ID cards - now the lunacy is unleashed

Just a small point, but obviously checks against the NIR in the early stages will be relatively quick as there will be few records to check against. As the number of records increases the time taken for each check on registration will increase, more or less exponentially (I think).

I'm about to apply for an Italian passport. Even the famed incompetence of the Italian consulate looks like being more efficient than the British passport office, and none of this Orwellian biometric nonsense.

Yes, I'd realised that back when I was doing the back-of-an-envelope 700,000 a year - the corollary is that, given that you don't get deleted off it even when you're dead, the number of checks per new applicant will presumably rise forever. Computer performance goes up too, of course, but possibly not at the same rate, and there's an obvious financial overhead in providing more capacity ad infinitum.

Presumably they'll have to implement some kind of archiving for people who have handed in their dinner pails, which does beg the question as to what happens if you want to declare yourself dead - do you have to provide a death certificate? What if people want to disappear? Surely feigning death and reapplying for an ID card would be a perfect way to wipe your record, so they'd have to check against the dead as well. Perhaps you'll have to get certified dead by an Identity and Passport Service nark as well as a doctor.

You'd expect that the failure rate would be highest at the start, of course, plus performance slowest and staff slower too, being unfamiliar with the systems. It also occurs to me that if you want to start with a bang on day 1 the system actually has to be finished a good few months beforehand, probably within 30 months.

Linearly, actually. It's a factor times the number of records in the database. There are also handy ways of doing it distributively in parallel on a large cluster of machines -- how do you think google works?

Technically, there's a lot of open software that could very well handle it. However, they are going to contract it out to Microshite and Crapita whose reputations are well known. At least it fits. A job that shouldn't be done shouldn't be done well.

I'm an IT contractor.

Technically this could work, and database performance would not be an issue. 60 million + 700,000 records per annum is pissing in the wind.

That said, it will never work, because they won't spec it out correctly in the first place.

In your calculations you've failed to take into account the number of days the people operating this system will strike in a year, due to poor wages and pension rights!

This is going to be one of the biggest wastes of public money ever. Still, as an IT contractor, maybe I will be lucky enough to get on the gravy train? I've worked on 2 local govt projects in the past 3 years, and each time the project has been cancelled after close on £1 million has been spent.

As a former IT contractor I did think I could do most damage to the scheme by signing up to work on it at a daily rate of ouch quid. I also thought that an anonymous site where workers on the scheme could post their experiences of how it's going would be interesting. The pressure is likely to be immense, given the timing of the next election and the likelihood of political weight being brought to bear to have it done and dusted before a likely Labour defeat. See rail privatisation for an example of what happens when you rush in order to make life difficult for the next people.

60m growing annually at 700,000 isn't large in conventional terms (the database our organisation use has about that many *writes* a day, and only cost a six-figure sum to install), but this isn't really conventional, in that you're comparing several fields of fuzzy data against several fields of fuzzy data 60m+ times, which must take a lot more horsepower (how do you index it, for a start?).

After all. you've got to be in a position to say quickly (because of the sheer number of registrations a day in the early days) and accurately (otherwise the whole thing is pointless) whether a particular set of newly taken biometrics could be on the database already. You can never say 100% whether they are or not, which is what conventional database searches do. Also, the person has to be physically present until you've finished the checks, unlike a conventional passport renewal where you just send the forms off.

There's also the frequency with which biometrics are taken incorrectly (two left thumbs?), given the pressure to register people and the likely adequacy of training.

As for strikes, isn't interfering with the database a serious criminal offence? I seem to remember spyblog hypothesising that this could cover industrial action that impacts the availability of the system. Sounds like an issue for a human rights lawyer. Anyone got Cherie's number (£3,000,000, isn't it?).

The search time could be designed to increase as log(n) rather than e^n fairly easily - indeed the simplest search time should be order n...

But I can see it being slow - at least as slow as VISA card authorisations. After all VISA could replace their entire UK operations in what? 32 months - I don't think...

