Baroness Scotland helps explain the extent to which the National Identity Register already exists: "We have called the central new database 'the register', but noble Lords will be familiar with the fact that the Passport Office currently has a database. When we include the biometric data that will come from facial recognition and fingerprints, that information will have to be contained on that database. As a result of the demands made on the service, we have now piloted passport validation, a commercial service that will come on stream in 2006. It is demand-led because, even under the current legislation, there has been a demand for that from the business community.
"All of those items are coming anyway, and the passport service will have to provide for them. So if we look at the differences between the service that will be provided now and that which we anticipate will be necessary to be provided in the long term, the differences are not great. I will list them. A database of basic personal information and biometrics exists, and that will continue. An identity document that stores information, including biometrics, is already provided. The ability for banks and other organisations to validate identity documents with consent exists now in pilot form. Disclosure to the police and other agencies of data held on the passport database happens already, and this would include the equivalent audit usage data.
"So what is new? The production of cards as well as passports is new. We do not currently record changes of address, but we propose to do so in the future. The IT infrastructure will be slightly bigger; and the scheme will be enforced; that is, civil penalties, mainly post-compulsion."
You can see the inexorable logic when it's put like that. The database will exist, will include biometrics, and via passports alone will ultimately cover 80 per cent of the UK population. The Passport Service's transformation from a document-centred to a person-centred database positions it as the sole custodian of 'gold standard' identification in the UK, and the inclusion of biometric ID capabilities tying the individual to the identity document produces further potential benefits. When you go down to the bank to prove you exist, the bank can use a reader to associate you with the identity document, and all of the other claimed ID scheme benefits follow from there.
From this kind of perspective the fact that the UKPS ID Register (or, erm, "database", as Baroness Scotland puts it) can only ever cover those in the population who're UK passport holders is clearly anomalous. But if the ID scheme died and the Government nevertheless continues with the approach, and passport-linked biometric ID infrastructure begins to grow through Government and the commercial sector, we can anticipate how the tentacles will grow.
People might start demanding that ID documentation in a more convenient format (Passport Lite?) be issued. And you could envisage other Government departments (DWP, NHS and DVLA being obvious examples) increasingly using the UKPS database systems for the validation of their own existing ID documentation and systems, and dusting off plans to morph driving licences into ID cards, and to produce "entitlement cards".
The House of Lords, rightly, didn't accept that the Government's oft-quoted cost of £584 million for the ID scheme was anything like the total cost, because it's simply the running cost to the Home Office and does not include start-up costs and costs to other departments. But simply blocking ID cards will not necessarily allow us to avoid all of those other costs - they may be incurred more slowly and haphazardly, but they'll still exist.
As Baroness Scotland put it: "If we then look at the future, it would be easy to say, 'If we just put the Identity Cards Bill to one side these costs would not be expended'. As I hope that I have just indicated, that is unlikely because if we consider the way in which biometric data are being used and will be used in the future — the Passport Office is having to provide ID verification more and more now because those demands are being made upon it — we can see that this development will be necessary."
The 'it's coming anyway, so give in' argument has some strength, but we should bear in mind that the arguments that have been deployed against ID cards are equally valid deployed against a more clearly passport-led national identity scheme. The central database is just as vulnerable, the uncontrolled and unregulated linking of Government and private databases is just as invasive, and the underlying thinking is just as flawed. Which is as one should expect, given that the Passport Office plan is, to all intents and purposes, the blueprint, and the ID Cards Bill is a lot about extending the target population and tidying up the legal framework.
What legal framework? Well might you ask.
Sponsored: Ransomware has gone nuclear