Entitlement Card - Object - Remove its teeth. Last chance.
Bystander | 19.01.2003 02:02
Help on easy ways to object. And news of an entirely new type of smartcard which protects your privacy and allows you control. If we can't stop it - we must get this new privacy-friendly technology before it is too late. Include it in your consultation submission.
If you have not yet responded to the consultation request on the horrific new Universal Entitlement card, you might wish to incorporate some or all of the following text, which I have drafted for you to cut and paste should you so wish. I think you will find it self-explanatory. The science involved is in no sense on the "fringe". It comes from a topclass US University, with impeccable credentials.
You can learn more at
http://news.com.com/2010-1069-977908.html?tag=lh
Look down near the bottom of the page. I bought the book.
It would be best perhaps for you to embed the text in your own words as a quotation, with a bit at the beginning and perhaps again at the end giving your wider views, what you think about the card in general, and why you think this text worth quoting.
Obviously you can change this text any way you like, but be careful not to fiddle with the technical bits unless you know what you are doing.
Personally I am totally opposed to the whole idea, but realistically I dont think we have a cats-in-hells chance of stopping it, and this technology is second best. Maybe thats the thing to say.
There is a slight danger that including my text in your consultation email may dilute your objections so that they try to count it as a yes. To counteract this I suggest you begin, and also perhaps end, with some really clear statement, in capital Letters, like :
"I am totally opposed to the introduction of the Universal Entitlement Card, and would like this response counted in the statistics acciordingly."
Or even put it as a heading. The truth is they will probably just be counting them, with the minimum of actual reading.
If you want to participate in the consultation, you have two options. (Actually three - I just spotted another I've added below).
You can send an email
entitlementcardsunit@homeoffice.gsi.gov.uk directly.
Or you can go to http://www.stand.org.uk. They give you two ways of registering your view. At first they give you a form to send in an email to the consultation email address directly from their page. There is nothing to prevent you giving a false identity and email address here, but please don't as any follow-ups will undermine their credibility for the rest of us. They format the email like a letter, with an address etc, but it does go off via email.
Once this is sent you have the option of being automatically transferred to http://www.faxyourmp.com and sending a fax to your MP. The form will be prefilled with your email text, but can be modified. I think it requires something more personal, and have drafted a second version (given below labelled FAX FOR MP) which you might like to consider.
The fax service requires a postcode (too identify your MP), and a genuine email address, as the fax is only sent if you click a link you will find in a confirming email they will send you. Again I suggest that if you are too scared to use your real name and address, probably best not bother as you only risk discrediting the service.
Hope this makes it all clear and easy. I know the war on Iraq seems more important, but this is our one brief tiny chance on this card, and unless we can get some controls on now, our children may curse us for the huge computerised population monitoring surveillance system it could easily lead to. I fear perhaps we can't stop the card altogether, but I am convinced this technology gives us the power to negotiate for our privacy. Otherwise its all over, with no technical way back.
I have just noticed this third method:
"Privacy International has set up two local rate numbers. In favour of the ID Card: 0845 330 7245, against the ID Card: 0845 330 7246. Each message left on these lines will be converted to an audio file, and then emailed to the Home Office.
In an unprecedented decision, the government confirmed last week that these audio files will be regarded as legitimate consultation responses."
I shall be doing this as well. Why don't you ?
___________________________________________________________
SUGGESTED TEXT FOR EMAIL TO THE GOVERNMENT CONSULTATION UNIT
___________________________________________________________
NEW PRIVACY-FRIENDLY SMARTCARD TECHNOLOGY COULD MEET SOME OBJECTIONS.
PLEASE READ THIS ONE
Can I begin by saying that I am entirely opposed to the introduction of the new card, and I wish for my response to be counted accordingly.
I am concerned that the cards proposed violate our privacy. If the cards cannot be avoided, then I wish them to incorporate the newly-available privacy-friendly encryption technology. This makes it possible for the incorporation of a variable and controllable amount of privacy protection, whilst still meeting their declared objectives.
A standard card based on X509v3 or similar reveals everything stored on it to everyone allowed to verify. This is regardless of whether this is necessary for the purpose in hand.
Revealing the identity, or identity-determining data, at every transaction allows verifiers to collaborate in building a database of every transaction. Even one link to actual the users actual identity links the lot. All this is already happening on the internet, with the Double-click organisation effectively circumventing the cookie rules set up in good faith to give privacy.
If this were inevitable, then maybe so be it.
But new cryptographic techniques allow selective revealing of only the data necessary for the purpose. ie the fact of entitlement, with the identity hidden. Indeed, revealing can be limited to any boolean combination of stored data suitable for the purpose ie that the holder is both over 18 and under 65 (say), or that he is entitled to some service, without revealing his actual birthdate or identity.
I would be most surprised if your technical people were unaware of these smartcard developments. See the reference at the foot of this email.
Just a little delay would allow you to create a smartcard which would meet all your genuine needs, and yet simultaneously meet all the privacy concerns of the objectors.
I hate to say it, but I am becoming fearful that you have no interest or motivation to do so, because in truth this is a first step towards a "Total Information Awareness" database which will ultimately be used for massive surveillance and monitoring of the population. A destination to which a huge majority would object if it were revealed now.
The reference to the new privacy-friendly smartcards is the following book:
"Rethinking Public Key Infrastructures and Digital Certificates - Building in Privacy" By Stefan A Brands, Published by the MIT Press 2000 ISBN 0-262-02491-8
Please do not disregard my input because it may have similar wording to many others you receive. This is a technical matter of which I have in-principle understanding sufficient to be sure that I strongly support the privacy-friendly route it offers. If a universal entitlement card really cannot be avoided, I believe this is the only technology which could go any way towards meeting my privacy concerns.
