NO2ID

NO2ID

NO2ID's ID Card & Database State Online Discussion Forum
 
It is currently Sun, 20 Apr 2014 08:14:32 +0000

All times are UTC




Post new topic Reply to topic  [ 13 posts ] 
Author Message
 Post subject: IT Pro: Make ID cards local, says think-tank
PostPosted: Fri, 17 Aug 2007 16:45:34 +0000 
Quote:
The New Local Government Network has released a report suggesting local smartcards could be a more secure and less expensive alternative to the national identity card scheme.



Quote:
It would be cheaper, more secure and better for citizens if identity cards were run locally rather than nationally, a think-tank has argued.

The New Local Government Network (NLGN) has released a white paper suggesting local councils create a local ID card or "entitlement" card to be used for accessing public services, authenticating identity and paying for small purchases. Such a card could take the place of the embattled national identity card scheme, for less money while offering better ID safeguards, the report argued.



Here we go again - ID cards through the back door.



http://www.itpro.co.uk/internet/news/122931/make-id-cards-local-says-thinktank.html


Report this post
Top
  
Reply with quote  
 Post subject:
PostPosted: Fri, 17 Aug 2007 17:36:56 +0000 
Some places already have these; my local authority, for example, has it's wretched "SmartCities" card.

As I've mentioned before, a few years ago this white elephant was a failure; no one wanted them and the card readers didn;t work.

But it didn;t go away. No indeed. Instead, they have replaced the Pensioner's Bus Pass with the thing, effectively forcing a large section of the city's populace to eithe rhave one or forego free travel.

It also functions as a library card, organ donor card, etc.

Mind you, it took nearly nine months for it to work as a library card, because the library computer systems didn;t work with it.

Why would anyone want a card provided by the local authority to pay for things? Sorry, don;t most people have credit cards, debit cards, or cash?

I find it bizarre that anyone with an ounce of sense would think that such an "omnicard" is anything but a bad idea.


Report this post
Top
  
Reply with quote  
 Post subject:
PostPosted: Sat, 18 Aug 2007 07:08:32 +0000 
Offline
Moderator

Joined: Fri, 20 Jul 2007 14:56:11 +0000
Posts: 1948
At first, when I saw this referred to as an entitlement card I thought it might be a good thing. Sadly I was wrong: it's also going to be used for identification.

Another thing caught my eye from the article:
Quote:
But no key information would be held on the card, adding an extra step of security.

I would rather it was held on the card than in a honking great database. If it's on a card then authentication and authorisation wouldn't require access to a central database, where it could be audited, tracked and inferences made. Instead, each service provider would check the card but a large scale tracking exercise would require a great deal more effort and co-operation between the service providers.


Report this post
Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Sat, 18 Aug 2007 15:18:13 +0000 
Offline
A-List
A-List

Joined: Sat, 07 Apr 2007 10:29:05 +0000
Posts: 2855
No2ID rightly protects its status as a single issue pressure group. Rightly, because it is very hard to master all the details of one issue, let alone several.

The NLGN paper which is the subject of this thread is written by one Dr Victoria Barbary. Something to do with her marvellous name, I decided to dig a bit deeper and found that she published:Re-offending, health commissioning and ID are three huge topics to master.

She may be spreading herself too thinly. There are 7 occurrences of the word "therefore" in her ID paper and 8 of the word "thus" not one of which is justified in 13 pages of breathless question-begging jargon and cliché which begin by advocating local solutions and end by arguing for a national one.

This paper need not detain No2ID for long.

God help the re-offenders and the PCTs.

_________________
http://DematerialisedID.com
http://DMossEsq.com


Report this post
Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Sat, 18 Aug 2007 16:04:28 +0000 
Offline
Moderator

Joined: Tue, 18 Jan 2005 14:56:20 +0000
Posts: 5210
Location: Glasgow
The phrase ad hominem springs to mind. A detailed point by point rebuttal might be more useful.

