Home Office documents laying out what is probably late-2007 thinking on ID cards have been leaking to the press. Here (PDF) you will find a complete version of a document analyzing options, with extensive No2ID annotation. Interesting reading for those here, and not just because it’s worth understanding how the government is thinking about ID cards these days. The kind of thinking embodied in this document is, I think, a significant reason why citizens do not trust government.

wg

“A security breach affecting an unknown number of Canadian citizens came to light last week in the Canadian province of Newfoundland and Labrador when a consultant for the Provincial Public Health Laboratory took a laptop containing patient health information home. The consultant was contacted by a person who identified himself as a representative of a computer security company and who claimed that he was able to access to data on the laptop through the consultant’s home Internet connection.”

…”The exposed information includes names, Medical Care Plan numbers, age, sex, physician and test results for infectious diseases, including HIV and hepatitis.”

In a related news story…. “Trust is fundamental to the effective management of security and privacy in the public realm. Surprised? “Results from a ground-breaking pan-European study show that when it comes to security and identity in electronic public services, trust is a critical issue for European eGovernment. Given recent negative press stories about the security risks associated with personal data on social networking sites such as Facebook, and recent events in the UK where the personal details of some 25 million citizens appear to have been lost, this paper comes as a timely reminder about the need to manage trust and security effectively.” …”The cc:eGov study has identified exceptional good practice in Europe, for example in Estonia where an integrated ID card provides access to public and private services. However, the Estonian Government is rigorous and thorough in its protection of citizens’ data, to the extent where sustained cyber attacks on their systems earlier this year did not result in a breach of security. The trust of citizens was therefore reinforced.”

The iconoclastic Tim Worstall starts the ball rolling here, and refers us to Ben Goldacre’s Guardian column here: “But it’s not. The leak last week wasn’t because of unauthorised access, it couldn’t have been stopped with biometrics; it happened because of authorised access which was managed with a contemptible, cavalier incompetence. The damaging repercussions for 25 million people will not be ameliorated by biometrics.

So will biometrics prevent ID theft? Well, it might make it more difficult for you to prove your innocence. And once your fingerprints are stolen, they are harder to replace than your pin number. But here’s the final nail in the coffin. Your fingerprint data will be stored in your passport or ID card as a series of numbers, called the “minutiae template”. In the new biometric passport with its wireless chip, remember, all your data can be read and decrypted with a device near you, but not touching you.”

Ben Goldacre also has a piece here that refers to an academic paper enchantingly titled “Impact of Artificial “Gummy” Fingers on Fingerprint Systems” by Tsutomu Matsumoto, Hiroyuki Matsumoto, Koji Yamada, and Satoshi Hoshino of the University of Yokohama. “This paper reports that gummy fingers, namely artificial fingers that are easily made of cheap and readily available gelatin, were accepted by extremely high rates by 11 particular fingerprint devices with optical or capacitive sensors. We have used the molds, which we made by pressing our live fingers against them or by processing fingerprint images from prints on glass surfaces, etc. We describe how to make the molds, and then show that the gummy fingers, which are made with these molds, can fool the fingerprint devices.”

Here’s the story on the day after…

I have said this before on this blog. There are countries where a national identification card is completely non-controversial. There are possible benefits to society from a well run and properly managed system.

But in my heart of hearts I do not believe that this country’s government (and I do not distinguish between political party here) is capable of building and operating an ID management system at this point in time without disastrous consequences to information assurance.

Via Kable, “Home Office minister Meg Hillier has insisted on the need to debate the future of the National DNA Database. Responding to parliamentary questions from two Conservative MPs on 15 October 2007, Hillier said the growth of the database, which now holds records of more than 4m people, has made a debate on its future development necessary.”

Benefits to society so far: “Hillier claimed that the database had been used to solve 452 homicides, 644 rapes and more than 8,000 domestic burglaries.”

Example of possible downsides: Tory MP Stephen Crabb “highlighted the case of 75 year old Geoffrey Orchard, who was wrongfully arrested and received a written apology from the police, but who remains unable to get his DNA information removed from the system.”

So let’s have the debate. I suggest on the BBC (they may be looking for cheap programming these days). Let’s by all means have some of the great and the good participate. But let’s also have some of the Awkward Squad and some ordinary citizens as well.

I suppose I should pretend I did all the research that produces the following, but I just opened the email from Bruce Schneier’s Cryptogram. If you’re serious about these issues (and why else would you be reading this?), click here to subscribe.

Quotes from this issue:

“Although it’s most commonly called a worm, Storm is really more: a worm,
a Trojan horse and a bot all rolled into one. It’s also the most
successful example we have of a new breed of worm, and I’ve seen
estimates that between 1 million and 50 million computers have been
infected worldwide.”

UK Police Can Now Demand Encryption Keys: “Cambridge University security expert Richard Clayton said in May of
2006 that such laws would only encourage businesses to house their
cryptography operations out of the reach of UK investigators,
potentially harming the country’s economy. ‘The controversy here [lies
in] seizing keys, not in forcing people to decrypt. The power to seize
encryption keys is spooking big business, ‘ Clayton said.

“‘The notion that international bankers would be wary of bringing master
keys into UK if they could be seized as part of legitimate police
operations, or by a corrupt chief constable, has quite a lot of
traction,’ he added. ‘With the appropriate paperwork, keys can be
seized. If you’re an international banker you’ll plonk your headquarters
in Zurich.’”

