Slashdot Mirror
UK Gov't To Require ID Cards For Some Foreign Residents
craigavonite, writing "It's looking like the UK is in for biometric ID cards within the next few years, despite widespread protest from groups such as 'NO2ID,'" excerpts from an article at the BBC describing a UK identify card to be issued starting later this year: "The biometric card will be issued from November, initially to non-EU students and marriage visa holders. Home Secretary Jacqui Smith said the cards would allow people to 'easily and securely prove their identity.' Critics say the roll-out to some immigrants is a 'softening up' exercise for the introduction of identity cards for everyone."
It isn't a big thing. It's an ID card that holds a fingerprint record. How is it bad to tie a card to a person?
The UK government has shown countless times that it's unable to keep its citzens' data secure.
If someone gets hold of my credit card and CCV number and creates a forgery I ring up and get a new one.
If someone gets hold of my finger prints, what do I do then?
... card identify YOU
Well, if someone does, it's funnier if you say "pull my finger" first.
Use another finger. You've got ten of them.
From there, ten toes.
As in "say no to ID". Makes a lot more sense doesn't it?
http://lkml.org/lkml/2005/8/20/95
No-EU students etc have to have a passport anyway just to be able to come there, so they have an internationally accepted way of identifying themselves.
How will an additional ID card help to do anything?
It isn't a big thing. It's an ID card that holds a fingerprint record. How is it bad to tie a card to a person?
It's not the card that's the issue. The problem is that as part of the ID card program the UK Government want a centralised database behind this card that holds personal info on each citizen. To be honest, I don't think it's been clearly defined what the data is but it's expected to be DOB, national insurance number etc. The main concern is that the UK Government has a very poor track record in keeping this type of information secure. If this particular database, containing what most people expect it to contain, is compromised then it's ID theft-galore in the UK.
Didn't I see an hilarious piece on You Tube recently about redesigning the Stop Sign? Well these things look the same! What a waste of time and money. I don't even need one...I know who I am.
Smivs on the intertubes!
If someone gets hold of my finger prints, what do I do then?
From what I've seen with biometrics previously, I doubt that your fingerprint would be stored in any sort of image-like or exportable form. Normally, a hash is taken based on your fingerprint (think GPG singing) and that hash is stored. It's a one way calculation, you can't then turn that hash back into a fingerprint but you can verifiy another fingerprint to the hash.
I live in a post-com country, and we've had identity cards forever. No fingerprins, just photograph, name, and other details. It also has some security features to make forging difficult (but not impossible; unfortunately there's no digital signature for the ID card so far). You can have a look at some examples at http://www.minv.sk/?vzory-dokladov-obcianske-preukazy I can't imagine to live without one. How do you prove your identity without it in a bank, or when you need something from some office (for example new driver's license), etc?
1. It wont stop illegal working.
Anyone who is supposed to have such a card but doesnt can just pretend to be on of the 99.9%
of the population that is not required to have the card.
2. Whats the point of the frigging fingerprint?
Who has got the both tha equipemnt and the right to check it?
3. The variously elected and appointed idiots are in thrall to various "consultants".
To paraphrase Warren Buffets immortal words "Never ask a consultant if you need an overpriced solution".
4. Lastly but most importantly -- there is no "problem".
Various candidates for the problem to which id cards are the solution have been proposed and they have
all been found wanting.
First it was terrorism -- but it was pointed out that all known serious terroist attacks in hte UK
were carried out by terrorists using thier real names, and, that at no point in the leadup to any attack
were they required to identify themselves.
Second it was illegal immigration -- but some 350 million EU citizens have the right to work in the UK
anyway, the much villified asylum seekers are attempting to immigrate legally, plus nobody is going
to check the documents of thier Russian nanny or Morrocan cleaner.
Thirdly it was "identity theft" -- but if the banks give money/credit to unverified strangers it is
thier problem. For this to be effective lenders would need to have; the equipment to read the card,
the right to ask for a fingerprint and access to the central database to verify the validity of the
card.
Currently Jaqi Smith cannot come up with any reasonable justification for this system at all but is
still pressing ahead with a system that will dump billions into the coffers of the "usual suspects"
Accenture, EDS (now HP), CAP and IBM.
Well at least the labour party will be more or less extinct in a years time, but the civil servants who
are pushing this idea will still be there, and the Conservatives look even more prone to SnakeOil salesman that the incumbent idiots.
Old COBOL programmers never die. They just code in C.
They're planning on getting rid of passports for ID cards. It gives them a centralized database, more information on you and as the scope quietly creeps up people will be apathetic until passports are gone and they're squarely in 1984.
How do they tell the difference between someone that is foreign and someone that just looks foreign? Any black person can just claim they are a British citizen, so don't need an ID card.
From there, ten toes
And from there, your ear.
They already have biometric Garda National Immigration Bureau (GNIB) plastic cards with chip and other info on you here in Ireland (Republic of) for non nationals, and it must be on you at all times...
It used to be. I'm really not so sure any more.
this is just the first part, sooner or later everone will have one, so your argument is null and void. As well as pretty stupid.
For now you can claim that you don't need a card. This will pass with time. That is the entire plan. Start small, then slowly get everyone to have to ID themselves.
Sometimes you wonder how the goverment can introduce such schemes without people protesting and then you see people like you and you know why. The voter is stupid.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
It isn't a big thing. It's an ID card that holds a fingerprint record. How is it bad to tie a card to a person?
"It's looking like the UK is in for biometric ID cards within the next few years, despite widespread protest from groups such as 'NO2I"
Nice troll.
There was a similar push for biometric ID's in germany.
A hacker protest group lifted his prints and published them on a t-shirt.
Including biometric identification info on a card which can be stolen, lost, hacked, or otherwise tampered with is a very good way to assure a security breach has no viable means of recovery.
The implications considering other "biometric" security devices are pretty horrible, especially if the foreign nationals/immigrants in question were brought in to assist high level corporate, defense, or other prestigious research.
Send hooker to foreign Ph. D.'s apartment, copy info on ID card, manufacture a fake fingerprint using the info, walk straight into a BL4 lab and help yourself to a nice engineered strain of small pox
VLC FOR MAC IS DYING! IF YOU DEVELOP, PLEASE SAVE IT!!
Nevermind the UK government's issues with IT projects.
Not one has been delivered on time or on budget - and many are reported as fundamentally broken at the time of rollout.
It's not just the fact they can't keep our data secure - it's also the fact they lack the relevant design and planning for a government IT project to make it work.
So it's not only 1984 except with the liability that the db ends up left on some random laptop/hard drive or lost in the post, but it's 1984 crossed with an expensive white elephant...
Baka Drew
It's not exactly like that. The new biometric cards are safer than the old ones.
In my country we had paper ID cards with fingerprint printed on it. Now we have smard cards and the fingerprint is in a file inside chip, and it's not readable. So, it's actually improving privacy, not making it less.
The card can be used to perform a match-on-card (MOC) operation. You put your finger in a reader and it asks the card if it matches. This way you can validate if someone holding the card is REALLY the card owner. No central fingerprint storage involved.
Also the data inside the card are signed by RSA keys belonging to the government, so you can't create a fake copy of one.
The current paper ID cards are slowly being replaced by the new ones, which is good because forging an old one is very easy, I wouldn't say the same for the new ones.
How exactly is the fingerprint not readable if it, rather than just a hash, is stored on the card?
