Fellow sceptics, do you recognise this list? Central bank digital currencies, climate alarmism, digital IDs, wokeism. That’s right, the list of long-running complaints from us, the sceptical community. But what is digital ID doing on that list? I want to make the case for modern digital ID. In fact, I want to make the case that we should not merely tolerate it but that it should be taken off our list of complaints and added to our list of demands. You know, the one that goes: limited government, lower taxes, rational argument, self-sovereignty. We have all got a list something like that, and I want to see modern digital ID on it.
I appreciate this is a tough sell. Back in February the Daily Sceptic was running stories such as: ‘Frightening Polls Shows Half of Britons Support Tony Blair’s Proposal for National Digital ID Cards‘ and ‘Government consults on digital ID‘ with excoriating comments below the line. Ross Clark in the Spectator reacted similarly with ‘Will Tony Blair ever give up on ID cards?‘ The Daily Sceptic stories made it onto episode 26 of the Weekly Sceptic. Nick Dixon’s summary was: “Leave us alone Tony!” and Will Jones’s was:
We thought this had died, killed 30 years ago, but here it is hot off the heels of vaccine passports and the growth of digital surveillance… The issue isn’t carrying the card, its surveillance and invasion of privacy that it entails and of course none of these things have been addressed… [A YouGov poll found] a chilling 54% supportive, only 27% oppose with 18% don’t knows. It is disturbing that so many of our fellow citizens don’t understand the dangers of putting all of your ID onto a computer database.
More recently, the Daily Sceptic News Round-Up of July 18th included an article ‘CEO of Worldcoin says “Something like World ID will eventually exist… whether you like it or not”‘. As Nick might say: “But it’s not all good news…”
Nick, Will and Ross are in the same camp as commentators such as Peter Hitchens, who does a demolition job on identity cards in his excellent book The Abolition of Liberty. Yet here I am arguing against these gods of scepticism. Am I mad?
Let me start by saying that national identity cards are a terrible idea. If you harbour any sympathy for them, I suggest you read chapter one of the aforementioned Hitchens volume, where the demolition really is comprehensive. Here in the U.K., we have tried them twice, occasioned by World Wars One and Two. They were useless, hated, expensive failures. Of course, that did not deter Governments clinging on to them, despite promising not to, with Lord Justice Goddard having to put an end to them in 1952. They are a simple idea never far from the minds of politicians, a panacea for fighting crime, illegal immigration and benefit fraud. Never mind that they did not, and will not, have much effect on any of those problems.
After 1952 the failed attempts at identity cards continued in the U.K. and abroad, but while all this was going on something rather important happened: the internet. It is not that the rise of the internet suddenly negates Hitchens’s or Goddard’s arguments, but it does highlight and magnify the problem of identifying ourselves to each other. For example, how does the bank know that the person asking to withdraw all the funds from an account really is the account’s rightful owner? This was a problem before the internet but now all of us do something similar dozens of times every day, that is, we have to identify and authenticate ourselves. Even commenting on this site requires you to identify yourself as a donating subscriber.
Here are some related problems: how do I prove that I have a degree in computer science from a particular university which qualifies me to do a job? Can the person checking that degree certificate do so without having to know how to contact the university? Or how do I check that the doctor treating me really is qualified and has not been struck off? Or that person selling me an investment scheme really is money-saving expert Martin Lewis? It is an age-old problem, proving things about ourselves to each other; being certain that others are who and what they claim to be: qualified, a licence-holder, of a certain age, and so on. And, yes, vaccinated or not. This last point highlights that done badly it can become the ideal tool of control by authoritarian regimes. That is why I spent a lot of time and effort petitioning the Government against vaccine passports and getting it raised in public forums such as TalkRadio.