“Microsoft updates both XP and Vista without user permission or
notification. Microsoft can do this; that’s just stupid company stuff.
But what’s to stop anyone else from using Microsoft’s stealth remote
install capability to put anything onto anyone’s computer? How long
before some smart hacker exploits this, and then writes a program that
will allow all the dumb hackers to do it? ”

London’s 10,000 security cameras don’t reduce crime:
http://www.thisislondon.co.uk/news/article-23412867-details/Tens+of+thousands+of+CCTV+cameras%2C+yet+80%25+of+crime+unsolved/article.do
or http://tinyurl.com/286pab
This is a follow-up to a 2005 article:
http://www.thisislondon.co.uk/news/article-16856213-details/CCTV+’does+not+stop+crime’/article.do
or http://tinyurl.com/2tfjyf

Just go and subscribe, or read them on his weblog.

Happy Sunday morning to you all! Grab your tea and hit the links! (No, I’m not talking about golf…)

* ALDE wants patients to have access to medical care outside their home country (if in EU). Admirable. How will countries co-operate in providing patient records if this happens?

* Via Kable: Citizens are being excluded from e-government services because they don’t have the right software, an MP has warned. Liberal Democrat MP Dr John Pugh believes that the government is unwittingly creating a Microsoft monopoly in its delivery of online services because, in many cases, the public can only access them by using the US company’s Windows software. Speaking to GC News on 10 October 2007, Dr Pugh said: “Why can a Mac user not be able to apply for benefits online?”
“If a company built a road down which only a Ford car could go, there would be an outcry.”

* Also via Kable: “Patients and clinicians will be involved in an assessment of how access control technology can help the health service in Wales. Informing Healthcare, the multi-million pound programme to modernise health services across Wales, is to trial gateway technology to support its online patient services. ‘The aim is find out whether it can be used to ensure that the patient is ‘authenticated’ in both a secure and usable way so that they can access personal health services online,’ a spokesperson for Informing Healthcare told GC News on 11 October 2007.” Hope they report the results promptly.

* Kable again: “Passengers entering the UK are having their fingerprints checked against government records in a new trial at London’s Gatwick airport. The BioDev trial at Gatwick’s north terminal is part of a complete overhaul of the UK’s border security systems. Compulsory fingerprinting is now part of the UK visa application process in more than 100 countries worldwide.”

More later, I hope. Now back to your regularly scheduled orange juice.

“The General Register Office, which oversees the registration of births and deaths, is to become part of the Identity and Passport Service in a move that is likely to see sharply increased data sharing between the two bodies.”

This is, or should be, the story of the week.

“The government plans to give IPS staff online access to births and deaths information which could be cross checked with ID card or passport applications. Data sharing between the two bodies was given a legal basis in July by an order made under section 38 of the Identity Cards Act.”

In the story linked to above, Phil Booth of No2ID makes the badly needed points, and I doubt if he’ll mind if he’s quoted at length:

“But Phil Booth, national coordinator of the No2ID campaign monitoring the government’s ID card and data sharing plans, described the merger as “chilling.”

It was “deeply worrying” that the GRO, a “formerly independent agency should be subsumed in this way, with no debate and for no apparent reason other than bureaucratic convenience,’ he said.

Birth and death dates might form part of an individual’s official identity, but register offices also recorded other information such as details about parents, Booth pointed out.

“The ID program is insinuating itself deeper and deeper into people’s lives. This is not so much ‘feature creep’ as a blatant land-grab of personal identity.

“That an agency which until a little over a year ago was limited to issuing passports is now grabbing control of citizen data from cradle to grave, and openly talks about ‘registration of life events,’ confirms what NO2ID has said all along. It’s not about ID cards, but the creation of a detailed, lifelong government dossier on every person,” Booth said.

He added “And that this sits in the dysfunctional and acquisitive culture of the Home Office should certainly make people think twice.”

I should have been in Boston this week for a conference on wearable computing. The story details half a dozen applications well on their way to market, and a quick look at the conference agenda shows they talked about all the right subjects.

“BOSTON - From clothes riddled with sensors to name tags that detect our moods, computing’s next wave could unleash small devices that increasingly augment everyday activities with digital intelligence.” However, the key quote is at the end of the article: “The idea,” he said, “is to wear your remote, not to carry it.”

Wearable computing is important as it advances the concept of pervasive computing. Pervasive computing has real potential impacts on information assurance as it may multiply the number of nodes connected to a network, contribute greatly to network traffic, involve the constant transmission of data which may be sensitive (especially when combined with other data streams), and produce an unhealthy desire to increase monitoring of personal behaviour already far too evident in UK government. More about wearable computing can be found here.

It has wider implications for UK government, as it will enable services (many yet to be created, some that are currently delivered in other ways) that governments could rationally be expected to supply citizens.

Progress in wearable computing seemed stalled for a few years. It’s back.

Via Kable, I learn that “A group of MPs has recommended that a senior official be appointed to lead a coordinated approach to tackle identity fraud. The All Party Identity Fraud Group published a report on 6 October 2007 calling on the government to appoint an identity fraud tsar. It says this would ensure a joined up approach to tackling the problem by creating a single point of contact across government, the police and private sector. In the last two years there have been three ministers with responsibility for identity fraud, and the group believes this has undermined efforts to create a coordinated approach to the threat. The report sees the secure sharing of data between the government and the private sector as a key way to tackle identity fraud, and suggests that a central shared database could be set up to allow financial institutions to verify identities and quickly establish cases of deceased fraud.”

Okay–government involved: check. Single government point of contact–er, check? (Kind of a big government…). Private industry involved: Check.

Er, excuse me? If you don’t involve the citizen you will not resolve the issue.