Funferal

On data, identity and security

I’ve posted a number of pieces in recent months about the proposals for data retention in the EU, focusing on the fact that the Irish government was one of those proposing that retention be for up to three years, and also on the duplicitous nature of the government’s representation of those proposals in Ireland – claiming that the proposals required Ireland to introduce extensive data retention rules, without revealing that it was one of the few countries proposing the rules, or that the rules had met with substantial opposition and were not EU law.
I revisit the issue now because data retention has been one of the main ideas being promoted by the British government in the wake of the London bombings. As I stated in my first piece in March this is an issue on which I’m in two minds, given both the utility of such data in ordinary (and laudable) police operations – the investigation of the Omagh bombing in Ireland is one example – and the dangers to civil liberties associated with the risk of data being improperly accessed or misused. In any event it’s useful to be reminded of the context of these issues, now that a public offensive by the British government (another of the original sponsors) is under way. Incidentally, it’s worth remembering that the rules in question would require data retention – we’re talking about things like numbers called from a phone – for three years in all European countries. As it stands any individual country is free to have such rules if they wish, this would just set a common, and high, basic standard for such retention.
On a different note, but related to the first by way of its emergence in the aftermath of the bombings, Bernie Goldbach relays reports that Ireland may introduce I.D. cards. This too was under consideration prior to the bombings, because the pending UK system, in order to be effective, would require either that Ireland introduced similar cards or that the free travel area between Ireland and the UK be abolished. However, as is so often the case, the tragedy of the bombings has also created a space where developments such as this are seen as perhaps more palatable to the public.
As Goldbach’s description of his personal situation demonstrates, just having an identification card system is no guarantee that it will work in any useful fashion. Further, though, in order to evaluate such a system’s effectiveness we need to identify what the system is actually meant to do. Given the linkage to the London bombing a first approximation of an answer might be to prevent terrorism. Now, I’m not a particular expert on security processes but I would tend to agree with Goldbach that even if everyone living in Ireland had a digitised photograph on an ID card … terrorism would not decrease.
Thinking a bit more about it ID cards are only effective if there are processes to check that people have them and to link with databases (to check validity or whether someone is on a list of ‘undesirable’ individuals). Other than when travelling to the UK this is already done when people enter the country, using passports. Continuing the free-travel zone with the UK would mean that that border would continue not to have checks. So ID cards must involve extra checks – the fabled ‘can you show me your papers’-style check by police on the street.
Now, if the ID cards won’t be related to border security, what will be their purpose? Proponents often reference both illegal immigration and terrorist threats, as if the killer emerges from a triangulation of the two issues. However, as the investigations of the recent London bombings and the September 11th attacks previously have demonstrated there is no intrinsic link between these issues, even if one views this as a new era of terrorism, divorced from our previous experiences with the Troubles in Northern Ireland.
What other uses can an ID system serve? The Irish government is already developing a structure for delivering egovernment services which, building on the PPSN system, will make that system almost universal. Since the PPS numbers are used for tax purposes and for receiving public services (old age pensions, unemployment support, child benefit, etc.) the numbers are already almost universal. What is to be gained from adding a compulsory ID card system? Well, first it creates a comprehensive database of those in the country (or who have resided in the country). However, I don’t see what the exact benefit of this is in terms of security. I have previously suggested examining whether linking PPS numbers to the voting register would improve the integrity of the register(s) – and saw recently that an amendment to that effect was tabled by Senator Joe McHugh in relation to the Electoral (Amendment) Bill currently going through the Oireachtas. However, this is a separate issue from ID cards.
My sense is that cards will provide few if any meaningful benefits in terms of security, while posing significant risks. The most significant effect is in policing the public – providing a new means by which individuals may be prosecuted/persecuted for breaches of regulations (a whole new class of offences in relation to failing to carry ID, failing to produce on request, etc.) and adding another way in which individuals must constantly and consistently jump through hoops (procure ID, carry ID) and thereby recognise and validate the authority of, well, the authorities. I’m really stretching the bounds of my knowledge and expertise whenever I reference Foucault, but this seems to me to be a classic example of disciplinary power.
Incidentally, my understanding is that failing to identify yourself correctly to a police officer, upon request, is already an offence in Ireland, so what exactly would be gained in practice from the ID system I am unsure.