Brexit, Dr. Who and Digital Identity

You are probably all sick of reading, hearing and dreaming about Brexit by now and I certainly do not propose to comment on whether no deal is better than a bad deal or whether the blockchain can create a virtual hard border for Northern Ireland, but there is one potential implication of Brexit that I do want to flag up here for discussion. Brexit may restart the discussion about ID cards.

To give just one instance of this meme, The Independent looked at a report from the think-tank Policy Exchange and said that “the UK should consider introducing ID cards after Brexit… it argues that Brexit marks a natural point at which to reform the UK’s immigration system”.

(The think tank Global Future went even further, saying that “the introduction of electronic identity cards would address many voters’ concerns about immigration without the need for Brexit.)

The Policy Exchange report was written by David Goodhart and Richard Norrie, and what they actually called for in the report is the creation of (essentially) a population register, giving everyone a unique number to facilitate interaction with the state. They say explicitly that the system “should not require a physical ID card, let alone the obligation to carry one”. In that newspaper article on the report, David goes on to say that they want to reopen the debate about ID management to “reassure people that we know who is in the country, for how long, and what their entitlements are”. It’s my emphasis on that word “entitlements”, and I’ll come back to it in a moment.

I wrote an article about identity cards for David when he was the editor of Prospect magazine, way back in 2005, in which I said that some form of citizen register “is clearly a good idea”. I wrote another article for him back in 2007, in which I said that the (then Labour) government should radically rethink its ID scheme, moving away from the obsession with ID cards and “focus instead on allocating a unique national identity number, backed by biometrics, to each citizen—that is all that needs to be held in a national register”. Nobody listened to me (except David!) and I do not recall ever being consulted on the topic by the government.

Anyway, the point of my writing all those years ago (and I also covered the topic in my book Identity is the New Money in 2014) was to separate the register that is used to determine uniqueness from the scheme that is used to determine entitlements. I think my general point and about moving to entitlements and leaving personally-identifiable information (PII) out of transactions has been not only borne out but reinforced by GDPR and subsequent developments in the world of social media.

Brexit bootstrap

If Brexit means an opportunity to rethink at the national level, but this time involve some expert opinion, I’m all for it. As I have written before at tedious length, we do not need a national identity scheme, we need a national entitlement scheme. And now is the time to starting thinking about what it might look like. So here go. As David touches on with his comment, the real solution is to our 21st-century identity crisis not an Indian-style Aadhar identity number or a Chinese social score, but a general-purpose National Entitlement System (NES). Very few people reading either the Policy Exchange report or this blog will remember the long ago days before the last Labour government’s attempts to introduce a national identity card, but there was a time when there were consultations afoot around a much better idea, which was a national entitlement card. As my colleague Neil McEvoy and I pointed out in Consult Hyperion’s response to that consultation, the “card” is only one mechanism for storing and transporting entitlements and in the modern age there might be better ones, such as mobile phones for example, that can not only present credentials but, crucially, also validate them (a subject I will return to).

Suppose that the vision for national identity (based on the concepts of social graph, mobile authentication, pseudonyms and so on) focused on the entitlements rather than on either the transport mechanism or biographical details? Then, as a user of the scheme, I might have an entitlement to (for example) health care, Wetherspoons or access to the Wall Street Journal online. I might have these entitlements on my phone (so that’s the overwhelming majority of the population taken care of) or stored somewhere safe (eg, in my bank) or out on a blockchain somewhere. Remember, these entitlements would attest to my ability to do something: they would prove that I am entitled to do something (access the NHS, drink in the pub, read about Donald Trump), not who I am. They are about entitlement, not identity as a proxy for entitlement.

It can be done

A decade ago I set out a vision for a 21st-century identity card. I tried to make it a vision that the public and the government and journalists and think tanks and everyone else could understand. It was a vision with genuine innovation and potential that subsequent technological developments have served only to sharpen. I tried to build a narrative founded in mass media because that’s where MPs and their spads get their science and technology education from (they are all arts graduates, so their knowledge of STEM is limited). This led me to suggest that in this matter, as in so many other things, Dr. Who should be the guide.

Just as Motorola famously created the flip phone around the Star Trek communicator, I created a vision of an entitlement service around Dr. Who’s psychic paper. As any devotee of the BBC’s wonderful series knows, the psychic paper shows the “inspector” whatever it is that they need to see. If the border guard is looking for a British passport, the psychic paper looks like a British passport. If the customs officer on Alpha Centuri wants to see a Betelguesian quarantine certificate, the psychic paper looks like a Betelguesian quarantine certificate. It the bouncer is looking for a party invite (as shown in the picture below), the psychic paper looks like a party invite.

