About The Blog

Debate at the intersection of business, technology and culture in the world of digital identity, both commercial and government, a blog born from the Digital Identity Forum in London and sponsored by Consult Hyperion



  • Add to
Technorati Favorites


  • Creative Commons

    Attribution Non-Commercial Share Alike

    This work is licensed under a Creative Commons Attribution - Noncommercial - Share Alike 2.0 UK: England & Wales License.

    Please note that by replying in this Forum you agree to license your comments in the same way. Your comments may be edited and used but will always be attributed.

16 posts categorized "Government"

How do these ideas make it through to implementation?

By Dave Birch posted Feb 23 2009 at 9:42 PM

[Dave Birch] In the US, there is something called the Enhanced Drivers Licence (EDL) which is used not primarily as a means to demonstrate someone's entitlement to drive a motor vehicle but as a proxy identity card.

The Smart Card Alliance says it recommends an immediate review of the decision to use EPC Gen 2 RFID technology in US travel documents. “The Alliance is prepared to endorse the correct use of any technology that provides adequate protection of privacy and identity information. However, as the US Passport Card and EDL programmes were being defined, the Smart Card Alliance went on record advising against using an insecure EPC Gen 2 RFID solution that puts the privacy and security of US citizens’ personal information at risk.”

[From Security Document World - Biometrics, Passports, ID Cards and Visas]

Who cares? After all, what does it matter if a fraudster gets hold of your driving licence details. All they can look up is whether you have a licence or not, right?

Still, victims-rights and privacy advocates remain concerned about one important Real ID requirement, which dictates that state DMVs interlink their databases and make all their drivers' records and identity documents available. The final rule says that both an individual's "full legal name" and "true address" must be stored in the DMV database, regardless of what's displayed on the card and encoded on its bar code. It also requires that motor vehicle departments scan and store "source documents," such as birth certificates, to verify a driver's license applicant's identity.

[From Real ID worries domestic violence groups | Tech news blog - CNET News.com]

Hhhmmmm. There may be some interacting unexpected consequences around the collision between identity and entitlement here. This is what happens when you jumble together entirely different concepts under the banner of "common sense".

Continue reading "How do these ideas make it through to implementation?" »

No digital identity, no digital Britain

By Dave Birch posted Jan 30 2009 at 4:56 PM

[Dave Birch] I haven't had time to read the Carter report on Digital Britain yet, but I will try and catch up with it sometime soon. I've had a quick look at a few bullet points and not seen anything particularly interesting. There's been plenty of comment from sources that I pay attention too, though.

The long awaited (and somewhat delayed) Digital Britain interim report has been released, and, like the Gowers Report on intellectual property before it, this one seems way too "balanced" for its own good... For example, it says that the country should have universal broadband (of at least 2 Mbps), but doesn't explain how. It just offers up some vague statements about hoping that private sector ISPs reach that goal, and urging the BBC to promote the wonders of broadband to those who haven't signed up yet... The same sort of vague uselessness is found in the part on copyright and file sharing.

[From Digital Britain Report: Blank Promises, Vague Statements And Everything Is Hedged... | Techdirt]

It's hard for the people putting these sorts of reports together to take any real stance on issues, I'm sure, because they have to obtain some consensus. But perhaps some more real vision is needed at times like these, and that necessarily will mean that some sectors of industry will have to accept change. Because our customers are more interested in the transactional side of things, I'm always looking to see how the plans of the great and good will stimulate new business and what the impact on industry might be. Unfortunately, the early comments that I've been reading are not promising: apparently, one of Carter's suggestions is to impose a tax on broadband access and give the money to industries that have failed to adopt new business models in response to technological change. At first, I assumed he must be talking about sheep farmers, because the law dating back to 1572 requiring everyone to wear wool hats on Sunday isn't being properly enforced any more, but it turns out that he was talking about pop stars and record companies.

Carter appears to ask traditional industries to look to new business models, but offer them a subsidy at everyone else's expense if they can't find any. What's more, the voice of those industries is given disproportionate weight. Now, while it is generally true that at the dawn of new businesses this must always be true -- since the new businesses that might grow up around broadband don't yet have a voice to be heard -- that's no reason no to extend the range of voices to be heard. As the Open Rights Group say,

We are looking at the report in detail, but we are extremely concerned that the voice of consumers and citizens is being marginalised.

[From The Open Rights Group : Blog Archive » Digital Britain: leaving consumers out of the picture]

Indeed. Not only will citizens be marginalised, they will also be penalised.

Under the proposed scheme, the government would legislate a "Code on unlawful file-sharing" that ISPs would have to follow.

[From "Digital Britain" to legislate graduated response for ISPs - Ars Technica]

Why telephone companies aren't required to follow a "Code on unlawful bank robbery" that requires them to monitor telephone conversations and report the planning of bank robberies to the police, I don't know, but what I do know is that fining kids and kicking their parents off the Internet is not the way to build a healthy and prosperous 21st century business.

Continue reading "No digital identity, no digital Britain" »

Vote "no" to yesterday's technology

By Dave Birch posted Dec 16 2008 at 2:32 PM

[Dave Birch] The recent Pew report on the Future of the Internet makes the same point that I have been droning on about for ages. Looking at PCs and the web doesn't tell you anything about the future, because the future is mobile.