Hmm, I'd have thought that the chance of any contractor getting near this sort of thing would be tending to zero, with the big 'consulting' companies getting the contracts then body-shopping inexperienced employees in as 'consultants'...

70 seconds per registration? What happens if I've been handling bricks and my fingers are worn? And if I was rather messily eating a bar of chocolate when they came to scan my fingers (oh dear, chocolate on the glass)? And if the half the population who oppose ID cards have chocolatey fingers? How long would that all take?

Thanks Goatchurch. I was being a bit brain dead. For myself, like Safety, Google works as an act of faith. The same will be true of the NIR. All you need is to believe.

It's worse than that.

I reckon Tom left out a bunch of important extras in his calculation -- namely the ongoing need for updates for reasons other than people entering the National ID Register.

There is a reason we need to renew our passports every decade; the photograph ages. The same is going to be true of the biometrics on the ID card. There are also all those status changes to take into account. The average marriage lasts just 12 years, for example, and getting married or divorced is obviously an ID Register update. Right?

On top of the on-going 700,000 teens per year I think you need to add the following ongoing overhead updates:

* Marriages: (90% of folks get married, so that's another 650,000 p/y)

* Divorces: (40% of marriages end in divorce, so about 300,000 p/y)

* Deaths: (100% of us die, cumulative death rate is roughly equal to birth rate, so 700,000 p/y leaving the register)

* 10 year biometric updates: 7,000,000 per year. (Do you look the same at 39 as you did at 29? I think not ...)

* Mutilations: people who lose eyeballs or fingers or otherwise experience changes to their body that would interfere with the biometrics are obviously going to need their records updating. (I'd say this is probably cumulative to somewhere between 5 and 10% of the population, so another 350,000-700,000.)

* Change of Address: people who move are required to provide proof of change of address. Say we live in a given house for an average of roughly 10 years. Yippee! We've just doubled that 7M figure again!

* Loss or damage to ID Card: that's going to be a report-to-processing-center job too, isn't it? In 25 years I've damaged one passport and lost another. But these ID cards are going to be riding around in wallets, an environment more like that in which credit cards are used. Personally, I'd be surprised if the half-life of an ID card was much over 2 years in practice, so that'd actually multiply the replacement processing rate by a factor of 5. But that's ridiculous so I'm going to leave it out of the calculation below.

In upshot, I reckon the mature system will have to handle more like 15M to 25M updates per year on an ongoing basis. If we include a card life more like a credit card than a passport, make that 50-100M updates per year.

And this is in addition to the initial registration rate during the first decade as they try to shovel us all into the database!

Bluntly, they're not going to be processing people at the rate of one per 72 seconds -- it's going to be an order of magnitude worse, minimum.

And that's before we look at other updates. Maybe 500,000 people come into contact with the criminal justice system every year -- their records are going to be updated. (If resistance to the ID Card reaches levels associated with the Poll Tax in Scotland in 1989-90, you can ramp that number to more than 10 million a year -- believe it or not, the Councils in Scotland are still trying to clear up the Poll Tax backlog.) As we integrate further with the EU, I'd be unsurprised to see immigration/emigration figures close to 500K per year, too.

72 seconds fallacy

The 72seconds/registration seems to be based upon the assumption that there's only a single processing station at each registration center as well as assuming that each center will process the same number of people.

A much more reliable number for the time to process a person is to get hold of the total number of processing stations and use that in your calculations. Based upon knowledge about how many processing stations any given center has, you can then calculate how many people any given center ought to be able to handle in a day.

Before we know more about the total number of processing stations and how long it'll actually take to process a person, the 72s/person is - I'm sorry to say - completely hogwash and a pretty un-usable number in any serious debate.

Some other things that can invalidate your calculations:

• working weekends will up the time/person to 102 seconds
• expanded working hours to eg 9am to 8pm will up the time/person to 100 seconds
• both of the above will up the time/person to 141 seconds

But having said the above, your calculations does give some insigt into the logistics of such a system.