But are vaccine passports not the perfect example of why digital ID is such a bogeyman for sceptics? Prior to the suggestion of vaccine passports, we were all carrying wallets full of IDs, from your bank, credit card company, loyalty schemes, organisation memberships, driving licence, student ID and so on. And there were records that we did not carry such as our medical records, which we trusted to the state healthcare system. As well as these organisations’ ID cards, our phones are full of their apps which hold so much of our data. We accepted all that and the Daily Sceptic was not running articles warning us against it. So, what was different about vaccine passports? The difference was that none of those organisations make the law. They are not the Government. If your insurance company goes nuts and tries to coerce you into weird behaviour, you take your business elsewhere. You cannot do that when it is the Government. When the Government starts coercing people into having medical procedures they do not want or need, they cannot opt out. The Government can pass emergency legislation, change the rules for international travel, issue ‘guidance’ to entire sectors of the economy and badger the police to enforce it. Its app is part of the larger scheme, but it could just as well be a paper card as it was in the past. The point is not to give the Government that monopoly over your personal data. And as we have seen recently with banks or the censorious payment processors or social media platforms, we should not trust them either. In fact, trust nobody but yourself.
Freeing ourselves from all these dependencies, not relying on Google, or a bank or the Government for our identity needs and protecting ourselves from surveillance, is what modern digital ID is all about. Giving up on technology and falling back to waving a paper bank statement or utility bill as Hitchens suggests may have been conceivable once but nowadays it is simply luddite. We complain about the eco-crazies attacking the foundations of the industrial economy (fossil fuels) because they wrongly believe it is harming the environment, but in the next breath we oppose modern digital ID, thereby undermining the foundations of our information economy and all its benefits, because of the damage we wrongly perceive it is doing to our privacy. As with the climate alarmism narrative, we in the West could imagine limping along with windfarms, electric vehicles and brown-outs, but for those in developing nations, being excluded from cheap, plentiful, reliable energy is a much more serious problem. The same goes for identity. We limp along with email as our primary identifier, suffer identity fraud on a mass scale, have everyone complaining about passwords and are alarmed when we hear of people not being able to get a bank account (which is impossible without ID) and as sceptics we weirdly defend this status quo. But for those in developing nations the situation is far more serious. Globally, 12% of people do not have any form of ID. Thirty-eight percent of people live in countries that use badly designed ID systems to subvert their rights. Owning property, getting a bank account, crossing borders or receiving state benefits is a huge problem if you do not have reliable, secure ID. The problem needs to be solved for those folks even if we convince ourselves we can muddle along with our broken systems.
Let’s face it, modern civil societies need sophisticated, privacy-protecting systems of identification. The question is how to do it without creating a doomsday machine for dictators. Fortunately, people who think a lot about this are at long last coming up with solutions. They are not shadowy Government agencies but technology enthusiasts from workaday sectors such as travel, hospitality and charities. People like the Digital Identity Foundation, the OpenID Foundation, the Better Identity Coalition and the Secure Identity Alliance. They work in the open to produce open-source designs and specifications that we can all read and even contribute to. Talk of Government surveillance and control in modern digital ID is either strawmanning or profound ignorance. People working in this area are well aware of the abuses enabled by badly designed identity systems. For example, this from OpenID:
History offers plenty of examples of intentional human rights violations enabled by Identity Systems. This includes the misuse of identity data to spy on citizens, disenfranchise them, displace them, de-nationalise them or commit genocide. Examples from modern history include the use of identity cards to displace and de-nationalise the Rohingya population of Myanmar, the targeted constraints on access to identification that has disenfranchised black and indigenous voters in the United States, the stripping of citizenship for over a million individuals in the province of Assam, India, and the effects of profligate data collection by Germany’s Third Reich and Communist Stasi regimes.
These groups designing modern ID systems know all this and work to correct it. They are influenced by years of experience gained from identity schemes from around the world, from Singapore, Estonia, Spain, India, Nigeria, Pakistan, Philippines, Italy, the U.K., the U.S. and Canada. Some schemes were Government led, others private and commercial, schemes which resulted in both benefits and harms. Serious people thinking very hard about these problems have gradually solved them. And they have been very difficult problems to solve. Giving anyone in the world with only a smart phone and an internet connection the ability to absolutely prove their identity, without having to trust any company, government or third party, forever, with complete privacy and security, is not easy. By the way, if this sounds like cryptocurrencies, you are right. Indeed, the underlying blockchain in Bitcoin can be used in these ID schemes. In the same way that crypto currencies are independent of any bank or Government, so are modern identity schemes because they are based on much the same technology. If you are a crypto fan, why are you not a digital ID fan?
