NO2ID

I think many people would be happy for the Government to issue them with a card which could be used for authentication, effectively a credit-card sized passport, which could be used when opening a bank account, or buying alcohol (if you otherwise look too young) and similar purposes. What nearly all of us object to is the vast database, the National Identity Register (and of course to the idea that carrying an identity card would be compulsory).

Can anyone point me to discussions of the technical aspects of having officially-issued authentication cards which do not depend upon having a Government database behind them?

I'm sure people have made such proposals in the past, but I didn't bookmark them and now cannot locate them, or any discussions of them.

There have been discussions on the forum on "entitlement cards", such as those issued by local councils. You could use the search function and search for all of those terms.

There have also been discussions about the merits of ID cards without the database, based on local storage of credentials on the card (in a similar fashion to biometric passports) which preclude the need to check a database for validation purposes or to maintain an audit trail of authentication events.

Mobile devices (see http://dematerialisedid.com/ proposed by David Moss who is a very active participant on the forum) could also serve a similar purpose.

The LSE Identity Cards report devoted a whole chapter to the design of such a scheme:

http://is2.lse.ac.uk/IDcard/identityreport.pdf

However, such a design might still imply that everyone has a single, officially-sanctioned identity that they use in all circumstances. In real life, having multiple, distinct "facets" to one's identity which cannot be linked together by third parties is often a Good Thing. See, for instance, the experiences of Lisa Greenwood, who had the "Voter exercising the right of free speech" and "Civil Servant" facets of her identity linked together by her employers (a government department):

http://www.guardian.co.uk/politics/2009 ... lears-liar

Edits: Grammar.

Thanks Andrew, I did read this report when it came out, but didn't print a copy because of its length, and had forgotten that aspect of it. The proposal is in chapter 19, for anyone else interested.




That is a good point, but actually the LSE proposal does say that there might be a capability for multiple authenticated identities. Whether this would solve the problem I'm not sure - need to think about this more.

See also, David Birch's article in Prospect in June 2005

... which discusses such a system as if it were possible within the legal and institutional framework set up by the government - which it most definitely is not. HMG's system was hard-coded to operate in the worst conceivable fashion, as a central, fully accessible, data-sharing index, before a single technical specification had been issued.