Fighting disproportionate identity systems and policies
What happened
Since the late 1980s governments across the world have been trying to build identity registries. By the early 1990s, there were similar policies being pursued by a number of governments across the Pacific region, with similar technologies from the same companies. In the mid-90s ID cards became a ‘modern’ policy, implementing smart cards. By 9/11 biometric IDs became the preferred solution to undefinable problems. Then came vast databases of biometrics to identify people — with biometric passports leading to biometric border systems.
In all, governments wanted to collect vast amounts of data, create single IDs and assign them to people, require people to disclose their identities for more and more transactions in life. This is all for an increasingly broader set of purposes: administration of benefits and welfare, border management, immigration management, crime and fraud, terrorism, and even for ‘development’.
What we did
PI was founded out of the ashes of the Australia Card initiative in the 1980s. We campaigned across the Pacific region in the early 1990s.
When the Bush Administration pushed biometrics in the Passport standard at the UN agency the International Civil Aviation Organisation, we campaigned with the American Civil Liberties Union against governments using the war on terror as an excuse to turn passports into biometric databases. When the Bush Administration started collecting biometrics of foreign residents and then of all visitors we were the only international organisation to call them out on the practice. We also campaigned against the EU, Japan and Russia implementing similar systems.
In the UK, we helped set up the campaign group ‘NO2ID’ that campaigned for eight years against the Government’s proposed biometric identity register — that planned to collect face scans, iris scans, and fingerprint templates on all people in the UK. We worked closely with academic institutions and industry experts to capture global experiences with identity and understand the state of the art to highlight the bad decisions being made by a Government more interested in expanding surveillance than protecting peoples’ identities.
Where things stand now
The UK ID card was dismantled. But it has been copied by other countries, including India. Europe decided, despite our campaign, to include fingerprints in passports; though the UK opted-out of that measure as a result of our pressure.
Biometrics registration continues to be deployed, particularly in law enforcement and immigration contexts, where national debate is weaker and scrutiny is non-existent.
What we learned
Opposition to ID is hardly ever inherent. It must be stoked by appealing to people’s concern about government over-reach as much as doubts over delivery. Governments promised so much in order to get their ID policies through democratic processes. Their systems can never live up to their promise, and along the way they will have to expend vast amounts of resources, only for it to end with failure — but this is only ever noticed when political and technological scrutiny is applied.
In the end identity systems always fail, but they also too often become too-institutional to shut down. And the idea of a multi-purpose ID always returns. Being always ready is hard.
Harder lessons
Identity fights require working at multiple levels, which is hard for NGOs. You have to maintain a passionate stance on principle (e.g. documenting people is an interference with rights), while you also engage on practicalities (e.g. does it work? is it cost-effective?). You have to work with industry and across government departments and policy-makers -- which is resource-intensive. You have to explore the state of the art and get frustrated by the simplicity of their design choices.
Democracies rarely pay attention to how governments treat foreigners. This is the new strategy of governments: start by registering foreigners, and then move to nationals when it becomes normalised. Hardest of all is fighting each small ratcheting up of identity requirements. Know your customer rules? We missed those. Increased identity requirements across societies? We couldn't push back on them all. Fingerprinting chidren in school? Fingerprinting at borders? Fingerprinting at airports? The list was immense and we were too few.
What we are doing now
We continue to support our partners in countries where the rule of law is weak to identify the risks of identity systems. We draw attention to identity and biometrics in border and migration settings. We document the flow of resources from rich countries to poorer countries that enable the building of identity registries without adequate safeguards. And we are looking at how identity is now being created out of your data, often without your knowledge, and not just through overt registration.