The final day of the House of Lords Committee stage of the Identity Cards Bill 2005, unsurprisingly did not pass any amendments .
The Home Office Minister Baroness Scotland of Asthal failed to convince anyone that the National Identity Scheme Commissioner's limited powers were at all sufficient or that the cumbersome complaints procedure used by the Passport Service was somehow acceptable since there were so few members of the public who succeeded in complaining, and should therefore form the basis for dealing with members of the public who experience problems with the much bigger and more controversial planned National Identity Register..
The appalling "Clause 31 Tampering with the Register etc". has, yet again been passed unamended without scrutiny, despite its potential to criminalise innocent Civil Servants and IT workers, with a penalty of up to ten years in prison and/or a fine, anywhere in the world, whether you are a British Citizen or not, simply for doing your job with faulty software or hardware outside of your control or by taking what would otherwise be perfectly legal industrial action such as a work to rule or going on strike.
This point was accepted by Baroness Scotland during the Lords Second Reading of the identical clause in the previous version of the Bill back in March, but nothing has been done by either the Government, by the House of Commons or now by the House of Lords to change it.
Baroness Scotland also claimed that, unlike unpaid taxes, there was no chance of anyone who has a civil penalty inflicted on them under this Bill, of actually going to prison, and that somehow these penalties were not intended as a "punishment".
The Lords tried and failed, yet again, to get any more detailed cost breakdown or estimates, even to the nearest £ billion or so.
Baroness Scotland resumed her stupid criticism of the London School of Economics Identity Project Report over the USA's Mexican Border Visa Card database, which none of the Home Office publications mentioned either.
The Report stage is probably timetabled for mid January 2006.
Amendment No. 223 seeks to add to the powers of the national identity scheme commissioner by allocating him a formal role in the investigation of individual complaints and in dealing with data corrections. It would be wrong to give the commissioner a formal role in the investigation of complaints. Complaints handling will be a routine function that the new agency will need to fulfil.
She went on to claim that somehow the existing , totally different complaints procedure for the Passport Service, would somehow be sufficient for the NIR scheme.
Not a single Lord spoke in agreement with her that this distant and complicated scheme would be acceptable for the vastly larger range and number of complaints which the NIR will generate.
There is an existing four-stage complaints procedure which includes a review by the local customer service manager, followed, if not satisfied, by a review by the headquarters' customer service department. If not satisfied, a complainant can write through their MP to the Passport Service chief executive or a Home Office Minister and then, as I have already said, to the Parliamentary Commissioner for Administration--the ombudsman.
Without resorting to a web search engine, can you name the "Parliamentary Commissioner for Administration" ?
Apparently it has escaped Baroness Scotland's notice that this name no longer applies to the re-organised Parliamentary and Health Service Ombudsman
Why should the National Identity Register Agency which, by virtue of it being an Agency is deliberately not as accountable to the Home Secretary as his actual Home Office not be supervised independently ? Will the Home Secretary resign if , as under the current wording of the Bill, the censored annual report of the National Identity Scheme Commissioner criticises the operations of the Agency ? Somehow, given the lack of honour amongst modern politicians, it seems doubtful.
Any new National Identity Register Agency should have an internal complaints procedure, to handle trivial errors, and to fix them rapidly, and for free.
There is no excuse for there to be no independent external oversight. The National Identity Commissioner should have real powers, e.g. to ban an individual civil servant jobsworths from further access to the NIR, and to initiate prosecutions, at public expense, on behalf of individual citizens. The existing deliberately crippled powers and budget of the Information Commissioner are not sufficient for the tasks he has to deal with, and are not a good model for the National Identity Scheme Commissioner.
The Commissioner should be able to suspend the accreditation of any company or government department or individuals suspected of having allowed a security breach. They should also be publicly named and shamed if such security breaches are confirmed.
All people potentially affected by such a breach must be informed, and, if necessary, be freely issued with replacement ID cards, and, if new biometric samples are required, compensated for travel and loss of earnings costs.
Incredibly there has been no debate on the flawed
Clause 31 [Tampering with the Register etc.]:
[Amendments Nos. 254 and 255 had been withdrawn from the Marshaled List.]
Clause 31 agreed to.
We repeat - If you work as an IT professional or as a Civil Servant, do not touch any contracts to do with the National Identity Register.
As currently worded, and unamended by the House of Commons and now by the House of Lords, you could be facing up to 10 years in prison and/or a fine, for accidents or software errors or hardware failures entirely beyond your control, or through acts of omission
This clumsy clause attempts to cover "Denial of Service" attacks, but ends up potentially criminalising innocent people and companies.
The "good faith" defence in subsection (6) only a defence for authorised Civil Service or IT staff doing their day to day jobs as ordered to and apparently given permission to by their superiors.. It does not apply to the unknown effects of say a duly authorised third party software upgrade, such as the disastrous Microsoft XP upgrade error which brought down 60,000 Department for Work and Pensions desktop PCs which took almost a week to recover from..
Clause 31 applies to everywhere in the entire world, whether you are a British Citizen, or not !
This also applies to any Civil Servant or IT Contractor who chooses to withdraw his or her labour in a legitimate Trades Union industrial dispute such as a work to rule, or strike.
31 Tampering with the Register etc.
(1) A person is guilty of an offence under this section if--
(a) he engages in any conduct that causes an unauthorised modification of information recorded in the Register; and
(b) at the time when he engages in the conduct, he has the requisite intent.
