Technology, Thoughts & Trinkets

Touring the digital through type

Digital Crises and Internet Identity Cards

Something that you learn if you (a) read agenda-setting and policy laundering books; (b) have ever worked in a bureacratic environment, is that it’s practically criminal to waste a good crisis. When a crisis comes along various policy windows tend to open up unexpectedly, and if you have the right policies waiting in the wings you can ram through proposals that would otherwise be rejected out of hand. An example: the Patriot Act wasn’t written in just a few days; it was presumably resting in someone’s desk, just waiting to be dusted off and implemented. 9/11 was the crisis that opened the policy windows required to ram that particular policy through the American legislative system. Moreover, the ‘iPatriot’ Act, it’s digital equivalent, is already written and just waiting in a drawer for a similar crisis. With the rhetoric ramping up about Google’s recent proclamations that they were hacked by the Chinese government (or agents of that government), we’re seeing bad old ideas surfacing once again: advocates of ‘Internet Identity Cards’ (IICs) are checking if these cards’ requisite policy window is opening.

The concept of IICs is not new: in 2001 (!) the Institute of Public Policy Research suggested that children should take ‘proficiency tests’ at age 11 to let them ‘ride freer’ on the ‘net. Prior to passing this ‘test’ children would have restrictions on their browsing abilities, based (presumably) on some sort of identification system. The IIC, obviously, didn’t take off – children aren’t required to ‘license up’ – but the recession of the IIC into the background of the Western cyberenvironment hasn’t meant that either research and design or infrastructure deployment for these cards has gone away. Who might we identify as a national leader of the IIC movement, and why are such surveillance mechanisms likely incapable of meeting stated national policy objectives but nevertheless inevitable?

I would suggest that, in the Western hemisphere, Spain has been incredibly ‘forward thinking’ about Internet authentication. The Spanish identity card was initially deployed by Franco to starve out rebels – during the guerrilla war rations were only provided to identity card holders – and gradually expanded into all reaches of Spanish society. Buying gas? Show the card. Subscribing to a magazine? Offer up your card. Unlike in the UK, US, or Australia, Spanish citizens accept the identity card as just another part of daily life, which has made Spain a delightful testing ground for the various companies involved in updating the card for the 21st century. Significantly, this receptiveness to the identity card meant that the transition to an electronic card was remarkably simple: the electronic national identity card (the DNIe) was introduced as a mere policy update to the existing card. There was no parliamentary debate or civil resistance over the shift to digital surveillance.*

The DNIe is designed with Internet authentication in mind. It interfaces with hardware dongles** to authenticate the holder with Spain’s national identity architecture. Using this authenticated system, authorities can monitor where Spaniards travel online, and the authentication facilitates ‘secure and convient’ engagement with Spanish e-government services. In 2005, Vice President Maria Teresa Fernandez de la Vega noted that the DNIe was a “tool for guaranteeing the security, confidentiality, and integrity of citizens using the Internet”, in 2006 the government maintained that the DNIe was “key to solving the security-privacy binomial”, and by 2008 it was recognized that a key objective of the DNIe was to “bring the digital world into the old processes of identification and signature” (Source, p. 50). Spain is a leader in the discussions of interoperable identity card standards in Europe, has already exported its technology and standards to areas of Italy, and is aggressively marketing the card technology in Latin America. A substantial military-industrial complex backs the DNIe, and the complex is leveraging their political, symbolic, and monetary capital to push for a European-wide identity card, where each sovereign nation would possess an interoperable card, and each citizen required to carry their card to operate online.

The aim of identity cards – to provide security, identification, and signatures – is doomed to fail, but this prognosis is unlikely to prevent their ultimate spread throughout many ‘modern’ democracies. Bruce Schneier notes that for such identification mechanisms to succeed “we’d need agencies — real-world organizations — to provide Internet identity credentials based on other identification systems: passports, national identity cards, driver’s licenses, whatever”. Obviously, Spain has this infrastructure, though in establishing it identity theft becomes that much more profitable.***

Without some sort of a biometric check at the level of the card itself there isn’t anything that stops one citizen from using another citizen’s card….save for conventional societal norms and law. Lawrence Lessig recognizes that regulation of digital environments are dependent on architecture, markets, law, and norms. In including a biometric ‘check’ on the cards that is mandated by law, it is possible to regulate the card along the lines of architecture, markets, and law. Where Spain, in particular, has a social-normative expectation that cards are required for personal identification, the normative conditions for effective (rather than perfect) regulation are set.