Here in Danmark we actually do have had a national registration system since 1924. In the 1960's the former system based upon local counties was replaced by a centalised computerised system CPR. You can get a good glimpse into the history of the Danish CPR and the problems encountered here: Danmarks Folkeregister (in danish) (Word 97)

It's probably a clever move to tie in the initial phases of registration with your passport. You want your annual foreign holiday? Then you have to be scanned and stored in the database. Very little scope for civil disobedience when the card isn't 100% compulsory, and it won't be to begin with - you don't have to have a passport.

However, it's a whole different ball game when the card is compulsory. To get an ID card you'll have to prove you are who you say you are. So what if I turn up to my appointment with no birth certificate (lost it), no utility bills (don't get them, all the bills are emailed to me), and with no money (spent it on booze, hic) to pay for the card? Anyway I can't get benefits without my card, and I can't pay for one until I get my benefits (paid into a bank account which I can't get without a card). How are they going to get around people being very very 'difficult' about registering?

Here are some extra time factors you can add on: hospital patients, disabled people, the old and infirm - will they all have to turn up, join the queue and be processed in 72 seconds? Back to being difficult again: what if I have an inch cut off my hair, do I need to go back and re-register with a new look? I could do that every day for a good two weeks before my scalp returns to suede. Then there are the different dyes I could use to change my appearance.

Are we going to have to pay each time the database is updated because of change of appearance or circumstances? If not, you'll get timewasters. If you are, the person who in one year passes their driving test, then changes job, then moves house, then marries, then goes bald (stress of all previously mentioned)... that is going to cost a pretty penny.

My credit/debit cards have a 2-year life, after which I'm given a new one (for free) by the bank. In 2 years of carrying them they are pretty much shot by that time - the signature wears down, the magnetic strip becomes patchy, and so on. Am I going to get a free card every time the old one becomes unreadable? Will my collection of neo-dymium magnets affect the card in any way?

This isn't going to work. Storing all that data and requiring every change of circumstance to be recorded on the database is, quite simply, total madness.

Don't forget to add to the strain on the system any machine used by police and immigration (for starters), then by the benefits office, banks, etc (when you have to have a card to get essential services). If the CSA can't handle recording and using large quantities of personal information about a comparatively small number of people (absent parents), ain't no way it's going to work with the entire adult population of the country, plus anyone who ever visits here.

And by the way, the US will want access to the database so it had better work cross-Atlantic or you'll have plane-loads of people waiting for someone to reboot the main server in London.

Best place for the central system: inside the Millennium Dome, which will seem like a cheap and distant memory compared to the expense of the national ID system.

One last point: you will have to own a card but you won't have to carry it. Anyone care to explain the point of all of this? Why do we need something to prevent terrorism when a system like this will do more financial damage to the country than a shed-load of non-existent WMDs?

What about overseas registrations? Most overseas consulates are understaffed and overworked; how can they possibly handle the extra load from all these citizens turning up for passport renewals (previously handled in most Western countries by mail-in of forms certified by local JP's or officials), let alone the extra workload caused by lost or damaged ID cards whilst overseas.

This means setting up additional processing centres all linked back to the central voter-tracking database. In real time. With 24/7/365 constant uptime and availability. Globally.

All from a government (and, to be fair to Blair, a civil service that loves to worship red tape) that can't even get a glorified room-booking system working in the Hospitals.

This system will never, ever, be ready by 2008. OTOH all governments love power and the next Government - regardless of persuasion - will only scrap the ID card system if they are truly convinced it can never work. Otherwise they will plead contractual and/or international commitments have "forced them to retain the previous Governments ID card system, but with (inconsequential) changes to address the glaring civil rights implications"

Something like that, anyway.