(2) For the purposes of this section a person has the requisite intent if he--
(a) intends to cause a modification of information recorded in the Register;
(b) is reckless as to whether or not his conduct will cause such a modification.
(3) For the purposes of this section the cases in which conduct causes a modification of information recorded in the Register include--
(a) where it contributes to a modification of such information; and
(b) where it makes it more difficult or impossible for such information to be retrieved in a legible form from a computer on which it is stored by the Secretary of State, or contributes to making that more difficult or impossible.
(4) It is immaterial for the purposes of this section--
(a) whether the conduct constituting the offence, or any of it, took place in the United Kingdom; or
(b) in the case of conduct outside the United Kingdom, whether it is conduct of a British citizen.
(5) For the purposes of this section a modification is unauthorised, in relation to the person whose conduct causes it, if--
(a) he is not himself entitled to determine if the modification may be made;
(b) he does not have a consent to the modification from a person who is so entitled.
(6) In proceedings against a person for an offence under this section in respect of conduct causing a modification of information recorded in the Register it is to be a defence for that person to show that, at the time of the conduct, he believed, on reasonable grounds--
(a) that he was a person entitled to determine if that modification might be made; or
(b) that consent to the modification had been given by a person so entitled.
(7) A person guilty of an offence under this section shall be liable--
(a) on conviction on indictment, to imprisonment for a term not exceeding ten years or to a fine, or to both;
(b) on summary conviction in England and Wales, to imprisonment for a term not exceeding twelve months or to a fine not exceeding the statutory maximum, or to both;
(c) on summary conviction in Scotland or Northern Ireland, to imprisonment for a term not exceeding six months or to a fine not exceeding the statutory maximum, or to both; but, in relation to an offence committed before the commencement of section
154(1) of the Criminal Justice Act 2003 (c. 44), the reference in paragraph (b) to twelve months is to be read as a reference to six months.
(8) In the case of an offence by virtue of this section in respect of conduct wholly or partly outside the United Kingdom--
(a) proceedings for the offence may be taken at any place in the United Kingdom; and
(b) the offence may for all incidental purposes be treated as having been committed at any such place.
(9) In this section--
"conduct" includes acts and omissions; and
"modification" includes a temporary modification.
This clause also applies to companies and organisations which are not directly involved with the running of the National Identity Register computer systems - it also applies to the estimated 265 Government Departments and the 44,000 private sector organisations which will be "accredited" to connect to the NIR in one one way or another.
If anything causes
"(b) where it makes it more difficult or impossible for such information to be retrieved in a legible form from a computer on which it is stored by the Secretary of State, or contributes to making that more difficult or impossible."
even if the core NIR systems are working perfectly, then this stupid Clause 31 still applies !
Private sector companies and individuals who are planning to work on or with this NIR system or to provide, say computer or telecommunications software, hardware or services or consultancy, should remember that although their "small print" Terms and Conditions might succeed in limiting their civil liability in any contract they sign with the Government, it is not possible to exclude the risk of criminal liability under this Clause 31.
There was even some discussion on this Clause 31 during the previous House of Lords Second reading debate on the previous version of the Identity Cards Bill in February, which ran out of time before the last General Election.
Baroness Scotland confirmed that the fears raised by the Labour peers Baroness Gibson of Market Rasen and Lord Lea of Crondall about its potential effect on Trades Unionists and others were justified,
21 Mar 2005 : Column 105
"I say to my noble friend Lord Lea of Crondall and my noble friend Lady Gibson of Market Rasen that they are absolutely right in their analysis of Clause 31."
However, here we are in December 2005 with the offending Clause 31unamended and not even debated !
Baroness Scotland re-iterated her claim that civil penalties were not a "punishment" and that nobody would be sent to prison for failing to register.
Baroness Scotland of Asthal: The Debtors Act 1869 abolished common law powers to imprison for debt, subject to various exceptions. The scope of those exceptions was further amended by the Administration of Justice Act 1970. The net result is that while it is still possible to be committed to prison for non-payment of court orders in relation to fines or various specified payments such as income tax or maintenance, there is in the Government's view no common law or statutory power to imprison for non-payment of civil penalties. Had the Government intended there to be such a power, the Bill would have provided for it in explicit terms. For those reasons, there is no risk of being sent to prison as a result of the imposition of these civil penalties. I can therefore give the noble Lord, Lord Stoddart, that assurance
Given how worthless her promises on Clause 31 have proven to be, why should anyone believe Baroness Scotland's interpretation across the floor of the House , rather than what is written in the text of the Bill ?
The Lords tried , and failed, again to get some more details on the cost estimates for the Scheme, even to the nearest £ billion or so.
Baroness Scotland repeated her idiotic attack on the London School of Economics Identity Project Reportreport, which Opposition Lords had praised:
I referred to the letter written by Professor Angel of the LSE. We have now replied. There seems to be a basic error. We were surprised to discover, for example, that in the body of the report undertaken by the LSE there was no reference to one of the major reports on biometrics and the way in which that was dealt with in the United States. It is unusual for such a gap not to have been addressed. That is surprising, but the correspondence may elucidate some of the differences between us.
Lord Phillips of Sudbury: I am again grateful to the noble Baroness for giving way. I think that the report was published in May 2004. The LSE group was aware
19 Dec 2005 : Column 1565
of it and consider that it is not germane to this matter. I think that I am representing the group correctly. It is certainly not something it has overlooked.
None of the Home Office publications bothered to mention the United States Mexican Border Visa Card 10 fingerprint database either.