Government identity banks start to take shape

Here’s a story that’s going to run and run – and one I predict will start to make national news headlines once its significance sinks in to the consumer press.

As part of its plans to create a national identity assurance scheme for online public services, the government is proposing to establish a market for our personal data, to be used as a means of confirming that we are who we say we are when dealing electronically with government.

I have to say that I think it’s exactly the right way to go – when the coalition scrapped ID cards last year, I wrote on this blog that the way forward could be the creation of identity banks, and this latest move looks at first sight to be a big step in that direction.

The concept is relatively simple – since our personal data is an increasingly valuable currency, why not set up a network of identity banks, in the same way we have a network of money banks.

But even if the concept is simple, the delivery will be anything but.

Technically, it’s likely to be feasible – there will be difficulties of course, but it can be done. The big challenges will be commercial and legal – not to mention the perceptions that might be created by allowing organisations like banks or the Post Office to act as a repository for our most sensitive identity information.

Jerry Fishenden, an advisor to the House of Commons on the government IT inquiry and former chief technologist at Microsoft UK, pointed out to me via Twitter that we’ve been here before – see this story from 2000 on a previous attempt by government to work with industry on secure identity assurance online, one that ended in failure two years later.

There is little doubt this will be a controversial move, but I hope this is one new policy the coalition doesn’t backtrack on. Get this right, and the UK has a secure infrastructure for ID-assured online public services. With that in place, you can be sure that private sector e-commerce players will want to be the same game, and this soon becomes a national electronic identity system – one that avoids the Big Brother nature of identity cards, and helps to minimise or eliminate identity theft.

Of course it also risks establishing the perfect target for hackers – Sony’s experience with the Playstation Network hack shows the dangers of holding large quantities of sensitive data in one place. But while security is a risk, it shouldn’t be a showstopper if it is designed in from the start.

Watch this story – it’s going to be big.

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

PAOGA recognised that Privacy over individuals Personal Information was a big issue some years ago but it took the Financial Market meltdown and Government Expenses scandal for the market to realise the value of Trust in business.
This has been exacerbated by increasing revelations of Government and Private Organisations being hacked and stolen resulting in the Information Commissioner, Christopher Graham, announcing in January 2011 that "80% of people are concerned about their personal details online".
It is crucial for any Trusted Relationship to begin with verification of the participants, individuals and organisations. Added value can be provided by further verifying appropriate claims and documents with transactions and digitally signed agreements being securely encrypted, stored and time-stamped, accessible to the participants WITH LEGAL CERTAINTY in the case of subsequent dispute.
The 'honeypot' issue is addressed by using uniquely encrypted Personal Data Lockers - designed in from the start.