Questions that we certainly should be addressing are:
    - what are the disadvantages to councils of citizens accounts?
    - what disadvantages do citizens accounts pose for residents?
    - how can we persuade councillors and council managers of the importance of data privacy?

_________________
Geraint.
3085 D1DD B2A8 15ED 492F E75D 7175 7737 9D10 98D3 - Fingerprint


Report this post
Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Sat, 18 Aug 2007 16:27:02 +0000 
Offline
A-List
A-List

Joined: Sat, 07 Apr 2007 10:29:05 +0000
Posts: 2855
Geraint wrote:
Questions that we certainly should be addressing are:
    - what are the disadvantages to councils of citizens accounts?
    - what disadvantages do citizens accounts pose for residents?
    - how can we persuade councillors and council managers of the importance of data privacy?

The arguments we use -- and which you use particularly well -- against the national scheme are a good place to start.

_________________
http://DematerialisedID.com
http://DMossEsq.com


Report this post
Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon, 20 Aug 2007 13:58:20 +0000 
Offline
A-List
A-List

Joined: Sat, 07 Apr 2007 10:29:05 +0000
Posts: 2855
Geraint wrote:
The phrase ad hominem springs to mind. A detailed point by point rebuttal might be more useful.

When I wrote
Quote:
The arguments we use -- and which you use particularly well -- against the national scheme are a good place to start.
that was ad hominem.

To write:
Quote:
There are 7 occurrences of the word "therefore" in her ID paper and 8 of the word "thus" not one of which is justified in 13 pages of breathless question-begging jargon and cliché which begin by advocating local solutions and end by arguing for a national one.
on the other hand, is not, I think, ad hominem.

Whichever, it is not a "point by point rebuttal". To which I now turn. If you will permit me, I am going to cover only Section 1 of the report for the moment.

The NLGN paper begins by arguing in favour of identity management at the local level as opposed to national:
Quote:
We believe that, in order to create a valuable identity-management framework, it is important to take a citizen-centred approach. A central question should not be why government needs a universal form of identification, but what benefits it would give to citizens. Since 80 per cent of the public’s contact with the State is through local authorities, individuals benefit from a single form of identification not when information is shared effectively between central government departments, but within the local government family.
-- 80 per cent by value or by volume? The value of contact with central government may outweigh the value of contact with local government even if you contact local government four times as often as central government.
-- It could be cheaper for "citizens" to pay for one national scheme rather than hundreds of local ones.
-- What benefits, if any, do NLGN have in mind for "citizens" and do they require an identity management system?
-- Single forms of identification are honey traps.
-- How did information-sharing slip in there?
-- What is all this about the "local government family"? It smacks of infantilisation and the nanny state.

Quote:
We believe that a local, council-administered scheme could be more practical, possibly cheaper, and quicker, could better safeguard identity, and maximise the quality and value of council services.
-- No reason is given for these beliefs.

Quote:
Local government has been struggling with the question of information disclosure between different departments under the terms of the 1998 Data Protection Act. Lord Laming’s Victoria Climbié Inquiry highlighted the possible consequences of inefficient communication between local government bodies, and argued that ‘Improvements to the way information is exchanged within and between agencies are imperative’ for improving public service delivery.
-- This is distasteful shroud-waving, the Victoria Climbié case has got nothing to do with the school meals and bus passes the report goes on to mention.

Quote:
Enhancing local data sharing would encourage councils to apply a more sophisticated approach to the Data Protection Act ...
-- This begs the question. It assumes that local government has been "struggling with the question of information disclosure between different departments" because it lacks sophistication. No, they have been "struggling", if that is the right word, because they are obeying the law.

Quote:
More accurate data would allow local authorities to construct a clearer image of communities, improve their capability to build public services around neighbourhoods and individuals, as well as addressing fears about public security and benefit fraud.
-- Local authorities already have a clear "image of communities". They also have a budget, which limits what services they can provide. Or are NLGN suggesting that these authorities could do more if only they knew what they were doing?
-- How are fears about public security addressed by NLGN's proposals? And how are they alleviated?