As for the RSA keys, governments, especially the British, have a very bad track record at keeping data safe. Keys of such importance are a very good target for a social or even technical attack. Knowing the track record, however, they will probably end up on some laptop, usb stick or cd forgotten on a public bus or train, sparing the attacker the effort.
And as to the forging, it may be harder to do it, but once you've done it (and it has been shown that biometric passports deployed in the EU are unsafe right now and can be compromised quite easily http://www.guardian.co.uk/technology/2006/nov/17/news.homeaffairs ) it becomes very hard indeed to disprove that the person holding the passport is not actually the person referenced in the passport / on the ID card. The fingerprints match, the encrypted photograph matches, the RSA keys check out, perfect fraud.
Identity cards introduced for those foreign Johnnies, not you. "The card will be compulsory for foreign nationals. All terrorists and illegal immigrants will be required to obtain one and show it to policemen, council officials or dog catchers on request. LOOK! TERRORISTS!"
This is largely from (a) civil servants who think it'd be convenient to their jobs to have everyone filed and numbered (b) private contractors like EDS and Capita who have been promised CASH CASH CASH for consulting on such schemes, and certainly don't have a track record of employing ex-goverment ministers and senior civil servants at vast consulting fees 12 months after they leave the government. Well, maybe a bit of a track record.
The ridiculous thing is that this is a creature of the Labour government, who are vastly unpopular, and will likely be kicked out on their corrupt arses in the 2010 election. This scheme is set only to be fully implemented by 2011/2012. EDS and Crapita will, of course, still be paid in full.
http://rocknerd.co.uk
The catch is that places like Germany, where ID cards aren't a big problem, happen to have strong Constitutional protection on personal rights, freedom and information. Britain doesn't have that.
http://rocknerd.co.uk
It's not just the fact they can't keep our data secure
I can see the headlines now. "Unencrypted CD containing names, addresses and nationality of all immigrants falls into BNP hands."
> Send hooker to foreign Ph. D.'s apartment,
> copy info on ID card, manufacture a fake
> fingerprint using the info [...]
As opposed to "walk to foreign Ph.D.'s apartment, lift fingerprint from front door handle"?
Your fingerprints are all over the place anyway, so why would anybody go through lots of trouble to "steal" them?
Don't the british carry their drivers license?
No, because we're not required to. We can be asked by a police officer, with due cause, to produce it within 7 days at a police station of our chosing.
How do you ID at pubs?
Unless you look too young to drink, and so have to prove your age to the barman, there's no requirement for ID there. Ever.
Hell, we don't even have to produce ID to vote!
We already have a serious UK fraud problem originating in the Indian subcontinent - Mumbai was for many years the identity theft capital of the East, with fraud companies even keeping copies of real government forms going back many years, and annual ink samples, to facilitate document faking. Add these capabilities to those of our home grown criminals, and any identity card scheme actually becomes an identity theft facilitator, not an obstacle.
(And yes, I write from personal experience - I was involved in a UK case where an Indian physician from Mumbai produced forged documents. It was this experience that got me interested in identity theft and security, because he was using faked faxes, and the judge seemed unable to understand how easy this was to do.)
From scarped cliff or quarried stone she cries "A thousand types are gone, I care for nothing, no not one."
Does anything rubbery still fool those readers?
Don't the british carry their drivers license? (its what an ID card is in Canada)
No. Well, only if I'm hiring a van.
How do you ID at pubs?
I've never been asked for ID in a pub, since I was 18.
isn't identity theft easier in a world without biometric IDs? I mean, while forging a biometric ID requires access to the ID and expensive technology
forging a biometric id is substantially easier than forging others, because they can be measured at a distance or gleaned from any object we touch.
what does posing as someone in a world without IDs require?
I would very much like to see this world without ID's you're talking about.
Last I checked every nation with roads required license plates, driver's licenses, birth and death certificates, etc.
The big difference between these and biometric ID's, as I pointed out before, is you can't apply to the government for a new fingerprint, DNA strand, sub-dermal artery pattern, or retinal pattern.
VLC FOR MAC IS DYING! IF YOU DEVELOP, PLEASE SAVE IT!!
If someone gets hold of my finger prints, what do I do then?
Good god, you're right! You'd better wear gloves all the time when outside!
All visitors must wash hands before entering country
rewriting history since 2109
Is this really a big deal? What's wrong with carrying an ID card?
I think the issue for many of us (living in the UK as I do) isn't so much that we don't want an ID card as it is that we don't trust the current government with using them (and the data they contain) properly. This is the government that has seen various agencies lose and fail to secure vast amounts of personal data on the one hand, and on the other increased exponentially the ways in which they can monitor and survey everything we do.
ID cards would certainly have their uses, but right now we don't have a government we can trust to deploy and use them properly.
You are mistaking passports with visas (and from the article, specifically long-term visas). For decades all developed countries have kept visa information on centralized databases, thats the whole point of issuing visas!
It's pretty certain they won't be replacing passports with ID cards. The two serve completely different functions. An ID card is designed for internal identification within the state wheras passports are for external identification by other states (i.e. allowing you to "pass their port").
There are multiple problems with ID cards
If the information held on you is wrong (which from past experience it will be ...) it will be almost impossible to get it changed
If I want to get one in someone else's name it will be pitifully easy : how do I prove I am me without an ID card ....I can't to any reasonable degree, but I can prove I am someone else to the degree the passport regulations require
It will be relatively simple to forge, and far too trusted to be unforgeable
It will not actually help with any of the problems stated
Illegal workers will still work
Terrorists will use their real names as they have always done
Benefit fraudsters will still lie
Organised crime will forge the cards as they do passports now...
It seems to be a solution that no-one wants looking for a problem
Puteulanus fenestra mortis
Your fingerprints are all over the place anyway, so why would anybody go through lots of trouble to "steal" them?
Which brings us nicely to the fundamental problem with biometrics. Biometrics provide identity. They do not provide authentication.
Wow, what a class act. Let's inflict this evil on Johnny Foreigner, shall we? It's just as bad and risk prone for them to hand over their inside leg measurement to a government desperately seeking more contractors to blame their avalanche of data loss on, but hey, they're foreigners so that ought to be OK. Nobody will be campaigning for them, surely?
Every time I think the current UK government has reached the lowest of the low they amaze me by finding new ways to dig. I guess that's why they call it NEW Labour - it can pretend to be Labour but isn't, and it can pretend to be business friendly which it isn't either. It's hot air, spin and as huge a risk to the future to the UK and the current US government is to the US, no wonder they got on so well.
The current ID card schemes are unacceptable, and plenty of advise has been given how to correct it. All that is happening here is a last minute panic to try and land the new government with a huge mess to unpick, not that that pile needs any adding.
It's time to bring personal responsibility back to those clowns. It's needed.
because once your biometric details are stolen it's easy to replace/reset them.......
echo $SIGNATURE
Fingerprints are stored in the form of Minutiae Points rather than scanned imaged.
But that doesn't mean they can't be reconstructed.
U1NCaVpYUWdlVzkxSUhkcGMyZ2dlVzkx SUdoaFpHNG5kQ0JpYjNSb1pYSmxaQT09
What is the logic behind targetting foreigners first? The obvious answer is that the population is less likely to protest. I suspect some not-so-thinly veiled xenophobia.
Its a new stealth tax, just like how the fee to get permanent residency has gone up about 300% in just a few years. No doubt there will be a nice hefty fee to get this card and no one will care because its immigrants paying right?