It may well go to Capita to implement, but sure as eggs is eggs, it'll be operated by EDS. The underlying technology will be the govt's preferred DB2 on Z/OS, but I doubt *very* much whether IBM will want to go within a 100 miles of a services contract on this.

I'm going outside right now to start building a wall.

In Hong Kong the government decided to introduce new ID "smart" cards to replace the existing ones we all have to carry after the age of 11. The basic database therefore is already in existence and the only new information the cards will carry (except for driving licence and library card) are left and right thumb prints, which are already in the database, and immigration data - dob, residence status. No nonsence about biometric data, just a photo and thumbprints.

The exercise began in June 2003, people are called forward by year of birth and the whole thing is estimated to be complete by March 2007 - 4 years as near as dammit. This is for a population of 6.9 million, about 1/9th that of the UK and with the database already up and running successfully.

Incidentally, personal data is not allowed to be shared even with other government departments without the person's consent let alone banks, shopkeepers, credit agencies and Uncle Tom Cobley and Dubya.

Given that the HK government has decades of experience and an up-and-running database and still takes 4 years simply to replace everyone's ID card what chance have Charlie Clarke's Angels of ever getting their scheme off the ground?

Its not about the database, which is fairly trivial to implement and scale to these number. Hell, tesco probably has more clubcard transactions per day than this thing ever will. Its about the technology that captures and checks biometric info. The stuff that does exist so far (and half of it doesn't!) is clunky and unreliable. If they can't check your biometrics where ever and whenever they need to, from your local post office, to the bobby who pulls you over for speeding, then this is a farce.

72 seconds fallacy - I don't think this is fallacious, but perhaps I didn't make clear what it is - it's just the average time between new registrants arriving at each centre, and thus the average time between new registrations being submitted from that centre to the NIR. In the event of failure of that centre's link to the NIR (or the NIR itself) it's the time between new people joining the back of the non-moving queue.

We already know there'll be 70 centres across the UK (it's in the original post, in fact, and I did use it in my calculations :) ), thus the rate of new registrations centrally has to be about one a second if you take my estimate on working hours. Note that the time taken for each registration to be processed can be more than this, if you build the system with sufficient capacity to run x full-database queries at the same time, which is obviously one of the key design requirements, or should be.

The actual processing time you spend at the centre will be considerably north of 72 seconds, 20 minutes seems about right, most of which will be taken up with filling in forms, presenting existing ID (you've presumably got to take your existing passport along if you're renewing it, and that has to be checked and invalidated) and, of course, actually being iris scanned, photographed and fingerprinted. I recently had a mortgage interview where lots of paper had to be presented, and that was an hour and a half, so I might be being optimistic again.

The average rate (72s/person/centre) required to make the scheme work and the actual processing time (say 20 minutes) can be used to estimate the number of readers and registrars being required at each centre. I never thought they'd have one person per centre (although the Home Office tried to pull that trick with police processing of terror suspects recently, to attempt to justify 90 days detention, so perhaps they will).

This only matters in the sense that more readers mean more variable data and more registrars cost more money to employ and require more space. 1200 readers would require about £35-40m a year for wages/NI alone, given a few extra staff for holidays/maternity etc. and a reasonable wage level, plus a bit of training.

Weekends - true, but it puts the cost up opening at weekends, plus it's politically more annoying to force people to spend their Sunday afternoons queueing up at a cost of £93 plus. Saturdays is a possible, of course, since it's a shopping day anyway. Databases have to have downtime, occasionally, but this will presumably be at night.

I don't think longer evening opening hours would work - 8pm is soap opera time and that it would be *really* annoying for people to be forced to miss the latest bout of glowering violence by the Mitchell Brothers. 6pm might be possible.

Remember that, in a country the size of the UK, travelling time for a lot of people to their nearest centre won't be inconsiderable. I remember having to go to Peterborough once on a passport issue when I was a child and that was about a hour and half each way from where I grew up in the country. Not everyone drives, either, or is fully mobile, and places like the Highlands and Islands are going to be nightmare territory (say you live on the Isle of Mull and have to go to Glasgow to register at 7:40pm - the last boat back is at about 8pm and it's a five hour trip each way).

