Citizen or Subject - the root politics of personal identity?

On Wednesday I was a guest at a conference which brought together delegates from Central Government departments and their would-be suppliers to discuss Identity and Information issues. There was a common assumption among the delegates that it was a self evident truth that we all need coherent electronic identities within frameworks regulated by government


They could not believe the politicians were serious in thinking that citizens should “own” their  own personal data. It is unclear whether they thought they would come to their senses after they were elected, that this would not preclude them from holding copies “in the public interest” and that they wcouold regulate and control the systems used.  

This caused me to look up a paper I wrote five years ago on the politics of personal identity. That paper in turn harked back to work I did for IMIS, the UK-based but international professional body for Information Systems Mangers on a submission to Michael Howard’s consultation on proposals to introduce a voluntary national ID card. They thought ID cards were no big deal provided no-one assumed they were anything more than a low credibility residents’ card.

The world may have “changed” on 9/11 when the United States discovered global terrorism in the most horribly public way. But the politics of personal identity did not: only the arguments used by those who view us a subjects, not citizens. Now that balance is swinging back.


We still have growing pressures from those who want us to transact on-line for forms of identity that meet their needs. We are ourselves demanding more efficient joined-up services from the public sector. Meanwhile we see ever more evidence that centrally held files of personal information, whether public or private, will be systematically raided or abused unless well managed.


But the fundamental arguments go back millennia, not just years or decades.


The new means of recording identity may, or may not, work but they have to be operated by analogue mammals whose standards of behaviour have changed little since writing first evolved in the deltas of the Euphrates (Iraq) and Yangtse (China), over five millennia ago. The oldest known writing looks suspiciously like a tax tariff for dealings in a cattle and grain market. The holy books of the monotheistic religions (Judaism, Christianity and Islam) contain many references to censuses, taxes and the means of identifying those who are to be respected. The teachings of Buddha and Confucius build on the wisdom of even older civilisations that nothing was inevitable save death and taxes. Even the most primitive tribes have the wisdom to distrust strangers who take their picture or ask their name.


Today the first priority of our rulers is still to record their subjects and tax anything (or anyone) that moves or dies in their realm. Meanwhile the only identity tokens their subjects value and respect are those which give credit in the market place. That market place is, however, increasingly international and electronic with ordinary citizens, not just merchants and their agents, expecting to transact with strangers on the far side of the world.


In consequence we have a tension between rulers, seeking to create and control local, national and regional identity tokens and their subjects who want a variety of tokens according to whether they wish to obtain products and services locally or internationally without paying cash. We also have a tension between those who want high reliability (to prevent possible terrorists boarding an airliner) and those frightened of being mugged on the way to the library or post office and having their identity stolen. From Brixton (South London) to Bogota (Colombia) no ordinary citizen carries more cash or ID than they really need.


We have public debates in the United Kingdom (over ID cards), in Europe (over an EU-wide health card) and in the United States (over the identification of airline passengers and Federal access to nationally collated identity and transaction files). All assume that technologies will work and inter-operate. Meanwhile we have a long trail of failed systems, fraud and lack of operational inter-operability. And there is no sign that the current generation of systems developers, let alone the public servants and outsource contractors who are to operate and use the new systems, is any more (or less) competent and honest than those who went before.


I blogged on Liam Maxwell‘s paper, “It’s Ours: why we not government must own our data” when it first came out. It is a great read but begs the question as to why we should trust Google or Microsoft any more than Central Government – other than that their motives are more honest: they “only” want to know about us so as to better target advertising spend money. They don’t want to tax us or take our children to fight for them.


No wonder Central Government and its would-be suppliers, many of whom also wish to sell to Google, find it so difficult to engage in debate with those who see no need to be electronically tagged at all, let alone for those tags to be centrally indexed.


Our policy makers appear to have learned little and forgotten much. On Toesday I aim to revisit these issues in a more positive light – how do we find a win-win way forward



Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

Keep up the good work Philip!

One difficulty is the choice of words we use. If you think hard about it, there are relatively few cases where "identity" is needed.

The derivation of the word "identity" itself implies a linkage between two sets of claims or credentials, such as establishing you are talking about the same person.

Instead, many of the needs of the government / state actually require an "authorisation credential" or a "claims credential". A driving licence doesn't _need_ your name and address for most purposes, instead it needs to show that you are authorised by the state to drive, that you are the same person who that authorisation applies to (often by photo), and hopefully that the person who took the driving test is the same person who has that authorisation now.

For buying and selling, the transaction only really needs a guarantee that it will successfully complete, such as a bank claim that the card-bearer is of good credit; or occasionally a way of providing redress from a failed transaction. And it's often convenient to be able to delegate such a guarantee.

Even taxation only really needs that "identity" if you have more than one source of taxable income, and even then it doesn't _need_ to include your name and address, some other common "identifier" would suffice.

Anti-terrorist activities might need some identity linkages, when correlating diverse sources of information. But I suspect such activities rarely have certainty of identity, but are forced to work with probabilities.

I'd be interested in counter-examples, when it is truly necessary, rather than just convenient, to have some "identity token" and an "authorisation token" won't suffice.

To show where this might lead, consider the handling of credit-card data. One approach to the PCI data protection regulations is "tokenisation", where the card number is replaced by a semi-random token. That token only has meaning within the system; if it is "stolen" or copied, it can't be used elsewhere.

A similar approach could be taken with personal information, tokenising it within any one system, so it can't be used by other systems, at least without explicitly authorised translation or decryption back to the un-tokenised value.

So our health record might be stored by Google, but could not be used or linked back to an individual without the provision of an authorisation token.