A personal directive from Boris Johnson; a “Top Priority” chase-up from Dominic Cummings, the PM’s most senior advisor, requiring notification if progress is to be delayed by even just 24 hours; the utterly untransparent committee in charge of planning for a no-deal Brexit tasking the Government Digital Service to “urgently” develop a “digital identity accelerated implementation plan”. What on Earth is going on?
In September, leaked documents obtained by BuzzFeed News revealed that Downing Street has ordered government departments to centralise their data collection and transform gov.uk, the government’s main public information website, into a platform to allow “targeted and personalised information” to be gathered ahead of Brexit.
The government has tried to paint this directive as nothing more than a long-planned, nothing-to-see-here normalisation of the government’s online systems. But the revelations have sparked concerns among data privacy advocates and opposition groups that Johnson’s government may use the data for nefarious purposes.
Certainly, one could worry about what someone with this government’s history might do with the sort of personalised data that gov.uk will gather. Tracking the public’s online activity and collecting personal information – which government websites people search; tax returns and passport applications; records of births, deaths and marriages; applications for settled status; even fines from the DVLA – could allow Johnson’s government to serve up targeted ads or propaganda about Brexit.
But one should be far more worried at the prospect of what GDS recently presented at an event showcasing the government’s latest technology efforts: The development of “a ubiquitous digital identity across government services”.
This push to create a single digital ID to rule them all conjures images of ID checks everywhere – not just on government websites, but across government services themselves. Will this truly make life easier for people living in the UK to do things like obtain benefits, apply for settled status or navigate the bureaucracy? Or will it be a giant leap back to 2002, when Tony Blair and David Blunkett first proposed the idea of a universal “entitlement card”?
The government’s current digital infrastructure does not inspire confidence. What may appear as one system to the average person may in fact cross many different ‘silos’ inside the government. And boy, do those departmental silos hoard ‘their’ data zealously! Given the amount of Whitehall bickering over who controls user data, it’s difficult to see how the government will create an integrated, user-friendly platform that protects people’s privacy.
Now and in the coming months, our EU citizen neighbours deserve to be able to see government confirmation that they are in the UK lawfully – information the Home Office refuses to show them, despite holding the records itself. The principles of the Settled Status scheme have been undermined by the culture of the Home Office, which believes it can act disconnected from consequence – something quite possibly true under the previous prime minister, and which remains to be seen under this one.
When someone can click a single link to see that HMRC accepts they have paid taxes in the UK for many years, then clicks on another link only to have the Home Office tell them they haven’t, it makes it starkly clear that the implementation of Settled Status – and the government’s larger digital infrastructure – is a quagmire.
Moreover, if you do need to apply for Settled Status following Brexit, you’ll probably want to check – and correct – the HMRC tax payment records that the Home Office will use first to make its decision. And in order to be able to do that, you currently have to prove your identity in two different ways – neither of which is up to current government identity standards.
No solution is a panacea, of course. But it should not have taken a prime ministerial intervention to make government departments follow existing standards that respect citizens’ privacy.
For those fearing political abuse, the answer is simple: The only way to know whether data is being used for good or ill is to be able to see every way that data about you is used. Openness and transparency transcends both administrations and functionaries, and if the intent is to deliver performance statistics that cannot themselves be used to target or identify people, then those statistics can be published as many already are.