Banning the 'I' word

In the excellent Datonomy blog, Roger provides an interesting overview of the definition of ‘Identity’. Arguing that it is about the autonomy of the data subject to control their personal data, he points out that inadequacies in the EU Directive and its local implementation allow many data controllers to ride roughshod over subjects’ wishes when it comes to the handling of sensitive personal data.

‘Identity’ has become one of the most misused and misunderstood concepts in modern government and modern technology. Several years ago we seemed to collectively forget the word’s connections with totalitarian regimes throughout history, and the use of identity systems to police the population in times of crisis – or maybe we felt that we had a new and enduring crisis on our hands – and instead decided that ‘identity’ is aspirational, desirable and achievable. The word has entered common parlance in Whitehall and Westminster, forms part of the functional specification for who-knows-how-many systems, processes and initiatives, has spawned a new marketing approach for companies selling access control systems, and is fast becoming ‘part of the way we do things round here’.

This has to stop. We’re sleepwalking towards the precipice (insert scary metaphor of your choice here) simply because we’ve decided that the ‘I’ word – Identity – is what we aspire to. I don’t object to proving my identity, or owning identification credentials, it’s just that we so rarely ever need to identify ourselves. When does identity become an issue? Solely in establishing a trust relationship between two parties where there is a claim to entitlement and an imbalance of risk: for example, when claiming entitlement to enter the country, and there is so much for the individual to gain that they may make false claims about their identity or submit false credentials; or when opening a bank account or credit card that will allow them to borrow money. In such circumstances where the individual’s assertions about their identity might reasonably be expected to be fraudulent, it is proportionate to use other means to prove who they are – to identify them.

Once that initial identification has taken place, there is no further need for identity. Credentials are issued – a credit card, a digital certificate, a library card etc. – and thereafter the individual simply has to authenticate themselves as the legitimate bearer of the credential in order to obtain their entitlement. Identity processes only kick in again where there are grounds to doubt the legitimacy of the credential or the bearer. Of course there are other circumstances where the need to identify an individual is justifiable, normally in law enforcement and border control if a person can provide no credentials or refuses to disclose any details about themselves. I’m assuming that situation doesn’t arise for most of us on a day-to-day basis.

So why does the word identity get me so riled? Our problem is that policymakers lack the technological vocabulary to accurately describe what is required of a system or process. Under pressure to deliver, they demand a new system or process to identify benefits claimants, to identify underage drinkers, to identify passing cars, when in fact what they want is to check an existing credential, to confirm an attribute, or to bill an individual. Through these poor specifications we are unwittingly building a disproportionate and dystopian database state that in the short term strips autonomy from data subjects, but in the longer term will undermine the state itself: when the identity infrastructure becomes pervasive, errors and failures will become so punitive on the data subjects concerned that life will be unbearable for them.

Take the tragic example of Skhumbuzo Mhlongo, a 22-year old South African who was refused an ID Card because of a bureaucratic error that resulted in officials believing he was not a South African national. Unable to work or claim any form of entitlement, and effectively denied any sort of ‘official’ existence, he ultimately took his life. It would take very few such tragedies to collapse confidence in an identity infrastructure and turn individuals against the State.

My proposal is that we ban the use of the ‘I’ word in any situation where ‘authentication,’ ‘verification,’ ‘binding,’ or similar terms would more accurately describe what needs to be achieved without creating a panopticon to achieve the outcome. In fact, if anyone feels like setting up a website to monitor inappropriate uses of the ‘I’ word by government ministers, that might help to raise awareness – much in the same vein as Private Eye’s monitoring of the word ‘solutions’ (perhaps we could name it after their Colemanballs column – ‘Blunkettballs?’). It is our duty to stamp out inappropriate use of the ‘I’ word, to educate policymakers in a more balanced and descriptive language, and to ‘I’ and publicly ridicule those who believe that ‘I’ is a proportionate and necessary goal for the greater public good.

(Here ends a somewhat grumpy ‘back to school’ rant. Normal slightly irritable service will be resumed tomorrow)

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

Completely agree. The misdirection and muddled thinking you refer to has been helpfully distilled into one handy 28-page document called "Safeguarding Identity", published by HM Government in late June: It purports to be a strategy for how HM Government will build systems that will take control of (or "safeguard", as they term it) personal identity. The Foreword says explicitly "Our ability to provide these services is dependent on our ability to know who everyone is, wherever and whenever they need a service", thus irretrievably muddling identity and authorisation right from the start. The document's definition of "identity" is also revealing. As far as government is concerned, today identity "has at its core a person's name and address", but in future "the core of the information used to prove identity will be biometrics, such as photographs and fingerprints". This is apparently because names and addresses "change, sometimes quite frequently" but biometric data "does not change", is "unique" and "reliable". This is in spite of the only study on biometrics published by HM Government showing 19% false non-match rate for the chosen biometric, fingerprints. See page 11 of: How to identity entities that have no biometrics is never addressed. One important class of such entities is businesses, which merit a single page towards the back of the document, saying that "more work is required to address the specific additional needs of businesses". In short, "authorisation" is not the same as "identity", "identity" is not the same as "biometrics", and biometrics are not "reliable". It's amazing how much confused thinking HM Government can pack into one short document.
Here in the States, we've gone overboard with the notion of needing to identify people, often for no defensible reason. For example I'm in my late 40's and every time I go the corner sore for a bottle of beer, the same clerk who's seen me dozens of times before, asks me to present my ID to prove my age. And it doesn't stop there - whenever I go shopping for anything from a pack or batteries to a pair of socks, AND paying with cash, I am often asked to give out my email address, phone number or ZIP code, which the clerk happily punches into their system and says something along the lines of "Oh you haven't shopped with us for a while. Would you like to apply for a credit card?", or "I can't seem to find you in our system. What is your address?". For the life of my I can't figure out why they need my address to sell me a pair of socks. It's ridiculous.
Unfortunately, a misplaced sense of equality has been one of the (minor) contributing factors to the identity culture - someone has decided that since it could be perceived as unfair to discriminate against those who look like they are underage, it would be fairer to insist that everyone has to prove it. Since the majority of our credentials are stuck in Victorian thinking, we end up having to reveal much more information than is necessary to achieve that proof. As for retailers, the situation is not dissimilar here. Loyalty cards have become so pervasive at major stores that cashiers often express surprise when I tell them I don't have - and don't want - a clubcard, nectar card or whatever scheme it is they operate. There are certain stores that I refuse to use at all because of the ridiculous excuses that cashiers come up with to demand contact details. The last time I went into a PC World, for example, the cashier told me I had to provide my contact details "because of the data protection act". ???