Many of my friends are baffled and bored with my relentless ranting about photographic driving licences. Where's the harm in a simple, single form of biometric ID? It makes the lives of honest people easier, and those of villains harder. What's your problem?
My problem can be divided into two categories, one of principle and one of practicality.
The point of principle is my belief in the right to presumption of innocence. A world of madness would ensue if the burden was on the accused to prove their innocence. Employment law is minefield enough: imagine if anyone could accuse you of anything with no evidence and the burden would fall on you to provide evidence of innocence? We would rapidly enjoy a situation analogous to the Tort law in the United States, where lawsuits are often settled simply to avoid legal costs - it's nothing more than sophisticated blackmail, and it detracts from the real cases that should be decided in court.
When someone asks me for ID, they are accusing me of lying about my identity, and requesting me to produce the evidence.
But I can accept that in a pragmatic world certain situations make it easier for me to prove my ID than my accuser proving that I am lying. So lets move on to the practical issue.
My big fear with the introduction of photo-licenses was that the simple fact they were widely carried would mean that all and sundry would start asking for a level of evidence of identity that was out of all proportion to the risk evolved in the transaction: for example, registering with the local video store.
Wide scale, dispersed ID records increase the chances of fraud, simply because they are held in multiple locations. And the more widely a form of ID becomes accepted, the more attractive it is to fraudsters.
The Department of Internal Affairs have just released their Draft Evidence of Identity Framework for consultation. It is a well thought out, pragmatic document that encourages moderation and a sense of perspective with regard to proof of identity. It places great emphasis not on some panacea for ID theft (such as an ID card) but the process by which identity is continually assessed.
Of note is the elimination in the report of the NZ Drivers Licence as an acceptable form of ID in serious matters. Speak to people in the know off the record, and they will discount the photo driving licence as not being worth the plastic it is printed on.
I want to say this just once: I told you so.
How has it come to pass that a government document that has entered circulation widely as a simple, single form of ID has now been discounted by the authorities as being too open to fraud?
The answers are simple: we used it too much, thereby dispersing information widely and making it attractive to fraudsters.
It was attractive simply because it carried a biometric (a photo) - it was a nice simple, single form of identification that anyone could use and accept.
It is vital that we learn from this experience. The definition of insanity, to quote Einstein, is doing the same thing and expecting a different result. One group of people will probably say we just didn't do it hard enough. Make the biometrics tougher, make it harder to forge or get in the first place.
The more pragmatic amongst us will take another view. Get rid of the photo. Diminish the importance of the document (so at least it once more becomes reliable as a licence to drive) and revert to the multi-faceted way in which we used to do these things. Don't ask for ID. Do discreet background checks, but don't tell everyone how, that way criminals will have to produce a full false persona rather than just one document. They will never know what you are going to look for.
We must take the lesson from this experience that creating a single monolithic point of authentication is dangerous. It becomes all or nothing: if a false ID works, you can do anything, making it very valuable and worthwhile investment.
DIA and State Services are consulting on a unified way for citizens to authenticate with government; in effect giving you a single login and password to access any government service.
Imagine the value of that...
I don't think occasionally having to go through an ID check when I need a different government service is that big a deal. Is it really worth the millions that are being invested in this project? Given the risk, why would they do this? Could it be they just want to find a way to move us up the OECD e-Government ranking?
Don't forget, a single login is effectively your citizen number. It will be universal across health, tax, benefits, education ... use your imagination. They are investing significant effort in encryption and so on, but the only certainty about locks is that villains always find a way, and a single login is so valuable it will be worth some serious investment.
I urge you, please respond to this piece of consultation with a simple message. The consultants and advisors should pack their bags and wind up the project. We don't want it.
And while you're at it, I want my lifetime licence back.