You are here: Parliament home page > Parliamentary business > Publications and Records > Committee Publications > All Select Committee Publications > Commons Select Committees > Home Affairs > Home Affairs
Select Committee on Home Affairs Minutes of Evidence

Examination of Witnesses (Questions 480 - 499)

TUESDAY 20 APRIL 2004

MR JOHN HARRISON, MR ANDY JEBSON, MR RICHARD HADDOCK AND MR NEIL FISHER

  Q480  Mr Prosser: How can we reassure the public of that?

  Mr Fisher: Well, that is a political question really and I am not really qualified to answer it as an employee in QinetiQ. The database we have and the way it is processed is going to be extremely valuable and the public need to be assured that every safeguard is taken to make sure that this very valuable national resource is looked after in a proper way.

  Q481  Mr Prosser: Are there other areas where the public need reassurance?

  Mr Fisher: In what way, sorry?

  Q482  Mr Prosser: Apart from as to the openness of the system and the security of the system.

  Mr Fisher: They need to know that the database and the system are secure, that the people who are registering you are cleared people and that every due care and attention is taken as, for example, you automatically trust when you have your passport renewed. As far as the card is concerned, the data storage device that they are giving with their biometric on it, their authentication key on it, then really they need to have confidence that actually as long as they look after it and keep it with them or, as I was saying, if it is a barcode, it really does not matter, they do not have to take special care. We do not want to frighten the public that this is an extremely expensive and special card that they have to take care of. They need to be able to treat it like ordinary life really as perhaps they would their cheque card or any other.

  Q483  Mr Prosser: And you still advocate the voluntary approach?

  Mr Fisher: Absolutely.

  Q484  Mr Prosser: Do you see that graduating or evolving into a universally accepted system in due course?

  Mr Fisher: Yes, I do. I think it will become the norm.

  Mr Harrison: I think suggesting that a card can be anything other than voluntary is almost counter-productive. The very process of asking a person to take a card out of his wallet and hand it over to a third party implies that he will do it voluntarily and he can barely be compelled to do it, short of thumbscrews, so the thing has to be voluntary. It may be universal in the sense that everyone has to have one to get the service they want to obtain, but compulsory as in big brother state compelling you to have one, surely not.

  Mr Prosser: I think we all agree on that.

  Q485  Chairman: You have described, Mr Haddock, in Italy the process where a large number of experts and companies were involved in what appears to be quite an open way in helping to devise the system. Would you draw a contrast between that and the way in which the project is being approached in this country?

  Mr Haddock: Well, I have not been aware in great detail of how it has been approached because it has seemed like a much more closed procedure from our perspective, although I would not say that we have enough on-the-ground presence perhaps to say that with great certainty, but it does not seem as open a process as was conducted in Italy.

  Q486  Chairman: Others may wish to comment, but does it seem surprising that perhaps no more than two or three weeks away from publication of the Bill which will set the process in train, we really do not know the answers to virtually all of the questions we have been discussing this afternoon?

  Mr Haddock: I would say that if you have not heard about the technologies that you have heard about today, you could not proceed with a Bill on that basis until there has been a process by which people can fully understand the relative merits of everything presented.

  Q487  Chairman: I think the position is that we have heard of the technologies, but we certainly have no idea at the moment which of the technologies, if any, might be favoured by the Government. Do any of the others have a view as to whether really we should be as advanced as we are with so many questions still being unanswered?

  Mr Harrison: It depends on the nature of the Bill. Is it not simply going to be enabling legislation which will allow the details of the card and the system architecture to be developed at a later date?

  Mr Fisher: Yes, I would go along with that. Provided the Bill addresses the principle of authenticating the population in a way where we have an identity register, then the details of how that is implemented we can get on with straight after.

  Mr Jebson: I was going to say, as a supplier, a sort of non-statement, that I think the key to the Bill, as my colleagues have just said, is that it is an enabling tool and I am quite relaxed that government and its agencies have spent time understanding at least the principles of what they are trying to decide before coming to perhaps individual suppliers for solutions. It fits in the timescales we have and, to echo, as an enabling tool, it is excellent and I think, from my own observation, a lot of the questions which have come out today make me feel very comfortable that the right questions are being asked at the right point in the process.

