Technical reflections on ID card plan
Computerworld’s reportU.K. biometric ID card plan unveiled in the Queen’s Speech contains some interesting discussion of the technical challenges.
Ovum Ltd. analyst Graham Titterington agreed that the database is the key aspect of the system. “It is quite unique what the U.K. government is proposing and would be absolutely vast,” Titterington said. “A number of European countries like Belgium and Latvia have ID cards with databases of information, but those are used primarily as an entry to e-services, whereas the U.K. plan is primarily about law and order.”
[...]
But many security experts question whether such a vast database could ever be free of errors. “By its very nature, a database of that size could never be truly clean. Just in terms of data entry, how do you ensure the accuracy of the data being entered?” Ovum’s Titterington said.
Titterington pointed to the U.K.’s police criminal records database, which is known to have built up numerous inaccuracies over the years. “That is a database of a much smaller scale than the one the government is proposing, and it only allows access to law enforcement officials with the highest levels of clearance,” he said. “How on earth do you control legitimate access to the ID card database, let alone keep it protected from hackers and terrorists?”
(Our emphasis.)