The good news is that privacy-preserving, self-sovereign identity is now within reach. The bad news is that it is still called digital ID, and hence drags along with it all the negative connotations that history keeps reminding us of. Let us not let the name get in the way. We have a solution, let’s use it. Use it to free ourselves from banks, from governments, from technology giants. Use it to get rid of passwords, identity fraud and internet data brokers. I quoted Will Jones at the start of the article saying our fellow citizens do not understand the dangers of putting all of your ID onto a computer database. Actually, we do, so that is why we are not doing it. And the alternative is to start using modern digital ID.
Unfortunately, ignorance of these systems is endemic. To be fair, they are a relatively recent development, technically difficult to understand and many of the problems they address are subtle. Plus the lingering naming problem. Perhaps this is why so much of the debate I see is fighting yesterday’s war. My appeal to sceptics is to try it out (it’s free!) and learn about it before criticising it. Yes, there is a lot of jargon: distributed IDs, issuers, verifiers, relying parties, block chains, resolvers and so on. But shouting down anyone who tries to tell you about it, even if they are Tony Blair, is not scepticism, it is cynicism. My appeal is to keep an open, informed mind on digital ID. You may need it sooner than you think.
To join in with the discussion please make a donation to The Daily Sceptic.
Profanity and abuse will be removed and may lead to a permanent ban.
Ok, but what if the government demands a back door into it?
The whole design would have to revert to something that was capable of that, and we’re back to square one. I was augmenting the author’s illustration of what’s technically possible and ought to be the approach
I find it hard to believe that a mechanism that had near-universal acceptance would not very quickly be jumped on by the state and forced to give them access.
I do not trust the government or the police with my data, digital or biometric.
If I ever have my finger prints taken I’m burning them, off the next day.
I was refused entry to a regular place I frequent because I didn’t have a digital vaccine certificate.
The whole edifice is disgusting to me.
That might be because I don’t see why I should answer to anyone as a ‘free’ man minding his business. I’d love to buy a bit of land with fresh running water and never see “society” again, but apparently that deal was made before my birth and I’m not allowed to own anything in this country without getting permission to live there, build there, and pay for the privilege of staying there (various taxes, council etc), so here we are.
They want more control I want less.
Oh and on a day when it’s been reported that: Andrew Malkinson, who served 17 years in prison for a rape he did not commit, slams ‘liar’ police and tells how he feared for his life in jail as he is cleared by Court of Appeal – and says the system let both him and the victim down.
Yeah I’d rather not be on their databases if at all possible..
Having seen what happened with Vaccine Passports, anyone who thinks that a single Government controlled ID system that merges your passport, driver’s license, method of making and receiving digital payments, access to medical care and other public services and your access to public spaces, anyone who thinks that politicians and supra-national organisations should be given the levers of power to cancel you in a heartbeat, you seriously need to give your head a wobble.
TLDR: They may sell it as a great convenience, but no person or organisation should ever be given the power to control you via a single source.
A possibly lesser known aspect of COVID certification (vaccine passports) in the UK is that the (little advertised) government consultation had 52450 responses with over 99% from the public responding in a personal capacity. Most expressed “strong views against certification”. The proposal of mandating certification was then dropped.
https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/999408/COVID-Status-Certification-Review-Report.pdf
and I believe this was the largest response to a government consultation.
Does that review say what you think it does DHJ?!
The excerpt does but then next 10 points are on how and why the NHS Covid pass app will be used instead – I was turned away one Christmas for not having a jab pass / proof, I would have thought it was 2021 (this review being in July 2021, so did they bring them in later?) but it could have been 2020, although that seems an awfully long time ago now.
My comment was only to highlight the scale of the response and the opposition to the proposal, the result being that particular attempt at a mandate was stopped. What you experienced sounds like the alternate route to the same result: get businesses to demand it because the government cannot without new legislation.