What's wrong with carrying an ID card?
Well, some people (who, presumably, live in the woods, don't have bank account, don't drive a car and never leave the country) just object on principle. Personally, I don't see that one: in this world you need to prove your identity from time to time, and without having a "proper" identity scheme we end up using all sorts of inappropriate kludges (e.g. banks tend to ask for a gas or electricity bill).
Then there's the fear of police having the power to stop people and demand "papers". Now, that's a legitimate fear demanding eternal vigilance and all that but its really got naff all to do with ID cards: there's nothing fundamental about ID cards which says that police have to be given the power to inspect them. Plus, if the Fascists take over then it will take them a whole week to print and issue "papers".
Now we get to the more serious objections - primarily "mission creep". If the Government were simply rolling out a better alternative to current "ad hoc" methods of identity checking then it wouldn't be so bad. However, these are being touted as the answer to terrorism, fraud, illegal immigrants, healthcare provision and whatever was on the front page of the Daily Mail yesterday. Consequently, more and more bells and whistles are being added, meaning more and more information about individuals will be gathered to protect us against the barbarians at the gate, but will probably end up being used to police dog fouling.
Finally, even if the conspiracy theorists are right, the government's track record on large IT projects doesn't bode well. (1984 is scary enough, but Brazil is even scarier!) Currently, we're getting almost daily stories of government departments losing laptops, CDs and memory sticks containing personal information, which doesn't help.
In a survey of 100 programmers, 111111 thought that duck-typing was a good idea.
*shudders*
Luckily - according to a register article I read, it seems the next in line for the ID cards (airport workers and airline operators) basically are telling the government to f*** off.
They don't want the nightmare or cost of implementing it, and they object that the checks aren't as stringent as the current system they have in place anyway.
Next time there's a baggage handler's strike I think I'll be a little more sympathetic considering they're putting a roadblock in our card-proffering overlord's way. ^_^
Baka Drew
In my country we had paper ID cards with fingerprint printed on it. Now we have smard cards and the fingerprint is in a file inside chip, and it's not readable. So, it's actually improving privacy, not making it less.
A scanned copy is still a bit-map image of the document, which will be much harder to use in forgeries. A digital copy would be a perfect copy, ready to be burned on another chip. And should be much faster to copy.
Once somebody has a device that circumvents the built in copy protection (have you ever heard of "copy protection" that truly prevents copying?), anyone handling your ID will be able to make a copy of the fingerprints, perhaps even wirelessly.
The clerk at the hotel will only have to have it in his hands for some seconds to pass your ID into his unofficial reader.
I don't think I am. Amalgamating cards that serve different functions is a large part of this project. I'm pretty certain that ID cards won't get off the ground, but I'm also certain the plan is to use the ID card as the replacement for every possible form of ID.
After all, they want to track your movements outside the state as well as inside.
until passports are gone and they're squarely in 1984.
I would be totally impressed, judging by the sheer incompetency of the UK government, if anything like 1984 happens.
Sure they may try, but frankly, its just not going to happen.
Have a nice day!
In the country I live in (Malta), *everyone* has an ID card. How was it imposed? It wasn't but if you want to:
- Sit for an exam
- Require *any* government service (+ motoring +insurance etc)
- Vote
- Open a bank account
- Etc
you will need an ID. You don't "ask" for an ID card, you get one assigned to you upon birth registration.
Even local business ask for it sometimes because it makes locating your record easy. Seriously what's the problem with a having a document saying that you are number #123456 ? That's all it boils down to!
I think I've only had to "prove my identity" twice in the last five years: once when I did jury service, and the second time was to my company accountants because of money laundering regulations or something. This is so infrequent that any extra benefit of simpler ID is much, much less than the additional risks of the government losing my data.
Reduce, reuse, cycle
"If someone gets hold of my finger prints, what do I do then?"
Um, anyone who follows you round for a few minutes could probably get hold of your finger prints, without need for an ID card.
That's why police love them so much, it's not like criminals deliberatly leave theirs at crime scenes!
Maybe the data isn't stored on the RFID in the passport. But there's the headshot ; such an obvious biometric that people forget about it.
What many people noticed on applying for a UK passport recently was the leaflet that came with the form telling you exactly how to pose for your photograph... you were only allowed certain margins, certain backgrounds, you had to face forward, you had to take off your glasses. It was pretty clear to those with a technical bent that the photograph was intended for consumption by a computer, so I'd suggest that anyone with a recent UK passport is already in a large database of facial geometry metrics somewhere in the Home Office (and maybe on your passport chip too). This would mean that you are ripe for rapid recognition from any sufficiently detailed CCTV footage ; and as we know, the UK has more CCTV cameras than anywhere else in the world. Nice.
Now, people don't habitually carry their passport in the UK, partly because it's a valuable document, partly because you don't need it for everyday usage, and partly because of the form factor - a little red book that doesn't conveniently fit into your pocket without the risk of being bent. A credit card sized ID on the other hand, is VERY easy to slip into your wallet and forget about.
If I were the UK government wanting to promote the routine carrying of an RFID enabled ID, I'd make the UK passport modular - a red book for the visa stamps, with a pocket in the back to carry the wallet-sized photo / RFID card when you're travelling. A lot of people would take to carrying their "passport card" routinely because suddenly, it's convenient.
Many is the time I've turned up at a place and found I needed a photo-ID or my passport and not had one, buying foreign currency, for example. It would probably work on me (after I put the tinfoil weave in my wallet, of course).
To pull out my copy of 1984 so I can refresh myself on how I need to act in the future.
I don't think it's been clearly defined what the data is
Schedule 1 of the Identity Cards Act 2006. Note that it's the individual's responsibility to ensure that all that is kept up to date, and failure to e.g. notify the registrar when you move house makes you liable to a fine of £1000.
I wanna see you tell unfunny jokes the next time you get pulled out of the airport and dropped in a detention cell because your "pulled" fingerprints appeared on an IED in Iraq or a burglarized weapons depot somewhere in the Ukraine. It's really easy to land on the "no-fly/terror suspect" list nowadays and by granting authorities the right to distribute your data all over the world you basically WANT to be on one of those lists.
Idiot, that doesn't solve your problem that YOUR FINGERPRINT is now associated with crimes. Who cares if my official passport has my pinkie print when every time they check my name a "terrorist warning" pops up because my index fingerprint was stolen? That's just bullcrap. And tell that to the nice customs officer that gets all fidgety just when people talk to him that he should check again and explain to him why you had to change the fingerprints and "just this time" you would need to catch your plane. Like they never heard anything like that before.
They would not have come up with an uglier design if they had tried.
The issue as I see it is this.
At present I carry a passport, a driving licence, another chipped card for the tacho in the truck and various other cards for entitlement to drive various machinery.
The lame brained would say it is more convenient to have all the relevant data stored on one card. I disagree.
If I travel to a foreign country, I need a passport and maybe my driving licence (to hire a car). If I don't travel, I don't need the passport - why should I prove my entitlement to travel if I am in my native country ? Why should I open my complete life to inspection every time I "prove" my identity. The passport application process surely proves my right to be here. My driving licence proves my entitlement to drive on public roads in the UK, why should it identify me to the immigration dept. too ?
