RTP Home

Introduction to the paper on Identity Cards

The Point: We need to Protect ourselves against both Terrorism AND Tyranny


If you want to know how we can prevent the Tyrants doing more damage than the Terrorists; or how we can begin to claw back the liberties and privacy we've already lost, please read on...

The paper I hope you're about to read represents a major component of the Trusted Surveillance scheme which I first mentioned here and which will (eventually) be explained in detail in the final part of my "War" chapter (Chapter Ten - Part 3).

For an entertaining warning about the results of the Untrusted Surveillance we're already living with and threatened by, check this out.

This is the first version of the ID Card Paper I've put up on the web although it is about the 5th version since I started working in this area following 9-11. The earlier versions were aimed at influencing the UK government in its choice of system. As a result I was somewhat diffident in my approach to the role of government itself. After all, there is no point in alienating your "customer" before they "buy" the product! However, now they've made up their minds and have chosen a World War II solution to a World War III problem, I feel considerably less restrained.

It is also the case that I no longer feel like a minority voice in pointing out the increasing authoritarian nature of both the UK and US governments. There have always been a few thousand of us talking about it here on the web, but that wasn't, initially, impacting the "real world". Since late 2006, however, there has been a notable change most clearly demonstrated by the dismissal of Rumsfeld following the obvious failure of the Neocons Iraq strategy and the consequent escalation of the Terrorism (and support for Terrorism) which it produced.

The apparent success of the return to more "traditional" military/diplomatic approach (the "Surge") has further reduced the influence of amateur and incompetent politicians in the exercise of "Security". Their waning influence since then has been "restricted" to destroying as many legal and constitutional barriers as they can to protect themselves from criminal proceedings in the future and to advance the imposition of an unfettered Police State.

With the 2006 electoral defeat of the Republicans, the atmosphere changed. Even mainstream commentators began to whisper publicly about the emperor's nudity. The gradual re-positioning of American policy now taking place following the Democrat victories are a welcome sign that the "Project For The New American Century" may be in retreat, or at least on the defensive.

And now it is in retreat, it is gratifying that the mainstream media who have been pointedly ignoring the unashamed abuse of power for as long as they can get away with have at last begun to find some courage. More and more of their airtime is being devoted to the growth of the Police State in America and its precursors in the UK.

Even more encouraging, there are signs that other activists are beginning to "get it" (The "it" being the need to watch the watchers.) Some have been preaching it since Steve Mann invented the term Sousveillance in 1998. I prefer the provocative name "Trusted Surveillance" for reasons explained in the first link on this page, but Sousveillance is definitely part of what I have in mind.


Trusted Surveillance is primarily about us watching ourselves rather than each other. Meaning - ideally - that we record (in ways which ensure that no-one else can access the data - ever) every detail of our own lives for our own purposes but, with the added benefit that, should we ever need to and/or want to, we can use the data we capture in the process to prove arbitrary claims about our activities or whereabouts. In other words, although no one else can get at the data, nothing prevents us from accessing it ourselves and copying selected data to third parties of our choice.

This is not a techno-fantasy. As well as the Sousveillance efforts, Microsoft Research's MyLifeBits project has been working on precisely this technology for several years now. And DARPA itself was working on a similar project (Lifelog) up until 2004, when it pulled out almost certainly (they've never actually explained why) because they were frightened off by the privacy/liberty issues. That, as you will see, is a very revealing retreat. They recognised that you could not possibly develop a system this intrusive without NSA -proof privacy protection. With their expertise they could have developed such protection more easily than most, but the "central research and development organization" for the US Department of Defense wasn't about to suggest a personal record keeping system which would be completely immune even to attacks by its own paymasters.

We, on the other hand, are not constrained by the need to leave backdoors open to the US (or any other) Government, so we have no problem in principle (although we accept that there are a few problems in practice) with desiring or designing such an attack proof system. ( "attack proof" should be read as an aspiration but with a starting point of at least "sufficiently attack resistant to satisfy all reasonable demands for day to day use")

As well as the need for very serious security, the only other major component we need to add to the the Sousveillance/Microsoft/DARPA concept, in order to meet this one is an immutable audit trail (which will allow us to prove the validity of any given record or transaction to a third party) and an appropriate Key Exchange Protocol which, in turn, will provide the secure infrastructure for all identity management and authentication requirements for the foreseeable future. It is clear that those who have played with such self monitoring systems to date have not considered the major security benefits that which come with such a personal surveillance system.

With such a comprehensive audit trail, we will, for a start, and for the first time in our history, have a means of categorically (and, generally, anonymously) "proving the negative" in respect of many of our activities. This alone will open up a whole new approach to fighting crime. For example, everybody who wasn't present at a crime scene will be able - anonymously and without revealing where they were - to prove it; leaving the police only having to locate and interview the handful who can not prove their absence.

