Bigger Brother

Recent proposals by the UK Government for an identity card scheme and accompanying National Identity Register (“the Register”) have led some to believe that George Orwell’s vision of a future where an ever watchful regime engages in constant surveillance of its citizen’s lives, may be edging closer to reality. Earlier this year the Information Commissioner for England and Wales warned that we are “in danger of sleepwalking into a surveillance society”.

There are no longer any technical barriers to the kind of “surveillance society” envisaged by Orwell. CCTV, satellite tracking, RFID tags, biometric technology and increased monitoring of electronic communications offer the state unparalleled access to the lives of its citizens. In April 2004 Tony Blair announced that the only remaining barriers to the introduction of the ID card scheme were logistical and practical. That may not be entirely accurate. There are also significant civil liberties concerns which have not been adequately addressed.

In the current climate it is not surprising that the political will to introduce ID cards remains strong. The terrorist outrages of 11 September 2001 and the subsequent “war on terror” have been the catalyst for a raft of legislative measures in both the US and the EU which significantly strengthen the powers available to the state to intrude on the private lives of its citizens, in the interests of national security.

Breaking new ground

The UK is certainly not unique in proposing to introduce a national identity card. Eleven of the 15 nations of the EU now have some form of ID card. In France, 90% of the population carries one.

However a number of other countries such as Japan, Australia, New Zealand and even the US have not adopted the idea. It seems that the strength of public feeling about privacy and personal liberty remains a stumbling block in many countries. And what is being proposed in the UK is on a scale not previously attempted anywhere in the world. The plans to record and store significant amounts of information on every individual have no precedent.

The ID card scheme and accompanying National Identity Register proposed by the Government’s draft Identity Cards Bill will involve the collection, storage and sharing of a vast amount of information about each and every one of us – including “biometric” information such as iris scans, fingerprints, facial dimensions and even DNA profiles. This information may well be cross-referenced with other databases such as the Police National Computer or the proposed new Children’s Database.

The Home Office originally planned to phase in the cards from 2007-08 by introducing new biometric passports and driving licences, which could be used as an ID card. However the plan now appears to be that passport applicants from 2007-08 will get a new “biometric” passport and at the same time be issued with a separate ID card. The allegedly voluntary nature of the initial “rollout” period for the cards suggested by the Government is therefore questionable, at least for anyone wanting to renew their passport in the next few years. 

The card has been described as a solution looking for a problem. Despite initially being touted as a valuable weapon in the fight against terrorism, the Government has accepted that the scheme is unlikely to have any measurable impact on terrorist activities. The cards have now been suggested as a solution to the problem of identity theft, illegal immigration, and even general crime prevention.

Most of those involved in the 11 September attacks and the Madrid bombings had valid identification papers. There is evidence to suggest that many of those likely to be involved in terrorist attacks on UK soil have been living and working here for some time. The problem is not identifying terrorists, it is recognising them before they strike.

The two sides of article 8

Despite the apparent momentum the scheme is gathering, there remains a concern that it could be in breach of article 8 of the European Convention of Human Rights (ECHR), and involve an infringement of individual privacy.

In assessing whether the scheme might be in breach of article 8(1) ECHR, it has to be established that there has been an interference with the rights as laid down in that article. Assuming there is an interference, this can only be justified in certain limited exceptions laid down in article 8(2).

Essentially the ID card scheme is about information. There are three elements – the collection of information, the storage of that information on the Register and the sharing of that information between agencies.

Interference in the cases

It is safe to say that the collection of information, particularly biometric information, would involve an interference with article 8(1). The issue of whether the retention of information can constitute an interference with article 8 is less clear. In McVeigh, O’Neill & Evans v UK (1983) 5 EHRR 71 the Commission stated it remained an “open question” whether the retention of fingerprint and photographic information taken from three suspects even after their release without charge constituted an interference within article 8(1).

In the recent conjoined cases of R v Chief Constable of South Yorkshire, ex parte LS and R v Chief Constable of South Yorkshire, ex parte Marper [2004] UKHL 39 the court was concerned with the retention of fingerprint, photographic and DNA evidence by the police after suspects were subsequently acquitted. The majority of the court took the view that article 8(1) was not engaged by the retention of this information.

Some importance was placed on the use to which the information could be put. In dissenting on this point however, Baroness Hale focused more on the nature of the information being stored and the individual’s strong interest in whether the information be stored. Regardless of the use to which DNA samples could at present be put, she reasoned that they constituted information, which one might reasonably expect to remain private, and so article 8(1) was engaged by the retention of that information.

In fact, the Strasbourg court has in the past held that the storage of less sensitive information engages article 8, even where that information is not subsequently put to use. In Amman v Switzerland  (2000) 30 EHRR 843 the court held that the creation and subsequent storage in the federal indexing system of a record card which indicated the applicant had previously had contacts with the Soviet Embassy engaged the protection of article 8(1).

Given the broad and potentially sensitive nature of the information to be stored on the Register it seems likely that article 8(1) will be engaged by its retention.

The final aspect of the scheme is the sharing and disclosure of the information stored on the Register. Sharing of sensitive information without the subject’s consent certainly involves an interference with article 8(1). The recent case of R v Wakefield MDC [2002] QB 1052 shifted the focus onto the consequences which would flow from the sharing of information. The court held that even relatively innocuous information such as names and addresses, if disclosed without consent, could involve an interference with article 8(1).

Defence of necessity?

Clearly some, if not all, aspects of the proposed scheme will involve an interference with article 8(1). The question is whether that interference can be justified. To pass the hurdle of article 8(2) any interference must be “in accordance with law”, have a “legitimate aim”, and be “necessary in a democratic society”. 

It is in the third limb of the test that the greatest scope for argument lies. The assessment of the question of proportionality involves a balancing act between the rights of the individual and those of society as a whole. The state is accorded a certain margin of appreciation, particularly where questions of national security and prevention of terrorism arise.

On the other hand, where a measure is proposed which represents a severe interference with article 8(1), cogent reasons must be put forward to justify it. The problem here is that the scope of the scheme is difficult to assess, and will remain so until the Government fills in the gaps in the legislation.

Further, there is scope for cross referencing of information on the Register with any one of a number of other databases such as the proposals for a Children’s Database, an EU level database of Passenger Name Information, and retained communications traffic data (which is proposed be retained for a mandatory period of two years, presumably on yet another database).

Your personal profile at hand

The proportionality and compatibility with article 8 of some of these databases is already seriously in doubt. Since the Government is committed to greater sharing of information it is possible that ultimately the National Identity Register could in effect form a centralised “hub” through which information on a wide range of databases could be channelled.

Having such a comprehensive spread of information available on every individual in the UK is arguably disproportionate to the stated aims of the scheme. In November, the Information Commissioner reiterated that despite recent refinements to the scheme he remained concerned over the “vast database” of personal information which was being created.

Due to the lack of detail on how and by whom the information on the Register could be accessed, the concern that information will be cross referenced with other databases, and general concerns about the security and accuracy of information on the register, it is unclear that the scheme would survive a challenge under article 8.

(The Government’s bill, published as this article went to press, does not tackle the criticism that the purposes for which access might be granted to the database, and to whom, is still capable of being expanded by order of the Secretary of State.)

Fraser Gillies, a member of both the employment and the commercial dispute resolution core service groups at Wright Johnston & Mackenzie LLP, is a solicitor with a particular interest in privacy and human rights generally.