200806171440.jpg

Christopher Ecclestone flashes psychic paper.

(I remain completely serious using Dr. Who to frame the narrative. It may seem a little odd to base a major piece of national infrastructure on a children’s TV series, but as it turned out I was not the only person to look in this direction because the BBC fan forum the no-longer-online “Torchwood Think Tank” had the suggestion back in January 2007, noting “dialogue joke about wish fulfillment of Doctor Who’s Psychic I.D. card he flashes in Season 3, and how that’s the future of ID cards…”.)

We all grew up with Dr. Who, and the show engenders warm nostalgia. Now, obviously, there’s an age-related component to this. My favourite monsters were the cybermen and I always wanted to work for Brigadier-General Lethbridge-Stewart, so that gives my age away, but my kids enjoyed the show just as much and I’m sure the current generation are enjoying our new lady doctor just as much. Dr. Who is the perfect mechanism for explaining technology the public and to MPs and Ministers. However, “a national entitlement scheme” sounds a bit 1950s and a “psychic paper scheme” sounds too much like science-fiction, so I’ve decided to re-label it: welcome to the Brexit Bona Fides scheme.

Brexit bona fides

This is how the Brexit Bona Fides scheme works. Unlike Dr. Who’s psychic paper, this post-Brexit version of psychic paper only shows the viewer what he or she wants to see if the holder has the relevant credential. If you are trying to get into a nightclub, you need to prove to the bouncer that you are over 18. The bouncer is looking for a credential that proves you are over 18. You show your psychic paper to the bouncer and all it reveals to the bouncer is whether you are over 18 or not. All the bouncer sees is that you are old enough to drink. Provided you are over 18, of course. If you are not, the psychic paper remains blank, as shown below

nightclub

You cannot forge this credential because it is digitally-signed by the issuer. If a 16-year old copies an 18-year old’s certificate into their psychic paper, it won’t work, because the incoming messages will be encrypted using the 18-year old’s public key, but the 16-year old lacks the corresponding private key (which can’t be copied because it’s never given up by the psychic paper — sorry, iPhone secure element). Since transmitting the photograph and appropriate credentials directly into the brain of the nightclub bouncer isn’t possible, we will of course need to use some kind of clever communication device instead. Luckily, just such a device already exists: the mobile phone.

My mobile phone would be able to check the entitlements that it is allowed to when presented by your phone, so none of us would need special equipment. I show up with my phone and claim that I am entitled to vote: my phone presents a QR code that is read by the polling clerk’s phone which flashes up my picture if I am entitled to vote or a red cross if I am not. I walk up to Wetherspoons and the pub requests an IS_OVER_18 credential. My Apple Watch (or phone or whatever) presents a list of virtual identities that have such a credential digitally-signed by an authority acceptable to Wetherspoons (ie, one that they can sue if I’m under 18) and, assuming that I’ve chosen one that is valid, my picture pops up on the bouncer’s Apple Watch. If I don’t have such a credential, the bouncer sees a skulls and crossbones or something. The customer never sees any of the jiggery-pokery hiding their personally identifiable information (PII). In 99 out of 100 cases, displaying your photograph is the only authentication required: There’s no need for the supermarket to check your fingerprints, for the doctor to demand a PIN or for the pub to take a DNA sample.

Watch Narrative Graphic

This isn’t really magic, or even that complicated. It’s all done using standard contactless communications, standard cryptography, standard protocols, standard chips, cards, phones and photos. Incidentally, after writing many year ago about how we could implement a psychic ID card using the same contactless technology as is used in Oyster cards, I literally fell off my sofa after settling down to watch a long ago Dr. Who Easter special only to see the BBC steal my idea! Yes, Dr. Who got on a London bus using his psychic ID card (see video here), clearly demonstrating that it has an ISO 14443 interface that can fool machinery as well as the psychic interface that can fool people.

Meanwhile, back in the real world… note that when using Brexit Bona Fides, no-one can read your psychic paper — no-one can check your Bona Fides* — unless they are allowed to and when they are allowed to, and all they can see is what they are allowed to see. No more showing the guy in the pub your name, date and place of birth and goodness knows what else just to prove you are 18. Under the hood, it’s all done using keys and certificates, credentials and local authentication: The nightclub bouncer has had to obtain a digital certificate that allows him to interrogate your ID card. His phone sends the certificate to your ID card. The ID card checks it, sees that it is asking for a proof of age. It sends back your photograph, digitally-signed (that’s how his phone knows it’s a real ID card, because it can check this signature). If you’re not old enough to drink, it sends back a digitally-signed red cross (or whatever).

