Regering zal toestemming voor de kaartinformatie van identiteitskaart moeten vragen

Ian GrantDe mensen zullen expliciete toestemming voor de overheid moeten geven om tot hun persoonlijke details toegang te hebben die op diverse gegevensbestanden worden gehouden alvorens zij a kunnen krijgen nationale identiteitskaart, De kaartminister van identiteitskaart Heuveligere Meg vertelde Afgevaardigden deze week.

Heuveliger gaf bewijsmateriaal aan het Lagerhuis' De Binnenlandse Zaken selecteren commissie op de veiligheidsregelingen voor controversieel nationaal identiteitsregister en bijbehorende nationale identiteitskaart.

There would be two databases, one for biometric data (fingerprints, facial images and possibly later, iris scans) and biographic data (name, address history, National Insurance number etc), Hillier said.

A Home Office spokesman said that when a person applies for an ID card, any information to be recorded in the National Identity Register will be checked against a number of public or private sector data sources to help verify the person’s identity. “This will build on existing best practice in processing passport applications,” he said.

Just over a year ago the government dropped plans to build the NIR from scratch. It opted to use Immigration computer systems to store biometric data and the Department of Work & Pension’s National Insurance database to store biographic data.

Hillier said fewer than 100 people will have access to the entire dataset of a NIR record. Each access to a record would have an audit trail, and access to some data fields in the record would require two simultaneous authenticated and credentialed users.

All transfers of data would be encrypted, she said. “There will be no discs flying around (with unencrypted data on them),” she said. This was a reference to the loss by HM Revenue & Customs last year of two compact discs containing the personal and banking details of 25 million child benefit claimants. Hillier admitted that the incident had “dented” people’s confidence in the government’s ability to protect sensitive personal data.

Hillier said she expected most external use of the NIR would be to confirm that a person’s identity was registered. Very rarely, and then only to agencies IPS audited for security, would further details be given, she said.

People would be entitled to ask the “identity custodian” who had looked at their records, she said. There were no plans to follow committee chairman Keith Vaz’s suggestion that IPS provide a “Google Alert” to warn people when someone looked up their data.

She said people don’t expect the credit vetting agencies to tell them when someone checks up on them, nor did the Passport Office when someone verified a passport’s validity. IPS was taking the same approach.

Duncan Hine, who is in charge of security arrangements for the NIR and ID card, said security on the biometric database would be the highest possible and certified by government, but security around the biographic data would be less stringent.

Hillier said that the procurement process now underway should be completed by the end of the year with roll-out of ID cards starting early in 2009.

Comment on 'Gov will have to ask permission for ID card information' :

RSS TrackBack URL

Related News: