TZUTC: -0500   
   MSGID: 1656.consprcy@1:2320/105 2d6b59b6   
   PID: Synchronet 3.21a-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0   
   TID: SBBSecho 3.28-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0   
   BBSID: CAPCITY2   
   CHRS: ASCII 1   
   FORMAT: flowed   
   (Yet) another digital ID card isnt the answer   
      
   Date:   
   Fri, 31 Oct 2025 15:26:38 +0000   
      
   Description:   
   BritCard: political theatre versus progress, and the case for smarter digital   
   ID.   
      
   FULL STORY   
      
   The Ouroboros, the ancient symbol of a snake swallowing its own tail,   
   represents the eternal cycles of life. And we might now want to apply it to   
   Westminsters policy-making. There is certainly an ouroborian quality to the   
   governments attempts to introduce a compulsory national digital identity .    
      
   The latest iteration, the so-called BritCard, was formally introduced as   
   government policy ahead of the Labour Party conference. It originates from    
   the think tank Labour Together and has been endorsed by the Tony Blair   
   Institute, it is pitched as a tool to curb illegal immigration.    
      
   Yet, like the mythical serpent consuming its own tail, it risks going nowhere   
   while repackaging unworkable ideas. Its time to chew on something better; the   
   Trust Framework.    
      
   I certainly know enough to know when something isnt working. I have watched   
   the UKs digital identity debate from the inside for more than two decades,   
   starting with the Home Office Identity Cards Programme in 2005 and ending    
   with GOV.UK Verify in 2018.    
      
   My conclusion is that a state-issued BritCard would drain public money,   
   duplicate existing systems, pose undue risks, and antagonize the British   
   people. But perhaps worst of all, it will set back investment in the UKs   
   digital economy - a rare area for growth and innovation.   
      
   Needless risks    
      
   The timing certainly makes little sense. In June, the government established   
   the Digital Identities and Attributes Trust Framework (UK DIATF) in law   
   through the Data (Use and Access) Act.    
      
   It has changed secondary legislation to enable employers to remove their   
   regulatory liabilities by carrying out right-to-work checks digitally through   
   certified service providers using passports and other existing credentials.    
      
   For most of the UK population - 85 per cent of whom own a valid passport -   
   proof of status is therefore already only a few clicks away.    
      
   The small minority who cannot use these digital checks need support, but that   
   is where limited public funds should be directed - not into building a new   
   national infrastructure for everyone else.    
      
   Risk, control and failure. More alarmingly, a compulsory BritCard system    
   would create needless risks. Channelling access to public sector data through   
   a single government provided solution is an unnecessary impediment to    
   citizens and a drag on the development of the digital economy.   
      
   Civil liberty concerns   
      
   It also raises civil liberty concerns - a compulsory app on everyones phone   
   would present a potential point of control for a future government. Why    
   create a prospective government point of risk, control and failure?    
      
   This makes little sense when legislation has so recently been put in place    
   for a more sensible approach, one by which the government can govern the   
   market of providers through operational and technical standards, annual    
   audits and a TrustMark?    
      
   The UK has already implemented OneLogin for Government as a single identity   
   verification mechanism to access public services digitally and is developing    
   a GOV.UK Digital Wallet to accompany it. The government has also stated it   
   will issue a Digital Passport as a Verifiable Credential into this Wallet.    
      
   For the majority of the population that hold a passport this acts as a   
   right-to-work credential. Many of the remaining 15% are either too young or   
   too old to require a verifiable right-to-work-credential, but they should be   
   able to ask the Home Office to issue one.    
      
   If these reasons were not enough to raise eyebrows, then the financial case   
   certainly will.    
      
   Labour Togethers figures suggest 140400 million in set-up costs and up to 10   
   million annually for administration. The Tony Blair Institute meanwhile   
   estimates 1 billion in set up costs and 100 million in annual running costs.   
   Based on the UKs track record with large IT projects, the real bill might be   
   higher still.    
      
   Meanwhile, employers and landlords - the people who bear legal responsibility   
   for checking IDs - already have digital tools to meet their regulatory   
   obligations. Imposing another layer of compliance would add costs for   
   businesses without clear benefit. The rest of the sums are glossed over.   
      
   A path forward is possible   
      
   What this points to is not the absence of government responsibility but a   
   different kind of leadership. Rather than trying to operate a centralized   
   identity scheme, ministers should focus solely on governance: building the   
   rules and safeguards that allow the existing certified intermediaries to   
   interconnect under the new regulations.    
      
   The UK DIATF already sets out how multiple certified providers - public and   
   private - can issue and manage trusted credentials within clearly defined   
   security and data privacy requirements. The annual audit process ensures the   
   public need have no concerns about surveillance or data leakage under this   
   model. So the foundations are in place.    
      
   What is needed now is the political will to let a decentralized model -   
   developed over 15 years with extensive engagement between government,    
   industry and privacy campaigners - flourish.    
      
   Such a model would reflect how digital identity is evolving in an era shaped   
   by AI and distributed technologies. It can grow in stages, adapt as new   
   threats and challenges emerge, and support selective disclosure so people   
   share only what is necessary.    
      
   Banks, telecoms and many other organizations are well placed to deliver this,   
   provided they follow shared standards and strong privacy protections.    
      
   I do understand the psychology of a government wanting to own and operate   
   something tangible that could win votes; but being in government is about   
   governing, not operating.   
      
   A constructive path    
      
   The Trust Framework offers the structure under which the government can    
   govern efficiently and effectively by incrementally improving the standards   
   and operational protocols that certified companies are required to meet. This   
   should be the constructive path forward.    
      
   For example, many people have concerns about how their personal data is being   
   used; few people read the terms and conditions when they sign up to a new   
   service. The government could consider giving people more effective controls   
   when they use services that carry the TrustMark of the Trust Framework.    
      
   History shows the cost of chasing headline schemes that promise easy fixes.   
   The UK now has the chance to break the policy ouroboros - to stop circling   
   back to failed ideas - by using the Trust framework it has already legislated   
   for and by supporting public and domestic private providers to make it work   
   for everyone.    
      
    This article was produced as part of TechRadarPro's Expert Insights channel   
   where we feature the best and brightest minds in the technology industry   
   today. The views expressed here are those of the author and are not   
   necessarily those of TechRadarPro or Future plc. If you are interested in   
   contributing find out more here:   
   https://www.techradar.com/news/submit-your-story-to-techradar-pro   
   ======================================================================   
   Link to news story:   
   https://www.techradar.com/pro/yet-another-digital-id-card-isnt-the-answer   
   $$   
   --- SBBSecho 3.28-Linux   
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)   
   SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700   
   SEEN-BY: 226/30 227/114 229/110 206 300 307 317 400 426 428 470 664   
   SEEN-BY: 229/700 705 266/512 291/111 320/219 322/757 342/200 396/45   
   SEEN-BY: 460/58 633/280 712/848 902/26 2320/0 105 304 3634/12 5075/35   
   PATH: 2320/105 229/426