- ``If ID cards are so great, why would we need to make people have them?''
- ``If an all-encompassing biometric ID database costing billions of pounds is such a great idea, why isn't the private sector building it itself?''
A while ago William Heath -- of KableNet and the Ideal Government Project -- asked me what I thought of the LSE Identity Project's alternative proposal for an identity management infrastructure. My reply (which I wrote based on leaks, rather than the report itself, which I hadn't then seen) is available on Ideal Government, but here's a relevant excerpt:
[L]egislate to have government and the private sector recognise the cards as an optional `proof of identity' (quotes to avoid the philosophical issue here), [and] enable private industry to sell them to punters at whatever cost they want....
Now stand back and see whether people want the things or not. Personally, I'd probably be happy to own one for occasional use -- for instance, if you could check in more quickly at the airport if you presented one, it might be worth doing so.
Now, while it's certainly true that the government's proposals will intimately involve the private sector (basically by pissing money into IT companies at a rate unseen since the dot.com bubble years), the way in which they do so appears carefully designed to avoid deriving any advantage from doing so. In particular there will be a monopoly vendor of ID cards and everyone will be forced to buy one (for however-many hundred quid it'll turn out to cost); nobody will get to exercise choice, no market mechanism will operate, and any potential advantages of involving the private sector will be lost.
So, then, to the Clear Registered Traveller Programme, ``the smarter way forward for airport security'' (and who could deny that a smarter way forward is needed for airport security?):
The Clear registered traveler program is the smarter way forward for airport security. It's the smarter solution for you, getting you through security faster, with more predictability and less hassle. It's basic risk management: someone who is screened in advance is less likely to be a threat than someone who isn't.
The gag here is that you get `screened' by some outfit -- a strange amalgam of a US government agency and a private company -- and they issue you with a smartcard which carries some encrypted biometric information. Unlike the ICAO passports (which fill, so to speak, the same much-needed hole in the literature) they've actually made a sensible choice of biometrics (iris scan and fingerprints) and unlike the ICAO passports, they've designed the system (or say they've designed the system) so that the information on the card can't be inverted to produce a forgery of the biometric information. Their FAQs make them seem -- relatively -- sane and sensible, though a little hyperbolic. At least, they demonstrate concern about the right sorts of things:
Unfortunately, despite some evidence of good design, the whole enterprise is somewhere between silly and dangerous, a lesson which I suspect would apply to any private ID card scheme along similar lines. The Clear Card is designed to let its holder get through airport security more quickly, without having to go to the hassle and expense of buying a private jet. The idea (Bruce Schneier has written about this at length) is that, when somebody applies to get a card, you ask them a bunch of questions of the form ``are you a terrorist?''; if they're able credibly to answer ``no'' to all of them, you give them the card and then they can get through security without having to be subject to random bag checks and whatnot.
Naturally this is fine until one of THE TERRORISTS comes along and lies to all the questions (or tells the truth and is, like the recent London bombers, somebody with little or no background in terrorism, and therefore undetectable to the screeners). Now, since airport security isn't actually any good at detecting terrorists there's not much chance that the less stringent `Clear' channel through security would either, and presumably once a Clear card holder blows up an aeroplane or flies it into a building, the remaining cardholders will find their investment in membership of the programme has declined to zero. (That said, terrorism is pretty rare, so there's every chance this won't happen during the lifetime of the scheme.)
Generally this sort of thing isn't a lot of use; as Schneier says (in virtually every piece he writes, suggesting that this is still an important message),
In general, when you create two paths through security -- an easy path and a hard path -- you invite the bad guys to try and take the easy path.
So, in a way it's nice to see that it's possible to set up a biometric ID card system without being a giant, poorly-run government agency with no clear goal beyond spending a lot of money and trying to make the rest of government hopelessly dependent on the database you build. Equally, the `Clear' card isn't a very good advertisement for the technology. Opponents like me win either way....
So, then, a suggestion for those considering investing in private ID card schemes. Try to stick to manageable goals: goals like this:
Sorry, no holiday photo this time. When I get back from my holiday, maybe. And... you may have seen recent suggestions that Charles Clarke (perhaps skeptical that the ID Cards Bill will make it through Parliament) is now considering getting the EU to impose biometric identity cards as a European requirement; at a slight tangent (but on the same general subject of policy laundering) have a look at this piece by Martin Keegan on current EU attempts to stuff up our right to freedom of association.