Has anybody any further info on it?

“…I find that a quite frightening proportion of people here see their government much more as an “enemy” than as a “service provider”. That seems a rather undesireable state to me and perhaps the engineering question we really should ask then is: can we fix this?”

“What changes in the way that the government works (elections, monitoring, reporting, changing, military, judiciary, legislation, constitution) would help to persuade you to go from the enemy to the service-provider view? Perhaps even to the point that you would feel quite comfortable that your government is benign and competent enough to run an identification infrastructure for you?”

A substantial proportion of the general public distrust government - this isn’t just about security engineers, anti-ID card types and ‘privacy advocates’. Regardless of whether or not the perception of mendacity is justified - in my opinion it is at least partially justified - politicians need to do a lot of work themselves in order to fix this.

In addition there is plenty of historical precedent to show that employees of the government (and indeed the private sector) will misuse or abuse our personal data for government ends and their private ends. There seems to be a case for rational distrust.

So how can abuse be prevented, the effects mitigated, and what remedies will be available to the abused?

This doesn’t seem to have been publicly discussed.

A major problem with this scheme is how the Government initiated and how it has been managed since. The Government has been secretive, vague, derisive of criticism, and in my opinion it has misled the public particularly with regard to costs.

It has also moved the goalposts. For example, the National Identity Register, rather than it being one brand new sparkly database, will now be based on two or more pre-existing databases - one of which is already faulty at peak times (the DWP’s CIS). There has been no public discussion about what these means to the scheme.

Another example: we were assured that the police would not be allowed to go on fishing expeditions, of course this assurance didn’t make it to legislation, and now we have Blair saying that the police will attempt to match 900,000 marks found at crime scenes with records in the database, and the opposition parties are whinging about it.

With regard to your friend who could not prove his identity. I would hope that this was an isolated case - as (I hope) as Sabbir Ahmed’s - and therefore not something that can be used to substantially support the scheme.

But I believe the real issue here is this.

Earlier you wrote:

“For some years now, the UK government has planned to catch up with other European countries in providing a purpose-designed identification infrastructure in order to make life simpler and reduce the risk of identity fraud (impersonation).”

However the Identity Cards Act and the proposals go much further than that.

It seems to be this could be a reason for the difference of opinion between yourself and the critics - they are not seeing the same scheme.

With respect it seems to me you have too narrow a view of it. I apologise if I misunderstand your position.

Regards

10,000 passports go to fraudsters

… and …

How easy is it to get a passport ?

Gives me the warm-and-fuzzies about the new ID cards.

Hang about, no it doesn’t.

The U.S. Gov has a series of recomendations for equipment like shreders and safes they have been posted on the Internet a couple of times (No I cannot remember where).

The German Institute for Standardization (Deutsches Institut für Normung) DIN has a standard for paper shredders DIN 32757, which clasifies shredders into six security levels for comercial and personal use. For confidential level information (the lowest clasification in Europe) they recomend 2mm strip cut. For Secret they recomend either 0.8mm strips in either 12mm or 4mm lengths.

The big trouble with all strip cuts is that you can easily by eye determine the orientation of a page by the printing and the way the cut edge folds. So much so that forensic identification of individual cut wheels is fairly easily possible.

Needles to say even the DIN standard is not considered suitable for governmental use so if you have the money and want a higher level of destruction then you need to get a granulator or hammermill shredder their output can go straight on the compost heap without worry.

But if all you can afford is the 20GBP ones from your local stationery supplier get one of those garden “Spanish” barbeque / heater and burn the shredder output quickly and convieniently (just make sure unburned chads don’t go up the chimney and into your neighbours gardens).

Once upon a time if you did not like nosy people then you could use a 2mm strip cut and work it in to some nice fresh farm yard muck (pig / cow) which will make the unsorters job somewhat malodorous. However the E.U. have regulations about sthe storage of farm yard waste these days and you need a permit to store / move it which kind of spoils the fun…

Logon name-passwords and PINs are just digital keys and nothing to do with any of my identities.

“Only those that use largish strip sizes ie => 0.25 font size.

You should always use a cross cut shredder tha produces 5mm size quarels / diamonds (not the silly 5mm by 30mm ones you get at most staioners).”

is that true ?

I’ll have a think about that.

“… because it’s proved insecure, shredded paper is reversible.”

Only those that use largish strip sizes ie => 0.25 font size.

You should always use a cross cut shredder tha produces 5mm size quarels / diamonds (not the silly 5mm by 30mm ones you get at most staioners).

That said you should not use one on it’s own you should always burn or liquidise after wards.

Some years ago I was involved with using KeyMat which was either punch paper tape or on (what felt like) blotting paper, the SOP was after use to tear it up and put it in a 1950’s looking kitchen blender with a liquid that was flamable, then it was burnt, the resulting grey ash was then guess what mixed with water and then disposed of by the usual waste facilities you find in most buildings…

… because it’s proved insecure, shredded paper is reversible.

I am almost sure this was proved in the Enron scandal, either way it doesn’t take a days work to write a program that can take thousands of pieces of shredded paper and match them up to form the original documents.

Maybe egg and teabag stains make it harder.

So thank you for admitting that your requirements statement is insufficient to meet the real needs previously identified by the social scientists.