At this point, NLGN recommend issuing "every local service user" with an entitlement card, about which they say:
Quote:
First, the card would be a widely-accepted proof of identity [how do NLGN know that?], showing the bearers’ photograph and biographical data [what biographical data?]. Second, this would allow it to act as a key to public services, allowing council departments to retrieve information held by any sister agency, thus facilitating a joined-up system of service delivery [once again, NLGN are accusing local authorities of not having joined up services]. Last, it could encourage local partnership working by extending the functionality of existing council smartcards [it might encourage these partnerships, it might not. After all, it would cost the partners money to install smart card readers, link them up to the council offices, install the software required and train their staff how to use it.].


Quote:
Such a scheme would benefit councils, businesses and residents: it offers a practical solution [unproven] to improving local public-service delivery [the problems with public service delivery remain unspecified] with a low investment risk [who says it's low and why?]; provides a medium for businesses to claim a greater stake in local communities [what does that mean and is it a good thing?]; and aids social inclusion [it could just as easily promote social exclusion] and community participation by making access to local services cheaper [unproven] and easier [in what way?].


I am reminded of the Guardian's 'Getting to know' you article earlier this year. In Section 1 of NLGN's paper, and beyond.

_________________
http://DematerialisedID.com
http://DMossEsq.com


Report this post
Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue, 21 Aug 2007 01:25:55 +0000 
Offline
A-List
A-List

Joined: Sat, 07 Apr 2007 10:29:05 +0000
Posts: 2855
Section 1 of NLGN's paper, Local Identity -- the role of local entitlement cards in public service delivery claimed that there would be several benefits if all users of local government services were issued with entitlement cards and it advocated data sharing beyond what local authority legal officers think is currently permitted by the Data Protection Act.

Section 2 adds the need for local authority equivalents of the National Identity Register:
Quote:
In order to achieve full functionality, however, the card needs to be registered and have card-enabled data capture for leisure-service use. Using a proof of address – a council tax or utility bill – and a photographic ID – such as a passport – a ‘biographical footprint’ is taken, including a photograph, which is stored on the card’s microchip and the council’s database. In Bolton, cards are registered to allow the user to book leisure services, renew library books online, or report it missing. Card-enabled data capture permits the issuer to gather information on leisure-service use and predict the behaviour of potential future customers; this allows them to tailor services more effectively to local needs.
-- It is not clear that NLGN are taking the difficulties involved in identifying people seriously.

In Section 2, NLGN countenance the use of smart cards not only as entitlement cards but also as payment cards:
Quote:
Bracknell Forest Council has developed an ‘e+ card’ that can be used as a library card, for small purchases at council leisure sites and libraries, access to leisure facilities, cashless payment for school meals, proof of age, and discounts at participating commercial outlets. Bolton Metropolitan Borough Council is another local authority that has developed this technology; their smartcards can now be used to access library and leisure facilities, pay for public transport, and obtain discounts from a range of stores.

They countenance the notion of the "citizen account":
Quote:
Bracknell Forest Council plans to use the e+ card to pay for bus fares and car parking. It also hopes that they will be able to use it as a key to an online citizen’s account, which would enable the council to invoice service users accurately for work undertaken by the council on their behalf, such as housing repairs.

And they put a bit of flesh on the value, as they see it, of data-sharing. Enhancement of the Bracknell Forest system:
Quote:
would also facilitate the formation of information links to other public service suppliers within LSPs [local strategic partnerships], such as NHS Trusts and the police, for whom the card could be used to provide accurate information and efficient services.

By this stage, NLGN have proposed smart cards used as entitlement and payment cards, identity registers, "citizen accounts" and data sharing -- just about the full kit needed to qualify for No2ID's criticism that the upshot would be control of people by the state. But according to NLGN it's the other way round:
Quote:
The drive to put citizens in control of their access to public services has resulted in the increasing use of smartcards.

