Yesterday I spoke at an event in the European Parliament for the 3rd Document Freedom Day. I was invited by Pirate party MEP Amelia Andersdotter to be on a panel on Open Standards for Critical Digital Infrastructure, hosted by the Greens/European Free Alliance. The rest of this post is an expanded version of the short talk I gave, pulled together my prep notes. A fair amount of this got cut in the interests of brevity and clarity.
[You can watch a video of the panel here, and witness my need for a haircut, and how badly I needed a drink of water towards the end]
With regard to Critical
Digital Infrastructure – I’m most familiar with electronic identity
systems, and information management technologies, so I’ll mostly talk about
that, although I hope that some of the points I want to make are applicable
elsewhere. I was interpreting the slightly ambiguous concept of critical digital infrastructure, broadly as any kind of electronic infrastructure, with any kind of meaningful social function.
I'm first going 1) to set out some foundational assumptions,2) illustrate
with the examples of the UK ID card scheme, and the current proposals for an
eID system, then 3) hopefully draw out the lessons or implications for open
standards in critical digital infrastructure more broadly.
Part 1 – Assumptions
1) Technologies (and therefore Critical Digital Infrastructures) are political
However, the politics of these technologies are often fairly opaque.
There is often a tendency to dismiss as technical or design issue, things that have political values behind them. There are also politics in which technologies get taken up and used, which do not.Technologies reflect their aims and their origins
(difference between systems developed by home office/ministry of the interior,
and work/labour/pensions etc).
There is also often the assumption that social goals and priorities are settled and
can be assumed, and that technology design follows on from these. E.g. Facebook
is popular, therefore people really wanted to share many intimate pictures of
their lives, and we’re not doing so previously because of the absence of such a
tool.
2) ID technologies are inherently surveillance technologies (and so are many forms of critical digital infrastructure).
Identity technologies operating to differentiate individuals
from other individuals, and groups from other groups, citizenship or membership
in particular political communities. The history of identity technologies has
many cautionary tales about the use of identification schemes to exercise
discrimination and prejudice. Dependence upon the issuer and the possibility of
deprivation/revocation. In a 2009 report on best practice in eID, ENISA has identified eID technology as having a strong
potential threat to article 8 rights ECHR – especially when compulsory, and
having inherent privacy risks, particularly around disclosure and mis-use
Digital Infrastructures also have surveillance potential,
and the ability to impact upon fundamental rights such as privacy and the
security of personal data. This primarily emerges from some of the abilities of
digital technology (ability to keep large volumes of data, to search rapidly
across databases, and to perform
repetitive functions cheaply). Any system that keeps a log of events, has a
surveillance potential.
This is not enough (in itself) to dismiss these
technologies, sometimes society benefits from differentiation – for example,
between those who need to access a public service, and those who do not. Sometimes
surveillance is a legitimate tool. However, these inherent surveillance capacities should give
us a moment’s pause, and be cause for reflection, and careful design and policy
choices intended to minimise the potential impact upon privacy. – For ENISA this explains some form of privacy
feature in all eID systems (for them, a privacy measure is anything that
increases the control of the card owner over what data are disclosed, when and
to whom)
3) These are not the only political issues involved in Critical Digital Infrastructure
·
Alongside the surveillance potential, there are other political issues involved in critical digital infrastructure, including the setting of political priorities, and the construction of political problems to which digital infrastructures are being proposed as solutions (what is the infrastructure for?). There are also fairly standard issues of cost, and the allocation of limited resources.
Canadian sociologist David Lyon writes about what he calls ‘the card cartel’, a shorthand for the way that governments, private industry and technologies themselves come together to determine the nature and functions of identity card systems (and can likely be extended out to the way that other critical digital infrastructures are procured and set up). Many technology providers are ready to supply governments with technologies, and their expertise is also drawn upon in designing such infrastructure.
·
4) There is an important role for policy and decision makers in the design and implementation of political technologies.
I'd return to this in the conclusion, but the upshot of the first three assumptions, is that policy makers (of various sorts) should be involved in the political choices surrounding standards for digital infrastructures.
Part 2 – UK examples [this section draws upon the article I wrote for Hard Times magazine in Germany]
1) The withdrawn ID card
Unlike a large number of other European countries, The United Kingdom does not have citizen identity cards.