On that matter, does anyone know the location of the 70 centres yet? They're due to open this October, I think, so they must be known already.

Remember that this isn't an elective scheme, people are paying through the nose already and having extra inconvenience thrust onto them for reasons of Government operational convenience will reinforce a growing view that this is the Nanny State doing things for its own benefit and screw the little guy. Not that that's a notion I'd want to disabuse, of course.

What happens when your local processing centre is fully-booked and you need a new passport Right Now? (they get lost/damaged/stolen as well as expire) Are they going to let you have one without doing the ID card stuff or are they going to make you wait until you can be booked in to give up your freedom?

Or can I go abroad, 'lose' my passport there and get one via the local British embassy which won't be able to do the ID card check?

When Robert Frost said "good fences make good neighbours" he was being ironic. Are you "walling in or walling out"? I would never hold track with the notion that if you've done nothing wrong you have nothing to hide. It's never seemed like a good enough excuse. The fact is that in the world of the very near future surveilance and information gathering will become more and more ubiquitous as cameras (and other recording devices) get cheaper, smaller, better and smarter.

I also don't think that total privacy is useful either. In closed systems like the old USSR and modern day China everything is done in secret. Goverments act without any form of accountability. Therefore accountability and thus openness needs to be more widespread. I'm not saying that we should all live in Glasshouses either but perhaps it would stop us throwing stones? A balance must be struck and it must be bottom up. We should be able to see with full clarity our "betters" and those in authority. Since these authorities are made up of the people that run them we should then be able to peer at them. The way to set that up is to make sure that they can look straight back.

If you listen to such giant intellectuals as Ray Kurzweil and David Brin you might understand that in order to truely be free people are going to have to give up some of their rights to privacy.

Perhaps it's not exactly the right time to bring in compulsory ID but it's going to happen one day whether you like it or not. Maybe instead of the reactionary position of "no, not now, never" we should open up for debate, strike a balance between total privacy and total openness.

Besides; the British people need to protect themselves with a written constitution. Sooner rather than later, because by the time it becomes obvious you need one it'll be too late.

Your estimate of 72 seconds per registration is all well and good. The problem is your estimate that it'll only take 20 minutes per person to register, even assuming they aren't being difficult.

I recently had to go get myself a National Insurance number. The process was:
i) Phone up to book appointment, told when I'd be allowed to show up.
ii) Show up, and tell them I'm there.
iii) Wait for 30 minutes.
iv) Talk to someone for 30 minutes. Hand over my documents.
v) Documents photocopied.
vi) Wait some more. 5 minutes.
vii) Talk to someone else for 15 minutes.
viii) Go to another room.
ix) Wait for 20 minutes.
x) Talk to someone else and then leave. 5 minutes.
xi) NI card arrived two weeks later.

The National Insurance system has been running for *decades*, and it still took nigh on TWO HOURS for the meeting, not to mention the time spent on the phone or waiting for the card to show up.

Take into account the problems that some people will cause deliberately - walking around the processing center with strong magnets sticking them to the sides of computer cases for fun, covering their fingers in NuSkin, chocolate, superglue, sanding their fingerprints down, wearing wigs, stage makeup, 'accidentally' showing up with the wrong passport, making their eyes weep - do they honestly expect to get everyone properly registered in any reasonable time?

So assuming that it takes 2 hours to register, and assuming that all ID cards show up to the right place and right person, means that to process all 400 people per centre per 8 hour day, would take 100 processing staff. Per centre.

I think the point was there has to be a registration every 72 seconds. Not that each registration will have to be complete within 72 seconds. Obviously, whether the registration rate is achievable depends how many people are employed to do the work at each centre.

You're everything that's wrong with the world.

