The ID cards as realized in many other countries are comparatively benign, because they are a physical credential in the possession of the person concerned. The government cannot stop this credential from being used except by physically confiscating it or by waiting (years) for it to expire. Distributed storage in action.
The UK's proposal makes the "digital ID" a pointer to an entry in a centralized database. This database is the definitive record of what you are allowed to do or not do (like reside and work). Which can be changed or deleted at the stroke of a key, through human error or malice. Then what?
When (not if) the database becomes an attribute store across a wider scope, the implications are scary. The "digital ID" as set out today can't work for its ostensible purpose. Therefore its actual purpose isn't being declared. Not hard to connect the dots.
> The government cannot stop this credential from being used except by physically confiscating it or by waiting (years) for it to expire
This is not true. Government agencies generally look up your ID as necessary to check if it's still valid.
Stopped for speeding? The cop is going to look up your driver's license.
Leaving the country? They're running your passport number.
Starting a job? They're checking the status of your SSN.
The physical ID is good enough for low-stakes stuff like renting a car with a driver's license, or proving your age to get into a bar. But it's already not trusted on its own for any of the serious stuff you're talking about, like where you can reside and work.
The physical card is sufficient to prove you have permission to drive. This code is for them to check how many points you have on your licence and what for. There used to be a paper counterpart to the card which showed this which they withdrew a few years ago.
In reality I've never been asked for the code when renting cars (outside the UK), the physical card seems to generally be sufficient for the hire companies.
Not just that, but currently, requiring real data to register to eg. social networks (reddit, hn,...) is hard. With everyone having a digital ID on their phones, tying their identity to their real ID will be easy, you'll just "sign" (or whatever) your reddit registration with your ID and your real name will be tied to that account. Combine this with EU chat control (and UK alternatives.. and well, EU digital ID alternatives), and the era of semi-anonymous internet use is over.
No the proposal is in line with your first paragraph. 'Attribute level proofs' (cyptographically signed data) stored in the user wallet, with those signatures coming from verification companies polling an API in front of government departments. The other side of it is a trust registry holding verification service public keys for signature checks..
The op is incorrect. The 'database entry' is the one that exists right now at the DVLA for driving licenses or HMPO for passports. Private sector verification services poll that data to verify the data entered by the user in onboarding. That's it.
"Just one more bit of regulation will solve the problem" is how Britain became the most centralised country in Western Europe. The sad thing is that the majority of the population still buy it.
There was recently a request by the police for new laws about overpowered electric bicycles being ridden on pavements. Yes, they want a law against riding an already illegal vehicle in a place it is already illegal to ride it.
Now they want to make it illegal for employers to illegally give a job to people it was already illegal to give a job to by making them have a new ID, when it was already illegal to give someone a job without getting proof of their right to work in the UK!
Doesn't a physically held digital ID also do that? Assuming the encryption is strong, verifying that the data on the ID has the proper cryptographic signature should provide assurance that the ID is real, shouldn't it?
I guess, depending on how it's implemented, maybe an ID could be cloned and still appear valid, but that seems like a possibility for the UK's approach as well (the clone would just point to the same database entry).
In a good modern implementation, it should be extremely hard to produce a physical card with an authenticated pointer to the database, because that would be also signed.
But considering that they've been retiring things like biometric residence cards in favour of web-based systems, it's possible there will be no physical component.
Yes, I think you're probably right. But it still solves other problems such as "the app is a lookalike". If the app is basically an ID delivery mechanism that allows an operator to call up your photo, it becomes a relatively foolproof way to identify you accurately.
We have this is NSW in Australia: the Services NSW app provides a digital drivers license which is guaranteed to be accepted by authorities as legitimate.
>but the more good faith reason for a database entry is it should eliminate fake IDs.
Really? If anything it would make them easier. Hackers routinely break into government databases to exfiltrate information. An ID attribute databases would be no exception, for exfiltration, or simply modification of data. Ie: creating a fake ID.
> The UK's proposal makes the "digital ID" a pointer to an entry in a centralized database.
Very similar to the "EU settlement scheme" which would gave EU citizens which had work and settled in the UK pre-Brexit after a very lengthy and non-deterministic application process the right to stay without any paper document to prove that they actually got that right. Just a database entry on a government computer. Too bad if an extreme right-wing goverment came to power and something happened to that database.
>When (not if) the database becomes an attribute store across a wider scope, the implications are scary.
Penury and deportation are quite a bit of scope already! Maybe they'll put an "arrest" bit in there. Warrants are already a thing. I don't see the UK going in for murder just yet. What's left?
>The government cannot stop this credential from being used except by physically confiscating it or by waiting (years) for it to expire. Distributed storage in action.
Not really. It's part of identity management or whatever it's called to have an ability to recall ids, because they get lost, stolen and people to who they are issued die.
>When (not if) the database becomes an attribute store across a wider scope, the implications are scary.
What are the scary implication really? Most of the EU and beyond has some kind of login to the government capability. And?
What's the threat model really? The government will revoke your fancy thing to report taxes digitally for no reason and bankrupt you? They can do so without such roundabout ways.
The UK's proposal makes the "digital ID" a pointer to an entry in a centralized database. This database is the definitive record of what you are allowed to do or not do (like reside and work). Which can be changed or deleted at the stroke of a key, through human error or malice. Then what?
When (not if) the database becomes an attribute store across a wider scope, the implications are scary. The "digital ID" as set out today can't work for its ostensible purpose. Therefore its actual purpose isn't being declared. Not hard to connect the dots.