There will gradually be feature creep in the system leading to even your bank cards migrating onto this one evil card. Fine you say, less to carry around. Except that you will be required to use it more and more to gain access to anything. This means your entire life is recorded - which roads you used and when, what you bought and where, who was nearby when you drove and or bought anything etc etc.
The question you should be asking is not, can the cards be forged ? The question should be - can the system be hacked ?
Is there anybody here that thinks that any networked computer can be hack proof ? In that case, what happens when somebody breaks in and uses YOUR primary key to create a totally ficticious chain of events placing you in the vicinity of a robbery, murder, terrorist act, or even in the same building as other known criminals. As far as the police are concerned, the system doesn't lie and since your card contains your finger prints, it can't be anyone other than you that the records refer to. Not a problem ? Well not a problem until you are late for a train and they think you are about to set off a bomb and decide to shoot first and ask questions later. Quite a bit of incentive for terrorists there I think. Create a false trail for themselves, showing nothing but innocent activity, and a damning trail for some innocent who will be miles away from the action but conveniently will have the police trailing them, not the terrorists.
Bad idea.
I recently watched a documentary about customs on German TV. They check everything which goes trough Germany by mail somewhere near Frankfurt. They interviewed one guy who is specialized in finding passports. He said he finds dozens of fake Nigerian passports going to the UK every day. They are usually hidden in DVD boxes or simply wrapped in tinfoil. His explanation was that Nigerian passports are rather easy to fake/modify and that it's rather easy to apply for welfare with such a passport in the UK since there is no obligation to register your permanent residence. So with 5 fake passports you can collect welfare 5 times (going to different cities).
I don't know how much of this really works the way he described it, but this seems to be a very good reason to introduce id cards...
I don't read replies by ACs.
It's scary how V for Vendetta is slowly turning from a work of fiction into a documentary.
Random Thoughts From A Diseased Mind (Not For Dummies)
However, they can add data at any time, without informing people.
They will store everywhere you've ever lived, so then know who you've lived with, and who they've lived with. They'll also know who you worked with. As someone with an interest in datamining, this does somewhat concern me. Here's the full act (ID card act of 2006)
It can be used to store any data:
for the purposes of the prevention or detection of crime
Nice cop-out, eh? This act gives any government the power to store data for the purposes of detecting people doing things they don't want them to do.
Oh, and under this act, *everyone* over the age of 16:
is entitled to be entered in it
Lucky them.
The act can require you to be present at a certain time to provide all of this information, too. If you don't agree on a time or a place then they will just specify one. Don't do it? You
shall be liable to a civil penalty not exceeding £1,000.
Of course, access to the database is highly restricted, it's restricted to people they want to let access it. Phew, was worried companies might get a hold of it for less than, but it's a good thing the government has never been found to give things in return for money.
Also, this is all ignoring the small level problems, like a jilted lover working in the government finding out where their ex now lives, etc.
A large part of the problem is the decentralised nature of government data. One department may know something, another department may know something else. You end up with the need to transfer data between departments, and that's when accidents happen.
The solution to this could be a more centralised system, and that's what the government should be marketing the ID database as. It would seem foolish to complain about the government's record on data storage and then oppose the solution (not that that would stop anybody I suppose).
A week? Don't say that, it makes them sound so efficient that people might actually consider them a more credible government than the one we have at present!
Good link. What this shows is everything that's entitled to be kept in the identity card database which may/may not be what ends up there. We may find that only some of this information is actually stored.
In Argentina we've had universal ID cards for as long as I know. They have a number, address, fingerprint and a photograph.
The main problem with them here, I think, is that asking for you ID number is taking for granted for all manner of things. You need to give your ID number for:
- Voting ... and basically, your personal ID is the de-facto standard database ID for any data related to a person. ... that means that were all this data connected in a single database, it'd give a pretty good picture of what you're up to in life. Like Facebook for law enforcement and criminals. The only thing that keeps us from living in a Big Brother state is Argentina's lack of well stored digital records for most things. Most of the things I mentioned are kept in paper, thrown into a big room somewhere, and never referenced.
- Any and all official paperwork
- Banking transactions
- All credit card purchases
- All contests and sweepstakes
- Registering when going into a building
- Subscribing to magazines, fidelity clubs, etc.
As a Slashdot discussion grows longer, the probability of an analogy involving cars approaches one.
Yes, it's a hash and not an image. The problem is there are three generally accepted formats for capturing and storing the hash. Assuming for a moment they're equally distributed in the marketplace, losing one means it's usable by the bad guys in 33% of applications. The problem gets worse if there's standardization. The print image isn't needed, it's the hashes (templates) that are compared.
It isn't a big thing. It's an ID card that holds a fingerprint record. How is it bad to tie a card to a person?
Yes, and a lot of other information besides held in a central database. I'm sorry, I thought it was Slashdot where I didn't have to explain the concerns of such things?
It is a big thing. It's a big thing in terms of who will eventually have to have one (everyone) and the cost (billions of pounds), for starters.
"It's looking like the UK is in for biometric ID cards within the next few years, despite widespread protest from groups such as 'NO2I"
Nice troll.
Um, it's completely factually accurate. The Government does have plans for a compulsory national ID card and database, and this is one step in the rollout plan.
Yes, but right now the fingerprint doesn't help you in comitting fraud. (other than placing them at a crime scene by faking them using those silicone tricks)
Now, however, it will be possible to produce a nice pair of fake fingerprints and fake ID to commit fraud, making it very very hard to disprove depending on the way the card works. If biometrics are stored on the card only, they become extremely easy to fake once you've broken the security features and the aforementioned proof problem becomes apparent. Also, the card does certainly not solve any of the problems it is supposedly designed for. As long as you have a consistent ID, fake or not, it will check out wherever it is tested.
If you have a central database, the cards are potentially safer because you have to modify/fake both card and database [entry], but there is a greater danger of data loss if the DB is compromised. Given the track record so far, compromising the DB will be a matter of infiltrating one of the contractors working on it.
> For decades all developed countries have kept visa information on centralized databases, thats the whole point of issuing visas!
Yes, you would think so, but actually the UK did not. Even visas issued last year are not in the current database. And the UK does no exit checks, which means they have no idea how many people on visas are still in the country, or have since left.
So yes, the whole exercise is about building a big database. Why this one should work any better than previous attempts is beyond me, though.
I don't know how much of this really works the way he described it, but this seems to be a very good reason to introduce id cards...
The National ID register is going to cost (IIRC) 4.5 billion pounds at the governments estimate. The LSE estimates 19 Billion. The type of fraud you describe actually makes up the smallest proportion of benefit fraud that the UK suffers from, most of it is just done by people lying. If they are trying to stop that form of benefit fraud with these cards, they have chosen the least cost effective way of doing so, and this card gives no other benefits that I can see.
full disclosure: I'm a fully paid up member of no2id
If I have nothing to hide, you have no reason to search me
losing one means it's usable by the bad guys in 33% of applications
How does my hash become usable to the bad guys? They'd have to find a way to receate a fingerprint that would verify correctly with that hash to steal my identity. What's worrying is that although that's not possible (reliable?) at the moment it may be down the line. If this becomes possible and fingerprint hashes are lost/stolen and they're still being used to provide authentication instead of identity then we have a real problem.
Yes and also all legal immigrants also have passports and visas which provide ample means of identification should anyone wish to check their bona fides.
Illegal immigrants obviously don't have any documentation, they don't report to the home office to register their presence and this isn't likely to change with the advent of these new cards, illegals won't have them either.