The next aim of Trusted Surveillance is to ensure that (where appropriate or desired) whenever we interact with other people, we have our own safe and trusted record of the encounter. Thus, should we be harmed by the encounter, without our consent, we can use our record to sustain a formal complaint. (the other party can, of course, use their own record in their defence - or not as they choose). This too will impact dramatically on those crimes (or merely conflicts) where it is "your word against theirs".

The third aim is to ensure that any decisions or activities made by those to whom we delegate authority are also captured to a similarly bulletproof and similarly private audit trail; but with two provisos Any instruction issued by someone in authority would have no legal force unless it was recorded on that audit trail. And any action carried out allegedly in compliance with such an instruction would also be illegal unless the instruction was on that audit trail. Should any dispute arise as to the legitimacy of an action or instruction, failure or refusal to provide the audited record of the instruction will be sufficient to establish guilt.

This is the most politically revolutionary measure. Ultimately - if We The People decide they like the idea - it may help to eliminate government altogether. (I argue that in a true democracy we don't need "governors". At most we need managers who follow our instructions) In the short to medium term, however, it could make it impossible for politicians, or anyone else in the "chain of command" to lie to us.

All the above will have profound effects in many areas of human activity but the most important by far - and the most relevant to the paper I hope you're about to read - is that, eventually, it will become impossible for people to harm other people without detection. As such it is the first component of a technological shield which may (ultimately) protect us from all sources of non-consensual harm. By capturing the relevant details of any attack, this first stage of the Shield (Trusted Surveillance) does at least allow us to learn where our weak spots are and against whom we need to retaliate or at least defend ourselves.

That, of course, offers only limited comfort if the attack was a suicide bomb. The damage is done. Retaliation can only be targeted against the support network that made the attack possible. Not an insignificant benefit but somewhat less than perfect. We won't have "perfect" protection until we've all got our own personal "nanoshields" or something similar and that isn't going to happen for at least another 3 or 4 decades (possibly a lot longer).

However, it offers much better protection against Tyranny than Terrorism. This is because the (potential) Tyrant is constrained by a) the concessions they've already made - such as the need to be re-elected from time to time and b) the fact that, unlike the terrorist, they can't hide. Thus, while exposing the behaviour of a Terrorist may prevent a given attack, or reveal his part in a previous one, it does nothing to undermine and may even build support for his cause. Conversely, exposing the behaviour of a Tyrant, who is nominally much more concerned with the need to court public opinion, can be enough to remove them from the public stage and eliminate their threat to us.

For example, consider 9-11. The fact that bin Laden is believed to be involved is, from his point of view, very good for his credibility and cause. Hence, although he has never explicitly accepted involvment, neither has he strenuously denied it. Conversely, if it ever becomes known (as some people already passionately believe) that Cheney and Rumsfeld collaborated to maximise the impact of the attack (by ensuring, for example, that the routine air defence system was temporarily disabled and thus unable to intercept the hijacked planes) this would not only destroy their careers and land them in jail, it would probably destroy the American political establishment and lead to a new constitution (or at least an insistence that all future governments obey the existing one)

So the next time you read some murky speculation about who said what to whom in the corridors of Power, bear in mind the "third aim" (above) and how it would make such speculation unnecessary and the alleged plotting impossible. The exercise of power through techniques such as Rumsfeld's "snowflakes" (his unsigned and deliberately unattributable post-it notes - with which he effectively destroyed the peer review process in the Pentagon - see Bob Woodward's State of Denial for details) would be both illegal and eminently exposable.

These are the main ambitions behind Trusted Surveillance, of which the proposed Identity Card is a significant component. So, please, read the paper and Enjoy. But don't stop there. We need participation, feedback and support if we're going to make this fly. Help start the ball rolling, even it is only by criticising the aims or approach outlined here. If you want to help, you can do so in 3 ways:

1 Spread the word. Please link back to this page (so that new readers can read this intro before diving into the paper)

2 Suggest editorial improvements and different versions of the paper (or this intro) - to address different audiences or in different contexts - and any other ways to get the message to a wider audience.

3 If you're a geek, volunteer your services for the Open Source project that is going to have to build the damn thing.

I've started up a discussion board to share ideas about it. If you're not already an RTP forum member, please read this post for details on how to join. (In either case, please note I've "self certificated" the forum to make it a little more difficult for the Untrusted Surveillance to track your browsing. So you may need to ignore the warnings and add the site as a security exception)

Any thoughts on this issue which you wish to keep private or are otherwise not appropriate for the forum, please send them to me using harrystottle at fullmoon dot nu and using the subject heading RTP_RESPONSE_IDCARDS (at least for your first message - until I have your email address on my whitelist)

Finally, it occurs to me that you might actually want to read what we're talking about. Here it is (pdf only)

Last revision 28 Jan 2009 - Harry Stottle