May 25, 2006
Fragmentation of personal information can be a good thing, too
Many of the issues with an identity card scheme are actually the same as for a unique identifier such as the ULN (Unique Learner Number) proposal. By tying together data with different contexts into, effectively, a single distributed database, you amplify rather than minimize the impact of incursions and errors.
Kim puts one of my concerns rather more elegantly than I did in my earlier post:
... the natural contextual specialization of everyday life is healthy and protective of the structure of our social systems, and this should be reflected in our technical systems.
Which echoes my earlier statement that weak or inefficient connections between government data sources are not necessarily accidental but may in fact be a realization of policy, either explicit or implicit.
I raised the "red cape to a bull" effect in a (private) response previously to a proposal circulated for creating a national e-portfolio system - that creating a single high-value data target pretty much ensures it will be comprehensively hacked into, and its nice to see that echoed by Kim, too.
Especially as the main weapons in the security arsenal are not the mechanisms that try to directly prevent incursion, but the ones that either minimize impact after it has occured, or that deter potential incursions - logging, auditing, disciplinary measures, and prosecution.
As Kim says "In a high value system, there will be conscious attacks mounted both from without and within, and one must assume that one of these will succeed."