15 August 2008

Our Identities Are Not Secure

When the national DNA database went live in 1995, only the DNA of convicted offenders could be held on it. Thirteen years on, in area after area, we see "mission creep" -- the holding of phone calls, web page requests and text messages for 12 months, or the retaining of 39,000 DNA profiles of 10-18 year olds who were never cautioned or charged.

The idea that a DNA database is secure, that 12 months worth of ISP information or phone calls is secure, isn't credible.

In July 2006, the government introduced higher fees for biometric passports, 29% higher in fact, promising that it would be the most "secure ever produced by the UK." Instead, the encryption on biometric passports was cracked by January 2007. Passports are supposed to last 10 years, but the security protection only lasted 6 months. And it's not unaffordable. All you need is some software, a £40 card reader, two £10 radio frequency chips, and a publicly available programming code, and you can fake a passport in an hour.

Here's another example of how ID checks are not being used for security purposes. They are being used for control. Even four years ago, groups were speaking out about the construction of a global culture of surveillance.

£5.5 billion will be spent on the identity card scheme. Why spend £5.5 billion on a scheme which may facilitate criminal fraud, terrorism and potential state abuses of human rights?

2 comments:

Anonymous said...

It's hilarious how the government pretends data held by it or on behalf of it by private databases is secure. Have they forgotten all the headlines about high profile "mishaps"?

scott redding said...

It would be nice to have some sort of update on Revenue and Customs security improvements since the data debacle in the autumn.