Employers are supposed to check on a persons right to work in this country before employing them already, by checking and passports and visas they already have the ability to do this. Employers who employ illegals don't check any paperwork and they won't be checking ID cards either once these are issued.
ID cards are not going to do a thing to prevent illegal immigration. This is simply the first phase in the governments plan to roll the cards out firstly to those who have no choice but accept them.
The reason this is bad is because each ID card is tied into the some sort of centralised national computer system which will hold the data the government holds on us in one place. The government has consistently proved over the last year alone they are incapable of securing the data they have already. When every man and his dog, every council, every bank, building society or other company who joins their scheme also has access to all our data the situation can only get even worse, and we're expected to pay vast amounts of our taxes to allow this to happen. It's ridiculous.
But if the solution is outsourced and implemented badly, it will be even worse than the current patchwork of systems - because there will be massive potential for data loss and/or failure.
Those using pirated Tinysoft signatures(TM) are a real threat to society and should all be thrown in jail.
I personally think its a better idea to stop giving money to people simply because they're in our country and have a nigerian passport.
I think the parent meant to say "useable" rather than "readable".
If a one way encrypted hash of the data points are stored on the chip, then this is compared with the hash generated when you put your finger in a scanner.
It's exactly the same principle as hashed passwords, the important thing is not whether it is readable or not, the point is you cannot use the hash to recreate the original data, ergo the concept of "one-way".
How many years did it take for them to find a collision on a 56 bit diffie-helman key ? and to my knowledge, the largest RSA cracked to date was 576 bits (although that's a 2 way function so slightly diferent thing).
The point is, if you have a one way function with a suitable number of bits to make it practically incrackable for the next 100 years, then that will be enough to ensure that your fingerprint data cannot be reproduced and "used" by some unscrupulous person.
I'm sure Al Qaeda have it on the top of their list that before the next plane flies into a building, they make sure they frame Mrs Glady Pew of 37 Edgeware Road for the crime with biometric fingerprint data lifted from her passport :-( </sarcasm>
No. The term "British subject" is pretty much obsolete in law since 1983. (http://en.wikipedia.org/wiki/British_subject)
(There are a few small exceptions for some classes of people who used to be British subjects and are entitled to keep that status if they hold no citizenship of any country, but no-one can now become a subject, so once the people who still fall in this category are gone, there will be no more subjects.)
The data that can be collected is listed in Scedule 1 of the Identity Cards Act 2006 http://www.opsi.gov.uk/ACTS/acts2006/ukpga_20060015_en_5#sch1 There are around 50 pieces of information, however you should look at paragraph 2(d) which gives the government the right to record any biometric information about us. My biggest problem with this scheme is that of function creep and the great amount of surveillance we have here in the UK. If you look down to paragraph 9 in the link I provided you can also see the scheme creates an automatic audit trail every time the information is used. Therefore the correct way to look at this system is in terms of surveillance and building indexes on our lives. I just don't think it is wise to allow the government this much potential for abuse with no reasonable justification.
If someone gets hold of my finger prints, what do I do then?
I have a soldering iron you can borrow.
No, generally not.
Huh ? No one's asked to ID in pubs unless they look like they're not tall enough to see over the bar. I've certainly never been asked since I was 16.
We're British and we are not in the habit of carrying papers or having to prove who we are to every tom dick or harry or jumped up offical we come across. The last time I think I had any need at all to prove my identity was when I got my driving licence 5 years ago and the time before that was probably when I opened a bank account 20 years ago.
Please, you must support this ID card, think of all those very poor multinational IT companies like IBM sorting through people's data, just like they did in Nazi Germany. Think of the politicians and their backhanders, and please, think of the taxpayer who is seemingly ever willing to put their hands in their pockets to find another £20bn (about $40bn US) the country cannot afford, whilst the government loses yet more personal data of the population.
The only people that are backing the ID cards are people with a vested interest in rolling out the police state, and cretins who's only idiotic childish reasoning is "if you have nothing to hide you have nothing to fear."
Of course, the UK government have ways of forcing this "voluntary" ID card. It says that for students (university age) it will be voluntary, but to get a student loan to go to university will will HAVE to get an ID card, no ID card, no loan, no university. Not voluntary in other words unless you have lots of money.
Take Nobody's Word For It.
According to the Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, it's the data subject's data.
I hate this document. Don't get me wrong, I like the idea that the government wants to protect its citizens' data, but as a person in charge of ensuring a medical data application's compliance with this document, plus all the member state's unique flavors - I'm looking at you Spain. I have nightmares when I'm talking to the lawyers that are used to 'roughly' interpreting the data handling policies in the US and think they can continue their 'rough' interpretations in countries that have actually passed privacy legislation.
"There are no facts, only interpretations." --Friedrich Nietzsche.
It is not just a card with a photograph (like an armed force ID card or driving license). It will be linked to *ALL* personal data that you have ever had - your previous addresses, your current address(es), your SSN number, benefits, bank accounts for social security deposits, current employer) and so on. The idea is to eliminate the need for a dozen or so different government databases (one per department) and have one super-database with everything stored on it.
Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
The other posting is probably joking slightly more than you are...
Nerd rage is the funniest rage.
The really nasty thing here is not having a card with an identifying number on it, or even a card with lots of scary-sounding biometric data.
The really nasty thing is that the card implies a central government database which will contain everything they've got on you - criminal record, DNA fragment, address, car registration plate.
They have some or most of this stuff already but the crucial difference is that it's all sliced up into different databases and it's not practical to pull everything on someone.
The ramifications of this are as profound as the impact of large databases have already been in other areas. Imagine you didn't pay a parking fine and bang, the government garnishes your payroll, cancels your garbage collection and prevents you leaving the country for a month.
As for the politics of it, I'm convinced Labour are pushing this through for some sort of nasty, secretive reason. Why else would they keep coming up with one reason after another, none of which make any sense? Someone suggested they like funnelling cash to sh1tty consultancy agencies like Crapita and Accenture, (which sounds plausible since it's along similar lines to how the Iraq war happened).
Also, don't think we will be able to bring this down with passive resistance. People will get them and pay the fee for them when they realise they can't take an exam or get a passport without first getting an ID card. There won't be a massive public reaction to thsi like there was to the poll-tax. The best we can hope for here is that Labour simply give it up as too unpopular, before it is brough in.
You thought you could break the laws of physics without paying the PRICE?
I don't see the big deal. I'm sure one day they might color it green and perhaps call it a Greencard but hey no big deal. That's pretty much its equivalent. My greencard has a picture of my fingerprint on the front for crying out loud.
But instead if a finger print, it's stored on a chip.
1. It's part of the creeping UK Police state
2. We had them during WWII and they were struck down as unlawful a few years after the war was over
3. It's not just the card, it's the massive unified database of everything you do that's going to be behind the card. Not only should the government not have that sort of power, but they are incompetent with data protection.
You're creating a false threat model and dismissing the real threat too lightly.
1. While terrorists may or may not be interested in impersonation, that will affect relatively few people. However, if the ID card becomes part of the UK's critical infrastructure, ie the provision of services becomes dependent on successful reads from cards, then it may be of interest to terrorists or states to attempt DoS attacks.
2. Criminal gangs, on the other hand, will be very interested in impersonation, and could affect many thousands or tens of thousands of people. Not generally for fitting people up (although that will happen, and corrupt officials -- wifebeaters, fraudsters, bent coppers etc -- will likely be in the forefront), but instead to gain access to services / assets.