Instead of taking glee in the fact you may see a bit cash come your way, how about a change of direction and do something worthwhile. I work in IT too and wouldn't get involved in this scheme for all the money in the world. I could easily make more money than I do at present, but less money and being able to live with myself is no contest.

The only thing worse than this scheme is the likes of you that go along with it for your own financial gain. That after all is the reason the scheme is coming about, to generate cash for government and corporations. You and all the other hand-rubbers should be ashamed of yourselves.

I'm also unsure why you boast that you and your colleagues managed to piss away £1m of OUR money on failed projects. Two failed projects in three years doesn't say a lot for your ability as a team. Do yourself a favour and do some work where you'll see the systems you're involved with develop, get used and are genuinely useful to someone.

Yer a disgrace.

I dont think that was quite a boast so much as an example of much more modest govt IT projects...

72 seconds ?
70 centres ?
Hmmm, but the centre you'll have to visit will never be the one nearest to you. The motorway will be closed due to roadworks and the train will be busy spreading bird-flu across the country. The staff will be on a one day strike, to go with the usual 5 day inefficiency and the computer system will work as well as the csa system (or the IRS system that is still handing out cash for children not yet born to people not yet in the country)

Getting the [new-at-the-time] photo driving licence was a nightmare, and that didn't need my iris(es) scanned by cut-rate government purchased systems.

As for the US using the data as well........they'll just use their already existing access to all home office records, so no problem there. In fact, they'll probably be the only ones to have access to it. Given that the pnc system spends most of its time returning wrong information anyway.

Based on my 40+ years experience in the computing business I would say that Will is spot on: it will never work, because they won't spec it out correctly in the first place - or if the original spec is OK they'll keep changing it!
The speed of the database checks will depend on how the 'biometrics' are stored. As someone has pointed out the information is essentially fuzzy; but one of the serious problems with the basic concept of the system is that the fuzziness will be taken out - fingerprints (and presumably also iris scans) will be recorded as a [small] number of 'match points'. There is reasonable evidence (presented on a TV program a few years ago) to suspect that the level of complexity of these match points was set to based on matching capabilities of the police computers, and is low enough to allow false positives.
I object to id cards/passports because of this fallibility - I am actually in favour of id cards in principle, and a securely encrypted 'biometric photograph' would suffice (yes, it *is possible unless someone cracks RSA).

AndyD 8-)#

I wrote to my MP to ask him if there would be a processing centre in my town (knowing that he couldn't possibly tell me) to make the point about travel times and inconvenience. Our local driving test centre shut a few years ago and now people have to go to Wolverhampton. It's only about 15 miles but you can reckon to have to take at least half a day off work just to do the theory test. I think if they average 20 minutes per person registration they will be doing extraordinarily well. My guess is that they'll set the post offices up to "pre-check" your documentation to try to cut down on processing times. This will of course cost you extra.

Interesting calculations - a nice empirical explanation of why the whole scheme is bat-shit crazy and will make the Passport Agency, CSA, Individual Learning Accounts and the Rural Payments Agency problems added together look like a little local difficulty with an Excel spreadsheet in comparison.

And there's two things that you don't mention: the operational overload of the post-registration checks as Inspector Knacker et al makes free with the data once you're registered; and the fact that the whole system is predicted on uniqueness. Given that the National Insurance system has had the wrong side of 40 years to get this right and still screws up on a regular basis, how long before the horror stories of the NIR refusing to recognise unfortunates as existing start to crop up?

All of this begins to look like Gordon Brown's get-out-of-jail-free card. Picture the scene - a few months to go to the General Election, Blair's a distant and unpleasant memory, Labour are dragging in the polls, the bodybags are still being shipped back from Iraq, we've accidentally lost another couple of Brazilian electricians, and the front page of the Daily Mail carries a story about little old ladies being charged £93 for a useless piece of plastic on a daily basis. Canning the whole thing would take a sackful of guts politically, but wouldn't it make for a lovely April suprise just before the polls open?