There is some talk of "localisation", "choice in public services", the attempt to "empower communities to take more control of their lives", to "increase political engagement", to increase the level of "participation in community life", to promote "socio-economic development" and "neighbourhood regeneration" and "social inclusion". The dubious claim is made that these aims can best be facilitated by eGovernment.

Large amounts of money have been spent:
Quote:
By December 2005, local authorities in England, Scotland and Wales had e-enabled over 97 per cent of their services, and spent £3.3 billion on ICT solutions for creating online service frameworks within their existing management and accountability structures in that year alone.

Examples are given, as noted above, of smart card-based systems in Bracknell Forest and Bolton, and there is a mention of London's Oyster card.

And then we get to the point of Section 2. The suggestion is that to a large extent the technology and the know-how for local identity management are already there:
Quote:
As a result of the e-Government Programme, the technology architecture for expanding these schemes is widely available, and already in place in many areas ... the expansion of ICT in public services has ensured that its administration has been incorporated into existing local accountability and management structures. Consequently, councils have extensive experience of running new ICT systems for which they have required clear responsibility hierarchies for existing users of online and mobile technology. Many local authorities are thus well-placed to expand their schemes to improve local service delivery further without a large financial investment in new technology.

We're half way through the NLGN paper now and, in summary, their contention is that local identity management has many benefits and many local authorities already have the wherewithal to deploy it. I think it is fair to say that the costs involved are not considered properly by NLGN, the difficulty of identifying people is understated by NLGN and privacy objections are deemed by NLGN to be unsophisticated.

_________________
http://DematerialisedID.com
http://DMossEsq.com


Last edited by David Moss on Tue, 21 Aug 2007 14:29:38 +0000, edited 1 time in total.

Report this post
Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue, 21 Aug 2007 11:43:38 +0000 
Offline
A-List
A-List

Joined: Sat, 07 Apr 2007 10:29:05 +0000
Posts: 2855
Section 1 of NLGN's paper, Local Identity -- the role of local entitlement cards in public service delivery advocates local government entitlement cards for all and Section 2 claims that some local authorities already have some of the kit, the partnership agreements and the know-how to implement identity management.

It should be made clear that when NLGN say that all service users should have entitlement cards, they mean it. They are not restricting cards to people aged 16 and over. They specifically include children getting their school meals and implicitly include children travelling on public transport, using public libraries and using public leisure facilities.

In Section 3 of the paper, NLGN remove the qualifications made in Section 2. It's no longer just two or three local authorities, the implication in Section 3 is that all local authorities are ready to implement identity management:
Quote:
There is, therefore, already a framework for local entitlement cards containing authentication and eligibility-level information for public services.

The paper continues to call for high standards of identification without explaining how they can be achieved:
Quote:
This card could act as a proof of identity for local authority facilities, and could also be extended to services supplied by other LSP [local strategic partnership] partners, for example NHS Trusts and police forces ... To be successful, however, the card’s verification procedures have to create a trusted record that is acceptable to all bodies ... by involving themselves in the development of entitlement cards through membership of the LSP, banks would have a method of identifying customers that they knew to be secure.

It continues to advocate wide information sharing between local authorities, health authorities, the police, the voluntary sector and the private sector. It continues to accuse local authorities who obey the Data Protection Act of a lack of sophistication and it adds that they suffer from risk aversion.

What Section 3 adds to the paper is the need to involve the private sector more in local authority systems:
Quote:
Successfully undertaking such a project, however, requires collaboration between local government departments. In many cases, this is curbed by concerns over information exchange under the Data Protection Act. This requires a more sophisticated and less risk-averse attitude towards information management. A model for this are Customer Relationship Management (CRM) practices and software used by many private-sector businesses to manage their relationships with clients, including the capture, storage and analysis of customer information. On the whole, however, fears over data sharing, as well as the complexity and number of databases for which local authorities are responsible, have resulted in CRM having a slow uptake amongst English councils.

