Here is an impression of Richard Thomas, the Information Commissioner's oral evidence on Tuesday 3rd February 2004, to the House of Commons Home Affairs Committee Inquiry into ID Cards. He did pretty well in his session, making some powerful points which had John Denham, the chairman and his colleagues looking very thoughtful.
The Information Commissioner's official position, prior to the detailed publication of the Government's detailed plans is one of "healthy skepticism", which has not changed from his opinions expressed during the consultation process.
He has a statutory duty to rule on the ID card system, but obviously, like the rest of us, can only speculate on the devilish detail, which has not yet been produced by the Home Office, but which might be clearer when the Draft ID Cards Bill is eventually published.
He seemed to be very aware about the privacy dangers of massive centralised databases, and the danger of "function creep".
He plainly told the Committee that he wants fundamental
privacy safeguards written "on the face of the Bill", not in secondary legislation and that this has to apply to both the "voluntary" stages of the scheme and the "compulsory" ones He wants these to include a clear statement of what the permitted uses of the ID Card are, and what the restrictions are.
He specifically called for the prohibition against "stop and search" powers by the police regarding the ID Card, to be explicitly written in to the wording of the Bill, rather than merely having an implied absence of such a power.
He would be "unhappy" (which is a strong hint that he would rule as being illegal under the Data Protection Act) if, for example, either the National Insurance Number (NINO) or an Address appearing on the card itself (either stored inside the chip, or printed on the outside ?).
He would be "unhappy"/(rule as illegal ?) if organisations e.g. commercial ones, which are not officially empowered by the Bill, demand the ID Card or discriminate against people who cannot produce one, rather than using it as just one component of a "Biographical Footprint". He clarified that this even applied to the financial services rules about establishing identity to reduce money laundering, where he said that there was a choice of acceptable identifying primary documentation.
He pointed out there are different issues between the ID Card itself and the centralised Register.
He wants it clearly stated who has access to the National Identity Register.
When asked about the relationship between the Office of National Statistics / Treasury plan for a Citizen Identification Project and whether this would be suitable for the basis of the National ID Card Register, his answer was, "good question", there has been nothing detailed published from the Home Office or recently from the ONS or said to him in private about this yet.
He pointed out that all the European countries with various forms of much less sophisticated ID Cards than what is being proposed, are all subject to powers of search and inspection by their equivalent Data Protecion commissioners.
He floated some ideas about whether the scant mention of "independent oversight" should be an Independent Authority acting to police an ID Card scheme, with his office acting as a backstop for Data Protection issues, or wether his office should take up the role, which , given the massive scale of the project would require extra resources. He was not sure if there would actually be any such independent oversight in the Government's plans.
The question of database quality was raised.
When asked about whether his proposed Independent Oversight body should rule on the suitability of exisiting Government databases, he said that, as an existing statutory independent commissioner, he could officially tell the Committee right now, that the use of the existing DVLA driving licence and Passport databases would be a "nightmare", and he welcomed the apparent plan to start afresh, just using the existing systems for confirmation checking.
Jonathan Bamford answered a question or two on Biometrics, but this deserves a whole session on its own. He did express doubts about the need for multiple biometrics, but unfortunately what seemed to have stuck in the MP's mind was the "one in a billion" comment which Simon Davies from Privacy International had mentioned earlier, without his qualifier that this was just a soundbite figure and not actually true.
Richard Thomas also called for a Privacy Impact Assessment of the proposed scheme
The BBC Parliament TV channel broadcast this session on Sunday 8th February from 18:00 - 19:50.
The full transcript of this session is now online on the Parliament website.
Thanks for the summary. A lot of what Richard Thomas said was similar to what I put in my submission - so it must be right :-)
Encouraging, although there's no guarantee the Committee will pay attention. And even if they do, Big Blunkett will probably just ignore them.
whats the point in fighting? theyll prob eventually stop us from buying food without an i.d card and freeze your bank account or something, theyll getus in little pods running power stations off us eventually like the matrix. its sounds far fetched but a lot more probable than blunkett listening to ANY objections from anyone in the country. All our money, shares supposed "wealth" (therefore power)is just numbers on a computer. whatwould it take for them to just delete those without id cards? and what could we possibly do about it if they did?