X
Business

When society makes technical decisions

Britain's plans for a universal ID card  have suffered at the hands of of a London School of Economics report (PDF) that called into question the scheme's implementation.  Now, an organization called the Pledge Bank has started a campaign to build a legal defense fund for people who publicly declare that they'll refuse to register for the new ID card.
Written by Phil Windley, Contributor

Britain's plans for a universal ID card  have suffered at the hands of of a London School of Economics report (PDF) that called into question the scheme's implementation.  Now, an organization called the Pledge Bank has started a campaign to build a legal defense fund for people who publicly declare that they'll refuse to register for the new ID card.  The organization's goal was to get 10,000 people to sign up by October 9, 2005 and as of this morning they're already 779 over their goal.  Here's the pledge:

"I will refuse to register for an ID card and will donate £10 to a legal defence fund but only if 10000 other people will also make this same pledge."

There's also a site for people who won't refuse but are willing to contribute to the defense of those who do.   That fund is not nearly as well subscribed (a mere 221 of 50,000 required pledges).

There are those who object on philosophical grounds, but many technologists object because of the problems inherent in large-scale identity systems like this one.  Like the public key infrastructure (PKI) that backs digital certs, there is a hierarchy of trust that ultimately comes down to the integrity and accuracy of the National Identity Registry database.   As a society we should be careful about basing life and death decisions on the accuracy of any single database.    There's just too many ways databases can be corrupted whether by malicious intent or not.

I was fairly active in trying to influence Utah's latest decision on electronic voting machines--another important decisions made by government that has significant technical underpinnings.  I can't say we had much luck since Utah picked Diebold's DRE solution, albeit with a printed record.  I sat in the Lt. Governor's office a few months ago trying to explain computer security to him.  He was willing to listen, but he ultimately didn't see technical limitations or flaws trumping other considerations. 

Democracy is not necessarily the best way to make technical decisions, but the reality is that it's often all we've got.  Like voting systems, I suspect that governments will press forward with technically-based ID card systems that no security expert will love.  That doesn't mean that engaging governments on technical issues is hopeless.  Governments do, for the most part, listen and I've seen public input change decisions on numerous occasions.  Just don't expect ideal solutions.  Be willing to settle for "better." 



Editorial standards