The Home Office hid the parlous state of its Identity Card Scheme from the public by withholding publication of a report by the project's oversight board in the run up to the 2010 general election.
The Home Office slipped out the final report of the Independent Scheme Advisory Panel (ISAP) this week, more than a year after it was written. The ostensibly independent report, which reveals how the ID system had been compromised by poor design and management, was submitted to the Home Office in December 2009. It was modified on 4 January this year by people unknown, before finally being published on the Home Office web site.
The report repeated the same warnings ISAP had given the Home Office every year since the system blueprint was published in December 2006 by Liam Byrne and Joan Ryan, then Home Office Ministers, and James Hall, then head of the Identity and Passport Service (IPS).
The key elements of the ID scheme's feasibility were still being clarified, nearly four years after it was approved by an act of parliament. Foremost among them were inadequate data security precautions and the threat posed by the systems' complexity.
The ID system specifications had not been completed, said the report. Doubts remained about what benefit the government aimed to get from ID cards. Clarifying what ID cards were for might mean yet further specification changes. Yet the project was already troubled by too many variables.
Alan Hughes, ISAP chair and non-executive IPS director, said, "The combination of multiple suppliers, multiple government departments and agencies ... together with the sheer volume of change planned could make the schedule ... unmanageable; particularly so as more detail of requirements is understood.
"The panel considers this complexity is a threat to the success of the programme, of cost escalation and delivery of the full capability."
The scheme's suppliers had been inundated with change requests, the infamous contractual adjustments that derive from poorly specified systems and widely blamed for the financial, organisational and technical failure of large computer systems.
The contractual arrangements were also insecure, suppliers were using different development methodologies and the IPS was restructuring.