UK Gov't To Require ID Cards For Some Foreign Residents

craigavonite, writing "It's looking like the UK is in for biometric ID cards within the next few years, despite widespread protest from groups such as 'NO2ID,'" excerpts from an article at the BBC describing a UK identify card to be issued starting later this year: "The biometric card will be issued from November, initially to non-EU students and marriage visa holders. Home Secretary Jacqui Smith said the cards would allow people to 'easily and securely prove their identity.' Critics say the roll-out to some immigrants is a 'softening up' exercise for the introduction of identity cards for everyone."

In Soviet Britain ...

[DrHyde]

... card identify YOU

Re:

[aproposofwhat]

But a +5 SadIndictmentOfNeuesArbeit would be more apt, surely?

the opposing group is "No2ID"

[YesIAmAScript]

As in "say no to ID". Makes a lot more sense doesn't it?

Re:

[thermian]

As in "say no to ID". Makes a lot more sense doesn't it?

They lost my interest when they started spamming me with leaflets after I registered interest. I'm not so inclined to support an organisation that spends so much of its money on maildrops that just end up in the bin with all the other crap.

Re:

[YesIAmAScript]

Oh. Slashdot edited the story. The summary used to say "No2I" was the name of the group.

That's why I posted this correction.

Stop!

[Smivs]

Didn't I see an hilarious piece on You Tube [youtube.com] recently about redesigning the Stop Sign? Well these things look the same! What a waste of time and money. I don't even need one...I know who I am.

Where to begin.

[supersnail]

1. It wont stop illegal working.
      Anyone who is supposed to have such a card but doesnt can just pretend to be on of the 99.9%
      of the population that is not required to have the card.

2. Whats the point of the frigging fingerprint?
      Who has got the both tha equipemnt and the right to check it?

3. The variously elected and appointed idiots are in thrall to various "consultants".
      To paraphrase Warren Buffets immortal words "Never ask a consultant if you need an overpriced solution".

4. Lastly but most importantly -- there is no "problem".
      Various candidates for the problem to which id cards are the solution have been proposed and they have
      all been found wanting.
      First it was terrorism -- but it was pointed out that all known serious terroist attacks in hte UK
      were carried out by terrorists using thier real names, and, that at no point in the leadup to any attack
      were they required to identify themselves.
      Second it was illegal immigration -- but some 350 million EU citizens have the right to work in the UK
      anyway, the much villified asylum seekers are attempting to immigrate legally, plus nobody is going
      to check the documents of thier Russian nanny or Morrocan cleaner.
      Thirdly it was "identity theft" -- but if the banks give money/credit to unverified strangers it is
      thier problem. For this to be effective lenders would need to have; the equipment to read the card,
      the right to ask for a fingerprint and access to the central database to verify the validity of the
      card.

      Currently Jaqi Smith cannot come up with any reasonable justification for this system at all but is
      still pressing ahead with a system that will dump billions into the coffers of the "usual suspects"
      Accenture, EDS (now HP), CAP and IBM.

Well at least the labour party will be more or less extinct in a years time, but the civil servants who
are pushing this idea will still be there, and the Conservatives look even more prone to SnakeOil salesman that the incumbent idiots.
                         

Re:

[BlackCreek]

4. Lastly but most importantly -- there is no "problem". Various candidates for the problem to which id cards are the solution have been proposed and they have all been found wanting.

Very nice post. But I disagree on a minor thing with it. When you said there is no problem, you should have said there is no "justification". IMHO the "problem" that they are trying to solve is "lack of total control over population", and as such it exists.

BTW, a good movie to watch about the UK is Taking Liberties [rottentomatoes.com].

Re:

[tangent3]

I'm going to reply from the point of view of a citizen of one of the many countries (in this case, Singapore) outside the US and the UK that have successfully deployed an ID system for many decades.

1. It wont stop illegal working. Anyone who is supposed to have such a card but doesnt can just pretend to be on of the 99.9% of the population that is not required to have the card.
This is true. In order for this to work, the whole population is required to have an ID.

2. Whats the point of th

Re:

[Rogerborg]

How does Sinagpore deal with the problem of fake IDs? I don't see anything in this UK ID that will stop it being faked, early and often.

Re:

[Nursie]

Singapore is already effectively a police state. That's how.

Re:

[tangent3]

Nothing is unforgeable, but can be made very hard to forge.

https://www.psi.gov.sg/NASApp/tmf/TMFServlet?app=SIR-VOICES-ENQUIRER&isNew=true&Reload=true [psi.gov.sg]

Re:Where to begin.

[supersnail]

Some of your points would be valid if the government were proposing a universal id card for all citizens.

But they are not proposing this because they know there is large scale opposition to this ( as in civil disobedience, refusal to pay, court challenges, and, quite possibly riots).

Instead they are trying to sneak in a small scale implemetation for spurious reasons in hte hope that onece the infastructure is in place they can push the boundries until is does become a universal id card.