3. Security is as strong as its weakest link. If the one-way hash is strong, attacks will be made on other parts of the infrastructure instead. But there will be successful attacks, many facilitated via social engineering.
The reason the UK govt has problems is that the system admins aren't happy with their fringe duties dealing with the public and are burnt out. Just take a look:
http://www.youtube.com/watch?v=NwNwTjDLMP4
We're not actually as obsessed about alcohol as you americans.
In fact, compared to europe we're quite strict, but here in the UK once you get past 20 you don't get asked. None of this "You're clearly over 30 but I need to see ID for legal reasons" bullcrap you get in the US.
Doesn't UK Government issue passports and handle birth sertificates and grant citizenships ?
If so, then they, naturally, have a database of all the personal data of all citizens already for a long, long time?
I mean, if they are able to check that Mr. John Q. Random is your citizen, then it's done by checking it against a database of citizens...
How exactly is the fingerprint not readable if it, rather than just a hash, is stored on the card?
It's not the image that's stored but something called a fingerprint template. You can't read the template from the card, the card will simply refuse to read the file for you. But you can send a template to the card and ask to compare it with the stored one.
Even if you could read the template, you can't retrieve the original fingerprint from it. It's not a hash, but kind of.
There are optical and electrostatic ones. I don't think it's easy to fool them. They even tell me my finger is too wet or too dry for recognition.
Papers 'please'!
*marches away, jackboots glistening in the moonlight*
Requiem for the American Dream
This should be reminded to them when the elections come.
IANAL but write like a drunk one.
As an immigrant to the UK, I could still be deported if I lost my job even though I'm from an EEA country (Norway) - I can go "only" go on welfare for about 6 months I believe before the UK could legally send me back, but that's it. Given that I've paid far more tax than the average UK worker for the last 8 years, that's not much. For people from non EEA countries deportation can happen much quicker. This despite the fact that I own a house in the UK, and is married to a British citizen (due to the latter I would be allowed to apply for a marriage visa and reenter even without a job, though).
The exception is that if you have lived in the UK legally for more than 4 years, whether on a visa or because you're from an EEA member state or as a dependent of a legal resident, you can apply for "indefinite leave to remain", which means just what it says, or for British citizenship. Neither are guaranteed.
The ID card has a bunch of physical protection features, like holograms and watermarks. Good luck xeroxing it.
I never said it was copy-protected. The fingerprint is simply not readable at all. And all the data in the card are digitally signed.
Anyway, why would you want to copy a card? You would have to change the picture and fingerprint to successfully steal someone's identity. And after doing that, the digital signature won't match, so the card is useless.
You're creating a false threat model and dismissing the real threat too lightly.
Something like the US and the whole Iraq WMD thing, you mean ?
1. While terrorists may or may not be interested in impersonation, that will affect relatively few people. However, if the ID card becomes part of the UK's critical infrastructure, ie the provision of services becomes dependent on successful reads from cards, then it may be of interest to terrorists or states to attempt DoS attacks.
No more than it is already dependant today on NIC (National Insurance Numbers) or DVLC issued Driving Licence numbers. The possible chance that a new system may be be subject to a DoS attack is no more compelling an argument than a DoS attack on an existing system that is already in place.
2. Criminal gangs, on the other hand, will be very interested in impersonation, and could affect many thousands or tens of thousands of people. Not generally for fitting people up (although that will happen, and corrupt officials -- wifebeaters, fraudsters, bent coppers etc -- will likely be in the forefront), but instead to gain access to services / assets.
Those who want to abuse the system already have moles or assetts in enough places to do whatever they wish. Again trying to argue that adding another potential point of abuse will suddenly plunge us into the dark world of Orwell is nonsensical.
3. Security is as strong as its weakest link. If the one-way hash is strong, attacks will be made on other parts of the infrastructure instead. But there will be successful attacks, many facilitated via social engineering.
Again, you still fail to demonstrate what NEW risks are involved with an ID system over any other system that already exists.
If the best justification you can come up with is that it carries the same risks as all existing measures of identification, then you fail, sorry.
I realise that most biometric systems use minutiae point templates, however, as another poster has pointed out, it appears that even this information can be used to reconstruct "prints" that will fool commercial readers.
http://ieeexplore.ieee.org/Xplore/login.jsp?url=/iel5/34/4107554/04107560.pdf?temp=x
I know when I lived in Japan I had to have a foreign resident card in order to get anything like a bank account or even get paid. This is really nothing new, and I don't see why it is such a huge deal. Sure, the biometrics may be new, but is it really something to make a big hubbub about?
I agree fully. I already have to carry around my drivers license everywhere. Now, I'll have to carry another id around, 2 id's seems excessive.
Well, the frog is now in the pot, and the water is lovely and warm - it thinks it's having a bath!
Get your own free personal location tracker
i dont think its got anything to do with border control - they are just trying to sneak it through the back door via the public support for the 'foreigner' idea, which so many english see as a danger to their country...
i'm personally not impervious to this erosion of privacy - as a working foreigner i expect to receive such a card in the coming months... to which i will probably either burn it, or pointedly refuse to carry it. ever.
Yep. I have 0 problem with proving my identity *when I am asked*. Not when it is demanded, or I have to carry some ID around all the time. I have a passport already I can take to a bank if I open a new account. That's sufficient.
Get your own free personal location tracker
Just can't help the dig? even though I went right out and threw Canada out there in the message (and I realize you used a little A, but Canadians don't much like being lumped in with them at all)
They don't have to get your fingerprints from the digital hash on the card. Anything you've touched recently will do, including the outer surface of the card itself. Some metal surfaces can even store etched images of fingerprints long after they've been cleaned.
"The state is that great fiction by which everyone tries to live at the expense of everyone else." - Bastiat
As I said, as an Alien who is required to carry his passport (are aliens required in britian?) I much prefer the card over carrying around my passport. Frankly its a nice solution for me and only cost 10 bucks. If britain doesn't ID for anything, then that is a different story. In Canada we ID for most things... hell you can't rent a video without a drivers license, a credit card and a urine sample.
A centralised system is the last thing we need. It should be difficult for the government to pull our information together - if they have cause to start trawling through the data then it should be handled by a specialised team, with oversight and proper training with regards to data protection etc etc. Someone who is held accountable if the data should be leaked, and who can go to prison for a very long time if they abuse their position. It's interesting to note that in the original ID card scheme, the penalties for unauthorised access to the database was much less than refusing to sign up for the ID card (which is meant to carry a £1000 fine).
I strongly believe that a centralised database would be abused by some self-important prat at local council level (or potentially any government employee really), who has been given access under RIPA. Just last week I was speaking to someone that was being threatened by the council (as in, invited to a meeting to discuss the consequences to her if she persisted in uncovering some dodgy planning applications that the council has been involved with - luckily her MP got involved and they are now backpedalling furiously). If those councillors had access to all the data on someone from a central location, i'm sure that certain inferences could be made that could be used to discredit honest people if they insisted in having the temerity to participate in democracy.
What, you get NEWS in your local paper? Lucky you, all we get are ads for double glazing firms! If you need double glazing, come to Nottingham.
Smivs on the intertubes!
How will an additional ID card help to do anything?
