UK Citizens Should Take Rishi Sunak’s Pledge Not to Launch Digital ID With a Truckload of Salt

“There are no plans to introduce digital ID. Our position on physical ID cards remains unchanged.” 

These were the words of UK Prime Minister Rishi Sunak’s spokesman a couple of days ago. Note the rather unusual use of the word “physical” to describe what is, generally speaking, a non-physical document (digital ID). This has sown all sorts of confusion in a country that is instinctively distrustful of identity cards and where the debate around digital identity is finally seeping into the public arena.

The statement came in response to former Prime Minister Tony Blair’s latest attempt to peddle digital identity, this time alongside former Conservative Party leader William Hague. In a joint letter, the two former politicians said “[e]veryone in Britain should be given a digital ID incorporating their passport, driving licence, tax records, qualifications and right to work,” as the cornerstone of a “technology revolution” in governance.

The digital ID system would be “secure, private [and] decentralised,” yet would also somehow bring together each individual’s data from across all government agencies. “Other countries are forging ahead,” said Hague. For the UK to keep or get ahead, it “has to redesign the state around technology.”

“A Natural Evolution”

While prime minister Blair tried — and ultimately failed — to introduce mandatory physical ID cards. He was also one of the first prominent proponents of digital vaccine passports. As early as June 2020, before any vaccine had reached the market, Blair told the Independent that people would need a form of “digital ID” so they could prove their “disease status” as the world gradually moved out of lockdown. This, he said, is part of a “natural” technological evolution that encompasses more than just COVID-19 vaccines and public health (comment in parenthesis my own).

“It’s a natural evolution of the way that we are going to use technology in any event, to transact daily life (an interesting choice of words given the potential threat the introduction of central bank digital currencies could pose to people’s ability to transact), and this COVID crisis gives an additional reason for doing that.”

A year and a half later, despite the vaccines’ undeniable shortcomings, Blair’s position remains the same. During a panel discussion at the latest World Economic Forum meeting in Davos, he said:

In the end, you need the data: you need to know who’s been vaccinated and who hasn’t been. Some of the vaccines that will come down the line, there will be multiple shots. So [for vaccines] you’ve got to have — for reasons to do with healthcare more generally but certainly for pandemics — a proper digital infrastructure and most countries don’t have that.

A couple of weeks ago, Blair’s eponymous foundation, the Tony Blair Institute for Global Change (TBIGC) released a report titled “A New National Purpose: Innovation Can Power the Future of Britain.” The report’s seven authors call for “a fundamental re-ordering of our priorities and the way the state itself functions,” which includes the introduction of an all-encompassing digital ID system:

“A well-designed, decentralised digital-ID system would allow citizens to prove not only who they are, but also their right to live and work in the UK, their age and ownership of a driving licence. It could also accommodate credentials issued by other authorities, such as educational or vocational qualifications. This would make it cheaper, easier and more secure to access a range of goods and services, online and in person. A digital ID could help the government to

TBIGC’s Global (i.e. Largely US) Partners

Tellingly, the word “privacy” appears only once in the document, which calls into question just how seriously the report’s authors and endorsers take the potential risks and pitfalls posed by the technological platforms they are hawking.

TBIGC’s partners are largely US based. They include the Bill and Melinda Gates Foundation (quelle surprise!), the Gates Foundation-sponsored Alliance for a Green Revolution in Africa (AGRA), Microsoft Philanthropies APAC, Microsoft Philanthropies MEA, the Washington-based Center for Strategic and International Studies (CSIS), Washington’s soft power arm, USAID, the Rockefeller Foundation and the US Agency for International Development.

On a positive note, Blair and Hague’s letter has at least kindled a discussion of sorts on one of the most pressing issues of out time, not just in the UK but everywhere. Hopefully, the UK will now have an open, wide-ranging public debate on the issue (though I’m not holding my breath).

Biometric-enabled digital IDs have the potential to make life much more efficient and streamlined. But as Brett Solomon warned in a 2018 piece for Wired magazine, they also pose “one of the gravest risks to human rights that we have encountered.” Perhaps most importantly, they can — and probably will — be used to enable or disable our full and free participation in society, just as the vaccine passports did.