As for the fingerprint issue. The fingerprint data is stored electronicly on a chip within the card, therefore special equipment (which must have the the RSA key to decrypt the data) is required to check the fingerprint.

Either only heavily restricted government agencies are allowed this equipment or the RSA key becomes public knowledge. Given a public key to test, known plaintext and a large number of samples the time required to crack the private key is much less than expected lifetime of the average card so the technical implementation is deeply flawed. I.E. The UK public is being forced to pay over $100 US for something that is no more secure or reliable than a 90 cent plastic photo id.

Aside from the technical implmentations, the matter of principal for the average Brit is that while they live in a deeply flawed democracy and in theory they have less rights than the citizens of many other countries they have (or imagine they have ) much more personal freedom/privicy than the citizens most other countries.

While this has been deeply eroded over the last century these freedoms are still cherished and the any attempt to interfere with this will be strongly opposed.
                             

Re:Where to begin.

[Aceticon]

I'm actually from an European country which has ID cards and i'm living in the UK at the moment.

My ID card is actually quite handy as means of identification since it's basically a plastified card with my photo and thumbprint on it, small enough to fit in my wallet and accepted everywhere in Europe as means of identification.

That said, here is why i am firmly against ID cards in the UK:

• The UK has the most duplicitious set of politicians I've seen in all the countries in Europe i've lived in. These guys will say one thing one day, a different thing the next day and yet a third thing the following day. The top politicians have few boundaries and will make and pass laws not on the merits of the law but for reasons like "to get more votes" or "to project an image of being a strong Prime-Minister". This is how, for example, the 30 days detention without trial law was extended to 45 days (the PM needed to look strong and shore up votes)
• Small powers are constantly abused around here. City councils using anti-terrorist laws to spy on people suspected of letting their dogs foul the pavement, people forced to pay on the spot fines for "dirtying the street" when their little child let a piece of cake fall to the pavement, Health and Safety rules used to stop perfectly legit gatherings 'cause "there is a danger that people might hurt themselfs", traffic cameras and payed parking setup all over the place purelly (often openly admited) for the purposed of making money from the fines.
• The top police officers are power hungry and currupt (not currupt in a "getting payed by crooks currupt" but instead currupt in a "doing whatever i takes to get and keep personal previledges" kind of way)
• The UK electorate is shallow, ignorant, clueless and easy to deceive with light and mirrors shows. This is the country of the "celeb" (celebrity) cult where being on Big Brother can propel you from being a nobody to being constantly followed by the local papparazzi. Local newspapers have by far the largest amount of space dedicated to celeb and gossip "news" of all Europe - and yet the vast majority of celebs are actually nobodies. IMHO, this is why local politicians say the most outrageous lies (and contradict themselfs the next day) and people still vote for them.
• There is no space for freedom and privacy in the laws around here: 45 days of detention without trial; anti-terrorist laws so open that you can be detained just by looking sideways at a cop or criticizing a politician at an open meeting (real case); a circle of 1 mile around the parliement where you can be detained for "unlawfull demonstration" if you simply raise your voice while criticising anything; a DNA database with the DNA of everybody ever detained by the police (including children) even if not prosecuted for anything; the highest density of surveilance cameras per-capita of the whole world

The problem aren't the ID cards, the problem is that the local institutions and politicians cannot be trusted with anything that can be (mis-)used for surveilance or constrol of people.

Re:

[aeiah]

i agree with most things you wrote, although i cant let the comment about local newspapers stand. our local paper is packed front to back with murders, robberies and rape thankyouverymuch. none of that celeb shit here, just fear and violence ;) what irritates me most about this ID card move is that they're trialing it with a group of people who cannot oppose it. they're forcing the most vulnerable to go through with it. dont want an ID card? get out of the country. once the ID cards are established in the

Conservatives had said they will repeal it

[jotaeleemeese]

This should be reminded to them when the elections come.

Re:

[Anonymous Coward]

Lastly but most importantly -- there is no "problem".

Certainly true. Classic case of a solution looking for a problem.

You guys don't really know what's going on, right?

It's all a big chess game. They moved another piece, and 8 moves ahead, they have achieved government lock-in.

All governments of the world are slowly marching towards their innevitable clash. Achieving maximum control of their respective populations is a pre-requisite on the tech tree of this giant RTS game that is to come. Let's just hope it

Re:

[digitig]

To be fair, all the opposition parties (Conservatives [conservatives.com], Liberal Democrats [libdems.org.uk], SNP [snp.org]) oppose ID cards and say they would scrap them, if elected.

Sorry, I don't follow. What does what a party says pre-election have to do with what it does if it gets into power? Once the businesses that want to cream another GBP93 (about US$170) from every person in the country offer some healthy party donations to whoever is in power, pre-election promises will quickly be abandoned.