“Clearly, in the long run, mobile wins,” says Consult Hyperion’s Birch. “For most people, in most of the world, most of the time, the mobile phone is the most important device.”

[From FST]

Now, in some advanced countries, it is seen as natural to being to transfer applications that hinge on identity over to the most personal interweb interface, the mobile phone. An interesting case study is Estonia. We've looked before at Estonia's use of new technology and they are back at the forefront this month:

Lawmakers approved a measure Thursday allowing citizens to vote by mobile phone in the next parliamentary elections in 2011... The mobile-voting system, which has already been tested, requires that voters obtain free, authorized chips for their phones, said Raul Kaidro, spokesman of the SK Certification Center, which issues personal ID cards in Estonia.

[From Estonia to vote by mobile phone in 2011 - International Herald Tribune]

This is a similar architecture to that being deployed in Turkey, where the key pair at the heart of scheme is stored in the SIM and the on-board application uses it for digital signatures.

Continue reading "Vote "no" to yesterday's technology" »

Personal development

By Dave Birch posted Nov 3 2008 at 9:50 PM

[Dave Birch] I was given a useful insight into a different perspective on identity, the developing countries perspective, when I spoke on a panel at the Chatham House conference on Technology and Development. I'd actually been invited along because I know about mobile payments and mobile banking in developing countries, not because I particularly know anything about NGOs, foreign aid or so on, but it gave me the opportunity to sit in on some discussions that I wouldn't otherwise have heard. For example, one of the audience asked a question about the deployment of mobile phones in the development world, a question that would never have occurred to me. The question was about security and privacy, and I won't violate Chatham House rules by giving away an identifying information, suffice to say that the core of the question was about the use of mobile phone data, mobile phone location information, call records and billing information. In some countries, where you are and who you call is dangerous information that can have disastrous consequences.

Continue reading "Personal development" »


By Dave Birch posted Oct 10 2008 at 5:48 PM

[Dave Birch] Now that Britain has declared the nation of Iceland to be part of the axis of evil...

The freezing order against Landsbanki, which owns failed internet bank Icesave, was issued under the 2001 Anti-Terrorism, Crime and Security Act.

[From Iceland bank freeze 'used anti-terror laws' - politics.co.uk]
...a new Cod War may be just around the corner. Hence it is diverting to remember the previous cod wars and the key contribution of the Icelandic people to the story of cryptography. Implausible as it may sound, I have in front of me a splendid book by Mark Kurlansky called "Cod: Biography of the fish that changed the world". Within its pages it a lovely story of the neverending struggle between security and new technology.

The Anglo-Danish Convention of 1901 gave the British permission to fish up to three miles from the coast of Iceland, a state of affairs that the volcanic colony was most unhappy about. By the late 1920s, the Icelandic Coast Guard had started to arrest British (and German) trawlers found within its (as it saw) territorial waters. From 1928, the British trawlers were equipped with radio and started passing coded messages between themselves to alert each other when Coast Guard vessels were in and out of harbour. "Grandmother is well" meant that the Coast Guard were in port, for example. In an early example of governments attempting to legislate new technology, the plucky Icelanders made it illegal send to coded wireless messages. This had no impact whatsoever, of course: British seafood companies simply devised new code systems for the trawlers to use. Think about it: how on Earth would an Icelandic wireless operator know whether "Tottenham Hotspur are the pride of North London" was a coded message or gibberish? Then came World War II. Iceland got independence from Denmark in 1944, but more importantly the British trawlers were requisitioned for the war effort, so Iceland found itself with the only fishing fleet in Northern Europe and Britain's "sole" supplier (tee hee).

Things were quiet for a while, until the First Cod War in 1958 when the might of the Royal Navy (which was recently told not to arrest Somali pirates in case they claim asylum) was deployed against the Icelanders. Then, in 1972, the Cod War started. Iceland extended its territorial waters to 50 miles and the British once again sent the fleet. But in the intervening period, the Icelanders had developed and deployed a secret weapon (literally: it was a closely-guarded secret until first use). The Icelandic Navy could never outgun the British Navy (and in any case didn't want to actually shoot at us) so they assembled a fiendish weapon: a net cutter. When they found a British trawler, they would sail behind dragging a net cutter and the trawlers net (worth a lot of money) would head for Davy Jones locker while the fish made for the underwater hills. Things did turn nasty -- with ships getting rammed and live shells being fired, the Icelandic government refused to allow injured British seamen treatment -- until eventually NATO made Britain back down.

Continue reading "Codpiece" »

Open and shut case

By davebirch posted Feb 22 2007 at 8:10 AM

[Dave Birch] Earlier this week I went along to the Identity Society Open Space meeting up at the top of the BT Tower, which was fun because I'd never been up there before after all these years.  Unlike many people I was talking to at the meeting, I was never taken up it as a kid, before it was closed to the general public because of the threat of terrorism.  Anyway, the Open Space was very interesting even though I only had time to sit in on two of the discussion groups.  I first joined in with the group who were discussing what identity actually is, because I thought that would be a useful basis for further discussions, but in fact it served to remind me that there are many different viewpoints and that's one of the reasons why it's so difficult to create a rigorous model for digital identity. Then I sat in on discussion about whether you own your own identity which (setting aside the legal input to the discussion, which was that we hadn't agreed on what "you", "own" or "identity" meant) also led to enjoyable debate.

Technorati Tags:

Continue reading "Open and shut case" »