One more thing...
For a scarily informed and entertainingly expressed view on almost anything to do with digital identity, its social, economic, political or practical implications, or the underlying technology, you can do a lot worse than browse Dave Birch's writings over on Consult Hyperion's Digital ID blog. I was up at Digital ID Forum 2007 today, and thoroughly regretting not having been able to attend yesterday's session as well.
HMRC breach - Darling's view
It seems clear that the massive data breach at the HMRC has implications for the proposed ID Cards scheme... the snag is, it's not clear what they are. There was probably no plausible way for Alistair Darling to avoid the hot seat on Radio 4's "Today" programme this morning, and he duly faced the questioning of Jim Naughtie. Predictably, this included the question:
"How, in the light of the HMRC breach, can you expect to be taken seriously as the government which claims it's competent to run a National Identity Register?" [Not necessarily verbatim, as I was in the car at the time, but that was the gist of it].
Mr Darling's direct answer [again, not verbatim, but probably pretty close in this case]:
"The benefit of an ID Card with biometrics is that it enables you to be surer of the identity of the person asking for the information."
Hold on. Let's just replay that against what actually happened in the HMRC case. Is Mr Darling implying that, once an NIR is in place, an HMRC employee would have to authenticate to the citizen before they could have our tax details? It seems unlikely. So maybe he's implying that the HMRC would only hand data over to the National Audit Office once the NAO official had authenticated. So, would that have prevented the breach which has just been revealed? No.
If Mr Darling's answer is a true reflection of his conceptual model for ID-Card-based authentication, what are we to conclude?
POSIWID
![[RSS Newsfeed]](/themes/sotto/images/valid-rss.png)
![[This is a Roller site]](/themes/sotto/images/roller-logo.gif){kind=logo}