The GBP93 is an old figure; http://www.guardian.co.uk/politics/2005/may/25/immigrationpolicy.idcards [guardian.co.uk] -- it's probably more by now. And it doesn't seem to take into account the annual runni

pointless

[muftak]

How do they tell the difference between someone that is foreign and someone that just looks foreign? Any black person can just claim they are a British citizen, so don't need an ID card.

Sigh

[SmallFurryCreature]

this is just the first part, sooner or later everone will have one, so your argument is null and void. As well as pretty stupid.

For now you can claim that you don't need a card. This will pass with time. That is the entire plan. Start small, then slowly get everyone to have to ID themselves.

Sometimes you wonder how the goverment can introduce such schemes without people protesting and then you see people like you and you know why. The voter is stupid.

Re:

[Chrisq]

Yes, the voter is stupid. That's why whenever there is a bombing I chuckle. Stupid bastard cancers deserve to be blown up.

When have you last heard a report say "first the terrorists released all the slashdot posters"?

ireland

[ionix5891]

They already have biometric Garda National Immigration Bureau (GNIB) plastic cards with chip and other info on you here in Ireland (Republic of) for non nationals, and it must be on you at all times...

Re:

[digitig]

And, as I discovered yesterday, it seems you need a passport to fly from Dublin to Cork. Not just photo-id: a passport. Some of the nationals I spoke to seemed pretty annoyed.

All terrorists required to have one

[David Gerard]

Identity cards introduced for those foreign Johnnies, not you [today.com]. "The card will be compulsory for foreign nationals. All terrorists and illegal immigrants will be required to obtain one and show it to policemen, council officials or dog catchers on request. LOOK! TERRORISTS!"

This is largely from (a) civil servants who think it'd be convenient to their jobs to have everyone filed and numbered (b) private contractors like EDS and Capita who have been promised CASH CASH CASH for consulting on such schemes, and certainly don't have a track record of employing ex-goverment ministers and senior civil servants at vast consulting fees 12 months after they leave the government. Well, maybe a bit of a track record.

The ridiculous thing is that this is a creature of the Labour government, who are vastly unpopular, and will likely be kicked out on their corrupt arses in the 2010 election. This scheme is set only to be fully implemented by 2011/2012. EDS and Crapita will, of course, still be paid in full.

new eyeballs, please.

[aristolochene]

because once your biometric details are stolen it's easy to replace/reset them.......

Why target foreigners?

[Sprotch]

What is the logic behind targetting foreigners first? The obvious answer is that the population is less likely to protest. I suspect some not-so-thinly veiled xenophobia.

Its a tax raising exercise

[trash eighty]

Its a new stealth tax, just like how the fee to get permanent residency has gone up about 300% in just a few years. No doubt there will be a nice hefty fee to get this card and no one will care because its immigrants paying right?

UK passports are already biometric..

[Dr_Barnowl]

Maybe the data isn't stored on the RFID in the passport. But there's the headshot ; such an obvious biometric that people forget about it.

What many people noticed on applying for a UK passport recently was the leaflet that came with the form telling you exactly how to pose for your photograph... you were only allowed certain margins, certain backgrounds, you had to face forward, you had to take off your glasses. It was pretty clear to those with a technical bent that the photograph was intended for consumption by a computer, so I'd suggest that anyone with a recent UK passport is already in a large database of facial geometry metrics somewhere in the Home Office (and maybe on your passport chip too). This would mean that you are ripe for rapid recognition from any sufficiently detailed CCTV footage ; and as we know, the UK has more CCTV cameras than anywhere else in the world. Nice.

Now, people don't habitually carry their passport in the UK, partly because it's a valuable document, partly because you don't need it for everyday usage, and partly because of the form factor - a little red book that doesn't conveniently fit into your pocket without the risk of being bent. A credit card sized ID on the other hand, is VERY easy to slip into your wallet and forget about.

If I were the UK government wanting to promote the routine carrying of an RFID enabled ID, I'd make the UK passport modular - a red book for the visa stamps, with a pocket in the back to carry the wallet-sized photo / RFID card when you're travelling. A lot of people would take to carrying their "passport card" routinely because suddenly, it's convenient.

Many is the time I've turned up at a place and found I needed a photo-ID or my passport and not had one, buying foreign currency, for example. It would probably work on me (after I put the tinfoil weave in my wallet, of course).

Re:

[pjt33]

you had to take off your glasses

That could cause a problem for the person who has to sign my next passport photo to warrant that it's a faithful likeness.

Re:

[TheRaven64]

I work for a disability charity and we've had parents bemoaning that they just can't get their disabled child to not smile when they sit in front of a camera - let alone stay still!

And the best thing is that the face recognition software they use at airports uses the passport image, and can't identify you if you smile. I walk around airports with a bemused grin on my face whenever I travel.

The really depressing thing is how good the current government is at ignoring expert advice. Whenever I talk to any of the government scientific advisors, they display a good understanding of this subject. Somehow, this gets ignored when setting policy, however.

