According to Blair, "at the moment if you want to get your medical records online, you can't because of worries over identity. You would be able to do that" with an ID card, he said. He failed to explain how you would be able to do that, but his bringing the subject up suggests that the Government is considering tying online health record access to ID cards. Without further development specifically aimed at online identification, the ID card at them moment would have to use a PIN, and is about as secure as a credit card (or less so - if you're going to have a card stolen, which would you prefer, ID card or credit card?).
The contribution of private industry, Clarke's "other sources", is less clear, and during last week's debate Clarke, stressing that information on the NIR would not be for sale, placed limits on what could be done. "With the consent of the identity card holder - I emphasise that - banks or other approved businesses will be able to verify identity by checking an ID card against the national identity register," he said. "That would mainly involve confirming that the card is valid and has not been reported lost or stolen, and that the information shown on it is correct. The card holder's biometric details may also - with the card holder's consent - be confirmed against those held on the register."
These are not however limitations that need greatly impact the ID scheme's ability to make money from the private sector. If NIR checks prove valuable for, say, financial service providers, then they will require customers to give them permission in their application forms. And ultimately the service providers may not have a choice. The Government has stated at various times that it feels ID card reading capability could be built into future generations of credit card reader and ATM.
This is not a prospect likely to attract the banks and credit card companies right now, because from their point of view the current chip and pin system provides an adequate balance of convenience and security, and ID cards would simply introduce an extra complication. A simple local check of the validity of the card wouldn't establish the bearer's identity (it could be somebody else's credit and ID card and might convey a false sense of security to retailers), while online checks of biometrics would likely lead to false refusals, and thus reduced trade (and at the ATM, could raise the prospect of severed fingers).
But although the financial and retail sector is not going to volunteer for ID cards, there are areas where it could plausibly be volunteered. ID theft, which in this case is largely what we used to call credit card fraud, impacts on the individuals whose card/identity is stolen far more than it does on the credit card companies, so the public's concerns about ID theft could be harnessed to impose proof of ID requirements on the credit card industry. And once ID cards exist and are widely carried, the Blunkett principle that they constitute a simple and secure method for establishing ID, and therefore there's no excuse not to demand them, might be extended to retail. A legal requirement for proof of ID for transactions over a certain value could be implemented in the name of combating card fraud.
Not all of this will happen immediately, but the pressing and growing need to finance the ID scheme while keeping the cost of the card down to politically acceptable levels will mean that the Government will strive hard to establish revenue sources early on in the scheme. From the point of view of the individual, though, a card cost of 'only' £30 will be nothing to cheer about.
Other costs incurred by Government will be paid for via direct transaction charges and taxation, while the involuntary contributions made by industry will be passed on to the consumer. Economically speaking, if the ID scheme does not deliver savings and efficiencies to match its overall cost (which could quite easily exceed £20 billion), then we will be sucking a huge amount of money that would have been better spent on wealth creation out of the economy. 'Only' £30 indeed...
Clarkewatch: In his ongoing suicide mission (he's a sort of suicide bullshitter) to 'prove' that Government IT projects are not pants, and do in fact deliver the goods, Clarke used the Passport Office, which is now apparently delivering something close to what one might call a service, as an example. And then he cited the successful rollout of chip and pin. We could point that the latter, a networked megaproject, was carried out by private industry, but you no doubt spotted that yourself. What interests us more, however, is that on previous outings for the suicide mission Clarke had trotted out Airwave, the 'on time, on budget' secure digital communications system for the UK police.
At the time we thought it a little cheeky to claim a system that had severe rollout problems and remained crap at data as a successful IT project, and as Clarke's dropped this from his list of achievements it's possible somebody has had a word. However, evidence that Airwave remains crap at data is provided by Northamptonshire police's pilot of mobile fingerprint readers in conjunction with Automatic Number Plate Recognition (ANPR) systems.
Here, if your number plate leads police to make further enquiries, they ask you to 'voluntarily' undergo a fingerprint check against the police database using mobile fingerprint recognition. The systems Northampton deployed, however, used, er, GPRS. But there seem to have been a few problems anyway... Clarke, in any event, can't even get the message across to the rest of the Cabinet. Surveying the wreckage of the new environmental stewardship scheme, Environment Secretary Margaret Beckett says: "Tell me an IT scheme in the Government or the private sector that has been introduced without problems." Oops.
Sponsored: Ransomware has gone nuclear