You forget this is to assist the war on terror by making sure every illegal immigrant has one. I guess the Home Secretary thinks all illegals will turn up at the appointed immigration centre, get biometrically verified, pay the £70 for the card, then be free to go about their unlawful business.
Sure they will.
The only people it'll affect are the law-abiding ones, the ones who wouldn't dream of blowing anything up in the first place, the ones who have valid credit card, driving licences and passports anyway.
Sometimes I wish we had George W Bush as our political leader, it'd be an improvement!!!
Oh, Canada. Right.
Less experience there. But in general no, we Brits don't present ID at bars (unless they are bars specifically aimed at the just-over-18 crowd and you're only just over 18) and we don't have the requirement to carry any documents in our cars either. As another poster said, if the police stop you and are suspicious they can ask you to present your license and insurance at a station convenient to you within 7 days.
Do they card everyone in canada the same as they do in the US, if you look like you're not middle-aged or sometimes just everyone 'just because'?
Because that's really nuts.
Its not the fingerprint you need worry about, its the hash. If I have your hash and I can hack the data stream/server, I can supply your hash directly, bypassing the fingerprint reader. What's the chances of being able to hack a client device to do this, or a server that accepts these? Now when that happens, you can't just revoke the fingerprints and send a new set in the post to the user like you can with a PIN or a passcard.
How easy is it to get a set of hashes for the population? Just wait a while and a laptop or USB stick will appear on ebay before long.
1. It won't just contain a fingerprint, the trial runs the government did a few years back contained every piece of information you could think of (except a DNA sample) - fingerprint, photo, height, weight, address, convictions, occupation, etc.
2. Where was the troll? I made no mention of where I stand on the subject, I merely stated that there is a hell of a lot of groups protesting this (NO2ID is one) and that imo the government will steam roll ahead with this.
There was madness in any direction, at any hour. You could strike sparks anywhere. There was a fantastic universal sense
I have a passport already I can take to a bank if I open a new account.
But what is a passport, if not a form of identity card? Thing is, not everybody has a passport. Not everybody is entitled to a UK passport - so the banks start asking for a utility bill (what if you're not responsible for utility bills where you live) or a birth certificate (scratty little bit of paper with illegible doctor's handwriting) or some other evidence never designed as proof of ID.
Now, in a perfect world, you could envisage a high-tech electronic ID card with top-notch encryption beautifully set up so that it only told the reader what they were entitled to know: the barman slots it in a reader and all it tells him is that you are over 18. The cellphone company slot it in, type in the address you've given them and the ID card says "yes, that's right". The policeman swipes your card, lets you go on your way and he doesn't even discover your name until he persuades a judge that there is a valid reason to unlock the encrypted record.
Produce one of those and I'd sign up because it would be less invasive than what currently happens... except there is One Small Problem: the odds of our beloved government getting it right are about the same as... (hmm: Monkeys writing Shakespeare? Moles building a Large Hadron Collider? Crows building an Olympic stadium? Oh, wait, I know) ..are about the same as the odds of the government successfully delivering any ambitious IT project.
In a survey of 100 programmers, 111111 thought that duck-typing was a good idea.
you can't just revoke the fingerprints and send a new set in the post to the user like you can with a PIN or a passcard.
Very good point, I hadn't considered where that would leave us if the device could be bypassed. So, using a static base to create a hash that's used as authentication is fatally flawed if the ability to revoke/replace the hash is required - makes sense if you think about it.
What's required here is to use something else alongside the hash, or preferably when the hash is created that also is required when the biometrics are verified. Sounds like two-factor to me which, again, takes us to biometrics being identity only, not authentication.
it'll be like the chip+pin cards that were 'unbreakable'.
Just get a reader, capture the hash that is sent to the verification network (either using a modified reader, or sniffing the wireless signal), and look at the user as they type in their pin code. You do it at restaurants all the time, don't you. Only whereas currently the bank will return any money stolen in this way, now "you" will be going out and buying 2 tons of fertiliser.... (or did you think the terrorists will give up because Jacqi Smith says they have to carry ID cards, lol).
it'll be like the chip+pin cards that were 'unbreakable'.
Yeah, I get it, it's still a problem. My point though was not to solve this, it was to provide a way that your 'fingerprint hash' could be revoked and replaced with another. If your hash is based on fingerprint + password then that can be revoked and replaced with a hash based on fingerprint + newpassword, something you can't do with a fingerprint alone (or, at least limited to fingers, toes, ears etc).
Citizens Data? Subjects Data?... Who's Yer Data?
Yes because the fines are really big if they're caught serving alcohol to a minor. Its compounded by the fact that our drinking age varies between 18-19 depending on the province, so those at the age can look really young.
They supposedly card for anyone who looks under 25 and women the bartender wants to take home who are over 25.
But the ID is used every where here. Getting a cell, bank account, video rental membership, etc..etc...
basically it seems like some companies just look for an excuse to ask for your idea.
To express my detest for G. Brown
I jest I'm a threat to the Crown
Yet if I were Islamic
They'd not get this but panic
I'd spend forty two days underground
fe47c9f8cb83c885eedb0f7c1a36a864
I suppose you could change which fingertip you used for authentication...
"guard: place your finger in the reader please sir"
"you: ah, I got hacked, so I had to change it."
"guard: fine, put the appropriate finger in the reader please sir"
"you: trouble is, I can't remember which one it was, oh bollocks"
"guard: unusual, but if you'd get them out, and place them in the reader please sir"
Er ... well, unless it's possible to falsify fingerprints?
Of course, newer fingerprint readers are bound to be better than the old ones, and luckily those who may want to 'pretend' to be someone else will give up trying to beat the new readers as soon as they are foiled - they just have no staying power do they!
Eclectic beats from Leeds, UK
handmadehands.co.uk
When I was a teenager and wanted to see something at the cinema that was age-restricted (12 or 15) they'd generally check by saying "what's your date of birth?". If you're 14 and want to get into the 15-certificate film, just subtract one from the year.
Yesterday I registered for my local library. A few years ago (previous local library) I didn't need photo ID -- just something official with my name and address on, like a bank statement. This time I did.
One problem is people without ID that want some -- e.g. people who can't (too young, unable) or choose not to drive don't really want to carry round a passport if they look young but want to go into a nightclub (18+).
I carry a driving license with me in Britain, but that's because I look young enough that I sometimes need ID for buying alcohol (18) etc and it's annoying if I don't have it. Once this is no longer an issue, I probably won't carry it. As I understand it, foreign residents don't have to carry ID.
Isn't it Subject's data?
Neither - it is foreigner's data.
Huh ? No one's asked to ID in pubs unless they look like they're not tall enough to see over the bar. I've certainly never been asked since I was 16.
I think it's a while since you were 16. Certainly in any decent-sized town you'll be asked for ID until you look 21 or more. I was asked for ID at the weekend, I'm 22.
(It would be interesting if the drinking age were 16, since there's no decent ID available to those too young to drive. I have a provisional license, even though I have no intention of learning any time soon.)
You cannot be actually living in UK. Sure we have all that, but my issue is the COMPETANCY...
4 Million surveillance cameras (avg. person gets filmed 300 times a day)
All operated by a bunch of morons, who either sleep on the job, or are busy using them to film Traffic offences (bus lane offenses, etc) as its a lucrative money train.
Citizens have to agree to full biometric scan and filing in order to apply for a passport (quote by government: If you don't want to give us your prints that's fine, you don't NEED a passport, you can stay at home).