In an editorial for The Independent, Sean O’Grady tore Blair and Hague’s proposal to shreds:

Hague and Blair say they want Prometheus unleashed via the Government Gateway. To which I can only reply: “I’m not convinced, and even if I was, I don’t care for it”

I don’t trust the British state, neither to construct a workable system in the first place, nor to guarantee its privacy and security. I’ve had some experience of the Government Gateway and the NHS database, and, while magnificent in some respects, they’re also flawed.

I can also remember the disastrous NHS IT database scheme that was eventually abandoned in 2013, after £10bn had been spent on it and written off (stretching over the period when Blair and Hague were in government, funnily enough). Not to mention when that civil servant left the tax records of millions of people on a train.

Privacy and System Fragility Risks 

Silkie Carlo of Big Brother Watch told the BBC that the proposed digital ID system “would be one of the biggest assaults on privacy ever seen in the UK.”

There are also serious issues with system fragility, as we are reminded on an almost daily basis. For example, in 2021 a hacker stole the ID credentials of the entire population of Argentina through its ‘National Registry of Persons’, as Daily Record reported:

[The hack] targeted RENAPER, which stands for Registro Nacional de las Personas, translated as National Registry of Persons.

The agency is a crucial cog inside the Argentinian Interior Ministry, where it is tasked with issuing national ID cards to all citizens, data that it also stores in digital format as a database accessible to other government agencies, acting as a backbone for most government queries for citizen’s personal information.

But Blair’s messianic zeal remains undimmed. When asked about people’s fears of ID systems and tech errors, Blair told the BBC:

“If you look at the biometric technology that allows you to do digital ID today, it can overcome many of these problems. And by the way, the world is moving in that direction. I mean, countries as small as Estonia and as large as India are moving in that direction – or have moved.”

Blair tries to create the impression that the government has no alternative but to follow the herd of other national governments that have already adopted digital ID systems, regardless of the risks posed to privacy and other basic freedoms. But Blair has been disastrously wrong about hugely important things before (e.g. Iraq, humanitarian intervention, joining the euro, public finance initiative…), albeit at no cost to himself.

The current occupant of 10 Downing Street is apparently unconvinced by Blair’s arguments. If one is to believe his spokesperson, Rishi Sunak’s government has “no plans to introduce digital ID.” But Brits would probably do well to take this pledge with a truckload of salt, for three main reasons (feel free to add more):

1. We’ve been here before, with the vaccine passports. Many British citizens will no doubt still remember the myriad times members of the Boris Johnson government, including Johnson himself, swore they would never issue vaccine passports. In January 2021, the then-Vaccine Minister Nadhim Zahawi tweeted the following:

.We have no plans to introduce vaccine passports. We have vaccinated, as of yesterday, 2,431,648 first dose and 412,167 second dose. No one has been given or will be required to have a vaccine passport. @NHSuk @Emily_JR_Lawson

— Nadhim Zahawi (@nadhimzahawi) January 12, 2021

Less than nine months later, Zahawi had broken that pledge by confirming plans to introduce a vaccine status certification scheme for entry into large venues. Unlike in many other parts of Europe, the UK’s vaccine passport did not last long, however. On January 19, Boris Johnson took the world by surprise by announcing plans to lift almost all of the “Plan B” measures for England, including the COVID-19 digital certificate. As I noted in Scanned:

The policy u-turn was an act of political desperation by a government brought to its knees by an endless succession of corruption scandals. After so many of Johnson’s cabinet ministers as well as Johnson himself had been caught flouting their own COVID-19 rules, there was only one way to stay standing: to get rid of the rules. But it’s touch and go whether it will be enough.

In the end, it wasn’t. Less than six months later, Johnson and his government had resigned.

2. Digital ID will be needed for the Bank of England’s Digital Pound, which is also currently under development. The UK is one of more than 110 countries exploring the possibility of developing a central bank digital currency — the so-called Digital Pound. As the Financial Times reported in 2021, based on a report from Goldman Sachs, it is all but impossible to envisage a central bank issuing a digital currency that is universally accessible without first launching a population-wide digital identity:

What CBDC research and experimentation appears to be showing is that it will be nigh on impossible to issue such currencies outside of a comprehensive national digital ID management system. Meaning: CBDCs will likely be tied to personal accounts that include personal data, credit history and other forms of relevant information.

