TZUTC: -0500
MSGID: 1656.consprcy@1:2320/105 2d6b59b6
PID: Synchronet 3.21a-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0
TID: SBBSecho 3.28-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0
BBSID: CAPCITY2
CHRS: ASCII 1
FORMAT: flowed
(Yet) another digital ID card isnt the answer

Date:
Fri, 31 Oct 2025 15:26:38 +0000

Description:
BritCard: political theatre versus progress, and the case for smarter digital
ID.

FULL STORY

The Ouroboros, the ancient symbol of a snake swallowing its own tail,
represents the eternal cycles of life. And we might now want to apply it to
Westminsters policy-making. There is certainly an ouroborian quality to the
governments attempts to introduce a compulsory national digital identity . 

The latest iteration, the so-called BritCard, was formally introduced as
government policy ahead of the Labour Party conference. It originates from 
the think tank Labour Together and has been endorsed by the Tony Blair
Institute, it is pitched as a tool to curb illegal immigration. 

Yet, like the mythical serpent consuming its own tail, it risks going nowhere
while repackaging unworkable ideas. Its time to chew on something better; the
Trust Framework. 

I certainly know enough to know when something isnt working. I have watched
the UKs digital identity debate from the inside for more than two decades,
starting with the Home Office Identity Cards Programme in 2005 and ending 
with GOV.UK Verify in 2018. 

My conclusion is that a state-issued BritCard would drain public money,
duplicate existing systems, pose undue risks, and antagonize the British
people. But perhaps worst of all, it will set back investment in the UKs
digital economy - a rare area for growth and innovation.

Needless risks 

The timing certainly makes little sense. In June, the government established
the Digital Identities and Attributes Trust Framework (UK DIATF) in law
through the Data (Use and Access) Act. 

It has changed secondary legislation to enable employers to remove their
regulatory liabilities by carrying out right-to-work checks digitally through
certified service providers using passports and other existing credentials. 

For most of the UK population - 85 per cent of whom own a valid passport -
proof of status is therefore already only a few clicks away. 

The small minority who cannot use these digital checks need support, but that
is where limited public funds should be directed - not into building a new
national infrastructure for everyone else. 

Risk, control and failure. More alarmingly, a compulsory BritCard system 
would create needless risks. Channelling access to public sector data through
a single government provided solution is an unnecessary impediment to 
citizens and a drag on the development of the digital economy.

Civil liberty concerns

It also raises civil liberty concerns - a compulsory app on everyones phone
would present a potential point of control for a future government. Why 
create a prospective government point of risk, control and failure? 

This makes little sense when legislation has so recently been put in place 
for a more sensible approach, one by which the government can govern the
market of providers through operational and technical standards, annual 
audits and a TrustMark? 

The UK has already implemented OneLogin for Government as a single identity
verification mechanism to access public services digitally and is developing 
a GOV.UK Digital Wallet to accompany it. The government has also stated it
will issue a Digital Passport as a Verifiable Credential into this Wallet. 

For the majority of the population that hold a passport this acts as a
right-to-work credential. Many of the remaining 15% are either too young or
too old to require a verifiable right-to-work-credential, but they should be
able to ask the Home Office to issue one. 

If these reasons were not enough to raise eyebrows, then the financial case
certainly will. 

Labour Togethers figures suggest 140400 million in set-up costs and up to 10
million annually for administration. The Tony Blair Institute meanwhile
estimates 1 billion in set up costs and 100 million in annual running costs.
Based on the UKs track record with large IT projects, the real bill might be
higher still. 

Meanwhile, employers and landlords - the people who bear legal responsibility
for checking IDs - already have digital tools to meet their regulatory
obligations. Imposing another layer of compliance would add costs for
businesses without clear benefit. The rest of the sums are glossed over.

A path forward is possible

What this points to is not the absence of government responsibility but a
different kind of leadership. Rather than trying to operate a centralized
identity scheme, ministers should focus solely on governance: building the
rules and safeguards that allow the existing certified intermediaries to
interconnect under the new regulations. 

The UK DIATF already sets out how multiple certified providers - public and
private - can issue and manage trusted credentials within clearly defined
security and data privacy requirements. The annual audit process ensures the
public need have no concerns about surveillance or data leakage under this
model. So the foundations are in place. 

What is needed now is the political will to let a decentralized model -
developed over 15 years with extensive engagement between government, 
industry and privacy campaigners - flourish. 

Such a model would reflect how digital identity is evolving in an era shaped
by AI and distributed technologies. It can grow in stages, adapt as new
threats and challenges emerge, and support selective disclosure so people
share only what is necessary. 

Banks, telecoms and many other organizations are well placed to deliver this,
provided they follow shared standards and strong privacy protections. 

I do understand the psychology of a government wanting to own and operate
something tangible that could win votes; but being in government is about
governing, not operating.

A constructive path 

The Trust Framework offers the structure under which the government can 
govern efficiently and effectively by incrementally improving the standards
and operational protocols that certified companies are required to meet. This
should be the constructive path forward. 

For example, many people have concerns about how their personal data is being
used; few people read the terms and conditions when they sign up to a new
service. The government could consider giving people more effective controls
when they use services that carry the TrustMark of the Trust Framework. 

History shows the cost of chasing headline schemes that promise easy fixes.
The UK now has the chance to break the policy ouroboros - to stop circling
back to failed ideas - by using the Trust framework it has already legislated
for and by supporting public and domestic private providers to make it work
for everyone. 

 This article was produced as part of TechRadarPro's Expert Insights channel
where we feature the best and brightest minds in the technology industry
today. The views expressed here are those of the author and are not
necessarily those of TechRadarPro or Future plc. If you are interested in
contributing find out more here:
https://www.techradar.com/news/submit-your-story-to-techradar-pro
======================================================================
Link to news story:
https://www.techradar.com/pro/yet-another-digital-id-card-isnt-the-answer
$$
--- SBBSecho 3.28-Linux
 * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)
SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700
SEEN-BY: 226/30 227/114 229/110 206 300 307 317 400 426 428 470 664
SEEN-BY: 229/700 705 266/512 291/111 320/219 322/757 342/200 396/45
SEEN-BY: 460/58 633/280 712/848 902/26 2320/0 105 304 3634/12 5075/35
PATH: 2320/105 229/426