2004-11-09 – Biometric Identity cards consultation response

Better late than never:

—–Original Message—–

From: Nigel Tolley [mailto:nigel@rubbertreeplant.co.uk]

Sent: 06 May 2004 11:24

To: identitycards@homeoffice.gsi.gov.uk; john.leyden@theregister.co.uk

Subject: consultation response


I do not support the national identity card scheming at all. There are

various reasons for this, but the most important one, which few people seem

to have mentioned, is this.

You cannot revoke your public key.

Think about this for a moment. Your PIN number gets stolen, and you can

change it. Your credit card number is not you. However, your fingerprints

cannot be changed, and you leave them everywhere you go. Even worse, your

face is recorded by hundreds of thousands of CCTV cameras, TV cameras, still

and digital cameras, every single place you go.

Anyone with sufficient access to the required tools and your picture could

very rapidly “become” you. And you can never revoke it, nor do anything

about it, barring radical plastic surgery – which may still not solve the


Imagine, if you will, that someone with mal-intent decided to drive you to

suicide. The simplest way would be to change someone on the watch list’s

biometric identifier to match yours. Every time you walk past a camera, you

will be flagged up. You cannot claim that you are not the person the

database says that you are, either! After all, the database is never wrong,

and the ID is never wrong either – but they have to stop you to check that,

then check it with the database, too…

Now imagine if you had an identical twin, or, out of the millions of people

in the database, one of them looks like you, perhaps uncannily so. The value

of your biometric ID card is, to almost anyone else, nothing. It won’t even

let them buy cigarettes. But to someone who looks very like you, it might be

worth quite a lot. After all, it makes them you! So organised criminal gangs

will work to match these faces with those who want them.

Of course, that is a very difficult thing to do, at the moment. Trying to

find someone your sex, age, and build is easy, but to match the face really

well? Very hard. Lots of man-hours. Until someone builds a database of

everyone, then you run a 10 second query, and get back a list of names and

addresses, sorted by closeness of match. That data could be worth a heck of

a lot to many more people than just the police.

I feel this is a fundamental flaw, a show stopper.

Even more amusing will be when Tony Blair and David Blunkett are seen, live

on video, robbing a bank. I wonder what the “biometrics will solve

everything” pundits will say then? Odds are they just wore a mask, but you

never know. It could be a burgeoning trade in radical plastic surgery, so

that you match someone else’s biometric signature.

How will the innocent party feel then?

On that happy note, I bid you goodnight.

Nigel Tolley


Leave a Comment