Concerns about Digital ID cards.

Written By Madsen Pirie

Earlier this year, hackers connected with the breach at Marks & Spencer claimed responsibility for a separate cyberattack on Jaguar Land Rover. The JLR attack shut down production, disrupted supply chains, and caused major financial loss. Hackers have recently shown how vulnerable is stored data. They have also hit Boots, Harrod’s and Kido nurseries.

 The scale and cost of these attacks underscore how even large organizations with considerable resources can be vulnerable. A honey-pot of everyone’s stored data would be an obvious target for criminal hackers.

There is active public debate over the UK government’s proposals to introduce a mandatory digital ID ‘Britcard’ by 2029, including warnings from experts that centralizing identity data will make it an attractive target.

 The recent attacks show even well-resourced private entities are not safe from breach. Attackers are willing to target critical infrastructure or high-impact systems. And the costs, which can be financial, reputational and disruptive, of a breach can be severe. The risk of compiling a huge date set of citizens would be manifold.

 Firstly, there is concentration. Centralizing identity data of names, biometrics, addresses and verification logs, means that one breach could expose many citizens at once. This is a very high risk because even if multiple databases are compartmentalized, the interconnections and replication across systems increase the attack surface.

 A second risk is what might be called ‘linkability.’ If the ID is used across many domains such as banking, welfare, health and travel, an attacker can correlate identity usage across systems, allowing profiling or tracking.

 Then must come the risk of identity theft and impersonation. If an attacker gains access to someone’s ID credentials such as biometrics, cryptographic keys and authentication logs, they could impersonate that person across many services. 

There is also the risk of systemic cascade of failure. A failure or compromise in one component might cascade across many services.           

 Given such a concentration of data about people, there must arise the suspicion of government overreach or misuse. Pervasive identity tracking brings a potential for state surveillance, monitoring, or coercive use. This poses a civil liberties risk, especially without legal, institutional constraints and checks and balances.

 Mission expansion or ‘feature creep,’ might follow. Once the infrastructure is in place, there can be pressure to expand its uses, possibly linking tax, policing, and social media usage. History suggests that the risk of overextension is very real.

 These risks are not speculative; many were debated during earlier UK discussions about national ID, such as when the Identity Cards Act 2006 was introduced (and later abolished).

 Moreover, a recent academic paper on risk assessment for national electronic identity systems argues that many current assessments focus too narrowly on technical security, and not enough on social, political, and institutional risks such as misuse, trust and governance. Another related paper investigates identity theft and public acceptance of electronic identity systems, showing that issues of trust in government, misuse, and data leaks are key obstacles to acceptability.

 Given all the above, there is a compelling case that National Digital ID would leave private data dangerously exposed. Following the recent breaches, the argument against a national ID becomes stronger: One reason is that we are entering a new era of pervasive cyber risk, with attackers targeting high-value infrastructure.

To the libertarian case, that government should keep its nose out of our personal and private business, can be added the near-certain risk that this knowledge will be exposed and used against us.

Madsen Pirie

Madsen Pirie
Previous

More rights is true, but which rights?

Next

Why we need capitalism