David Davis: The ID database will not be secure either

As the PM admits that the government cannot guarantee data security, going ahead with ID cards means he's lost the plot too

There can be few more astonishing confessions in modern politics than the prime minister's admission on Sunday that the government is unable to guarantee the security of our personal information on the state's databases. This admission shatters all the previous claims that the government has made that its obsession with creating vast databases can in any way improve the safety and security of the citizen.

Of course, he had little choice. Since the government first proposed the mother of all these databases, the ID card register, barely a month has passed without some monstrous data loss. It started with 25m tax credit records, went through innumerable lost laptop computers, included everybody from civil servants to ministers leaving records in trains, pubs and restaurants, and concluded this week with a lost flash drive compromising the security of the government's entire Gateway system. Soldiers' lives, our bank account, tax, passport and driving licence details, even the addresses of children, have all been compromised by these failures.

When the government first proposed the ID card and its associated all-singing, all-dancing database, the national identity register, many of us thought they were naive. In particular, we thought there was a serious strategic weakness at the heart of the idea, a flaw known colloquially as the "honey pot problem".

This is a recurrent problem with large databases that contain valuable data. Because they are so valuable, they attract the malevolent attention of large numbers of hackers, fraudsters, criminals and even terrorists. Under sustained attack, even such sophisticated organisations as Microsoft and the Pentagon have succumbed, so what chance the Home Office?

Even the governments' fiercest critics, however, assumed a basic level of competence on the part of the government; an assumption that now looks seriously flawed.

Perhaps we should have known better. As well as the honey pot problem, there is another difficulty that applies to these vast government databases. To do their job, these databases have to be accessible to many people. Whether it is the NHS database, the various children's databases, or the national identity register, they can only work if they have thousands of access points. If the government cannot protect one laptop or one flash drive, what chance a system with over ten thousand terminals?

When we were first discussing the ID card system with the senior police officers with most responsibility for the system, l asked them what plans they had to deal with anybody using virus programmes to compromise the system. It was embarrassing. They did not have the first idea. Indeed, up until that point, they had clearly not even realised that such a possibility existed.

And there lies the difficulty. Faced with intractable problems with political pressure for a solution, the government reaches for a headline grabbing high-tech "solution". Rather than spend the resources, time and thought necessary to get a real answer, they naively grasp solutions that to the technologically illiterate ministers look like magic. And most ministers are very illiterate about any serious technology.

So what we get is a form of magic, but one that is of most use to the dark side of our society. Many of us have worried about the state deliberately misusing the vast quantities of data that they hold on us. That problem is still there. But perhaps it will turn out that the biggest threat to our society in these enormous databases is that the government will be the unwitting, indeed witless, accomplice, to every hacker, fraudster, sexual predator, criminal or terrorist that would like easy access to all our details. That, far from protecting us all against identity theft, the state, with its grandiose projects, will be its biggest facilitator.

Contributor

David Davis

The GuardianTramp

Related Content

Henry Porter: The government is selling your personal data with impunity

Henry Porter: The Human Rights Act does nothing to stop the government selling your personal data. Only a Bill of Rights could

Henry Porter

04, Nov, 2008 @10:30 PM

Interview: Gordon Brown on ID cards
Interview transcript: The prime minister on ID cards

Interview by Nicholas Watt

06, Jan, 2008 @8:52 PM

Article image
Government loses one computer a week, Tories say

The Conservatives today called for an urgent review of security across Whitehall after it was revealed that government departments have lost an average of one official computer a week over the past year

Press Association

21, Nov, 2008 @10:26 AM

ID cards: Slippery plastic | Editorial

Editorial: At first the main aim was fighting terror, later it was benefit fraud

Editorial

17, Jun, 2009 @11:01 PM

Jenni Russell: The all-seeing state is about to end privacy as we know it

Jenni Russell: A vast central database of emails, phone calls and texts will make everyone a potential suspect

Jenni Russell

07, Oct, 2008 @11:01 PM

Article image
ID cards scheme 'is open to fraud'

Fingerprinting to be contracted to private firms, leading panel to warn that the system will be prone to corruption

Jamie Doward, home affairs editor

11, May, 2008 @9:59 AM

Labour can unify liberty and security | Charles Clarke

Charles Clarke: We have made Britain safer but a fourth term must consolidate counter-terror laws and reform the database state

Charles Clarke

21, Oct, 2009 @10:30 AM

Henry Porter: Last week, a dear friend of freedom was laid to rest

Henry Porter: The gentlemen's agreement that ensured our liberties has been destroyed by the Damian Green case. A Bill of Rights has therefore never been more needed

Henry Porter

07, Dec, 2008 @12:01 AM

Abandon ID cards | Johan Steyn
Johan Steyn: The attempt to justify the ID card scheme on the grounds of the risk of terrorism is not sustainable – we simply don't need it

Johan Steyn

16, Jun, 2009 @11:00 AM

Their cards marked

Lost data crisis: This farcical breach of security illustrates exactly why the government must not be allowed to go ahead with its ID card scheme

Nick Clegg

20, Nov, 2007 @7:00 PM