Bona Fides will show the GP your health service number but only if you have the right to NHS healthcare, otherwise it will be blank. Bona Fides will show the employer your national insurance number (but only if you have the right to work in the U.K.). Bona Fides will show the pub absolutely nothing except your photograph (but only if you are old enough to drink). So this is a user-friendly way to implement all of the privacy-enhancing technologies that we would like to see incorporated in a modern national identity card scheme: sector-specific identifiers, pseudonyms, mutual authentication.

 

Now, this may have sounded far-fetched back in 2005, but let me point you to the new Louisiana smart driving licence. As a couple my LinkedIn contacts pointed out, this implements some of the key psychic ID concepts.

  • The smart driving licence app means that a holder can authenticate another person’s Louisiana digital driver’s license.

  • In the bar case study, it allows the customer to select which information she would like to reveal to the bartender—such as that she is over 21. That information is displayed on the phone with a photo and embedded QR code. The bartender scans the code with her app, which tells her that the woman seated on the other side of the bar is indeed over 21. None of the customer’s personal information, such as her name, birth date, or address, is displayed or stored on the bartender’s phone.

Given the the need exists, the vision exists and the implementation is demonstrably feasible, perhaps the trigger of Brexit can give us the digital identity infrastructure that our nation so desperately needs and the lack of which is such a source of friction and inefficiency.

Security and privacy

This is a way to deliver an identity scheme that provides both more security and more privacy. It does not need a big database with everyone’s details and it does not need expensive, custom-built, specialist equipment. In that 2005 piece for Prospect magazine I argued that that the government’s vision for the proposed ID card scheme was tragically out of date and backward-looking. Even the pressure group No2ID were nice about me, saying that that I was someone in favour of an ID scheme who actually knew what I was talking about but “unfortunately his preferred scheme is incompatible with the Government’s plans”. Indeed it was, but that didn’t matter because the scheme was scrapped by the next government anyway.

Writing about this kind of entitlement scheme a few years ago, I thought that a national plan to finally do something useful about identity might obtain “parasitic vitality” (to use one of my favourite ID phrases) from the specific issue of voter ID. Maybe electronic voting could have been a focus to get the gov.verify scheme a flagship project  and get the public and private sector working together to deliver an infrastructure that will be of benefit to all. None of this ever happened and gov.verify has gone, essentially, nowhere. So why am I still going on about this! Well, David Goodhart’s new report and other media comment has set me thinking that Brexit might finally provide the stimulus needed to develop the world’s first 21st century identity scheme. Not digitised identity, but real digital identity. Implemented correctly, it could make the UK a better place to work and play in a relatively short time.

* Bona Fides, for those of you who went to state schools as I did, is a Latin phrase meaning “good faith”. My dictionary definition says that bona fides documentary evidence showing that a person is what they claim to be. Note not who they claim to be, but what they claim to be. It gives the usage “credentials, as in he set about checking Loretta’s bona fides”. I’ll go and register the domain “bonafid.es” right now.

Mo’ identity, mo’ money, mo’ book

In his book “Sapiens — A Brief History of Humankind”, the historian Yuval Noah Harari writes perceptively and entertainingly about things that are fundamental to our economy and indeed our society: money, trust, reputation and the like. I found his description of the “cognitive revolution” quite compelling, especially where he talks about human beings gaining the ability to communicate information about relationships and therefore reputation (or, as I might simplistically label the basket of concepts linked together here, “identity”). He talks about the ability of the neolithic clan to remember the mutual obligations that bind people together when they can grasp the idea of a future, and how memory does not scale into the settlements of the agricultural revolution, thus necessitating the invention of money. He writes that

When trust depends on anonymous coins and cowrie shells, it corrodes local traditions, intimate relations and human values.

Yet we needed them. The problem, as Harari framed it, is that trade cannot exist without trust, and it is hard to trust strangers (but easy to trust their money – indeed he later talks about this saying “if they run out of coins, we run out of trust”). As society scales beyond the ability of individuals the local (including the money) is given up to the global.

