament which states that the proposal in this Bill is,

    "flawed on political, technical and financial grounds"?

    It stated that ID cards,

    "offer an ineffective response to problems of security and fraud and pose an unacceptable threat to civil liberties".

    It,

    "rejects the Prime Minister's belief [stated in the House of Commons] that it is legitimate and right in this day and age to ask people to carry identity cards",


    I agree entirely with the Scottish Parliament on this one!

    ReplyDelete
  32. Guys, you have done enough, you have persuaded me. See my latest post. Well done.

    Sorry I took so long to change my mind.

    It is the non-consensual recorded look-ups and some more information I have found out about the IT industry opposition that has been the clincher for me, finally!

    ReplyDelete
  33. Thanks for all the links and comments. This has been a good debate and fairly well humoured. Sorry I took so long to be persuaded, but I think the level of argument here might be useful for others.

    I feel a bit humbled now, but at the end of the day, finding out more information about a subject and changing your mind if you are wrong is what blogging is all about.

    Thanks again to everyone for your contributions. Some excellent stuff has been posted here.

    ReplyDelete