Feature creep

[smoker2]

The issue as I see it is this.
At present I carry a passport, a driving licence, another chipped card for the tacho in the truck and various other cards for entitlement to drive various machinery.
The lame brained would say it is more convenient to have all the relevant data stored on one card. I disagree.
If I travel to a foreign country, I need a passport and maybe my driving licence (to hire a car). If I don't travel, I don't need the passport - why should I prove my entitlement to travel if I am in my native country ? Why should I open my complete life to inspection every time I "prove" my identity. The passport application process surely proves my right to be here. My driving licence proves my entitlement to drive on public roads in the UK, why should it identify me to the immigration dept. too ?
There will gradually be feature creep in the system leading to even your bank cards migrating onto this one evil card. Fine you say, less to carry around. Except that you will be required to use it more and more to gain access to anything. This means your entire life is recorded - which roads you used and when, what you bought and where, who was nearby when you drove and or bought anything etc etc.
The question you should be asking is not, can the cards be forged ? The question should be - can the system be hacked ?
Is there anybody here that thinks that any networked computer can be hack proof ? In that case, what happens when somebody breaks in and uses YOUR primary key to create a totally ficticious chain of events placing you in the vicinity of a robbery, murder, terrorist act, or even in the same building as other known criminals. As far as the police are concerned, the system doesn't lie and since your card contains your finger prints, it can't be anyone other than you that the records refer to. Not a problem ? Well not a problem until you are late for a train and they think you are about to set off a bomb and decide to shoot first and ask questions later. Quite a bit of incentive for terrorists there I think. Create a false trail for themselves, showing nothing but innocent activity, and a damning trail for some innocent who will be miles away from the action but conveniently will have the police trailing them, not the terrorists.
Bad idea.

Scary

[Ihmhi]

It's scary how V for Vendetta is slowly turning from a work of fiction into a documentary.

ID card support

[Wowsers]

Please, you must support this ID card, think of all those very poor multinational IT companies like IBM sorting through people's data, just like they did in Nazi Germany. Think of the politicians and their backhanders, and please, think of the taxpayer who is seemingly ever willing to put their hands in their pockets to find another £20bn (about $40bn US) the country cannot afford, whilst the government loses yet more personal data of the population.

The only people that are backing the ID cards are pe

The card isn't the point!

[jambox]

The really nasty thing here is not having a card with an identifying number on it, or even a card with lots of scary-sounding biometric data.

The really nasty thing is that the card implies a central government database which will contain everything they've got on you - criminal record, DNA fragment, address, car registration plate.

They have some or most of this stuff already but the crucial difference is that it's all sliced up into different databases and it's not practical to pull everything on some

Frog into pot, Gas on 1.

[caluml]

Well, the frog is now in the pot, and the water is lovely and warm - it thinks it's having a bath!

Re:Big Fricken Whoop De Woo

[cs02rm0]

It isn't a big thing. It's an ID card that holds a fingerprint record. How is it bad to tie a card to a person?

The UK government has shown countless times that it's unable to keep its citzens' data secure.

If someone gets hold of my credit card and CCV number and creates a forgery I ring up and get a new one.

If someone gets hold of my finger prints, what do I do then?

Re:Big Fricken Whoop De Woo

[Vectronic]

Well, if someone does, it's funnier if you say "pull my finger" first.

Re:

[meist3r]

I wanna see you tell unfunny jokes the next time you get pulled out of the airport and dropped in a detention cell because your "pulled" fingerprints appeared on an IED in Iraq or a burglarized weapons depot somewhere in the Ukraine. It's really easy to land on the "no-fly/terror suspect" list nowadays and by granting authorities the right to distribute your data all over the world you basically WANT to be on one of those lists.

Re:

[Konster]

Use another finger. You've got ten of them.

From there, ten toes.

Re:

[maxume]

The other posting is probably joking slightly more than you are...

Re:Big Fricken Whoop De Woo

[nospam007]

No-EU students etc have to have a passport anyway just to be able to come there, so they have an internationally accepted way of identifying themselves.

How will an additional ID card help to do anything?

Re:Big Fricken Whoop De Woo

[cs02rm0]

They're planning on getting rid of passports for ID cards. It gives them a centralized database, more information on you and as the scope quietly creeps up people will be apathetic until passports are gone and they're squarely in 1984.

Re:

[Candid88]

You are mistaking passports with visas (and from the article, specifically long-term visas). For decades all developed countries have kept visa information on centralized databases, thats the whole point of issuing visas!

It's pretty certain they won't be replacing passports with ID cards. The two serve completely different functions. An ID card is designed for internal identification within the state wheras passports are for external identification by other states (i.e. allowing you to "pass their port").

Re:

[cs02rm0]

I don't think I am. Amalgamating cards that serve different functions is a large part of this project. I'm pretty certain that ID cards won't get off the ground, but I'm also certain the plan is to use the ID card as the replacement for every possible form of ID.

After all, they want to track your movements outside the state as well as inside.

Re:

[thsths]

> For decades all developed countries have kept visa information on centralized databases, thats the whole point of issuing visas!