Current UK passports do NOT have fingerprint information.. They ONLY store the photo, and details (no facial stucture information either.... impossible considering I applied via the post, and just provided 2 photos). I should know, I have one of these, and noone has taken my fingerprint. My passport expires in 2017, which gives me enough time to plan to move out, if things become worse.
but you are WRONG in that count.
http://www.ips.gov.uk/passport/about-biometric-chip.asp
Engage in terrorism (call me what you want but that the 07/07/07 attacks on the London commuter busses overlapped with a terror training session on the exact same day, in the exact same place at the exact same time according to the government speaks of an inside job to me
a) it was 07/07/05 (this more than anything shows u are probably not a brit yourself, we all know that
b) if was 3 TRAINS and one BUS
c) conspiracy theory. The government conducts training sessions quite frequently.
Have a nice day!
Don't the british carry their drivers license? (its what an ID card is in Canada) How do you ID at pubs?
The British license is not like the Canadian one in that there is no photograph on it and it is valid until you turn 70 years old (as long as you are younger than 70 when you get it otherwise I think it is valid for something like 5 years?). I'm not sure if they have now added a photo to it (seem to remember something about that) but as an ID it is useless for a majority of people who have the old style. But that is fine, it is not meant to be an ID it is meant to show that you know how to drive.
Maybe the point isn't that the new system will have people trying to beat it in a variety of ways, which it obviously will, or that eventually they will succeed - and I'd guess that in this case "eventually" will be very soon - the point is that if the brand new shiney chromed super boxed set of three ID Cards are no better than the existing setup, where's the gain? Not one of the claims from the Gov. of exactly what they will help with holds any water - they simply won't help, and it's going to cost an arm and a leg!
On top of that there is the worry that it might actually make things worse - if the ID Card is incontravertable proof of identity and someone clones a card with your name + ID but their fingerprint/photo/whatever then they ARE you! ... or copies your fingerprint onto their fingers and commits a crime then YOU did it - no if's, no but's ... it was you ... the system said it was!
Eclectic beats from Leeds, UK
handmadehands.co.uk
The most interesting information they want the database to contain is the audit trail - "particulars of every occasion on which information contained in the individual's entry has been provided to a person". This means that, in principle, it will be possible for anyone who works for the government to track details of every time your ID has been checked. This could include every time you've gone to a bank, bought alcohol, rented a car, etc. Fun, isn't it?
Kind of expected, isnt it?
The only reason I posted here is that this documentary was so interesting in many aspects that I wanted to share this story. Ironically I watched it the evening before I took a flight to London and stayed up way longer than planned. So when I arrived in Luton and showed my ID to a Sikh I must have looked like a zombie (at least that's how I felt).
To wrap it up: I'm exactly neutral when it comes to the introduction of IDs in the UK since it's not my cup of tea and as a good EU citizen I should not care how other members deal with internal issues (at least as long as the freedom of persons, capital and goods isn't touched). Nevertheless it is kind of odd that German customs has to deal with such a flood of Nigerian passports going to the UK (and we are most likely just a minor interstation in the global mail system). To me it's one aspect proving that the system in the UK is not sufficient when it comes to identifying individuals. I don't care how it's being solved, but if you look at other EU members it works rather well with IDs. Compared to an energy bill an ID provides actually less information to private companies. But of course the UK can do whatever they want and if they find a solution to this problem which does not involve IDs it is totally fine...
I don't read replies by ACs.
>An ID card is designed for internal identification within the state wheras passports are for external identification by other states (i.e. allowing you to "pass their port").
That's pure bull. I live in Europe and I never had any ID card because I always had a passport.
The ID law says expressis verbis that "an ID card can be issued for people not owning a passport"
In addition to "softening" up joe public, when "most of" the immigrant population HAS an ID card, proving their entitlement to be in the UK etc, then, if you dont have one, then you're either innocent or a OMFG terrorist/health tourist/illegal immigrant etc. Hence, to "prove" you're a EU citizen, you'll need to get one yourself, since you'll automatically be suspected of being illegal by not having one, more so if you're not white. How else do you prove you're entitled to NHS services etc, if you dont have one? The government wont "force" you to get one, you'll do it all by yourself.
You might want to factor in the biased, outdated, unfair Japanese criminal justice system
In Canada if you don't have a driver's license you can get an ID card from the government. Its just to verify your date of birth and who you are for all those kinds of things. Costs around $20 I think.
Passports are issued by the country of origin, and visa stanps are added. There's no requirement to carry a passport once in-country.
ID cards are controlled and issued by the UK government, with a lot more information required - such as home address. This can then be stored in a giant database, and all interactions with local and national government can be recorded against this database. It is likely they will be made mandatory to carry at all times.
They'll not be issued to EU citizens yet, as EU law prevents any measures being used on EU citizens that are not also used for domestic citizens.
This is a trial run against people who already have to have extensive paperwork for visas, in order to track and identify them far more easily than is currently possible with the paper based system. The end-goal is to issue them to all British citizens, and most likely resident EU citizens too, and make them mandatory to carry as the (much simpler, non constant-database) IDs often are on the continent.
ID cards are planned to be merged into passport issuing, so that when you get a reissued British passport with more details and biometrics on it, you'll get an ID card too whether you want one or not. The next step will be to make ID cards mandatory, as passports are not.
Remember kids, it's all fun and games until someone commits wholesale galactic genocide.
What difference does it make that the risks are analogous to those that already exist? If the new system increases both the frequency and the severity of the risk, that means that there will be worse problems than we currently have. Indeed, the problems may be systemically dangerous, as the financial industry is neatly demonstrating for us right now -- no new risks there, just too much debt resting on too little capital, but it's enough to cause huge threats.
My thinking is not the same dumb thinking that led to Iraq -- it's derived from reading and reflecting on what credible security analysts such as Ross Anderson have to say.
In addition, you've just made some bland assertions on the detail that don't stand up to scrutiny. It's a stated aim of the new system to make access to services dependent (note the spelling; dependant is someone who relies on you financially) on successful reads from the ID card. The services that have been mooted include such everyday items as seeing a GP, using a bank account, etc. You do *not* need DVLC or NIC to do these things. Indeed, the times when you need your NI number or driver's licence are very few and far between (albeit important at that time). As is well known, you don't have to have your driver's licence on you to drive. By contrast, the aim of the ID card system is that you won't be able to walk down the street without your ID card -- if you get stopped by a state agent (I refuse to consider a PCSO a public servant or an office holder), you will be expected to produce your ID card on demand.
2. The argument that "well, our current system is insecure, so what the hell, we might as well introduce something that's even more insecure" is just bizarre. What is the point in making things much simpler for both individual abusers and criminal gangs? From a standpoint of the economics of security this is completely barking. I'm not arguing here that we get plunged into the dark world of Orwell (although given that members of my family were caught and sent to concentration camps by German state agents using much less effective technology, I think I'm right to fear systemic abuse by the state of these kinds of tools). I am arguing, though, that if there are currently hundreds of cases of abuse each year due to impersonation / tracking victims down etc, there will be tens of thousands more with the introduction of ID cards, and that this outweighs the purported benefits of the cards. The system holds vastly more data, so the chance of a malicious user finding what they want is greatly increased, and it is accessed by vastly more people including remotely, so the number of points of failure is hugely increased.
On the other hand- Do I have a right to view the details kept on me and to view this audit trail?