I have elsewhere identified the major source of savings that could be
made in state expenditure without inconveniencing anybody at all.
These are the grandiose NHS Computer system which the profession do
not want and which has failed though the government refises to
asdmit this and goes on with throwing good money after bad. It might
eventually cos £30 billion - a staggering sum.
Now here is a complete reason why the whole ID card scheme should
also be scrapped, saving a minimum of £15 billion. IT IS NOT SAFE!
The two could provide up to £30 billion in savings too.
xxxxxxxx cs
GUARDIAN Comment is Free 3.11.08 .
Gordon loses it
As the PM admits that the government cannot guarantee data security,
going ahead with ID cards means he's lost the plot too
David Davis
There can be few more astonishing confessions in modern politics than
the prime minister's admission on Sunday that the government is
unable to guarantee the security of our personal information on the
state's databases.
This admission shatters all the previous claims that the government
has made that its obsession with creating vast databases can in any
way improve the safety and security of the citizen.
Of course, he had little choice. Since the government first proposed
the mother of all these databases, the ID card register, barely a
month has passed without some monstrous data loss. It started with
25m tax credit records, went through innumerable lost laptop
computers, included everybody from civil servants to ministers
leaving records in trains, pubs and restaurants, and concluded this
week with a lost flash drive compromising the security of the
government's entire Gateway system.
Soldiers' lives, our bank account, tax, passport and driving licence
details, even the addresses of children, have all been compromised by
these failures.
When the government first proposed the ID card and its associated all-
singing, all-dancing database, the national identity register, many
of us thought they were naive. In particular, we thought there was a
serious strategic weakness at the heart of the idea, a flaw known
colloquially as the "honey pot problem".
This is a recurrent problem with large databases that contain
valuable data. Because they are so valuable, they attract the
malevolent attention of large numbers of hackers, fraudsters,
criminals and even terrorists. Under sustained attack, even such
sophisticated organisations as Microsoft and the Pentagon have
succumbed, so what chance the Home Office?
Even the governments' fiercest critics, however, assumed a basic
level of competence on the part of the government; an assumption that
now looks seriously flawed.
Perhaps we should have known better. As well as the honey pot
problem, there is another difficulty that applies to these vast
government databases. To do their job, these databases have to be
accessible to many people.
Whether it is the NHS database, the various children's databases, or
the national identity register, they can only work if they have
thousands of access points. If the government cannot protect one
laptop or one flash drive, what chance a system with over ten
thousand terminals?
When we were first discussing the ID card system with the senior
police officers with most responsibility for the system, l asked them
what plans they had to deal with anybody using virus programmes to
compromise the system. It was embarrassing. They did not have the
first idea. Indeed, up until that point, they had clearly not even
realised that such a possibility existed.
And there lies the difficulty. Faced with intractable problems with
political pressure for a solution, the government reaches for a
headline grabbing high-tech "solution". Rather than spend the
resources, time and thought necessary to get a real answer, they
naively grasp solutions that to the technologically illiterate
ministers look like magic. And most ministers are very illiterate
about any serious technology.
So what we get is a form of magic, but one that is of most use to the
dark side of our society. Many of us have worried about the state
deliberately misusing the vast quantities of data that they hold on
us. That problem is still there. But perhaps it will turn out that
the biggest threat to our society in these enormous databases is that
the government will be the unwitting, indeed witless, accomplice, to
every hacker, fraudster, sexual predator, criminal or terrorist that
would like easy access to all our details. That, far from protecting
us all against identity theft, the state, with its grandiose
projects, will be its biggest facilitator.