NLGN think that everyone would benefit if local authorities used CRM more and if they learned from the experience of the banks who operate internet accounts:
Quote:
They [banks] also have technological expertise to aid local councils develop the necessary systems for an entitlement card scheme. Internet banking has forced financial institutions to create tight online security systems; as a result of the range of financial products and services they offer, they also have highly-developed CRM, from which local authorities could benefit.

There may or may not be some merit in these proposals. There is no telling. The NLGN paper fails to identify the problems local authorities face, it fails to identify the problems faced by the users of local authority services, it assumes without explanation that the solution is computerisation in the form of eGovernment, it fails to identify the costs involved, it fails to solve the problem how you establish a trusted identity and it fails to identify the benefits which are supposed to accrue to individuals, local authorities, health authorities, the police, the voluntary sector and the private sector.

Some of the problems are recognised by NLGN and solved by inversion.
    We have already seen the example in Section 2 of the inverted use of the concept of "control".

    Here in Section 3, "privacy" gets the same treatment. NLGN, remember, are advocating more data sharing. Sharing your data with more public authorities and more of their partners, NLGN say, "would ensure privacy of information". Some people would argue that it achieves the opposite.

    The same thing happens, in NLGN's hands, to "ownership":
    Quote:
    A number of councils have established systems for service management akin to those of internet banking, which allow service users to update their biographical footprint easily online using an account number PIN, password and/or other identifiers. Citizens thus retain ownership of their identity and ensure that it is not altered without their consent.

    If local authorities and health authorities and the police and charities and businesses are all relying on this one record of identity, they cannot possibly allow the individual concerned to change it. And if that is the test of ownership, as NLGN suggest, then what they have proved is the opposite of what they claim. Arguably, in that case, all these other organisations own the identity, not the individual.
One final point on Section 3. There is another outbreak of "single":
Quote:
... a single gateway to public services can encourage citizens to manage the services they use ... Individuals are, therefore, able to monitor their own service-use profile and have a single login for their current online accounts for local public services ...

Standardisation may make stock control easier but, as noted in the comments on Section 1, it also creates honey traps.

_________________
http://DematerialisedID.com
http://DMossEsq.com


Report this post
Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue, 21 Aug 2007 11:49:12 +0000 
Offline
E-List
E-List

Joined: Sat, 30 Jul 2005 07:07:28 +0000
Posts: 230
Location: Worcester
David Moss wrote:
Section 1 of NLGN's paper, Local Identity -- the role of local entitlement cards in public service delivery claimed that there would be several benefits if all users of local government services were issued with entitlement cards and it advocated data sharing beyond what local authority legal officers think is currently permitted by the Data Protection Act.

Thank you for your analysis of this paper, David. I have snipped it for brevity but I was spurred on to read the paper as a result of your endeavours.

I have only skim read the paper right now but it is already obvious that there is one overarching shortcoming in that the author makes the common and quite disastrous mistake of conflating 'entitlement' and 'identity'.

I consider it perfectly reasonable that local authorities should issue entitlement tokens (I have several from my local council already) but the issue of identity tokens is a completely different and much more difficult process. We certainly don't want local councils getting involved in this.

Brian Gladman


Report this post
Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue, 21 Aug 2007 16:46:53 +0000 
Offline
A-List
A-List

Joined: Sat, 07 Apr 2007 10:29:05 +0000
Posts: 2855
Section 4 of NLGN's paper, Local Identity -- the role of local entitlement cards in public service delivery opens by neatly illustrating Brian Gladman's point (Tue, 21 Aug 2007 11:49:12):
Quote:
Local entitlement cards have a number of benefits to citizens. They would help protect against identity fraud not only by giving local service users an accepted form of identification, but also by ensuring individuals retain ownership of their identity through a citizen’s account.