Whilst identity cards were introduced during the World Wars for purposes of
recruitment, rationing, and preventing espionage, they were withdrawn after the
end of the war due to public opposition. After September 11th 2001,
when the Labour government brought forward a series of proposals and discussion
that would culminate in the Identity Cards Act 2006. This proposed a central
identity register, initially using freshly collected and verified biographical
and biometric data, but later pulled together from existing government
databases. This would enable identity to be associated with a singular
authoritative documentary source.[i]
This register would support a physical national identity smartcard checkable
against the register through card readers. The scheme would have been voluntary
at first but eventually compulsory and citizens would pay for the card.
Opposition centred on the changing relationship between
the citizen and the state, the burden placed upon the economically vulnerable,
privacy violations and potential for state abuse, the insecurity, unreliability
or cost of the system, and that the system could be a distraction from other
policies. Opponents, such as the campaigning group NO2ID sought to highlight
the register rather than the card itself, as well as the audit trail generated
as a record of every transaction was logged. Also criticised the plans as being
led by procurement issues and management consultants rather than designed along
sound information technology principles.[ii]
Ended with 2010 general election, and the Conservative/Liberal Democrat coalition that followed. One of (few) points of
agreement between the two parties. They could both reject the perceived
authoritarianism of the previous government whilst playing up their shared
liberal credentials. The end of the project was made law through the Identity
Documents Act 2010 which repealed the Identity Cards Act 2006. This called for
the scrapping of the register and card, but retained laws on counterfeit
identity documents. The ID card database was physically destroyed in February
2011.
2) The current eID proposals
In contrast not a card, but rather an system for allowing
users to prove who they are to a range of service providers (both government
and potentially private), using a chosen identity provider.
according to the Cabinet Office, the new model is customer
centric, driven by customer needs in a market arrangement.
UK Govt intends to set up a ‘hub’ which will act as a
clearing house for identity information, and as a catalyst for getting the identity market up and running.The intention appears to be to build an information
infrastructure that would be of use outside of the public sector, and to
publish standards, frameworks and APIs that would allow other developers to
build services on top of that infrastructure – as is the case in Estonia,
Belgium, and in Germany. Service providers will publish their requirements (based
upon risk management) and identity providers will vouch for an individual that they have met these standards.
Part 3- Lessons from
UK ID and eID for Open standards in Critical Digital Infrastructure.
Linking this to open standards in Critical Digital Infrastructure, the UK ID card scheme far from ‘open’. It was closed, opaque, limited
access (pay for use of the register), generally designed around state needs and
priorities, little public input into the design choices (basically an internal
passport), an obsolete technology, with no standards, no API, developer toolkits
etc).
Currently proposals are somewhat more open, but in a market sense, rather than anything related to free and open source software. There is a
central hub, and the citizen will supposedly be able to choose from a range of
identity providers. Private sector services are potentially able to use the eID
system to authenticate users.
Critical questions
are 1) trust, and 2) use/purpose. Open standards can play a role in both of
these areas.The apparent ‘need’ for eID systems arises from uncertainty over
identity claims. That your word as to your identity is not sufficient. This leads to a following question - If I don’t trust you (your identity claim), why would I
trust an identity provider that you have chosen? There will inevitable be some selection for which providers of identity are able to enter the market, and this might be particularly difficult for individuals or small groups - I don't envisage you being able to 'roll your own' identity provider, the way you might host your own websties.
With regard to use – the ID card, wasn’t very useful (it was also
expensive), and this translated into (part of) its lack of popularity.
Some of the issues around open standards in critical digital
infrastructure can be found in general issues of open software, and also in debates around encryption and the failure of security through obscurity. I didn't include this in the talk, but I was thinking about how open standards might
proliferate surveillance potential of infrastructure systems, in the absence of
some form of oversight or regulatory cover (accountability), but I think this would be highly dependent upon the make up of any given system (and its social context).
Open standards
(infrastructural transparency) may be one way over overcoming tendencies
towards entrenched interests in critical infrastructure design.
Contribute towards the transparency of the process (but –
‘open’ has to have some element of control or influence, not just
‘visible/readable – read/write) – transparency of process is as important,
BEFORE we get to standards (open or not).
Open standards allow New uses to be made of the
infrastructure (in a generative fashion), that might not have been thought of
by the original designers. But this also allows a way around unresponsive
incumbents.
The two examples show
different roles for the key political actors (options, different role of
government)
for ID cards – government as provider, owner and controller of
central register, the guarantor of identity in the last instance whilst for the e-ID the rhetoric is quite different, government is positioned as catalyst and facilitator, providing a set of
protocols for interaction, and then stepping back to be a consumer of online identity.
No comments:
Post a Comment