In short, then, when we cannot share memories about information about identity, relationships and reputation we have to come up with some other way of making payments to support trade and increase prosperity. Which leads me to speculate that if there is indeed an identity revolution, a new way of sharing memories, underway because of the transition to online-centric life then we might need to rethink the modus operandi founded on central banks, nation states and fiat currency. As Mervyn King, former governor of the Bank of England wrote in his End of Alchemy, banks and central banks “are man-made institutions that reflect the technology of their time”. 

Perhaps their time is coming to an end. The way that we think about identity today is simply not working (identity fraud in the UK is at an all-time high and still rising). We need some different ideas. The always fascinating Jan Chipchase pointed me to this section of a very thought-provoking Medium piece on identity by Dan Hill:

“How might we be able to think more richly of ‘both/and’ in terms of identity, of being part of nations, cities and the world, of respect for both the local and the global?”

For more identity, not less – Dark Matter and Trojan Horses – Medium 

Yes, yes, yes. More identity, not less. In my previous book “Identity is the New Money” I wrote how social media and mobile phones and cryptography restoring the reputation economy of the neolithic clan but at scale, making the point that while our ancestors lived in one community, we live in many. Community is no longer geography.

In my new book “Before Babylon, Beyond Bitcoin” I explore the intertwined evolution of technology and money, which I hope will provide the general business reader with some useful structure for thinking about the future of banks and Bitcoin, leading to an exploration of community and value. I finish by putting forward the idea that the multiple monies of the future will be linked to the multiple communities we will inhabit and, as the quote above makes clear, the multiple local and global identities of the future.

“Our identity is framed in terms of street, neighbourhood, region, nation, biome — all are meaningful, alongside various forms of communities of interest” 

For more identity, not less – Dark Matter and Trojan Horses – Medium 

My personal suspicion is that while this is certainly true and that these identities will all be meaningful, a generation from now the city identity will be the most important. Indeed, Dan Hill goes on to say that

“Europe has functioned via urban centres for millennia, rather longer than our modern understanding of states. In some respects, this is a more meaningful form of organisation than that relative latecomer, the nation state, for all the benefits that the latter has accrued.”

For more identity, not less – Dark Matter and Trojan Horses – Medium 

Dan makes the point that Manchester and Estonia are similar in population size and while we are all familiar with e-residency of the latter perhaps, rather as Gill Ringland suggests in her financial services scenarios for 2050, e-residency of desirable cities will become a valuable right and the basis for one of a number of demographic asset classes. He goes on to speculate, as I have done, on whether a new Hanseatic League or a new Mediterranean Economic Union might be viable structures. I’m not sure I agree with his views on EU e-residency (because the EU is rather an artificial structure) but it’s certainly an interesting position to discuss, not least because it forms a money-issuing community of the kind that I discuss.

My general view is that we are returning to Harari’s “local traditions, intimate relations and human values” as the basis for trade because those new technologies (mobile phones, social networks and so on) mean that we can recreate the clan, the widespread and diffuse memory of obligations, on a population scale. Hence it is not implausible to imagine that new forms of money will arise that map more closely to the values of the communities they serve.

One last thing. Those communities will not be limited to people. Much if not most trade will be between machines, between my car and your garage door, between my flying car and your Amazon drone. We might see communities of robots developing their own money to reflect their own values. Will we be allowed to use it? I don’t see anyone in Star Trek using money, but something must be going on in the background to allow my starship to use your scarce crystals for power. I don’t claim to have all, or indeed any, of the answers but I hope that my framing of the questions will help you to think more clearly about an inevitable future of more identities and more monies.

By the way, you can buy an advance copy of the new book (which will be launched officially at Money2020 in Copenhagen next month) for the giveaway price of £17.50 if you can put up with having a copy signed by me. The pristine, signature-free copies are £22.50. Run, don’t walk, over to London Publishing Partnership and reserve your copy now.

Identity is the New Money

Well, the book has been published. Identity is the New Money (London Publishing Partnership: 2014). I’m very excited about it. By the time I finished it, I was sick of it. Writing a book turned out to be much more work than I’d thought. But having done it, I’m ready to do it again and this time I think it will be a lot easier – I made a lot of mistakes, but I think I learned from them.

Birch cover for LPP site border

If you are curious about the subject, but can’t be bothered to read a book, here’s a nice two-page spread from Financial World magazine [PDF, 1.4Mb].

