Government identity banks start to take shape

Editor in chief

Here’s a story that’s going to run and run – and one I predict will start to make national news headlines once its significance sinks in to the consumer press.

As part of its plans to create a national identity assurance scheme for online public services, the government is proposing to establish a market for our personal data, to be used as a means of confirming that we are who we say we are when dealing electronically with government.

I have to say that I think it’s exactly the right way to go – when the coalition scrapped ID cards last year, I wrote on this blog that the way forward could be the creation of identity banks, and this latest move looks at first sight to be a big step in that direction.

The concept is relatively simple – since our personal data is an increasingly valuable currency, why not set up a network of identity banks, in the same way we have a network of money banks.

But even if the concept is simple, the delivery will be anything but.

Technically, it’s likely to be feasible – there will be difficulties of course, but it can be done. The big challenges will be commercial and legal – not to mention the perceptions that might be created by allowing organisations like banks or the Post Office to act as a repository for our most sensitive identity information.

Jerry Fishenden, an advisor to the House of Commons on the government IT inquiry and former chief technologist at Microsoft UK, pointed out to me via Twitter that we’ve been here before – see this story from 2000 on a previous attempt by government to work with industry on secure identity assurance online, one that ended in failure two years later.

There is little doubt this will be a controversial move, but I hope this is one new policy the coalition doesn’t backtrack on. Get this right, and the UK has a secure infrastructure for ID-assured online public services. With that in place, you can be sure that private sector e-commerce players will want to be the same game, and this soon becomes a national electronic identity system – one that avoids the Big Brother nature of identity cards, and helps to minimise or eliminate identity theft.

Of course it also risks establishing the perfect target for hackers – Sony’s experience with the Playstation Network hack shows the dangers of holding large quantities of sensitive data in one place. But while security is a risk, it shouldn’t be a showstopper if it is designed in from the start.

Watch this story – it’s going to be big.