This was a short-lived consultation open between 15-29 March 2021.
Compare that to the IPSOS MORI poll in March 2021 which would have us believe something different:
https://www.ipsos.com/en-uk/majority-britons-support-vaccine-passports-recognise-concerns-new-ipsos-uk-knowledgepanel-poll
There’s nothing wrong with the concept, the problem is those implementing it and seeking to benefit from it. On a similar topic:
Capita had their servers hacked earlier this year and USS pension members data was obtained by the hackers.
In response to this, USS has provided complimentary membership to Experian to help identify any fraud using your data.
That’s the same Experian that has had multiple data leaks.
Response to the data breach is to direct you towards a company that experiences multiple breaches. I’m sure there’s no expectation that complimentary membership will progress to paid-for services at a later date.
Remember when we were told not to share passwords? Now we’re advised to store them with a 3rd party who is to be trusted because people we don’t know say so.
I’m struggling to understand the argument presented here, in favour of digital ID. Is that a worldwide ID system would simply be more slick and speedier? This is exactly the argument that was used for ID cards. “No need to take your driving licence to the supermarket to buy alcohol any more!”
Suppose a national ID is set up, which is sold as completely independent of government; I presume that this is the idea the author is getting at. In theory, does not the police or a judge have the power to demand any password or PIN on the spot, on pain of imprisonment? Saint Boris famously said “if anyone asks me to produce an ID card, I will eat it”. He is now finding himself on the sharp end of this, as Baroness Hallett is demanding he hands over the phone full of his private “let the bodies pile high” messages, and he is trying everything he possibly can to wriggle out of it, while trying to avoid being sent to prison, which in theory is possible if he refuses point blank.
I still see a centralised ID system as a very serious problem. It’s true that the current system of lots of different ID systems is cumbersome, unwieldy, and slow. The DBS system (then CRB) was famously chaotic when it first became well-known, with stories of teachers being unable to start work because of delays, and people doing multiple activities for children needing a separate CRB for each one. But in a way, I think that having different systems makes it harder for a power-mad dictator to grab the entire system in one swoop, or to wipe it out in one swoop. It’s happened more than once that a minister or MP left a memory stick containing the entire medical database on a train. As far as I am concerned, the less centralised these things are, the better.
Have spent some years living in Sweden. Their Digital IDs work well, definitely reduce friction (no need to produce a certified gss bill to prove who you are…) and are heavily legislated: from memory only 8 pieces of information are captured.
Am with Lord King (Mervyn, ex BoE guvnor) and Neil Kashkari, that there will never be a place for CBDCS.
But I have seen Digital IDs, within a proper limiting framework, working effectively to contain fraud, and oil the wheels of every day life.
Who administers the Swedish system, who has access to back doors? If it’s the government then what happens when you can no longer trust them? Covid has shown that rich world liberal democracy governments can be far from liberal or democratic if they get the opportunity.
I don’t know what the answer is but the more logistically difficult it is for the state to poke its nose into my business, the happier I am.
Entirely fair points, though given those bits of data (name, DOB, address, etc) are all out there anyway, in this case there are palpable benefits pulling them all into one place.
Wholeheartedly agree with you on the accrual and aggregation of info (genetic, philosophy, etc).
And clearly we already have digital money. We don’t need it in exclusion of all anonymousmeans of payment, and we don’t need it to become what will effectively be credit on the Company Store.
Every palpable benefit in terms of convenience and efficiency is a palpable benefit to ease of monitoring, abuse and control
All governments with their bankster backers want control.. plus more control.. plus more and more control. To offer them that control on a plate is more than stupid.. its bl00dy insane..
A new peer-reviewed paper looking at differences in myocarditis between the sexes in boosted individuals. Not read it thoroughly but interestingly they conclude myocarditis much more common than previously thought but more so in females. I think in females it’s more subclinical and males clinical, which sort of rings true as evidenced by the various male athletes and other sports people arresting and keeling over, as recently reported.
”High rates of mRNA vaccine-induced myocardial injury with every dose!
