The government has made a U-turn on controversal plans for a single ID Card database.
Instead of one huge, new National Identity Register (NIR) database, it will now be spread across three existing systems. John Reid, the Home Secretary, said it was "a sensible decision" and denied it was a U-turn.
The change is needed to make the scheme - now costed at £5.4 billion over 10 years - more affordable. Some of the cost is expected to be met by individuals paying for the card. Another cost-cutting change is the removal of iris scan data from the system. Fingerprints and facial scans are the two remaining biometric data types.
The Home Office's strategic action plan [pdf] says: "The National Identity Register (NIR) is where your personal identity details will be securely recorded and maintained. It will have links with other Government systems to share identity data, and will support identity checking services."
It contains three classes of information: biometric; biographical; and administrative; which will now be stored on three separate systems forming a distributed NIR. The Home Office said: "For security reasons, and to make best use of the strengths of existing systems, it makes sense to store them separately."
Biometric data will be stored initially an existing biometric systems used for asylum seekers and biometric visas. However this is seen to be inadequate as the government will be "moving to new biometric services when the NIR is fully operational" in 2010.
Biographical information on the Department for Work and Pensions' Customer Information System (CIS) will be used "subject to the successful completion of technical feasibility work. DWP’s CIS technology is already used to hold records for everyone who has a National Insurance Number."
Administrative information related to the secure issue and use of ID cards, passports, and so on, called public key infrastructure or PKI information, will be held by existing IPS (Identity and Passport Service) systems used today to issue six million ePassports each year.
This has not fostered much confidence in the project. Of the three systems, one is known to be inadequate except as a stop-gap, the technical feasibility of the second is unknown and the third will need enlarged capabilities to cope with the amount of ID card information. NIR data will also have to be seperated by digital Chinese walls from other data on these systems.
The need to construct a complete ID card from three separate systems not designed to co-operate in the first place, and with sufficient security checks, will add to the scheme's complexity. The speed of ID card checking will be affected by the performance characteristics of these sub-systems. And there appears to be an initial likelihood that the biometric component is likely to be slow given the stop-gap nature of the chosen system. The future addition of a new biometric IT system adds further uncertainty.
The Home Office stated: "Biometric technology identifies small percentages of what are known as 'false matches' or ‘false non-matches’. These need expert human assessment to ensure that matches are being made correctly." With the numbers of ID cards to be issued such "small numbers" will, in fact, number thousands of cases a year. Human assessments require resources, meaning money, and there is never enough of that.
The necessary five to 10 technology procurements will start in April/May next year and last for about twelve months. The first ID cards will be issued in 2009 with volume issuance in 2010.