Subj : The UK is bringing in dig
To   : All
From : Mike Powell
Date : Tue Nov 18 2025 09:18 am

The UK is bringing in digital IDs. Heres how to stop them becoming
surveillance tools

Date:
Mon, 17 Nov 2025 15:11:24 +0000

Description:
Without clear legal and technical safeguards, digital IDs risk shifting from
convenience to control.

FULL STORY

Everyday life already depends on proving who we are, from applying to jobs,
renting homes, accessing financial services or travelling abroad.

An improvement to this system is a welcome change when done correctly, making
everyday interactions smoother for people and businesses alike.

That is the promise of Digital identity , but its success will depend on
whether it will deliver those benefits of convenience without creating new
risks of data misuse or surveillance in a way to install control across both
online and offline.

The UKs newly proposed BritCard risks repeating old mistakes, scrapped in
2006 for being intrusive, ineffective and enormously expensive.

Putting everyones ID data in one interconnected place creates a single,
attractive target with greatly increased exposure unlike physical IDs which
is harder to access at scale.

You also make it easier for the system to be repurposed. Data gathered for
one reason is often pressed into service for another reason- a tool built for
convenience can become an instrument of control without the correct systems
in place.

An efficiency boosting ID or all-purpose surveillance?

Digital identification is already required in everyday life. KYC for banking,
credit checks, passports for travel, visas, and National Insurance numbers.
What BritCard proposes is different.

By merging these functions into a single digital ID, the government could
link systems that operate in isolation and promise greater convenience and
efficiency. However, whether it is the goal or not, can also feature
full-spectrum tracking of peoples movements and interactions both online and
offline.

Recent public reaction shows how contentious this is.

Almost three million people have already signed a petition demanding the
government scrap the plan, warning its implementation is a step towards
excessive monitoring and digital control or building a switchlever to
Orwellian surveillance that could be misused in ways similar to Chinas social
credit infrastructure .

That concern is not unfounded even if not the intention. Privacy researchers
note that some Digital ID architectures include phone home features:
background functions that report when or where ID credentials are used.

Even when intended for security or interoperability, this capability risks
turning verification into quiet tracking if left unchecked.

Without clear safeguards, the ability to restrict access to movement and
payments, or linking behavior across services could be knowingly or
unknowingly built into its architecture.

Lessons from digital ID around the world

Digital ID can deliver real benefits when built with the right safeguards,
the challenge is ensuring they enhance trust rather than centralize control.
Centralized databases must be limited to the minimum necessary information.

The law must set clear limits on who can use the data and why. Without tight
legal and technical safeguards, centralized systems are both surveillance
tools and hacker magnets.

Estonia, often held up as a model, suffered a breach in 2021 that exposed
almost one million peoples identity records, including voting, banking and
medical records that forced a lockdown on all online services.

Even advanced systems fail if the architecture concentrates risk. Despite its
breach, it has still built seamless e-governance and secure digital
signatures because of this technology, its digital ID has enabled citizens to
file taxes in minutes, sign contracts remotely, and access nearly all public
services online.

Switzerland, after being rejected in 2021, only secured public support for
its national digital ID recently by introducing stronger safeguards and
clearer governance. The new voluntary system is issued by the federal
government and stores data on users devices rather than in a central
database.

It uses selective disclosure to share only what is necessary, relying on
open-source code that can be publicly audited, and includes a national trust
registry to keep issuers accountable. These safeguards put citizens at the
center that turned a rejected system into one the public placed its
confidence in by vote.

The architecture that decides between convenience and control

So how do we stop them becoming surveillance tools? The starting point is a
privacy-first architecture based on signed, verifiable data. In practical
terms this means credentials that are issued by trusted authorities, held by
individuals, and presented selectively.

Instead of sharing entire identification documents each time, digital ID
systems can verify specific information through digitally signed
confirmations. For example, a person could confirm they meet certain criteria
such as being over 18 or having the right to work without revealing every
detail on their ID.

The verification happens securely between trusted parties, and the underlying
data remains protected. The person stays in control of when and where their
information is used, and the verifier receives only what is relevant to that
interaction.

For example, a venue checks that you are over 18 without learning your full
date of birth, and an employer verifies your right to work without storing a
copy of your passport in their database.

This approach, known as self-sovereign identity (SSI), allows people and
institutions to prove facts about themselves without exposing the data behind
them. It creates systems that are secure, comparable across borders, and
privacy-preserving.

For governments, SSI could underpin a digital ID framework that strengthens
trust and efficiency without enabling mass surveillance, just like
Switzerland.

Digital ID is inevitable. Whether it becomes the backbone of a trusted
digital economy or the framework for total surveillance depends on what we
build now.

If the UK chooses a privacy -first model, it can maximize efficiencies,
delivering speed and security without surrendering control. If it doesnt, we
risk hard-coding a switchlever to Orwellian surveillance into everyday life,
efficient, permanent, and impossible to unwind once turned on.

This article was produced as part of TechRadarPro's Expert Insights channel
where we feature the best and brightest minds in the technology industry
today. The views expressed here are those of the author and are not
necessarily those of TechRadarPro or Future plc. If you are interested in
contributing find out more here:
https://www.techradar.com/news/submit-your-story-to-techradar-pro
======================================================================
Link to news story:
https://www.techradar.com/pro/the-uk-is-bringing-in-digital-ids-heres-how-to-s
top-them-becoming-surveillance-tools
$$
--- SBBSecho 3.28-Linux
* Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)

You are viewing proxied material from cvs.synchro.net. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.