It almost seems like the UK has been experiencing some envy when it comes to the mass surveillance efforts of their US counterparts. From passing its citizens’ data to TransUnion to former PM Tony Blair’s statements regarding digital ID that have aged anything but well.
Unfortunately, it seems that Tony Blair is no longer the only figure talking about implementing such a thing. Boris Johnson’s government is reportedly planning to “transform the Government’s use of data despite privacy fears.”
At the head of this transformation is his chief advisor Dominic Cummings who referred to the GDPR as “a legal and bureaucratic nightmare” just two short years ago. While the GDPR is certainly what brought us those largely useless yet incredibly annoying cookie pop-ups, there’s no denying that it’s a step in the right direction to protect our privacy and data online in an increasingly connected world.
Despite Blair and Cummings’ statements, this is really not as sudden as it may seem. Realistically, technology has been used in IDs since Malaysia issued the world’s first e-passport back in 1998.
E-passports (also known as biometric passports) come embedded with a chip, not too different from the one in your debit or credit card, that contains biometric information (fingerprint or iris, usually) that authenticates the ownership of the passport. This information is protected by public key infrastructure (PKI) technology, which is the same encryption mechanism that SSL certificates use to power the HTTPS web.
It seems that Cummings plans to expand current digital ID implementations into the web – giving the government much more user data to feed on. Think of the convenience of Sign in with Apple, Google or Facebook. It’s perfectly understandable to want to offer that kind of convenience, especially when it comes along with potentially billions worth of user data they can sell to TransUnion, or the highest bidder.
Over the last few years (or decades, in Estonia’s case), many countries have looked into implementing digital IDs. Those countries typically have better track records when it comes to privacy, though. For now, decentralized identities seem to be the way forward.