The other alternative is that a handful of crazies let off another bomb on a tube, and the Safety Elephant launches a scheme to have us all tattooed on the forehead with a machine-readable bar code...

The only people that are against I.D. cards are illegals and terrorists, which are you?

Prick

Terrorist or illegal? I don't know, but I don't think either category would hold Peter Lilley, MP for Hitchin and Harpenden and former Conservative Cabinet Minister, so I shall file your comment under B for bollocks. It's not just swivel-eyed lefties who oppose ID cards - check out the Bow Group sometime.

**The only people that are against I.D. cards are illegals and terrorists, which are you? **

How would you know, Stephen?

Are you in regular, close contact with those [illegals & terrorists] who you would have us believe all hold the views you claim they do?

Sorry, Stephen, you're on a hiding to nothing with this.

Either you have personal and substantial regular dealings with both these groups, and can provide proof by naming names, or your credibility ain't worth a hill o'beans.

When you're merely guessing or opining about something, you should always make that absolutely plain. Otherwise you'll be widely viewed as no more than an mischievous amateur, at best. At worst, you'l be seen by most informed, unprejudiced, well balanced people as a either a bigot, ignoramus or liar -- or perhaps all three.

Incidentally, as proof of the invalidity of your claim, I present myself as evidence. In all my three score & many more years, I have never been either an illegal or a terrorist. Quite, quite, quite the reverse in fact [but that's another story]. And I can tell you here and now that I do not want to have to carry around any ID card -- AGAIN, after all these years.

Are you old enough to remember, or well informed enough to realise what I mean by that last sentence? I very much doubt it, matey.

Sounds like something "The Sun" would say.

I'd like to think I oppose ID cards because I'm a well-balanced person of reasonable intelligence who doesn't want the Government to potentially restrict his civil liverties and charge him for the privilege.

However, opposing something "The Sun" is in favour of is not a bad principle to follow.....

This is where your analysis of required reliability breaks down: Each person will be present at the centre for between 15 minutes and half a day. Down time will be one of the causes of variance. It does not follow that anyone will know about the down-time.

Assuming your 99% figure of 20 hours per year. If the failure is one-time 20 hour duration then 70000 people are seriously inconvenienced (have to do the whole thing again). If it is 20 one hour break downs allocated randomly between the central server and the 70 outlying centres it is quite likely that no people are required to do it again.

It should also be possible to perform all of the data acquisition locally and forward the passport after the checks have passed when the system is back on line (assuming that you don't have a requirement to arrest anyone failing the checks).

Quote:

One last point: you will have to own a card but you won't have to carry it. Anyone care to explain the point of all of this? Why do we need something to prevent terrorism when a system like this will do more financial damage to the country than a shed-load of non-existent WMDs?

End Quote

It is obvious that actual cards are NOT needed at all. This is why it was easy to come to a "compromise". Just your biometric data in the database and then LOTS of civil serpents with scanners. Why should you need to EVER carry the card for them to ALWAYS be able to identify YOU as opposed to you identifying yourself?

And there's two things that you don't mention: the operational overload of the post-registration checks as Inspector Knacker et al makes free with the data once you're registered; and the fact that the whole system is predicted on uniqueness. Given that the National Insurance system has had the wrong side of 40 years to get this right and still screws up on a regular basis, how long before the horror stories of the NIR refusing to recognise unfortunates as existing start to crop up?

The more you look at it, the more the whole scheme looks like some not-quite-smart techy civil servant's idea for solving the biggest headache that the Civil Service currently has, which is that their databases are all, without exception, full of old, outdated or just plain wrong information.

This is a natural fact of life when you're dealing with any big database of data on people; people make mistakes, entries get scrambled, and entries go out of date.

The huge list of info the cards will require look like a way of tracing people for quite a way back in time, which the Inland Revenue and Police will no doubt gleefully pounce on to use against citizens whenever possible.

