IP: UK National ID

[David Farber <dave () farber net>]

> Date: Wed, 06 Feb 2002 20:13:44 -0500
> From: Peter Bachman <peterb () cequs com>
>
> >
> Dave,
>
> For those of us who are trying to bridge the requirements gap between 
> civil liberties and security, it was refreshing to read
> that the U.K. is willing to spend money on researching the issues and 
> understanding the requirements before moving
> forward. I hope we can do the same, and do it in a forum which the public 
> can access. Right now, this is a highly
> competitive development in IT.
>
> The fact that  U.K. politicians admit that they do not know what to do is 
> a healthy sign, because as stated in the BBC article,  "There are many 
> arguments - both philosophical and practical - for and against a scheme."
>
> As with any elective surgery, the risks and potential rewards should be 
> understood, and in this case there is an ethical imperative of  democratic 
> informed consent to new tokens for national identity. While the public 
> here is not opposed to such an idea, there's no strong evidence that they 
> are asking for it either.
>
> The fact that sophisticated false id's are for sale here to specifically 
> evade laws regarding underage drinking, and put
> drivers on the road who can't get legitimate credentials and further that 
> these problematic behaviors extend to many families, should give valid 
> cause for concern. The prosecution and conviction of  the document forger 
> who supplied the WTC terrorists with fake identification is necessary, but 
> not sufficent.
>
> We need to model the bad actors into any identification security design 
> and not simply ignore them,
> and try to block them out, since they have proven they can buy their way 
> in.  Pogo summed it up.
>
> With identity theft on the rise,  we can't assume we are secure because 
> systems are (or are not) tied together. The trend
> is towards convergence, and applying some common sense in doing so.
>
> We have to admit to the high probability that bad actors will in fact 
> manipulate these same systems to meet their own goals, and giving 
> certain  tools to the good guys can also place  the same tools into the 
> hands of the bad guys. But it's not entirely clear
> that we can control the tools in the first place, and who has access to them.
>
> Rather than continuing to focus on the issue of a national id per se, lets 
> focus on how we can put the end user in control of their identity, how we 
> can mitigate the effects of corruption where our data is susceptible to 
> manipulation, and what legitimate roles a citizen can expect to play to 
> balance their rights where the abuse of  identifiers  may be (or already 
> has been), used to harm them or their families.
>
> -pb
>
> --
>
> It has been well-known since the pioneering work of Claude Shannon
> in the 1940s that a message transmitted with optimal effciency over
> a channel of limited bandwidth is indistinguishable from random noise
> to a receiver who is unfamiliar with the language in which the message
> is written.
>
> Lachmann, Newman, Moore
> "Why any sufficiently advanced technology is indistinguishable from noise"
> Sante Fe Institute

Attachment: peterb2.vcf
Description: