Tue 1 May 2007
The UK National ID Database and 日本 ã® ä½æ°‘基本å°å¸³ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ (the Japan Juki-net)
Posted by a-cubed under Japan , Privacy and Surveillance , Social Legal and Ethical Aspects of High Tech[2] Comments
The UK ID Card and Database
There are many objectionable aspects to the UK government’s ID Cards bill. Some of them are philosophical and fundamental, some are political and some are practical. Both the Conservative and Liberal Democrat parties in the UK have policy commitments against the ID card policy and have stated that if they come to power after the next general election (due by mid-2009 at the latest) that they will repeal the act and scrap the cards and the underlying database. Here are some of the arguments against the UK ID card system and database:
Philosophical:
- A general identity card, necessary to access government services pushes those providing that service into the attitude that everyone they come across is a fraudster and is required to prove who they are, via a government-approved system, instead of via social norms.
- The introduction of this card as compulsory to have, will almost inevitably lead to the compulsion to carry it and the creation of an offence not to have the card. This fundamentally changes the relationship between the citizen and the state. It, in effect, requires one to have a “license to exist” and this is not the philosophical relationship that the British have had with their government even under absolute monarchy, and certainly not under the oldest parliamentary democracy in the world.
- I even object to the name. These are not “Identity Cards”, they are “Identification Cards”. My (and my fellow British Citizens’) “identity” is not something that is dependent on the government to issue a card to confirm. My identity is an inalienable element of my existence. Aspects of my identity are formed socially in the loops in the communication space between me and the people I interact with, including via this blog. Other aspects of my identity are inherent in my psychological being. All the government card does is correlate certain physical and defined (legal) social normative operations in identification. Identification is correlative, identity is inalienable. Identification has a purpose, a method and a process. Identity is a platonic ideal, which may be referred to by multiple concrete identifications.
- Authentication does not require identification, let alone identity.
- Although the public face of the ID cards bill has focussed on the cards, the creation of a central, essentially core and therefore trusted more than others, the development of the national ID database is actually of at least as much change to our lives and our privacy than the piece of plastic itself.
Political:
- The introduction of these cards has been a shell-and-pea game, playing on populist fears of terrorism, immigration, crime, benefit fraud etc. UK government ministers have even admitted that the case for introducing ID cards on these grounds had been exaggerated.
- In addition to the admittedly exaggerated claims about effectiveness, the cost of the system has been the subject of considerable controversy and statements about the necessity of elements of the scheme being required by international agreements on passports have been mis-stated. The government claimed that the biometrics for the new card were also required for passports. Yet the international agreements on passport biometrics only require a machine-readable version of the photo to be present, not iris or fingerprints.
- Claims that other countries have ID cards, in addition to missing the point that this is one of the freedoms taken for granted by British citizens as part of our unbroken history of over three hundred years of parliamentary democracy, ignores the fact that no other Western democracy has such a single national database. Only one democracy has attempted to create such a system: Japan, with its ã˜ã‚…ã†ã ãƒãƒˆ Juki-net system. We consider ã˜ã‚…ã†ã ãƒãƒˆ Juki-net below.
Practical:
- The design and implementation of a completely new database would cost huge amounts of money. Populating that database with details on everyone in the UK would cost even more and be an error-prone process.
- Despite the original claim that the system would be based on a fresh start database, it has now been accepted that this is impractical to produce and the new system will instead be based on the highly flawed National Insurance database, known to contain a huge amount of duplication and incredible numbers of fakes.
- Even a compulsory ID card will do little to provide Police with extra information on individuals, unless everyone is required to carry an ID card or, if a visiting foreigner, their passport instead. Even then, access for Police on the move to authentication of ID documents has not been costed or specified. Pedestrian police IT equipment is only just beginning to be deployed and significant research (e.g. the EuroCop project) is needed on how this should develop.
- Existing database and card systems have not been sufficient to reduce benefit fraud. The most successful approach to combatting benefit fraud is better investigation of suspicious claims and improved social norms making it unacceptable to commit it.
- The September 11th bombers were all travelling under their own names. The July 7th bombers were all British citizens with no fake identification links. The alleged July 21st bombers had legitimate British Identification, and the one who was using an assumed name had been granted entry to the UK and residency under that name, and so would have received a new ID card under that name.
- Jean-Charles de Menezes would not have been saved from being shot dead following a mistaken identity by having an identity card.
- The creation of a single high-value database changes the cost/benefit level in favour of crackers working very hard to crack into it, due to the immense gains that can provide. At present, while the multitude of government and private databases leads to some inefficiencies in dealing with individuals across various departments of the central and local government and into the private sector, it is precisely these inefficiencies which reduce the benefit to crackers from breaking into each system. Having had my own driving license identification mis-directed, I am aware of how much trouble such “identity theft” can cause. In this case the multitude of other systems confirming my true identification trail reduced the problem. If my identification under a central trusted ID database is misdirected, due to error or malicious action, regaining proper identification could become an utter nightmare, resembling the movie The Net. While presenting computer data and programs in a ridiculously “visual” manner, the underlying Kafka-esque premise is brought much closer by a single point of failure in public identification.
