Search

Simple instructions on subscribing to the blog

« Being a “General Identifier” is not a data protection safeguard. | Main | Fax off. The PECR marketing privacy rules are different for e-mail »

14/10/2009

How a £750 printer could affect everybody’s privacy

Yesterday’s Evening Standard, London’s newest free-sheet, published a story about “Police war on fake ID factories”. Evidently, a £750 printer from PC World is all one needs to produce convincing replicas of “the propose new ID Card and EU driving licence” as well as “passport entry stamps and national insurance cards”. According to the Standard, the police have initiated “Project Genesius” to stop these kinds of printers falling into the hands of criminal gangs.

The development has implications for privacy – thanks to the UK’s ID Card Scheme. For example, the original intent of the ID Card Scheme was to allow organisations to do inspection-type checks. For example, retailers or licensees might want to check proof of age by looking at the date of birth on the Card, or car rental outlets might want to check the photograph of someone hiring a car before handing over the keys. Now, thanks to a £750 printer, if someone shows you their ID Card you will not know, by inspection, whether that ID Card is a false one.

The resolution of the problem of whether or not an ID Card is a valid one, is to swipe the Card to perform a check against the National Identity Register (NIR). As the vast majority of individuals will have valid ID Cards, this check will be registered in the audit trail associated with the NIR.  This in turn means the authorities now have records that point to the fact that Fred Bloggs Jnr may have bought some booze from a specific off-licence or Joanne Smith has probably hired a car from a specific hirer.

In other words, the existence as something such as cheap as a £750 printer has meant that inspection checks cannot be relied on with the result that the audit trail of the National Identity Register will map more and more detail of everybody’s personal life.


 

Posted at 11:22 AM in News |

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

There is a nice circularity here as many/most printers identify all documents they print (with a pattern of yellow micro-dots). So if the printer used to print fake identification documents has been purchased in a way that identify the purchaser, then there's a trail from the fraudulently printed documents. PC World may be required to demand an id card for purchase of printers, and check that it doesn't have a micro dot pattern on it!

More info on printer identification at http://w2.eff.org/Privacy/printers/

br -d

Posted by: David Mery | 14/10/2009 at 02:34 PM

The comments to this entry are closed.

Archives

Categories

All materials on this website are the copyright of Amberhawk Training Limited, except where otherwise stated. If you want to use the information on the blog, all we ask is that you do so in an attributable manner.