Dropping in a reference to Dr. Strangelove feels like a fitting way to start a blog entry on ID cards. In my limited experience this is the subject that causes the most anger and frustration amongst BCS members. A common complaint is 'why aren't you doing more?', meaning why aren't we doing more to criticise the project and grab the attention of government.
Well, a big part of the reason is that a) BCS is not a political organisation and b) we're a broad church. Some BCS members are actively campaigning against ID cards - I know some of the people in and around NO2ID read this blog from time to time (hello!). Some BCS members are actively working on strategy, procurement and implementation of the ID cards project itself - inside the civil service or as private sector contractors. I know some of them read this blog too (hello!).
BCS is intrinsically an independent apolitical organisation, and were we to take what would be construed as a political position we would implode. Every IT professional from this broad church has a claim over us as their representative, and we need to take that very seriously. The problem is that almost anything can have a political spin to it - our comment on the NHS National Programme for IT is a good example of us being prepared to take a critical position. However, we can't simply run away from things that have political impact, as we would be shirking our responsibility. Instead we have to make sure that after making a statement we can look people from NO2ID or Home Office or the NHS in the eyes with a clear conscience. We have to make sure we are truly independent, and seen to be.
So, what does that look like in the case of ID cards? One of the big questions is how society should keep in proportion the positive and negative aspects. Questions of proportionality are clearly the domain of parliament. If MPs vote to say that ID cards are a proportionate response to a terrorist threat, then the BCS pretty much has to accept that. Members can of course disagree, but it is not reasonable to accept that the BCS will challenge MPs on such a position. They can vote like everyone else!
However, we are fully able to take the stated aims of a project and ask whether those aims will be met by what is proposed. Collectively as a society (present unqualified remarker accepted), drawing on a wide array of experts, we are very well placed to comment on outcomes - intended and unintended - in such a situation. We can also point out where there is a conflict - for example, if ID card proposals cut across data protection principles or stated government policies elsewhere.
In that light, you might be interested to read our response to the IPS consultation on the ID cards scheme. The consultation itself was pretty narrow - and our response highlighted areas that we felt were vital for future consultations. It also emphasised our continuing desire for a more open engagement on plans and high level designs, and acknowledged the disquiet amongst members. At this point, we'd just be pleased to see a clear statement of purpose, expected use cases and some boundaries. In other words, "What's it for?".
We're also in general rather concerned about huge aggregations of personal information (onto CDs, for example!) as that tends to create a new level of risk. Again, generally speaking, there are often ways of achieving objectives without creating large national databases that end up being high risk.
That was one of our worries over the NHS IT programme, as we could generally see the point of summary care records, but not a huge database of everything. That was not questioning the political decision to move to electronic patient records (we like that - we are the BCS after all!), but how it was implemented.
Anyway, all that aside I'd be interested to get your views on whether we keep the right balance. To some extent if a few are calling us 'chicken' and others saying we've crossed the line we may not be doing too badly. Having said that, measuring success solely by complaints is, frankly, a bit idiotic! What do you think?