User Requirements 1: Who is the Client?
When I have had the time to look around the Intertubes thingy looking for information about identity management, government identification schemes, risk management and related topics, I do not find much information regarding the goals of government.
Can you help me on this, please? Here in the UK, where the issue had multiple triggers (terrorism, illegal immigration, benefits fraud, rebuild of the NHS, need to address U.S. passport protocols), it is particularly difficult to find a list of what they want the end product to do.
If someone can point me to a statement or article that defines the user requirements for a large, centralized database of information about all UK residents, that might be a clue as to what the real goals might be.
But I suspect that might be difficult to lay hands on, in part because I imagine that the various departments are institutionally incapable of communicating this information with each other.
So, as I am still quite an agnostic on this issue, I will try and list what I would want an integrated multi-purpose citizen identification programme to be able to do. I hope then (with your help) to unpack the requirements for analysis of feasibility, cost, risk to client, risk to user.
The first issue is there would be multiple clients. The Home Office, which is now two, one dealing with what is loosely termed homeland security issues and another dealing with the criminal justice issue. I think it might be easier to list sub-units who may piggyback requirements onto an original specification.
Client list:
HMRC: Assist in identifying illegal immigrants.
Prison and probation: Assist in monitoring parolees
Criminal justice: Assist in detecting fraud, particularly relating to benefits
Job Centre: As in criminal justice
DWP: Assist in pension administration
MOT: Assist in administration, identify uninsured drivers
DOH: Assist NHS NPfIT in joining up transmission of patient records, reducing medical error
Then there are indirect stakeholders, who don’t have specific citizen information requirements, but would greatly benefit from access to a completed database:
MI5 and MI6
Police departments
Crown Prosecution Service
The other half of HMRC–the part that deals with taxes
SOCA
Who am I leaving out?
When this list has been vetted, we will try and compile a list of user requirements for each.
We will then begin the merry task of seeing if one system is feasible at the level of accuracy needed. I think that only then can we estimate the threat level to civil liberties. Notice I am not saying a word about cost. The price of a system means nothing in and of itself. If we have a clear idea of benefits and potential savings, we can put a price tag into perspective.
But looking at the list, I think one term will be paramount in any bid specification document–the ability to fail gracefully.
June 8th, 2007 at 8:00 am
The Appendix of this benchmarking and capacity planning paper produced by Capacitas might provide some guidance: http://www.capacitas.co.uk/research/download.php?fn=Sizing%20the%20UK%20Identity%20Card%20System%20Summary.pdf
Business Driver
Prescription exemptions
GP Visits
International Air Passenger Numbers
Parcel/Package collections from Royal Mail/Parcelforce
Domestic Air Passenger Numbers
International Ferry Passenger Numbers
In patient episodes
Channel Tunnel Passenger Numbers
ISA applications
Passport applications
Tax credit applications
Insurance claims
Checks by the police & security services
Changes to ID card security information
Credit card applications
Bank account applications
Domestic Ferry Passenger Numbers
Mortgage applications
Housing benefit applications
Council tax benefit applications
Address changes
Lost, stolen, destroyed cards
Checks by the Criminal Records Bureau
Starting new job
Job Seeker Benefit Applications
Criminal arrests
Loan applications
Income support applications
Child benefit applications
New ID card applicants from UK citizens
Children enrolment to School
Incapacity benefit applications
DLA benefit applications
Driving licence approval
Deaths
New ID card applicants from non-UK citizens
Entitlement to remain decisions
Update the biometric information for existing card holders
Pension credit applications
Marriages
Private pension applications
Divorces
Police stop & search
June 8th, 2007 at 8:34 am
Okay, that’s a more interesting list than mine. What should I look at after lunch?
June 10th, 2007 at 12:21 am
*Ahem*
If it’s my ID/personal information that’s going to be mucked with then I’d want to see “the citizen/individual” at the top of the list!
One of the Home Office/government’s major problems is that it is culturally incapable of conceiving things this way - which might go some way towards explaining the embarrassing lack of genuine citizen benefits within its proposed scheme. If the primary purpose of an ID is, in fact, to service public/private sector ‘clients’ and the people whose data is actually being used/stored/processed/passed around don’t figure meaningfully in your list then I submit that you are misconceiving the entire system.
If this thing is not first and foremost for ME, then why the hell should I have one? Much less have one imposed on me…