Peer-reviewed paper shows cardiac injury (elevated troponin day 3 post vax) rate of 1 in 35 after 3rd booster with 50% not back to normal at follow up.
1 in 12 rate for booster post 2 doses & COV infection!
Studies from Thailand & Israel show high myocardial injury rates after dose 2 & 4th booster!
Stop this Russian Roulette!”
https://twitter.com/RetsefL/status/1683675337144557568
Paper here;
https://onlinelibrary.wiley.com/doi/epdf/10.1002/ejhf.2978
Granted there has to be a way out of the sh*tshow we’re currently in, but ‘technically difficult to understand’ – that right there is my problem with this argument. I’ve tried many times to understand blockchain/bitcoin but don’t, thus don’t hold any. If I have to try many times to understand this form of digital ID and still don’t, it has the same effect. And what if one does go this route – what’s to say other organisations (govt, banks, utilities, shops, etc) will accept it and not ‘theirs’ or the officially sanctioned one? Long way to go yet, I feel.
The point of bitcoin and Blockchain is that they are anonymous but secure. You don’t need to know who is interacting with you, only that a secure transaction has occurred.
If you want, have a look for “Cocaine Auction Protocol” by Ross Anderson et al in the Cambridge University computing department. Eye opening.
Almost nothing is anonymous about Bitcoin – every single transaction is recorded on a permanent ledger, and any attempt to turn it into sterling requires it passing through a broker who requires you to have completed KYC checks proving your identity, oh, and paying the tax owed once Coin Base have reported the transactions directly to HMRC.
I struggle to understand what happens when the lights go out and the power goes down? Surely the data disappears or is inaccessible?
I’ve heard you out and I’m not convinced. I find the idea that we could have some kind of digital ID free from the clutches of a tyrannical government and big tech a little hard to believe. I doubt most governments would even allow such a system over which it has no control. Your main argument in favour seems to be to avoid being a “luddite”. I presume you would say the same thing about people who don’t want a microchip in their brain. The real problem here is the inevitable abuse of power that comes with a technology that enables behavioural control. There’s nothing “luddite” about not wanting that.
Quite so. Remember a thing called “the internet” which led to “social media” as a place where people could freely say whatever they want? Absolutely safe, of course.
Exactly. The author’s argument seems to be that because there are some advantages to digital ID we should ignore the (obvious, overwhelming, impossible-to-extricate-ourselves-from) disadvantages.
All well argued, however the fly in the ointment is government and the ‘security’ services that come with it. They’re not going to allow us to be adults so this idea doesn’t meet my sniff test I’m afraid.
Uughh. Awful.
Digital IDs are a solution in search of a problem.
This is a big problem is it? Yes, of course, the famous degree faking epidemic that is destroying our society. Give me a break.
There is no problem. We carry on as we are, because there is no degree faking problem.
There is no technical solution to the only problem that does exist, which is governments and the people that capture it seeking to control our lives and behaviour. No amount of technology will solve that very real problem.
Digital IDs if you want. Fine. Just don’t demand them of everyone. Some people and groups can get by perfectly OK without them. This is all about sovereignty – i.e. choice.
Let us not forget many other things which are or have been sold to us in the name of “convenience”, which make it all the easier for the state to snoop on us, should they choose to:
When home internet was the exciting new toy on the horizon, Tony Bliar said “I want every household to have the internet”. Not for our convenience, he didn’t. He had foresight, as we found out in 2020. He was probably disappointed he didn’t get to enforce lockdown himself.
It seems that not as many as were hoped to be are fans of digital convenience. What a shame….
https://www.timeout.com/london/news/three-amazon-fresh-stores-have-closed-in-london-072523
You make some valid points! But to me, it’s not the existence of ID its what it will lead too!? Governments have a terrible history of saying something will end there, only for us to find it lead to something else down the line behind our backs! I’m sorry, but I just don’t trust them
Decentralised digital ID sounds like an oxymoron.
Our current IDs are diversified in that they are issued by passport offices, utilities, university offices, driving licence authorities, local authorities. The very diversification protects us from too much central control and also proves our identity because the different IDs corroborate each other.
