I didn’t need to register, as I had apparently done so already, by creating something called a Government Gateway account when filing my tax return. I didn’t need to send them a photograph, as they still had my old one on file. I didn’t need to prove my address, as they had the electoral roll. I didn’t need to send them proof of identity, as they could look up my passport, just from the number. Seriously. Twenty minutes.
[From Shared Opinions | The Spectator]
He mentions this to support the idea that there’s no point being against a identity card because, in essence, we already have one. But this is wrong: this is an argument in favour of an effective national identity register (which I am in favour of too) not an argument in favour of an effective national identity card which, had it existed and been designed properly, would have been used to authenticate Mr. Rifkind in this transaction. His experience illustrates precisely why the government should focus on the issuing of national identity numbers and not on storing data — any data — in the register. Adding a national identity number to the DVLA database makes sense: adding the DVLA number to the register doesn’t deliver anything beyond what is already place and makes the system potentially more vulnerable. What should happen is this: Mr. Rifkind logs in to the government gateway — initially using usernames and passwords but using 2FA once the cards have been rolled out in the future — and from then on seamlessly moves around government departments and gets stuff done using standard federated identity products. No spending half an hour searching for the piece of paper that you haven’t seen since last year that has your government gateway log in details on it, as I did when sorting out my tax last month (unluckily just before the whole system crashed).