As the Goldman Sachs report notes, it’s the broader banking system that is expected to manage the related identity systems and customer-facing relations. This is has already begun to happen in Canada and Australia, as I reported last September:

[T]he news that banks in Australia are leading the roll out of digital identity is… important, since it would suggest that large banks are already carving out a new role for themselves in the newly emerging [CBDC] paradigm. That role will essentially involve managing at least part of the digital identity system.

One of the many reasons why this development is troubling is that the big banks in Australia, like big banks just about everywhere, have been trying to kill off cash for decades, mainly by shrinking their regional networks of banks and closing their ATMs — for obvious reasons: cash operations can account for as much as 10% of total bank operating costs. No more cash would mean no more expensive ATM networks to run, no salaried tellers and no cash vans waiting to be robbed.

Back in the UK, Bob Wigley, the chair of the lobbying group UK Finance, recently called for a digital identity super app.

“This will be the year that we finally persuade the banking system that we need an economic digital identity system, just like the NHS app,” Wigley said. “[It] will be personal and attached to each citizen as we need a wider fully digital economic identity programme.” If the government does not seize the opportunity to produce an economic super app, “the big tech platforms will do it”, said Wigley, adding “we should be designing it”.

Spawned from the merger in 2017 of the British Bankers’ Association, Payments UK, the Council of Mortgage Lenders, the UK Cards Association and the Asset Based Finance Association, UK Finance is far and away the UK’s largest banking trade association. It represents over 300 firms in the UK’s financial services sector, including the country’s biggest banks. Bob Wiggley is the organization’s founding chairman, and is a highly connected figure both in finance and government.

3. Digital ID Systems Are Already Surreptitiously on Their Way in the UK, But They Will Be Provided by the Private Sector (With Some Public Money). Unbeknown to most British people, the UK government is already working on digital identity systems such as the DSIT Digital Identity Programme. But in contrast to the system put forward by the Tony Blair Institute for Global Change, it will not be an all-in-one unified platform issued by the government.

Instead, private sector companies in the tech and fintech sectors will do most of the leg work. But the Department for Culture, Media and Sport (DCMS) has agreed to pick up the tab for a “substantial proportion” of the costs incurred. As readers may recall, the UK government has also signed a digital trade agreement (DTA) with Ukraine’s tech-dominated government that includes a commitment to share best practices on digital ID. The Ukrainian government is far ahead of many of its European counterparts in the area of digital governance, and USAID has committed to help export the model to other countries.

The UK government is also in the process of establishing the parameters for regulation — the so-called “digital identity & attributes trust framework” — and real-world applications for digital ID. It has also unveiled a proposed digital government identity verification system under the banner “GOV.UK One Login”. The new system will replace the plethora of existing ways people log into government websites to access public services online.

Digital verification is not the same thing as digital identity though they are closely related and arguably lead to the same outcome:

The latter leads to the first as it's pretty much digital ID by the back door if you can not borrow, mortgage, rent, or work, without having an identity check conducted digitally.

The right to prove your identity by physical means must be retained at all costs.

— Awakened World & Lawyers of Light (@AwakenedOf) February 27, 2023

Big Brother Watch warns this could give the government a blank cheque to share the personal information of millions of users between government departments. At the same time, a prominent City of London financier has predicted that the private sector is preparing to launch an “economic digital identity super app.”

In other words, digital ID is already on its way in the UK, just not quite in the form proposed by Blair’s foundation. There is one silver lining, however: at least now debate on the issue is beginning to filter into the public arena. But time is of the essence.

UK citizens have until March 1 (i.e., tomorrow) to respond to a public consultation on the government’s proposed digital identity verification system. Suffice to say, the consultation was not heavily publicised by the government nor covered in any depth, if at all, by the media, so most members of the British public are none the wiser. For UK-based NC readers, there is still a small but rapidly closing window of time to make your feelings known. Big Brother Watch provides further details, including a template letter, here.