Identity Card Bill high on government's agenda

The UK government's high-tech plans for ID cards using biometric technology was announced in the Queen's Speech.

The UK government's high-tech plans for ID cards using biometric technology was announced in the Queen's Speech.

The Queen read the government-written speech, which unveiled plans for 32 proposed laws, including the Identity Cards Bill, to be considered in the newest session of parliament.

The Queen's Speech set out the government's agenda ahead of the next general election, which Prime Minster Tony Blair, is widely expected to call for 5 May 2005.

The legislation proposes a system of ID cards that carry biometric identifiers in an embedded chip, and are linked to a "secure national database" to be created by 2010. Secretary of State for the Home Department David Blunkett proposed the new system last year.

The government is working to make the ID cards compulsory for everyone living in the UK by 2011 or 2012, Blunkett said. The national database will hold personal information for each person carrying the ID card. The information will include name, address and biometric information such as fingerprints, facial scans and iris scans.

Blunkett said that the database is the "crucial part" of the programme and will eventually be linked to the European Union's (EU) proposed registration programme.

The European Commission has produced draft regulations to introduce, by 2005, biometric data (fingerprints and facial images) on visas and resident permits for non-EU nationals. The information would then be stored on national and EU databases that will be accessible through the Visa Information System held on what is called the Schengen Information System.

Ovum analyst Graham Titterington agreed that the database is the key aspect of the system.

"It is quite unique what the UK government is proposing and would be absolutely vast," Titterington said. "A number of European countries such as Belgium and Latvia have ID cards with databases of information, but those are used primarily as an entry to e-services where as the UK plan is primarily about law and order."

Titterington warned that it is unclear how much information or what types of information could eventually be entered into the database, or even who would be given access to the database.

"Just what will be in the database and who can use it needs tying down because already, you are seeing 'function creep' becoming a problem," he said.

Blunkett has repeatedly hailed the biometric ID cards as a powerful weapon in the government's fight against identity fraud, illegal workers, illegal immigration, terrorism and illegal use of government entitlement programmes such as the National Health System. The Queen echoed that sentiment in her speech.

"My government recognises that we live in a time of global uncertainty with an increased threat from international terrorism and organised crime. Measures to extend opportunity will be accompanied by legislation to increase security for all," the Queen said.

"My government will legislate to introduce an identity cards scheme, and will publish proposals to support the continuing fight against terrorism in the UK and elsewhere."

The biometric facial identifiers will first be included in passports beginning next year, and will then "build the base" for the ID card plan and its "clean database", Blunkett said.

But many security experts question whether such a vast database could ever be free of errors.

"By its very nature, a database of that size could never be truly clean. Just in terms of data entry, how do you ensure the accuracy of the data being entered?" Ovum's Titterington said.

Titterington pointed to the UK's police criminal records database, which is known to have built up numerous inaccuracies over the years.

"That is a database of a much smaller scale than the one the government is proposing and it only allows access to law enforcement officials with the highest levels of clearance," Titterington said. "How on earth do you control legitimate access to the ID card database, let alone keep it protected from hackers and terrorists?"

Should the Identity Cards Bill become law, a new agency will incorporate the functions of the UK passport service and begin issuing ID cards from 2008.

Laura Rohde writes for IDG News Service

Read more on IT risk management