Yes, you would think so, but actually the UK did not. Even visas issued last year are not in the current database. And the UK does no exit checks, which means they have no idea how many people on visas are still in the country, or have since left.

So yes, the whole exercise is about building a big database. Why this one should work any better than previous attempts is beyond me

Re:

[SenseiLeNoir]

until passports are gone and they're squarely in 1984.

I would be totally impressed, judging by the sheer incompetency of the UK government, if anything like 1984 happens.

Sure they may try, but frankly, its just not going to happen.

Re:

[nbert]

I recently watched a documentary about customs on German TV. They check everything which goes trough Germany by mail somewhere near Frankfurt. They interviewed one guy who is specialized in finding passports. He said he finds dozens of fake Nigerian passports going to the UK every day. They are usually hidden in DVD boxes or simply wrapped in tinfoil. His explanation was that Nigerian passports are rather easy to fake/modify and that it's rather easy to apply for welfare with such a passport in the UK since

Re:

[VJ42]

I don't know how much of this really works the way he described it, but this seems to be a very good reason to introduce id cards...

The National ID register is going to cost (IIRC) 4.5 billion pounds at the governments estimate. The LSE estimates 19 Billion. The type of fraud you describe actually makes up the smallest proportion of benefit fraud that the UK suffers from, most of it is just done by people lying. If they are trying to stop that form of benefit fraud with these cards, they have chosen the least cost effective way of doing so, and this card gives no other benefits that I can see.

full disclosure: I'm a fully paid up memb

Re:Big Fricken Whoop De Woo

[CmdrGravy]

I personally think its a better idea to stop giving money to people simply because they're in our country and have a nigerian passport.

Re:

[CmdrGravy]

Yes and also all legal immigrants also have passports and visas which provide ample means of identification should anyone wish to check their bona fides.

Illegal immigrants obviously don't have any documentation, they don't report to the home office to register their presence and this isn't likely to change with the advent of these new cards, illegals won't have them either.

Employers are supposed to check on a persons right to work in this country before employing them already, by checking and passports and

Re:Big Fricken Whoop De Woo

[mcwidget]

If someone gets hold of my finger prints, what do I do then?

From what I've seen with biometrics previously, I doubt that your fingerprint would be stored in any sort of image-like or exportable form. Normally, a hash is taken based on your fingerprint (think GPG singing) and that hash is stored. It's a one way calculation, you can't then turn that hash back into a fingerprint but you can verifiy another fingerprint to the hash.

Minutiae Points

[mad_robot]

Fingerprints are stored in the form of Minutiae Points rather than scanned imaged.

But that doesn't mean they can't be reconstructed. [ieee.org]

Re:

[Isao]

Yes, it's a hash and not an image. The problem is there are three generally accepted formats for capturing and storing the hash. Assuming for a moment they're equally distributed in the marketplace, losing one means it's usable by the bad guys in 33% of applications. The problem gets worse if there's standardization. The print image isn't needed, it's the hashes (templates) that are compared.

Re:

[gbjbaanb]

I suppose you could change which fingertip you used for authentication...

"guard: place your finger in the reader please sir"
"you: ah, I got hacked, so I had to change it."
"guard: fine, put the appropriate finger in the reader please sir"
"you: trouble is, I can't remember which one it was, oh bollocks"
"guard: unusual, but if you'd get them out, and place them in the reader please sir"

Re:

[daem0n1x]

It's not exactly like that. The new biometric cards are safer than the old ones.

In my country we had paper ID cards with fingerprint printed on it. Now we have smard cards and the fingerprint is in a file inside chip, and it's not readable. So, it's actually improving privacy, not making it less.

The card can be used to perform a match-on-card (MOC) operation. You put your finger in a reader and it asks the card if it matches. This way you can validate if someone holding the card is REALLY the card owne

Re:

[denominateur]

How exactly is the fingerprint not readable if it, rather than just a hash, is stored on the card?

As for the RSA keys, governments, especially the British, have a very bad track record at keeping data safe. Keys of such importance are a very good target for a social or even technical attack. Knowing the track record, however, they will probably end up on some laptop, usb stick or cd forgotten on a public bus or train, sparing the attacker the effort.

And as to the forging, it may be harder to do it, but once

Re:

[daveime]

I think the parent meant to say "useable" rather than "readable".

If a one way encrypted hash of the data points are stored on the chip, then this is compared with the hash generated when you put your finger in a scanner.

It's exactly the same principle as hashed passwords, the important thing is not whether it is readable or not, the point is you cannot use the hash to recreate the original data, ergo the concept of "one-way".

How many years did it take for them to find a collision on a 56 bit diffie-helman k

Re:

[shilly]

You're creating a false threat model and dismissing the real threat too lightly.

