|
Belgian ID card |
elgium is the first European country with a
nation-wide electronic ID card.
Microsoft Belgium on Monday announced a new Electronic ID (eID)
Early Adopter program. Under the program, Microsoft will be working
with local software vendors to develop eID-based applications.
Microsoft's MSN division will develop one such application — an
authentication service for MSN, according to Microsoft officials.
Information on MSN's work with the Belgian government around e-ID
cards was first reported by the www.mess.be [sic: uninteresting] Web
site. Mess.be reported that
Microsoft also might add authentication for eID cards to future
Windows releases as well.
Sun Microsystems is on it too: The e-ID 'project' is the single
largest government deployment of
Java Card technology in Europe.
And
Adobe is as well.
From Stefan Brands' superb
Identity Corner web-site [recommended]:
"Two
glaring problems:
|
Stefan Brands |
The citizen certificates on each ID chipcard contain
the cardholder’s name and RRN (the “rijksregistratienummer,” a
single government-wide identification number for each natural
person). The name and RRN are disclosed whenever a card is used at a
relying party. The RRN (which has a simple structure based on the
citizen’s birthday) serves as the key to numerous databases
containing citizen information; on the basis of this number,
all cardholder actions and movements with the eID chipcard can be
electronically traced and linked (not merely by the government
itself!).
The eID card specifies the following information, both visibly on
the card itself and stored within the card’s chip: cardholder’s
photo, surname and first names, gender, nationality, place and date
of birth, signature, RRN, and the validity period of the card. In
addition, the chip also stores the cardholder’s current address.
Some of this information is privacy-sensitive, yet the cardholder
has no control over its disclosure. (Historically, this is the
same information as has always been on Belgium identity cards, and
so arguably this does not constitute a reduction in privacy;
however, in most countries around the world an information-rich
national identity card would not pass in the first place.)
The privacy problems do not stop here. Each eID chip contains two
X.509v3 identity certificates (each specifying the citizen’s name
and RRN number, one for authentication and one for digital signing),
as well as a basic signature key to authenticate the card with
respect to the RRN. The certificates and public keys, which are
assigned by the central issuing authority, by themselves serve as
“omni-directional” identifiers that are globally unique. For a
detailed account on the various privacy problems caused by this use
of PKI, see, for instance,
here.
As reported by
EPIC and Privacy International in their
2004 report on Privacy & Human Rights, “the new ID card has been
criticized by the Commission and civil liberties organizations as
presenting a serious threat to individuals’ privacy.” In many ways,
the Belgian eID card is the worst nightmare come true of the
smartcard’s original inventor, Ronald Moreno. Moreno came up
with the card in 1974 as a means of replacing low value cheques, and
repeatedly warned of the slippery slope dangers of the card when
used for other purposes. In one famous statement, Moreno warned
about the potential of smartcards to become “BIG BROTHER’S LITTLE
HELPER”.
At present, only a few government services have been hooked up to
the Belgian eID card. Consequently, the privacy implications of the
card are relatively minimal. However, as
stated on the
Web site, over time the eID card will give access to a wide
range of government services:
“With the electronic ID card, you will be able: to access the
records kept by the local authorities about you. […] to request
on-line documents for which you now have to go to your
administration personally […]; to exchange information on-line with
your administration, private companies or organisations through a
secured channel. […] to make statements or transactions (social
services, banks, post, insurance…) from a distance; […] Several
municipalities are already equipped with electronic windows that
enable you to make requests by filling in electronic forms. […] to
get in touch with the regional and federal services on the Internet.
[…] to make secure commercial transactions on the internet (on-line
selling and buying); to affix your electronic signature on documents
[…]. You will also be able to send electronic messages with a legal
signature, to sign contracts on the Internet: to use all
applications which will be put at your disposal in the future by the
State as well as by the private sector. You will be able to make
bookings, registrations, payments, to place orders, to terminate
contracts as well as many other things, in complete security.
Company badges, electronic payment cards, on-line VAT declarations
represent other examples of possible applications.
It does not take a PhD to figure out the ENORMITY OF THE PRIVACY
IMPLICATIONS of using the current eID card for all these services.
Apart from privacy dangers, there are also SEVERE SECURITY
IMPLICATIONS, not only for citizens but also for service providers.
In the words of the authors of the recent
LSE report (see Chapter 18), replacing “today’s local
non-electronic
