ID Cards / National Identity Register procurement begins - which company directors fancy risking 10 years in prison ?
Th Identity and Passport Service and the Labour government public relations and media spin machine would have you believe that it has started on its cumbersome National Identity Scheme Procurement Process
However, as we noticed, and as the NO2ID Campaign point out, this first phase of the procurement only deals with the replacement and upgrade of the existing IPS passport and visa issuing infrastructure, something which they would be doing without any ID Cards or National identity Register anyway.
Everything else, e.g. biometric databases, the alleged online verification system and the spooky transaction audit trail of every online check or use of the ID Card, is, in typical management consultant handwaving style, described as "optional" for future phases and contract amendments etc.
Even the contractual programme Framework Agreement is not going to be an exclusive one, so any of the preferred bidders will have to factor this in to the cost i.e. increase the cost to cover the increased commercial risk.
Any company directors, employees, shareholders or trades unionists who have any interest in any of the companies or consortia who might be bidding for a slice of the multi-billion pound compulsory national identity biometric database scheme proposed by the Labour Government should be very worried indeed.
Firstly the Conservative party have promised to break any contracts entered into for this reprehensible scheme, if they win power in a future General Election.
Secondly, we are sure that hardly anyone has bothered to read or understand the implications of the Identity Cards Act 2006 section 29 Tampering with the Register etc. which we have commented on several times in the past e.g.
Which of these companies can guarantee that nothing they do in the future will not, be construed as being "reckless as to whether or not", through an overt act or through an omission, anywhere in world, whether they are British citizens or not, take an action."where it makes it more difficult or impossible for such information to be retrieved in a legible form from a computer on which it is stored by the Secretary of State, or contributes to making that more difficult or impossible."That includes industrial action, strikes or work to rule by key personnel, software and hardware errors or mistakes.
It also precludes the use of encrypted tunnels, wrappers or sessions over which the Home Office has no direct control of the the cryptographic keys e.g. Virtual Private Networks, Mobile Phone networks, SSL/TLS secure web pages etc. due to wording like "any" and "more difficult or impossible" and "legible".
There was no debate or detailed scrutiny of the wording of this section 29 in the Commons, due to the NuLabour Government's sneaky abuse of the Programming Motions / guillotine mechanism to curtail debate, so they have only got themselves to blame for this legislative stupidity. This badly draughted clause should be harshly criticised, even by supporters of the National Identity Scheme, if you can find any outside of the Government who are still willing to fully endorse it..
The result is something which was intended to cope with Denial of Service attacks, but which fails to do so properly, something which is already obsolete (the Computer Misuse Act has been amended to supposedly cope with these, although those clauses have not yet been commenced).
What it does do is it criminalises genuine mistakes e.g. software vulnerabilities or network infrastructure misconfiguration, or changes in quality of service due to commercial pressures (e.g. bandwidth capping) or natural disasters (e.g. floods or fires) , or even things like official trades union strikes or working to rule.
This latter point was actually confirmed by the then Home Office Minister Baroness Scotland of Asthall (who is now the new Attorney General), in the Lords, during a debate on the earlier version of the Bill, but no changes were made in the final Act itself.
Remember that this section imposes a criminal offence which therefore cannot be magically excluding in any "small print" terms and conditions of a contract or Framework Agreement with the Identity and Passport Service, who do not have any power to grant immunity from prosecution.
Under Section 29 there is no "genuine mistake" or " force majeur" defence. Neither is there any sanity check, such as a requirement for the consent of the Attorney General or the Director of Public Prosecutions to a prosecution.
The Police will have no option but to investigate and almost certainly arrest someone (which means photographs, fingerprints , DNA samples etc. will be retained on their computer systems until at least the arrestee's 100th birthday, even if the arrestee is never charged or is found not guilty), once a formal complaint has been received, when not if, there is a major failure of any kind, of the NIS system.
This section 29 also applies to foreign companies and individuals, and since the penalty is up to 10 years in prison and / or and unlimited fine, this puts it into the Serious Crime category, therefore things like the European Arrest Warrant (no need to actually show any evidence to a court in European Union countries, just lay an accusation with their police authorities) and the snooping and surveillance provisions of the Regulation of Investigatory Powers Act 2000 can be invoked to gather evidence or intelligence.
The wording also applies to any technical or human problems with any third party companies who are trusted partners of the National Identity Scheme e.g. banks or credit reference checking bureaux, or airlines or car rental companies etc. even if the core Home Office systems are actually working perfectly !
Comments
If money and knowledge are power, then Blair/Brown have made the state considerably stronger and the public considerably weaker.
Posted by: Caesar | August 13, 2007 11:44 PM