In the future, everyone will be famous for fifteen megabytes

TEDdy bear

A few years ago, while banging my head against the brick wall that was Her Majesty’s Government’s ID Cards scheme, I had an idea for trying to explain what technology could do to deliver a better national identity infrastructure for the 21st century: use Dr. Who’s “psychic paper” as the narrative pivot, much as the technologists of a previous generation used the Star Trek “Communicator” as the template for the mobile phone.

What was an amusing notion for a talk at a small conference took hold and I developed the concept in a paper that was published in the Journal of Identity in the Information Society back in 2009 [here] and evolved the idea of the “Psychic ID”.

what started off as an idea in a discussion — basically, trying to visualise 21st-century digital identity management using Dr. Who’s psychic paper as a reference point, having given up on trying to explain keys, certificates and all the rest of the crypto-infrastructure — became a presentation and then a paper and finally a peer-reviewed paper that I’m rather proud of. I’ve found a way to explain to non-technical audiences — well, British non-technical audiences at least — that the combination of widely-available devices and intelligence can deliver an identity management infrastructure that can achieve much more than they imagine.

[From Digital Identity: I can see an article of some sort. Anyone called David?]

The idea went down tolerably well, so when I was very kindly invited to give my first TEDx talk at Sussex University I thought I’d give it a try. It was actually very difficult to know what to present. We ran through it a couple of times at the office, but I wasn’t sure who would be in the audience or what they would be interested in so it was hard to judge to contact. Anyway, it seemed to go down OK on the day, and I was quite excited when I got a link to a video of the talk.

When I saw the video, I was horrified! Points not made properly, interrupted trains of thought, stupid jokes in the wrong place (or half completed, including a good joke about banks having problems with id management), a series of distractions, key points not made properly, too many slides with variable pacing… I could go on. I rather pride myself on presenting as my only comparative advantage and contribution to Consult Hyperion, so I was, to say the least, not very happy with it.

Hence I was astonished, and genuinely flattered, to get an e-mail informing me that my talk was one of the less than one in a hundred of the TEDx talks that are shown on the main TED site. And as of today, there it is.

I won’t get over this for a while.

 

In the future, everyone will be famous for fifteen megabytes

Identity — A Story

[Dave Birch] Here’s a story about identity, just to show you how identity infrastructure works in the “real world” and how we aren’t wise to use what is alarmingly known as common sense in order to import this infrastructure across the virtual world boundary into our online future.

My son and I were out in the car one evening and we decided that since we had the lounge to ourselves that evening that we’d watch a movie together. Normally, we either buying movies through Apple TV, rummage around in the badly organised pile of DVDs in the living room, or go on Pirate Bay if we can’t find what we want through the preceding two mechanisms. But since we were out and about, we thought we go to Blockbuster. They were having a special offer whereby you could rent three DVDs for £10 for the weekend, so we decided to take advantage of it. After having spent the obligatory half an hour wandering aimlessly around the store and arguing about every single potential movie choice, we settled land on DVDs. When we got to the counter I realised that I’d forgotten my wallet but luckily we scraped up £10 between us in cash.

The actual Blockbuster video card that I was given when I opened the account, something like 15 or 20 years ago, has been long lost. For the last several years, on the odd occasion when we ventured in for a DVD, I’ve just given my surname and address and then paid using a credit card in that same name. This has served as adequate identification infrastructure for tens, if not hundreds, of visits. But this time I didn’t have my wallet, so when a guy asked me for my card and told him that I didn’t know where it was, he then asked for a credit card in the usual fashion and I told him that we didn’t have one of those either. So he said we couldn’t rent the DVDs. I was a bit annoyed because I couldn’t be bothered to drive all the way home, so I was just going to give up. But then the guy said have you got anything in the car that could be identification, like an insurer’s document or something, or even a letter addressed to you from someone official? I frankly doubted that I did, my son grasped at the straw and we went back to the car. Just as I’d imagined, there were no identification documents of any kind. They’re in the back of the car were half a dozen copies of the Digital Identity Reader 2010, the indispensable volume for all concerned with the topic of identity.

Over my son’s protestations, I went back into the shop with a copy of my book. I showed it to the guy and said “there you go, that’s me”. “Hold on”, he said, “have you got something with a picture on it, or is there a picture of you in the book?” I was forced to admit I didn’t, and there wasn’t. But son to the rescue with his raised-on-the-inter-web sensibilities. He held out an iPhone, and said “just googled him”. Fortunately under that search term, under Google images, the third picture along was me. We had our DVDs.

In the future, everyone will be famous for fifteen megabytes