Select Committee on Home Affairs Minutes of Evidence


Examination of Witnesses (Questions 400 - 413)

TUESDAY 24 FEBRUARY 2004

MR NICK KALISPERAS, MR GEOFF LLEWELLYN, PROFESSOR ROSS ANDERSON AND PROFESSOR MARTYN THOMAS

  Q400  Bob Russell: But you are confident at this end of the spectrum as opposed to Professor Thomas and his view at the other end of the spectrum?

  Mr Llewellyn: Yes.

  Q401  Bob Russell: Finally, if I could ask one and all if they would like to answer. How easy is it to upgrade a system, including any cards, with new encryption methods if the original security methods have been cracked and the knowledge of how to do it is widespread? In other words, if the people out there, the bad guys, know how to use the system, how can you put that right?

  Professor Anderson: Let me first say that I do not believe many of the claims made for security of cards and biometrics just now. There have been a number of criminal cases where people have been sent away for fraudulent Pay TV cards and there was even one case in America where one Pay TV company sued another alleging that it had broken into the other firm's cards, got the codes and keys and published them on the net. There is much more information on this in my book and I am happy to contribute a copy to the library.

  Q402  Chairman: That is the second reference.

  Professor Anderson: This is an ongoing question, whether we can make cards invulnerable to certain analysis techniques, such as optical probing, differential power analysis, and we do not know how to do it yet. That is why you need some means of replacing cards. Sometimes you may have to replace a large population of cards at little notice. It has been the case that the banks have shipped millions of new ATM cards to people. It has been the case that Pay TV operators have suddenly had to produce millions of new cards and mail them out to all of their subscribers. One would hope that if you are building a system that people would be relying on for passports that you would design something that would degrade a little more gracefully, not relying too much on mechanisms that can just break suddenly, like that.

  Q403  Chairman: Could I end with one question and you may well have answered already, but just to be clear. Professor Thomas and Professor Anderson, to the extent that you go along with doing this at all, you would say to the Government we should limit very much the purposes of what an ID card is there for and the database is there for, it is simply a system for trying to identify people and, Intellect, you say that the value of this card depends on large numbers of people wanting to use it and enabling them to access a wide range of services. Is there any way in the design or the engineering or the presentation of the system that those different points of view can be squared or is that a choice that the Government has got to make in deciding what sort of system it wants?

  Professor Thomas: I believe that is the choice that the Government needs to make. I think that it is highly unlikely that it will successfully implement an ID card system within the timescale and budget that it currently envisages. I think that its best chance of doing that is to restrict what it is attempting to do and to reduce the complexity of what it is attempting to do as greatly as possible, to make it as simple as it possibly can because that will take some of the risk out. Most importantly, whatever it is trying to achieve it needs to define very clearly. I would plead that rather than letting a contract to implement an ID card system, it lets a contract to define very rigorous requirements for an ID card system and that the investment in equipment and in building the software to implement it is delayed until that requirement actually can be demonstrated to be unambiguous, free of contradictions and complete.

  Q404  Chairman: Intellect?

  Mr Llewellyn: I think it is entirely right that the specification of what is required must be clear. I doubt very much that it is ever possible to have a complete specification of what is required; once again I think that is a counsel of perfection. I completely agree that it is important for Government to know exactly what it wishes this system to do when it is implemented. We have said we believe the systems in place at the moment, principally driven out of OGC and its creation, will be sufficient to ensure that the delivery of what it says on the can is actually achieved.

  Q405  Chairman: If the Government were to take Professor Thomas' view, which I think is Professor Anderson's, which is keep it simple and limited in order to make it achievable, would you then say that the trouble with that is the range of uses is now so limited that it really cannot achieve the level of take-up that you talked about in your evidence of it being multi-functional and very widespread in its public use?

  Mr Llewellyn: I think it would be possible to reconcile the views from the two opposite ends of this table in terms of a range of capability that would achieve the take-up while not being too ambitious in the short-term so as to run the risk of tripping over oneself.

