The Festival of eID

by David Moss
January 2008

 

Candidates must answer all three questions

We are currently about half way through the European Union's latest five-year plan, i2010. The objective is to promote sustainable growth and jobs throughout the EU.

If you think that the foundation stone of i2010 must, therefore, be education, you're wrong. It's computers: "Differences in economic performances between industrialised countries are largely explained by the level of ICT investment, research, and use, and by the competitiveness of information society and media industries".

EU citizens, companies and governments are to be thoroughly computerised. "Digital convergence requires policy convergence", say the European Commission. That sounds meaningless but it isn't. i2010 is intended to make us "converge", "integrate", "cohere", "standardise" and be "consistent" and "interoperable", by law if necessary, by 2010: "The Commission intends to use all its instruments to foster technologies that communicate, through research, promotion of open standards, support for stakeholder dialogue and, where needed, mandatory instruments".

Citizens and their governments are to communicate electronically. There is an i2010 Action Plan for eGovernment, responsibility for the implementation of which is shared by the Information Society and Media Directorate-General of the European Commission and the IDABC unit of the Informatics Directorate-General. ("IDABC" stands for Interoperable Delivery of European eGovernment Services to public Administrations, Businesses and Citizens.)

If we are to communicate electronically, we need electronic identities (eIDs). In 2003, the Commission produced OSCIE, the open smart card infrastructure for Europe.

OSCIE is a 2,000-page manual specifying how to use smart cards, biometrics and population registers for eGovernment. It is promulgated by IDABC, who pursue the objective of making national eID systems interoperable. We should be able to move, they say, throughout the single European market, from one EU country to another, using the same card to access public services. That requires each country to be able to identify us, and that in turn requires our personal information to be shared across borders.

At the September 2007 Lisbon Conference on eGovernment, EU heads of government unanimously reaffirmed their support for i2010: "Ministers recognise that ... in order to meet the need to exchange information across borders ... Member States shall intensify efforts to achieve cross-border interoperability, the importance of which has already been highlighted in the electronic Identity and eProcurement areas. The objective of achieving interoperability ... will be facilitated by interoperable and mutually authenticated electronic identities and electronic documents".

Question 1: how do the Liberal Democrats reconcile their anti-ID card policy with their pro-EU policy?

One month later, in October 2007, a press release on the EU eGovernment website announced that the UK's Identity and Passport Service (IPS) would be working on Project Stork: "The ultimate goal of the Stork project is to implement an EU-wide interoperable system for the recognition and authentication of eIDs".

IPS are responsible for implementing ID cards in the UK. Their appointment to Project Stork makes good sense.

After the loss by HMRC of 25 million people's personal records was announced in November 2007, David Davis asked the Home Secretary in the House how safe our records would be once they are shared between all 27 EU countries. She hadn't heard of Project Stork and there was no answer.

When stories started to appear in the press, worrying that our personal data was going to be available throughout the EU, this misapprehension was corrected in a letter to several newspapers from James Hall, Chief Executive of IPS: "Project Stork is not about ID cards, has nothing to do with the National Identity Scheme or providing data from the National Identity Register".

Question 2: in that case, why were IPS appointed to work on Project Stork?

We now know that IPS's timetable for the deployment of ID cards has slipped to 2012. ID cards have been promoted in the UK as part of the fight against crime and terrorism. It is not clear whether crime and terrorism will wait another four years for IPS.

Nor is it clear what the European Commission will make of the delay, given our long-standing agreement, going back to the 2005 Manchester Conference, when the UK held the EU Presidency, and reaffirmed only three months ago in Lisbon, to deploy ID cards by 2010 in the name of eGovernment.

Question 3: what will the Commission do? Will they do nothing? Or will they fine us for incompetence? (Remember, they fined DEFRA over late payments to farmers.) Or will they appoint another country's civil service, perhaps Finland's, which has already demonstrated its competence, to deploy ID cards in the UK for us?


David Moss has spent five years campaigning against the Home Office's ID card scheme.

2008 Business Consultancy Services Ltd
on behalf of Dematerialised ID Ltd