1. While terrorists may or may not be interested in impersonation, that will affect relatively few people. However, if the ID card becomes part of the UK's critical infrastructure, ie the provision of services becomes dependent on successful reads from cards, then it may be of interest to terrorists or states to attempt DoS attacks.
2. Criminal gangs, on the other hand, will be very interested in impersonation, and could affect m

Re:

[daem0n1x]

How exactly is the fingerprint not readable if it, rather than just a hash, is stored on the card?

It's not the image that's stored but something called a fingerprint template. You can't read the template from the card, the card will simply refuse to read the file for you. But you can send a template to the card and ask to compare it with the stored one.

Even if you could read the template, you can't retrieve the original fingerprint from it. It's not a hash, but kind of.

Re:

[aussie_a]

Does anything rubbery still fool those readers?

Re:

[daem0n1x]

There are optical and electrostatic ones. I don't think it's easy to fool them. They even tell me my finger is too wet or too dry for recognition.

Re:

[BlackCreek]

In my country we had paper ID cards with fingerprint printed on it. Now we have smard cards and the fingerprint is in a file inside chip, and it's not readable. So, it's actually improving privacy, not making it less.

A scanned copy is still a bit-map image of the document, which will be much harder to use in forgeries. A digital copy would be a perfect copy, ready to be burned on another chip. And should be much faster to copy.

Once somebody has a device that circumvents the built in copy protection (have you ever heard of "copy protection" that truly prevents copying?), anyone handling your ID will be able to make a copy of the fingerprints, perhaps even wirelessly.

The clerk at the hotel will only have to have it in

Re:Big Fricken Whoop De Woo

[aussie_a]

If someone gets hold of my finger prints, what do I do then?

Good god, you're right! You'd better wear gloves all the time when outside!

Re:

[Candid88]

"If someone gets hold of my finger prints, what do I do then?"

Um, anyone who follows you round for a few minutes could probably get hold of your finger prints, without need for an ID card.

That's why police love them so much, it's not like criminals deliberatly leave theirs at crime scenes!

Re:

[Harold Halloway]

If someone gets hold of my finger prints, what do I do then?

I have a soldering iron you can borrow.

Re:

[cs02rm0]

It used to be. I'm really not so sure any more.

Re:Big Fricken Whoop De Woo

[FailedTheTuringTest]

No. The term "British subject" is pretty much obsolete in law since 1983. (http://en.wikipedia.org/wiki/British_subject)

(There are a few small exceptions for some classes of people who used to be British subjects and are entitled to keep that status if they hold no citizenship of any country, but no-one can now become a subject, so once the people who still fall in this category are gone, there will be no more subjects.)

Re:

[Sebilrazen]

According to the Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data [europa.eu], it's the data subject's data.

I hate this document. Don't get me wrong, I like the idea that the government wants to protect its citizens' data, but as a person in charge of ensuring a medical data application's compliance with this document, plus all the member state's unique flavors - I'

Re:Big Fricken Whoop De Woo

[mcwidget]

It isn't a big thing. It's an ID card that holds a fingerprint record. How is it bad to tie a card to a person?

It's not the card that's the issue. The problem is that as part of the ID card program the UK Government want a centralised database behind this card that holds personal info on each citizen. To be honest, I don't think it's been clearly defined what the data is but it's expected to be DOB, national insurance number etc. The main concern is that the UK Government has a very poor track record in keeping this type of information secure. If this particular database, containing what most people expect it to contain, is compromised then it's ID theft-galore in the UK.

The secondary concern

[Kupfernigk]

Is the "paedophile issue". It has been known for years that these people try to get jobs in children's homes, the police and Government departments to facilitate their crimes. The same thing will happen in the UK: professional fraudsters will try to get sleepers in the relevant areas. As "Government" IT is actually done by subcontractors who are not properly policed, this is relatively easy.

We already have a serious UK fraud problem originating in the Indian subcontinent - Mumbai was for many years the iden

Re:The secondary concern

[HungryHobo]

God I hate the "paedophile issue".
Yes paedophiles exist. No, none of these schemes will do much to stop abuse since the vast majority of abuse is by a family member of friend.

And yet idiots who read the Sun et al are willing to accept anything in the name of fighting paedophiles.
It's the biggest hole in the armour of the civil rights movement too. Since any legislation can be pushed through no matter how absurd if you say it's to combat paedophiles. Said legislation can then be used to arrest whoever you like etc and nobody wants to get killed by a lynch mob for defending "paedophiles"

Socialy it's a crime you can't even be found innocent of.
If a court finds someone innocent no matter how rock solid their defence then "you never know! people are always getting off on technicalities! I saw it in a movie!!".

Re:

[corsec67]

Even more:
I would certainly hope that simply being a paedophile would never be illegal.

Actions may be illegal, but what you think being illegal?

Re:

[pjt33]

I don't think it's been clearly defined what the data is

Schedule 1 [opsi.gov.uk] of the Identity Cards Act 2006. Note that it's the individual's responsibility to ensure that all that is kept up to date, and failure to e.g. notify the registrar when you move house makes you liable to a fine of £1000.