  Q488  Chairman: I do not want to ask you to answer what is obviously a political question for Members of Parliament, but, as people involved in the industry, do you think it would be wise for Parliament to pass an enabling Bill before knowing the answers to some of these questions, for example, which type of architecture we want for the database, whether they should be drawn from a new source or from existing databases, which type of cards? At what point should Parliament take a view about the overall system, albeit we will not have the dots and commas of every bit of legislation?

  Mr Harrison: I realise that I tend to repeat the point rather frequently, but I think that the decision about the degree to which the system will be traditionally hierarchical in the normally understood sense of identity cards and the point at which it will split off and become federated perhaps for use by local authorities, education and health, to me that is a fundamental one and needs to be taken fairly early on and properly explained both to the population at large and to Parliament.

  Q489  Mr Singh: Would it be possible to have a DNA sample on an ID card and, if you had a DNA sample, would you then need any other biometric measures?

  Mr Haddock: It is technically possible to put both the mathematical model of the DNA structure on the card because that is a data file. If you mean actually putting real DNA on the card, I guess that anything can be done. However, I think, from a practical point of view, the speed of the analysis of DNA is not compatible with transiting borders where you need to identify people in two seconds.

  Mr Fisher: DNA is just another biometric technique and there are a lot of biometric techniques being researched and developed right now.

  Q490  Mrs Curtis-Thomas: I have two questions really and I go back to you, Mr Harrison, and also to Mr Fisher. Mr Fisher, you said something very interesting. You said that the card is going to be a necessity in the future. Well, it will be up to this Parliament to decide whether or not it is going to be a necessity here, but if the Government does not make it a necessity, what other organisations are clamouring for an identity card, other than the banks?

  Mr Fisher: I stand corrected. I think all of this has to do with an evolving digital society where all our systems and processes become digitised whether we see them or do not see them, and with the speed of transaction, the ease of transaction and the costs of transaction brought about by the digital society, it means that a lot of it is automated, so in order for you to access, say, your money on-line or whatever, it will require you to be able to be authenticated in a way that is unique to you. The automated issue is very, very high, so there is no human intervention to recognise you and, therefore, if you do not introduce an ID card or authentication device on a system of some sort, you are going to have the private sector producing more elaborate means of authentication of individuals in any case, so in the time-frame that you have of until 2013, yes, instead of one general authentication device which is accepted and passed by Parliament, we are going to have a whole range of them, I suggest.

  Q491  Mrs Curtis-Thomas: Mr Harrison, my question to you is about your federated identity architecture. You talked just a moment ago about hierarchies, but I am presuming, and I would like some confirmation please, that what you have in Italy is a federated architecture because it allows you to gain access to information in different government departments. Am I right in that?

  Mr Harrison: I do not have very detailed knowledge of the Italian system, but given the general novelty of federated approaches to the architecture of the systems and the fact that they only really started to be developed in the last couple of years, I would be surprised if the Italian system uses federation to a very high degree.

  Q492  Mrs Curtis-Thomas: So is federated architecture an academic study?

  Mr Harrison: Not at all.

  Q493  Mrs Curtis-Thomas: So is it a reality and, if it is a reality, where is it a reality?

  Mr Harrison: I think the first time it reached public attention was probably in 2001 with the formation of what is called the Liberty Alliance in the United States. That was an open standards group initiated by Sunn Microsystems and backed by a large number of consumer-based companies, such as American Express, Vodafone, Nokia, Ericsson and the like. There have been other standards groups, there are other standards groups and there is one backed by IBM and Microsoft. There is a third one put forward by Oasis which is a vendor-neutral industry standards body, but it has only started in the last two or three years. The particular thing that we do in Edentity is we have thought about the likely future of a federated approach and how it impacts on organisational and commercial models. Does that help?

  Q494  Mrs Curtis-Thomas: It does help, but it does tell me that within the UK we will have a pretty difficult problem in terms of establishing an architectural fingerprint for each of those departments and then finding a linkage which joins them altogether. Is that a correct assumption?