- Last, but by no means least, the UK government has an appalling record of managing the requirements analysis, design, implementation and operation of large IT systems. It is currently undertaking two of the largest in the world: NHS Connecting for Health (I may return to this debacle in future posts) and the ID Cards database. There is scope here for an enormous waste of the UK taxpayer’s money, which could be much better spent distributed to local projects to improve services at the sharp end, rather than spent on pork barrel central development systems which never seem to work, and always cost far more than estimated.
Japan’s Basic Resident Registration Network
ä½æ°‘基本å°å¸³ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ or ä½åŸºãƒãƒƒãƒˆ/ã˜ã‚…ã†ã ãƒãƒˆ/Juki Net for short.
Juki net is one of the foci of my research work in Japan (funded by a Royal Academy of Engineering Global Research Award). It was introduced in a bill in 1999. We are still investigating the socio-legal background on why this law was introduced, but initial work suggests it is at least in part an attempt to improve the collection of individual taxes. The public justifications for the introduction of the system include individual benefits to citizens: improved access to e-government services, better cross-department cooperation in maintaining basic records of name, address and status etc.; and the same sort of stuff that the UK government peddled regarding the ID cards and database system: reduction in fraud, control of immigration, crime reduction, terrorism reduction (remember that Tokyo was subject to a terror attack (Sarin Gas) by an extreme religious group (Aum Shinrikyo) in 1995).
The national legislation passed in 1999 required local governments to introduce local legislation to introduce Juki Net in their areas. By the time of the initial creation of the system in 2002 (for a priming phase where information would be entered into the system and the Juki Net card given to registrants without the information being accessed) there was disquiet amongst many of the local authorities and a number of them refused to enact local legislation or take part in the priming phase. Part of the problem that local government authorities had with the introduction of the system was that promised legislation to provide a strengthened legal requirement to protect citizens’ data had yet to be enacted.
There was an existing act on the protection of personal information held by administrative bodies, passed in 1988 and in force from 1989/1990. However, public and media disquiet about Juki Net forced the government to promise to update this act. Related discussion (another of the foci of my work) produced, for the first time in Japan, proposals to introduce a similar act governing processing of personal data by non-governmental bodies. Thus we have Law no. 57 of 2003 “Act on the Protection of Personal Information” and Law No. 58 of 2003 “Act on the Protection of Personal Information Held by Administrative Organs”.
Although the system came into principle operation in 2003, quite a number of municipalities still have not yet joined in the system. There are also still court cases winding their way through the system with citizens claiming that it is an invasion of their privacy (although the Japanese constitution doesn’t explicitly include a right of privacy, a 1969 supreme court case created one from an interpretation of Article 13). In some amusing legal shenanigans, amongst the court cases so far two district court cases under separate areas of the Japanese High Court (which hears appeals from the District Courts) were both overturned in opposite directions, leaving the Supreme Court still with opposing District Court decisions to resolve. In a more sobering incident one of the High Court judges (the one who ruled in favour of the citizens and against the government) committed suicide a few days after the case was decided (the two High Court decisions came within days of each other followed by the suicide). There have been some suggestions that the judge was subject to significant private criticism by government officials and/or other judges for his decision, contributing to his suicide.
Also, despite almost four years of operation, Juki-net still has to deliver any proven benefits to the Japanese people in terms of improved government services or any apparent reduction in crime, illegal immigration, or any of the other things this oppressive regime was supposed to deliver. And all this at significant cost in taxpayer yen, and in risk of data exposure.
May 1st, 2007 at 01:12
Let’s hope the Conservatives/Lib Dems get to scrap the UK system after the next election, and we don’t get to find out if Juki Net is the beta programme…
May 1st, 2007 at 15:34
Yes, issuing ID cards could be a *highly* error-prone and costly process.
Here in Ontario, Canada, all residents are required to carry a health card (aka OHIP) to get health coverage from the provincial government. I am not sure if such a health plan in Ontario is similar to NHS in the UK. The OHIP card is similar to an ID card; It has many of my vital information on it. The newer ones (which I have) even have a trillium hologram on it! (Did I show you?)
The OHIP office had some embarrassing incidents. Quite a while ago, a man managed to get an OHIP card for his dog. Generally, OHIP cards (even the newer ones) are not usually considered as a piece of ok identification outside of the health system. For example, driver’s licenses are used to verify receivers’ identity when picking up parcels from post offices.
The older OHIP card does not have a photo of the card holder or too many information on it. They are very prone to misuse and fraud. For example, A foreign friend/relative come to Ontario to have an expensive medical procedure done for free. The government decided to replace all OHIP cards with new ones that came with security features about 10 years ago. After a while, they found out it was too expensive to issue every Ontario resident a new health card. All my friends who live in Ontario since birth still have an old OHIP card.
That’s just my 2 cents. I have lived in places that require ID cards and not require one. Please bug me for more stories. My stories are mostly on practical viewpoint.