‘Effective’ regulation, of course, doesn’t necessarily resolve either the ‘security-privacy’ binomial or signature and identification demands of an identity card. A friend or colleague could log you in, should you forget your card at home, and few biometrics are nearly as effective as suggested by vendors or their media shills. Facial recognition is demonstrably terrible when put to empirical tests, cheap digital-fingerprint systems are easily foiled, and even many iris recognition systems are subverted with photographs of eyes. In essence: biometrics are vulnerable to considerable failure and the number of false positive and negatives render their value questionable as identifiers or signatures (Anderson, p457-82). Accompanying the surrender of authentication processes to government bodies (as in Spain) are considerable worries that the information suffer function and security creep (privacy protection tend  to get clawed back with each new ‘crisis’). The security-privacy binomial is not, and likely cannot, be met using the equivalent of the DNIe, nor can the signature and identification requirements. Even should some of these issues be minimally dealt with, it only increases effective regulation. Teens, criminals, and hackers will all subvert any identity authentication system – never underestimate the motivation to engage in underage drinking, commit larceny, or just tinker.

Now, you might be asking at this point: who is trying to push this policy again? It’s probably a politician, someone who sees identity systems as a great way of gaining political capital with the security-ignorant public, right? Wrong. It’s Marcus Ranum, the CSO of Tenable Network Security, who is well known for his contributions to the security field. At the same time, Microsoft is (again) backing the idea that some sort of authentication mechanism be built onto the ‘net to avoid a ‘cyberwar’ or ‘cybercatastrophe’, this time at the UN level. In Ranum’s case, he argues that anonymity has a temporal value in a few cases – Deepthroat needed anonymity at the time to prevent backlash, but after his death anonymity held no value – and in Microsoft’s opinion a license should be required to ensure that a computer and/or user is ‘fit to surf’.

Obviously, attempts to terminate anonymity and expand online surveillance are not new, nor are the efforts to technologically resist such terminations. If we dispose of the notion that governments are actually aiming to secure citizen’s lives, and instead better ’embrace’ them for bureaucratic purposes, then the adoption of some sort of IIC makes good sense: it contributes to security theatre (therefore gaining, or at least not losing, votes), could theoretically centralize citizen information (imagine tying the IIC to census data on the backend of the system), and its potentials are only restricted by privacy advocates, ombudsmen, and law. The first tend to be poorly funded, the second often lacking teeth, and the last maleable. If we accept the proposition that modernity’s institutions are accompanied by identity and surveillance systems to more strategically ’embrace’ citizens and non-citizens as they move through institutional webs (as suggested by Lyon, Torpey, Giddens, amongst many others) then there is considerable paradigmatic force behind instituting an online identity system.****

For the state to ’embrace’ those passing through its digital conduits perfect compliance may be desired, but isn’t necessary: law, architecture, norms, and markets can propel mass adoption of any such card or system. Spain is incredibly optimistic that it can teach identity card policy and techniques to Europe, and one would expect various members of international copyright cartels to jump at the opportunity for enhanced surveillance that advances along a non-deep packet inspection (DPI) route (on the basis that DPI has, somewhat surprisingly, garnered incredibly high degrees of public resistance). Informally, I’ve been told that cartel members regularly meet with government leaders in Europe to advance the idea of identity cards to fight copyright infringement.

Given the possibility of law to mandate basic architecture, market, and legal conditions for regulating the digital, it is on the social-norms front that governments genuinely have to win the ‘hearts and minds’ of citizens. A key question is whether crises of digital security, and the electronic economy more widely, will be sufficient to soften up Western populations and make them receptive to yet more intrusive, yet modernizing, surveillance systems that embrace national citizenries.

Will an electronic equivalent of Chernobyl lead to a twisted, long-term, combination of the American iPatriot Act and Spanish identity card expertise? Is it only a matter of when, rather than if, IICs or their equivalent are commonplace in the West? I expect that ongoing paradigmatic forces of modernity almost (though not quite) necessitate the eventual attempts (and, ideally, failures) to banish anonymity and introduce IICs or their equivalents. Where do you, my readers, stand?


* Information about Spain is derived from Pablo Ouziel’s unpublished (but digitally accessible) Master’s thesis, The Spanish Identity Card: Historical Legacies and Contemporary Surveillance.

** It should be noted that, as of 2009, there were substantial incompatibility problems between the dongles and computers. The infrastructure is being laid: it isn’t yet in operation.

*** That the central databases for the card are located in a police bunker, amongst a police force that has never truly ‘democratized’ following the transition to democracy raises its own concerns.

**** For more on this notion of nations ’embracing’ their citizens, turn to Torpey’s The Invention of the Passport: Surveillance, Citizenship, and the State.


  1. The Spanish case is an interesting one to use. Makes it really clear what the political implications are. Franco was a fascist. People should really think about that.

  2. @JoVE

    Pablo has done a really nice job pulling together information on the DNIe, including meeting with many of the stakeholders in the project. Name, of course, have been stripped for confidentiality reasons in the thesis, but he wasn’t speaking with junior people. The off hand comments that didn’t get into the thesis are terrifying (even more terrifying than some that are in it!), along the lines of ‘it’s inevitable that this is coming to Europe: we have money, can sell it rhetorically, and the military complex is well coordinated throughout the nations whereas advocates who might oppose it are not’.

Leave a Reply

Your email address will not be published.