Digital IDs are a gateway to carbon credits, CBDCs and the rest.
I was going along with the line of argument with an open mind until the article ended and I returned to my senses. I would support a digital identity system were it not for the fact the the world we live in experienced a coup three years ago, in which a cabal of globalist criminals usurped the national sovereignty of just about every country in earth and attempted to reduce humanity to a mass of faceless sheep unable to move freely unless they submit to a revolting medical experiment. No one has gone to prison for this so in my mind we are still under threat. Now, I would think, is not the time to line up for a universal ID that makes any government in the world able to trace me instantly along with everything I’ve ever said or done online. No, I’ll take my chances with identity theft and easily forgotten passwords and the endless array of ‘platforms’ that may or may not be able to communicate with each other. I simply don’t trust anything digital anymore – if I could flick a switch to kill the internet, right now I would; it’s a load of toxic bullshit and I think it will be the thing that finally does us in.
You made your point. Now go back to whichever slimey rock you crawled under.
I am immediately suspicious of anything that is too difficult to be explained. This sounds like an attempted sales grab by those who will benefit from its adoption – namely the technocracy, even if they don’t call themselves that. It stinks.
Definitely a thought provoking article.
In Holland there is Digi-ID and without it it is almost impossible to deal with any government organisations.
I understand where the author is coming from, but have a worry:
There is the convenience aspect.
I called my Dutch bank via a link in the app on my phone. Because of that they knew who I was and I did not have to go through any of the security checks. I did not know this and it was kind of scary.
So on balance I am still against digital ID.
On a different note, have people noticed an increase in cashless businesses?
What an excellent article.
Coincidentally, I write this from digging myself out of the quagmire of managing a myriad registrations linked to my e-mail address which is now unavailable due to the Virgin Media e-mail fiasco which started six weeks ago.
My background is computing / IT, and latterly IT Security. Over two decades ago I was responsible for devising a strategy, and selecting technology for Single Sign On and Strong Authentication – subsequently subsumed into the specialism which became known as Identity Management.
Subsequently I encountered a mind blowing paper by Nils Bjergstrom called “Basic Man – Machine Introductions”. Behind that innocuous title he introduced concepts which demonstrated the practicality of entitlement mechanisms in which the service provider who needs to know whether it’s legitimate to grant something (e.g. to cross a border) can do so robustly, without the identity of the individual needing to be known.
This is inherent in the design, and cannot be “broken” by the choice of e.g. a law enforcement organisation. Nowadays this type of design principle falls into the category of Zero Trust mechanisms, as referred to in the article.
Some time after that, in the era of ID “card” proposals (whose aim was never coherently expressed – i.e. something that could be designed from) I realised that an ID system can be used either as an entitlement mechanism or a surveillance mechanism, but not both. Optimally addressing one requirement either undermines the robustness of the other, or renders it impossible. I wrote a (never published!) paper covering this and other topics.
Pursuing the Zero Trust goal further, and introducing Self Sovereign Identity as also alluded to by the author, a possible approach could be that the individual possesses their information, either on a smart device in their possession, and / or in some cloud based container, and leases the use of relevant items to service providers. Using technologies such as Digital Rights Management, items could be leased for a finite time (e.g. a very short time to allow registration for a service). This could be enhanced further by requiring either notification or permission whenever an entity accesses, or wishes to make that information available to another entity.
So, many of the fears expressed in the comments can be eliminated by sound design. One element which I haven’t satisfied myself about is verifying the trustworthiness of the smart device of mechanism held by the individual.
I’d be interested in further dialogue with the author, to see if he / she can either address or shoot down my ideas.
Dear James
TDS Moderator here
In light of your request to contact the author are you happy for us to give him your email address from our database? If so pls reply here
Thanks
I think that people are mixing up the concepts of Digital ID and control by govts, companies and others.
The concept of digital ID is good – having only one ID to access myriad places instead of having many user names/accounts, passwords etc.
The problem is control.
You, the individual, should have complete 100% control of your digital ID and no one else.