Re:

[Peeteriz]

Doesn't UK Government issue passports and handle birth sertificates and grant citizenships ?
If so, then they, naturally, have a database of all the personal data of all citizens already for a long, long time?
I mean, if they are able to check that Mr. John Q. Random is your citizen, then it's done by checking it against a database of citizens...

Re:

[Chrisq]

It's not just the fact they can't keep our data secure

I can see the headlines now. "Unencrypted CD containing names, addresses and nationality of all immigrants falls into BNP hands."

Re:

[plasmacutter]

It isn't a big thing. It's an ID card that holds a fingerprint record. How is it bad to tie a card to a person?

"It's looking like the UK is in for biometric ID cards within the next few years, despite widespread protest from groups such as 'NO2I"

Nice troll.

There was a similar push for biometric ID's in germany.

A hacker protest group lifted his prints and published them on a t-shirt.

Including biometric identification info on a card which can be stolen, lost, hacked, or otherwise tampered with is a very good way to assure a security breach has no viable means of recovery.

The implications considering other "biometric" security devices are pretty horrible, especially if the foreign nationals/immigrants in question were brought in to assist high level corporate, d

Re:

[plasmacutter]

isn't identity theft easier in a world without biometric IDs? I mean, while forging a biometric ID requires access to the ID and expensive technology

forging a biometric id is substantially easier than forging others, because they can be measured at a distance or gleaned from any object we touch.

what does posing as someone in a world without IDs require?

I would very much like to see this world without ID's you're talking about.

Last I checked every nation with roads required license plates, driver's licenses, birth and death certificates, etc.

The big difference between these and biometric ID's, as I pointed out before, is you can't apply to the government for a new fingerprint, DNA strand, sub-dermal artery patte

Re:

[mcwidget]

Your fingerprints are all over the place anyway, so why would anybody go through lots of trouble to "steal" them?

Which brings us nicely to the fundamental problem with biometrics. Biometrics provide identity. They do not provide authentication.

Re:

[denominateur]

Yes, but right now the fingerprint doesn't help you in comitting fraud. (other than placing them at a crime scene by faking them using those silicone tricks)

Now, however, it will be possible to produce a nice pair of fake fingerprints and fake ID to commit fraud, making it very very hard to disprove depending on the way the card works. If biometrics are stored on the card only, they become extremely easy to fake once you've broken the security features and the aforementioned proof problem becomes apparent.

Re:

[ericlondaits]

In Argentina we've had universal ID cards for as long as I know. They have a number, address, fingerprint and a photograph.

The main problem with them here, I think, is that asking for you ID number is taking for granted for all manner of things. You need to give your ID number for:

- Voting
- Any and all official paperwork
- Banking transactions
- All credit card purchases
- All contests and sweepstakes
- Registering when going into a building
- Subscribing to magazines, fidelity clubs, etc. ... and basically, you

Re:

[mikael]

It is not just a card with a photograph (like an armed force ID card or driving license). It will be linked to *ALL* personal data that you have ever had - your previous addresses, your current address(es), your SSN number, benefits, bank accounts for social security deposits, current employer) and so on. The idea is to eliminate the need for a dozen or so different government databases (one per department) and have one super-database with everything stored on it.

Re:

[Nursie]

1. It's part of the creeping UK Police state
2. We had them during WWII and they were struck down as unlawful a few years after the war was over
3. It's not just the card, it's the massive unified database of everything you do that's going to be behind the card. Not only should the government not have that sort of power, but they are incompetent with data protection.

Re:

[easyTree]

It isn't a big thing. It's an ID card that holds a fingerprint record. How is it bad to tie a card to a person?

Papers 'please'!

*marches away, jackboots glistening in the moonlight*

Re:

[cs02rm0]

We use a variety of other documents that each provide a small amount of decentralized information. Drivers license, bank statements, utility bills, passport, etc. All of which we're not required to carry at all times, none of which use fixed identifiers such as biometrics.

Re:

[delt0r]

Well as a non EU person in the EU I am required to carry ID everywhere (more or less). It really does not bother me, I mean a cop or border personnel can find out my name and resident status. Big deal so what. Knowing my name is not an invasion of my privacy.

But there is a difference between "here" and "there". The information from boarder crossing etc are well protected by privacy laws here in most of the EU. This is not the case in the US. And as someone has posted below. The fear in the UK is that the

Re:

[supersnail]

Actually in all of post-Napoleonic Europe ID cards are required.

This is pretty much the whole EU apart from the pieces us Brits were sitting
on when Bonaparte made his first attempt at European union
-- UK, Ireland and Malta ( The Ottoman family were administering Greece at the
time but I think they got ID cards in the 1930s).

Mostly these are bits of cardboard with a picture on backed up by a central register.
Though some counties like Belgium have high tech plastic cards with digital signature
capabilities so y

Re:

[u38cg]

Why don't you ask why I should have to prove anything at all?

More to the point, this is stupid. ID cards in the EU are a waste of time. Requiring an EU citizen to have an ID card to come to the UK would be in breach of the Treaty of Rome (which allows free movement).