The problem with this great informational land-grab is this: why on earth should the information given to the ID cards people be any more accurate than the information already given? This government has repeatedly shown its self to be composed of unscrupulous liars, thieves, chalatans and rogues all of whom care not a jot for civil liberties nor for the use of power in a civilised fashion.

This being the case, I would think that most people will be as unforthcoming as possible with the officials, and seek to introduce errors into the data simply to confound the record-keeping. Petty criminals will do the same simply out of low cunning, and many's the person (myself included) who has lived as a student in a number of places and not troubled to keep even the sketchiest of records of the addresses.

Why, in all honesty, should I have kept such records? They are of no use to me, and I care not a jot for inconveniencing officials.

This will be commonplace if the scheme ever gets off the ground. As other comments have said, this will surely be Bliar's greatest legacy and the thing for which he is remembered.

Tony Blair: author of the biggest government IT cockup of all time.

One thing that worries me about all this ID card stuff, and which is not often discussed, is this: the more the Government (police, tax man, social services, MI5, etc. etc.) believe the system is foolproof, the less they will be inclined to believe John Smith if, no, WHEN (by cockup or deliberately) his identity is confused with somebody else's. There are well-documented cases in the USA where people have had their identity stolen and, months and years later, they are still getting arrested every now and then for something the identity thief has done, usually on the other side of the country. I can envisage the day when it will be almost impossible to convince the authorities that you are you, and not the other (bad) guy.

Furthermore, and also not often mentioned, the technical bugs in the system might get ironed out, eventually, but there will (probably) always be a human element in the system. This is where the security holes in existing systems show up. If you're a bad guy (Albanian mafia, Yardie boss, City fraudster, whatever) and you want a new identity, the easiest way to get one will be to find someone who works for the processing service and pay and/or threaten them to whip you up a false one. Plus there'll be a nice little cottage industry in fake IDs, run by the poorly-paid stiffs working for EDS or Capita or whoever operates the system. And it won't be the man on the street who's buying them.

Anyone who thinks the ID card system is about fighting crime is living in cloud cuckoo land.

Paul,

It is complex, but I think the basic access time will increase logarithmically. I don't think access time itself will be a problem - this kind of system has been tested well with banking an so on - there are many other areas where it will fall over though. Even if the technology works (which I doubt), the principle objection is to the identity system itself.

@Dick Cheney: Are you talking about Detection of Multiple Applications (DMA) being logarithmic on the number of persons already enrolled in the National Identity Scheme (NIdS)?

Well, with biometric pattern matching you have to take into account measurement error and "missing data"; this is very different from searching a database of exactly correct data to find out whether an entry is present, eg using a sorted key (which does have logarithmic search time) or a hash (which can be even faster). When you do the pattern-matching search tolerant of error (as far as I know), you have to give up certainty in return for the faster search. In some circumstances, there are techniques (eg beam search) that give, on average, speedup with certainty (and greater speedup with lack or certainty); however the speedup is, in my experience, nowhere near logarithmic. It is doubtful whether lack of certainty in the search algorithm is appropriate for Detection of Multiple Applications (or other watchlist applications), especially given the existing and unavoidable imperfection of such biometric matching, through the trade-off between False Accepts and False Rejects, and with the False Accept Rate increasing linearly with the number of previously enrolled persons.

In any case, the cost of the computing power to do the exhaustive search, though large, is not overwhelming.

A more difficult question is whether the government wants the detection to be run before "the suspect" leaves the registration site. Though rather dated, I consider this here: Letter to House of Commons Select Committee.

Further information on a possible architecture of the NIdS, rather technical in parts, is given here: Technical Presentation to British Computer Society.

Best regards

And the only people who are for it are power crazed would-be dictators who want to have absolute power over every aspect of what people are allowed to do or when; or brain-dead morons who can't read, can't think and believe in the tooth fairy. Which one are you?