  Mr Kalisperas: Unlike Professor Thomas, who is clearly on the outside looking in, we have been working with the Home Office for two years on this. They have not rushed to judgment in any aspect of the work they have been doing. In the work that they have been undertaking with our members they have   kept an open mind. They have a better understanding of what the technology can do and what it can deliver and that process is ongoing. If at any stage we believed that the Home Office was going to produce a system which could not deliver the benefits which it hopes to deliver, or which we believe technically is not possible, then we would withdraw our support for the approach the Home Office has taken. This is the first time in a long time that a government department is working in partnership with the industry to look at what is possible. This is a crucial project for the IT industry and we are not willing to see it fail. Unlike Professor Thomas, I do not think we are an industry of incompetents. We are highly skilled, highly able people who have delivered some of the most leading edge software that this country has seen. Credit needs to be given to the Home Office for the approach that they have taken.

  Q406  David Winnick: Do not misunderstand me, someone has to carry out the work, but when your group of companies, the organisation you are representing, are directly involved obviously they have a commercial interest in producing that.

  Mr Kalisperas: These are organisations both large and small, multinational and domestic, who have delivered a variety of different solutions, card solutions, both internationally and at a very local level. These are organisations who have demonstrable experience.

  Q407  David Winnick: Of course.

  Mr Kalisperas: But I would also say that when it comes to public sector IT projects we are well aware of the increased scrutiny that there is among the general public and from Parliament and we are aware of the pressure that there is.

  Q408  David Winnick: If I can just ask this question. If, sadly, the Home Secretary changes his mind or there is a new Home Secretary, as the case may be, who decides to reverse the decision the Cabinet has now taken, your companies would be adversely affected, would they not? There would be less work. You may get work elsewhere, again I do not wish to be misunderstood, there is nothing wrong in wanting to get government contracts and all the rest.

  Mr Kalisperas: We have an interest in making sure that the public sector IT projects are delivered successfully, that is the bottom line. If the Government decides that it does not want to see it with ID cards that is a decision for them.

  Q409  David Winnick: Yes, of course, but it would affect the companies involved.

  Mr Llewellyn: There is a point here that—

  Q410  David Winnick: Can I just say that I am in no way questioning the integrity of your group whatsoever.

  Mr Kalisperas: Can I just point out that if you look at the types of contracts that have been agreed in the public sector recently and some of the comments which have come out from organisations like BAE Systems, for example, I see that companies by and large probably would not be working in the public sector at the moment due to the extremely hard bargains that are being driven by their public sector customers, they would far rather be working in the private sector if they had the opportunity. At the moment we are dealing with the public sector IT contract and the customers are looking at trying to drive as much value for money as possible out of those contracts.

  Q411  David Winnick: No-one is forcing companies to take Government contracts.

  Mr Kalisperas: No.

  David Winnick: That is a decision for the companies to take.

  Q412  Chairman: Mr Kalisperas, you made the point that Professor Thomas is not involved in this process, but the companies that you represent are. Would it be reasonable for us to conclude before a firm decision is taken to go ahead that all of what you have been discussing with the Home Office about security of the cards, security of the systems, security of people, should be put into the public domain so that people like Professor Thomas and others who have an interest in these matters can actually scrutinise this and make a comment as to whether it is adequate, or would you be saying to us that we, as Members of Parliament or the wider public, should simply rely on the Home Office and Intellect and the companies you represent to get it right?

  Mr Kalisperas: I would refer you back to Geoff's answer which focused on the balance between the need for openness and the need for commercial sensitivity.

  Q413  Chairman: So it may be you are saying to us that we would have to proceed with the card without a full public debate about whether the security measures and so on would be adequate?

  Mr Llewellyn: My personal view is that the supremacy of Parliament would apply here and that Parliament must be well informed about the issue at hand. To my mind, above all it is not a technical issue, it is a constitutional and political issue and, therefore, there must clearly be a proper constitutional debate about the circumstances and use of any such card, but it needs to be informed by an understanding of the technology, it needs to be informed by an understanding of the balance of risks which we have had expressed this afternoon, and the balance of opportunities. One only has to think that money is forgeable, money can be used for entirely immoral purposes, money can be the root of all evil and yet we cannot imagine working in our everyday lives without money. Similarly, I think the kind of transformation that a secure electronic form of identity would offer could be as positively transforming for all of our lives as is money, and that is the kind of debate that needs to be had.

  Professor Thomas: That is exactly the argument for multiple cards. If you only had one bank note you would really feel vulnerable, would you not?

  Chairman: Thank you very much indeed, gentlemen.





 
previous page contents

House of Commons home page Parliament home page House of Lords home page search page enquiries index

© Parliamentary copyright 2004
Prepared 30 July 2004