The ID card has been held up by some as another step towards enabling social surveillance. The other side of the debate states that we must trade some privacy to achieve security. Atos Consulting’s vision for a secure ID scheme shows that these two objectives need not conflict.

The key is to build a flexible model supported by rigorous protocols and processes so that the data needed to identify an individual is kept separately from any customer information. Customer information should be:

• Collected during the transaction
• Discrete to the trading relationship, and
• Managed separately.

Understanding and managing this split of data is critical to a successful and trusted ID card scheme.

The mechanisms needed so that the new trust models can deliver a successful scheme include:

• Pseudonyms, cryptography and fragmentation of data to protect privacy
• Secure cross referencing to allow aggregation of data only when authorised by the individual
• New personal enabling technologies to provide a wider range of channels for ID usage and
• Clear audit trails to allow regulation and provide the individual with transparency and confidence in the system.

Realising the benefits requires integration into, rather than wholesale replacement of, existing customer relationship management systems. This would provide a unique, secure reference to allow government or commercial organisations to de-duplicate their records. Organisations can then better cross reference their internal systems, and provide a secure channel authorised by the individual for drawing together personal data. Atos Consulting sees the potential benefits:

• Securing an individual’s personal data and identity
• Achieving more secure transactions for both organisations and individuals
• Better securing government events such as elections and consultations whilst opening up new means of engaging the public.