The logic of the opening paragraph is questionable on two other grounds:
    -- Deploying an "accepted form of identification" doesn't "protect against identity fraud". Indeed, it is arguably the sine qua non of identity fraud. What you need, to protect against identity fraud in this case, is a reliable means of knowing that the bearer of the entitlement card presented is the legitimate owner of the entitlements and that the entitlement card is authentic. NLGN have not demonstrated how that protection can be offered.

    -- It is the organisation that maintains the citizen's account which owns it. In this case that presumably means the local authority. It is not clear what NLGN mean when they state that this is a case of individuals retaining "ownership of their identity".
The difficulty of moving from the present position to the position NLGN advocate where local authorities are performing identity management is minimised:
Quote:
Moreover, by adapting a pre-installed system, there is no need for citizens to impart any further information to the council and local authorities will be able to take advantage of existing familiarity with the scheme.
It is unrealistic, surely, to suggest that people have already handed over enough information to support identity management. Would there really be no need for biometrics to be registered, for example?

Whereas in previous sections of NLGN's paper there was still a lot of work for local authorities to do, in Section 4 it seems as though that work has already been done:
Quote:
Local government has, therefore, already successfully built a platform for identity management and delivering public services, while recognising the benefits of expanding the functionality of existing smartcards. This presents an opportunity to deliver the government’s goals for identity security through a pre-existing technology architecture, which could be rolled out quickly [how quickly?], perhaps at reasonable cost [and perhaps not].

The new contribution of Section 4 is the move from local to national cards:
Quote:
Transcending these local benefits, however, is the possibility that these cards could eventually form the basis for a bigger vision and become interoperable to the extent that a Bolton resident could go on holiday to Brighton and use their card there to access local services. In short, the benefits and uses of a local card could be extended nationwide.

It begins to look at this point as though what NLGN want for their imprecisely stated benefits is a national card and a national identity register.

Which is where we started. With a National Identity Scheme. We are in the same position after reading NLGN's paper as we were before.

Along the way, local government has been repeatedly criticised for not knowing what people want and not providing the services they need.

If that is not NLGN's intention, then presumably they are happy that local authorities are already doing all they can with the budgets available to them. In which case, what have NLGN added?

I would say that the answer is nothing. Which is why I opened by saying that:
Quote:
This paper need not detain No2ID for long.

Geraint wanted more detail. He is a hard taskmaster and he is generally right:
Geraint wrote:
A detailed point by point rebuttal might be more useful.

I hope it has been useful to others. I would not be surprised if, in this case, it hasn't.

_________________
http://DematerialisedID.com
http://DMossEsq.com


Report this post
Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue, 21 Aug 2007 16:59:18 +0000 
Offline
Moderator

Joined: Tue, 18 Jan 2005 14:56:20 +0000
Posts: 5210
Location: Glasgow
David Moss wrote:
I hope it has been useful to others. I would not be surprised if, in this case, it hasn't.

To the contrary, it is extremely helpful. We need to prepare a short briefing paper soon to support a motion being put before Glasgow council. Your comments help to distill the issues that we should think about addressing in that paper. Thanks, David.

_________________
Geraint.
3085 D1DD B2A8 15ED 492F E75D 7175 7737 9D10 98D3 - Fingerprint


Report this post
Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue, 21 Aug 2007 17:18:43 +0000 
Offline
A-List
A-List

Joined: Sat, 07 Apr 2007 10:29:05 +0000
Posts: 2855
Geraint wrote:
We need to prepare a short briefing paper soon to support a motion being put before Glasgow council.

Good luck with Section 57 (of the Local Electoral Administration and Registration Services (Scotland) Act, not the NLGN paper!).

_________________
http://DematerialisedID.com
http://DMossEsq.com


Report this post
Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 13 posts ] 

All times are UTC


Who is online

Users browsing this forum: No registered users and 1 guest


You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Template made by DEVPPL/ThatBigForum