Identity Documents Bill

My Lords, we have had an interesting and wide-ranging debate. My first point is that the various speeches have shown a philosophical divide in the House between those who think that it is a good idea for the state to amass information about citizens and that this is somehow empowering, and those who think that it is a good idea for the state to have as little as is necessary for the discharge of its duties and functions. That is one of the things that divide us regarding the national register and it lies at the heart of the way in which this scheme was constructed. The Benches opposite challenged me personally on why I had changed my view. I will tell them. My reasons were expressed more eloquently than I can put them by the noble Lord, Lord Shipley, who raised all the charges that one could about the flaws in the system, and he was right. This national register would have contained up to 50 items about individuals. That is a very large amount of information and would have included ephemeral details such as one’s address. A constant process of change would need to have taken place and there would have been a penalty for failing to provide the information. Some noble Lords mentioned the view of Microsoft. It was Jerry Fishenden, an expert in this area, who said that bringing together in a single place all this information about the citizens of this country was a great honey pot and that the likelihood of it being invulnerable to attack and hacking was zero. Those were the moments when I began to have very serious doubts about the wisdom of this scheme, and the more I saw of it the less I liked it. It is partly for practical, but also for many philosophical, reasons that I concluded that the scheme was a bad idea. The history of the way in which the previous Government’s thinking evolved was spelt out by other Members of the House, and I will not go into that again. Various arguments were put forward and eventually the scheme turned from the being a good security precaution into being a good entitlement route. Part of the difficulty shown in defending this was the fact that the previous Government had constantly to change their justification for this extremely expensive scheme. I repeat that it is extremely expensive and it is quite right to say that it was to be the only one of its kind. One could have imagined that every time a swipe was made and the register had to incorporate a transaction—because it was going to be used in that fashion—the number of transactions would undoubtedly have crashed the system. The design had many flaws. It also has limited validity and limited use because, as was rightly pointed out, the area of online fraud and losses, which increasingly is where identity authentication is needed and where fraud is taking place, would not have been helped at all by the existence of this register. So the design did not deal with one of the main areas where identity authentication was needed. The noble Lord opposite asked how we would deal with identity issues. I entirely take the point that they are very serious and that further work and protection are needed. However, I am quite clear that the national register as it was constructed, with its associated card, was not the route to go down to get that degree of identity assurance. Some noble Lords also raised the question of whether we would retain any of the technology that has been developed in relation to second-generation passports. As I said, the Government take the view that it is not necessary for the security of the British travel document, which we all agree is of high-quality, that it should incorporate second biometric data. Most Schengen countries are going down the route of asking for fingerprints. We are not going to do that and a large number of other countries are not going to, either. We do not take the view that there will be any barrier to the acceptability of our document. We also believe that other ways of increasing the security of the biometric data such as facial imaging, which we can certainly do at much less cost, are the way to go. Having said that, we will retain the technology in the Identity and Passport Service to ensure that, should we need to use it or should it be useful, we will have it available. However, we do not consider that it is needed as things stand. Several noble Lords asked about how the destruction of information would be done and whether we could be sure that it would be done. It is a very important issue. As has been said, all biometric data and the vast majority of the personal data will be destroyed within two months of enactment. We have shared our approach with the Information Commissioner's Office, which is satisfied that all areas have been covered. The data destruction will be handled in accordance with the decommissioning guidance issued by the Cabinet Office and by the information assurance arm of GCHQ, the CESG. I believe that I am right in saying also that my honourable friend the Immigration Minister in the other place said that he would report to the House. I, too, am very happy to report to this House on the destruction process. We entirely agree that if we say we are going to do that, the public must be assured that it is happening. That will be a systematic process. We will not allow data that should no longer be legally held to be held by the Government. Some noble Lords also raised the question of the power under the Act to sell data. Perhaps I may clarify that. Section 12 of the Act provides for the Identity and Passport Service to provide information to third parties for verification purposes. This permits the Secretary of State, under that power, to supply information to a person registered under the Act. The provision of this information requires the consent of the individual: at least that is a relief. For example, they may be applying for goods and services, which is why the information about them is required. Section 35 allows for a fee to be charged for the application of this provision, so one can see the intention potentially to make this a profit-making possibility for the Government. Our anxiety would have been about whether the information being provided was always accurate. Some noble Lords asked whether there was an anomaly between our desire and intention to abolish the identity cards system and register and our continuation of biometric permits for foreign workers in this country. In fact, the latter is an EU requirement and, obviously, we undertake to continue to maintain our EU obligations. These are residence permits; they are not identity documents. On costings, I cannot supply an immediate answer to the question raised by the noble Lord opposite. Our figures are very different, but I will write to him on that subject, as I realise that it is important to have clarity.