Re:

[u38cg]

But that doesn't mean the government has to get involved. I don't need any government to tell me who I am.

You have to present ID to get in. You do not (and under the Treaty of Rome, cannot be obliged to) have to have any British issued documentation to be able to stay here.

Re:

[David Gerard]

The catch is that places like Germany, where ID cards aren't a big problem, happen to have strong Constitutional protection on personal rights, freedom and information. Britain doesn't have that.

Re:

[Gordonjcp]

Don't the british carry their drivers license? (its what an ID card is in Canada)

No. Well, only if I'm hiring a van.
How do you ID at pubs?

I've never been asked for ID in a pub, since I was 18.

Re:

[JasterBobaMereel]

There are multiple problems with ID cards

If the information held on you is wrong (which from past experience it will be ...) it will be almost impossible to get it changed

If I want to get one in someone else's name it will be pitifully easy : how do I prove I am me without an ID card ....I can't to any reasonable degree, but I can prove I am someone else to the degree the passport regulations require

It will be relatively simple to forge, and far too trusted to be unforgeable

It will not actually help with an

Re:So?

[itsdapead]

What's wrong with carrying an ID card?

Well, some people (who, presumably, live in the woods, don't have bank account, don't drive a car and never leave the country) just object on principle. Personally, I don't see that one: in this world you need to prove your identity from time to time, and without having a "proper" identity scheme we end up using all sorts of inappropriate kludges (e.g. banks tend to ask for a gas or electricity bill).

Then there's the fear of police having the power to stop people and demand "papers". Now, that's a legitimate fear demanding eternal vigilance and all that but its really got naff all to do with ID cards: there's nothing fundamental about ID cards which says that police have to be given the power to inspect them. Plus, if the Fascists take over then it will take them a whole week to print and issue "papers".

Now we get to the more serious objections - primarily "mission creep". If the Government were simply rolling out a better alternative to current "ad hoc" methods of identity checking then it wouldn't be so bad. However, these are being touted as the answer to terrorism, fraud, illegal immigrants, healthcare provision and whatever was on the front page of the Daily Mail yesterday. Consequently, more and more bells and whistles are being added, meaning more and more information about individuals will be gathered to protect us against the barbarians at the gate, but will probably end up being used to police dog fouling [bbc.co.uk].

Finally, even if the conspiracy theorists are right, the government's track record on large IT projects doesn't bode well. (1984 is scary enough, but Brazil is even scarier!) Currently, we're getting almost daily stories of government departments losing laptops, CDs and memory sticks containing personal information, which doesn't help.

Re:So?

[giafly]

in this world you need to prove your identity from time to time, and without having a "proper" identity scheme we end up using all sorts of inappropriate kludges (e.g. banks tend to ask for a gas or electricity bill)

I think I've only had to "prove my identity" twice in the last five years: once when I did jury service, and the second time was to my company accountants because of money laundering regulations or something. This is so infrequent that any extra benefit of simpler ID is much, much less than the additional risks of the government losing my data.

Re:

[teh kurisu]

Plus, if the Fascists take over then it will take them a whole week to print and issue "papers".

A week? Don't say that, it makes them sound so efficient that people might actually consider them a more credible government than the one we have at present!

Re:

[CmdrGravy]

Don't the british carry their drivers license?

No, generally not.

How do you ID at pubs?

Huh ? No one's asked to ID in pubs unless they look like they're not tall enough to see over the bar. I've certainly never been asked since I was 16.

We're British and we are not in the habit of carrying papers or having to prove who we are to every tom dick or harry or jumped up offical we come across. The last time I think I had any need at all to prove my identity was when I got my driving licence 5 years ago and the tim

Re:

[Nursie]

We're not actually as obsessed about alcohol as you americans.

In fact, compared to europe we're quite strict, but here in the UK once you get past 20 you don't get asked. None of this "You're clearly over 30 but I need to see ID for legal reasons" bullcrap you get in the US.

Re:

[teh kurisu]

A large part of the problem is the decentralised nature of government data. One department may know something, another department may know something else. You end up with the need to transfer data between departments, and that's when accidents happen.

The solution to this could be a more centralised system, and that's what the government should be marketing the ID database as. It would seem foolish to complain about the government's record on data storage and then oppose the solution (not that that would

Re:

[jrothwell97]

But if the solution is outsourced and implemented badly, it will be even worse than the current patchwork of systems - because there will be massive potential for data loss and/or failure.

Re:

[VJ42]

what's the problem with a having a document saying that you are number #123456 ?

The problem is that I am not a number!

Re:another perspective

[jambox]

The problem with it is that presumably the #ID constitutes a key that a bunch of other data key on. That means that if I, perhaps a criminal, know your #ID and if I can get access (which may well be possible), I can look up every relevant bit of data the government holds on you.

It's not the card that freaks people out, it's the massive, unified and probably insecure database that it implies!