A quick demolition of the digital ID proposal

By Joel Body Posted on 2025-11-09

First, two apologies: one, sorry for not posting more frequently and two, for being a bit late to this part.

First:

In Denmark, a graduate applying for jobs has to log into a portal only once, and their ID automatically links to their school records, saving them retyping their qualifications each time.

What makes that a good thing? Red-tape has the ability to keep people safe - just look at how government departments sharing personal data with minimal oversite has lead to racial profiling and unjust deportations. Yes, too much red-tape can be stifly - but having I think that copy-paste is an adequate method of filling in already digital forms efficiently. And if you argue that old people won’t like using copy-paste, they won’t like a completely digital system.

Other countries that have introduced digital ID find that digitally checked credentials are far more secure than physical documents.

Are digital credentials more secure? I would argue not in most cases. In most cases, digital credentials are only going to be inspected visually. Are bartenders going to buy and learn how to use sophisticated verification technology (if they even can aquire it!)? Or are they going to just visually inspect it? And does a phone have the same visual inspection security techniques as a passport or drivers license. No, you can’t have holograms on a phone. Only the police or the border force are going to be actually using digital verification techniques. And how can the lay person be certain that they aren’t deploying malware onto their device? How does the lay-person know that the officer is plugging their phone into a verfication device and not cellebrite? Now all an officer needs is to traffic stop someone to stalk them.

They are much less likely to be lost or stolen, they have reduced errors and mistakes, and they have helped crack down on fraudsters who can ruin peoples’ lives.

How many times have you lost your phone (albeit temporarily)? And how many times have you lost your passport? Further, are many people walking around with their passport held out infront of them? When we have seen theives snatching pedestrian’s phones, to access their bank account from this massive issue. But instead of being able to go to your bank, show your ID and verify that you want your account frozen - now that is not even possible. Instead of protecting people from fraud, we are handing petty theives and fruadsters all the power.

There will be no pooling of people’s private information into a single, central dataset—it will be a federated data system—and user control will be at the heart of our plans.

Does the government know what “federated” means? Or “privacy”. How can a system be federated if one of the parties is the government? It makes the non-colluding requirement impossible! The government must not be able to exert authority over these federated instances. They cannot mandate the software be a certain version, or they could inject malware into this instance. The moment any mechanism between the two exist, they are no longer federated. They are just one entity (ironically) lying about their identity. This is complicated by the snooper’s charter. So they are just straight-up making things up to justify themselves.

With a digital ID, people may end up having more choice over what they show the world, not less.

See above on the risks of cellebrite or equivalents being used. Further, it is quite easy to just cover up parts of your ID.

Digital ID is not a silver bullet for tackling illegal immigration, but it will be a deterrent to would-be migrants who are considering coming to the UK, alongside all the other action we are taking.

I am not even going to touch the illegal immigration argument, as it is blatantly xenophobia.

For our new ID to be both effective and fair, it must be genuinely inclusive. That is non-negotiable for the Government, and for me personally. Currently, around one in 10 UK adults do not have a passport or a driver’s licence to prove their identity, and around 1.5 million people do not have a smartphone, laptop or tablet, or are digitally excluded for another reason.

So the UK population is ~70 million. 7 million people then don’t have a form of ID. If we assume that is the lowest 10% by income, it seems reasonable to pay the £700 million/decade (£70million/year) to pay for their passports (a passport costs around £100). Considering that the government estimates a £1-2billion setup cost and a ~£100million/year operating cost, would this not be a cheeper way of achieving this. Further, the issue is not necessarily about access to devices, but the knowledge of how to use it. This is also assuming compatibility with all forms of computer. Are people going to walk around with a desktop just to prove their ID? Is it definitely going to work with GrapheneOS, purism, postmarketOS, Arch, etc devices? If not then you are excluding those who make the most effort to protect their privacy. Essentially, it is just facilitating more market control by the largest corporations.

around 1.5 million people do not have a smartphone, […] 92% of people over 16 already have a smartphone.

As I have already mentioned, the first statistic is misleading, it is in reality 5.6 million people who do not have access. If we are to take Uswitch’s minimum monthly phone bill, that means £13.30*12*5.6million ≈ £900million (more than the cost/year of passoports). Whilst I believe that having internet access is a human right, it is misleading to try and hide these fees in amongst this project. Instead, they should provide internet access under a separate program (where they have actually thought about it.)

I ask the Secretary of State what guarantees she can give my constituents that the scheme can be afforded, that their data will be safe, and that the scheme will be never used to track their use of services. […] I have already said that the scheme will not be used for that. In many other countries these systems have made accessing Government and public services much easier, quicker and more efficient.

Notice, how the question is dodged, only “we won’t do that”, clearly not understanding that this is not neccessarily about what you will do, but your successors. (This question was effectively repeated later with the same response.)

And finally, what is the UK’s track record for IT. Sh*t. How often does the NHS get hacked? How has one council bankrupted themselves with IT deals. How can we trust the current government to actually keep our data safe? I would say that we cannot - especially when they (or any future government) could be potentially convinced to allow for this to facillitate transnational repression.

Please, digital IDs are just a terrible idea - and this is a particularly bad one at that.