  Mr Harrison: I do not think there is any theoretical or technical difficulty. Federation is all about using the principle of individual consent to govern the sharing of data between different entities, be they in the public sector or in the public and private sectors. It does raise the question, the very important and difficult question as to whether the public sector should be regarded essentially as one organisation for data protection purposes, meaning essentially that they have a free flow of data between the different public sector entities, or whether, in contrast, the public sector should be regarded as a kind of federation, each comprising a large number of distinct legal entities where the individual has the right to give consent or deny consent for the transmission of information between different public sector entities.

  Q495  Mr Taylor: Mr Harrison, this may sound frivolous, but it certainly is not intended to be. The Greek philosophers and geometers had a technique for testing arguments to destruction by taking them to a point where they became absurd. I would like to engage with you on the point because you seem, amongst our witnesses, to be the one who is most reticent about any form of compulsion. You have said, I think, more than once this afternoon that, as far as you are concerned, it must be a voluntary system. Do I understand you correctly?

  Mr Harrison: Yes and no. We call the traditional approach to the architecture of identity systems the "hierarchical approach". Essentially, you have a top-down imposition of identification tokens and there are certain applications within society where that is unavoidable. I might mention passport, DVLA, tax, criminal records, probably the negative aspects of social care, etcetera, all of the things where the individual does not necessarily benefit from identifying himself to authority.

  Q496  Mr Taylor: This is where I want you to join me in a sort of walk to the edge of the cliff. Suppose that levels of car crime in this country, suppose, had risen to an intolerable degree and suppose it became public policy to require people to produce an ID card to the specification which was otherwise only a voluntary system, but suppose the State or one of its agencies says, "The situation with car crime is that you must produce one of these cards to our specification before we will give you a driving licence or allow you to insure or tax your vehicle". Now, would that be compulsory?

  Mr Harrison: In our view, in our definition, that would not be compulsory because the individual has a choice of whether or not to obtain a licence and drive a car.

  Q497  Mr Taylor: Would any of you like to chip in on that or do you agree with him? For many people, Mr Harrison, in this day and age, having a car is actually essential, dare I suggest that as a proposition.

  Mr Harrison: I would agree, sir, that the distinction between compulsory and voluntary is not a black and white thing and there is a significant grey area in the middle, but if you look at the extremes, I think they are quite clear.

  Q498  Chairman: I wonder if I could draw this to a close by asking, I am afraid, another rather basic question to see if my understanding is right. All of the systems we have discussed have some sort of central database which has some biometric information on it which identifies me or you with the information that is on the database. Am I right in thinking that one of the distinctions between the approaches which have been advocated is that those that are the simpler systems will require far more verification of the biometric data than the more complex systems? In other words, Mr Fisher, you held up your barcode and it may be you, but it may be me and neither of us can know whether that represented you or me without testing our biometric data. Am I right in thinking that with the more complex card, it is more likely that that will be relied upon just for visual identification and, therefore, basic biometric checking will happen less often because the card is seen to have been a higher quality? I would like to know whether that assumption is right, but secondly, and this is quite critical to our whole inquiry, looking ten years into the future, are we actually looking to a future where we will not rely on visual identification, photographs on cards, but we will in any case assume tens of thousands of places around the country in all sorts of different situations that are able to iris-scan or check fingerprints or whatever the biometric data is? What is the world we are going to be looking at by the time that 80 per cent of the population have got these cards, according to the Government's plans?

  Mr Fisher: I think it is entirely feasible to suggest that the future is a digital world which is highly automated with very few human interventions, manual interventions in the process of authentication and, therefore, the system will rely on you being authenticated in an automatic manner.

  Q499  Chairman: How many readers of biometric information do you expect to be in place across the country in ten years' time, say, if I go to my bank, if I go to a railway station, if I want a ticket to a football match?

  Mr Fisher: Absolutely. I believe that with transportation security, banking security, shops, access into shopping malls, that sort of thing, it is going to be very widespread.

 
previous page contents next page

House of Commons home page Parliament home page House of Lords home page search page enquiries index
© Parliamentary copyright 2004
Prepared 30 July 2004