I request that my input be taken seriously, and incorporated into any blanket statistics of responses which you may issue as a firm objection to the card. My support for a card using the new technology is only as a last resort if introduction cannot be prevented.
__________________________________________________________________
XXXXXXXX DO NOT COPY THIS XXXXXXXXXXX
THE SECOND VERSION BELOW IS A BIT DIFFERENT, MORE SUITABLE FOR SENDING TO AN MP
___________________________________________________________________
NEW PRIVACY-FRIENDLY SMARTCARD TECHNOLOGY COULD REDUCE OBJECTIONS TO UNIVERSAL ENTITLEMENT CARD.
PLEASE READ THIS ONE - IT CONTAINS VALUABLE TECHNICAL DETAIL
I am concerned that the cards proposed violate our privacy, when it is no longer necessary technically to do so in order to meet their objectives.
A normal smartcard based on the X509v3 standard or similar reveals everything stored on it to every machine allowed to read it. This is regardless of whether this is necessary for the purpose in hand.
Revealing the identity, or identity-determining data, at every transaction allows the reading organisations to collaborate in building a database of every transaction. Even one link to actual identity links the lot. All this is already happening on the internet, with the Double-click organisation effectively circumventing the cookie rules set up in good faith to give privacy.
If this were inevitable, then perhaps so be it.
But new cryptographic techniques allow selective revealing of only the data necessary for the purpose. ie the fact of entitlement, with the identity hidden. Indeed, revealing can be limited to any boolean combination of stored data suitable for the purpose ie that the holder is both over 18 and under 65 (say), without revealing his actual birthdate or identity.
I would be most surprised if the governments technical people were unaware of these smartcard developments. See the reference at the foot of this email.
Just a little rethink would allow the creation of a smartcard which would meet all your genuine needs, and yet simultaneously meet all the privacy concerns of the objectors.
I hate to say it, but I am becoming fearful that the government has no interest or motivation to take this option, because in truth this is a first step towards a "Total Information Awareness" database which will ultimately be used for massive surveillance and monitoring of the population. A destination to which a huge majority would object if it were revealed now.
If you were to decide that amongst all the demands on your time you might wish to take an interest in this issue, I think a look at the first chapter of the book below might make you a convert. The rest of it gets highly mathematical, but the first chapter is clear, understandable, and (for me at least) most persuasive.
You can learn more at http://news.com.com/2010-1069-977908.html?tag=lh, down near the bottom of the page.
Yours faithfully
..........................................
REFERENCE
The main reference to the new privacy-friendly smartcards is the following book :
"Rethinking Public Key Infrastructures and Digital Certificates - Building in Privacy" By Stefan A Brands, Published by the MIT Press 2000 ISBN 0-262-02491-8
You can learn more at
http://news.com.com/2010-1069-977908.html?tag=lh Look down near the bottom of the page. I bought the book.
It would be best perhaps for you to embed the text in your own words as a quotation, with a bit at the beginning and perhaps again at the end giving your wider views, what you think about the card in general, and why you think this text worth quoting.
Obviously you can change this text any way you like, but be careful not to fiddle with the technical bits unless you know what you are doing.
Personally I am totally opposed to the whole idea, but realistically I dont think we have a cats-in-hells chance of stopping it, and this technology is second best. Maybe thats the thing to say.
There is a slight danger that including my text in your consultation email may dilute your objections so that they try to count it as a yes. To counteract this I suggest you begin, and also perhaps end, with some really clear statement, in capital Letters, like :
"I am totally opposed to the introduction of the Universal Entitlement Card, and would like this response counted in the statistics acciordingly."
Or even put it as a heading. The truth is they will probably just be counting them, with the minimum of actual reading.
If you want to participate in the consultation, you have two options. (Actually three - I just spotted another I've added below).
You can send an email
entitlementcardsunit@homeoffice.gsi.gov.uk directly. Or you can go to
http://www.stand.org.uk. They give you two ways of registering your view. At first they give you a form to send in an email to the consultation email address directly from their page. There is nothing to prevent you giving a false identity and email address here, but please don't as any follow-ups will undermine their credibility for the rest of us. They format the email like a letter, with an address etc, but it does go off via email. Once this is sent you have the option of being automatically transferred to
http://www.faxyourmp.com and sending a fax to your MP. The form will be prefilled with your email text, but can be modified. I think it requires something more personal, and have drafted a second version (given below labelled FAX FOR MP) which you might like to consider. The fax service requires a postcode (too identify your MP), and a genuine email address, as the fax is only sent if you click a link you will find in a confirming email they will send you. Again I suggest that if you are too scared to use your real name and address, probably best not bother as you only risk discrediting the service.
Hope this makes it all clear and easy. I know the war on Iraq seems more important, but this is our one brief tiny chance on this card, and unless we can get some controls on now, our children may curse us for the huge computerised population monitoring surveillance system it could easily lead to. I fear perhaps we can't stop the card altogether, but I am convinced this technology gives us the power to negotiate for our privacy. Otherwise its all over, with no technical way back.
I have just noticed this third method:
"Privacy International has set up two local rate numbers. In favour of the ID Card: 0845 330 7245, against the ID Card: 0845 330 7246. Each message left on these lines will be converted to an audio file, and then emailed to the Home Office.
In an unprecedented decision, the government confirmed last week that these audio files will be regarded as legitimate consultation responses."
I shall be doing this as well. Why don't you ?
___________________________________________________________
SUGGESTED TEXT FOR EMAIL TO THE GOVERNMENT CONSULTATION UNIT
___________________________________________________________
NEW PRIVACY-FRIENDLY SMARTCARD TECHNOLOGY COULD MEET SOME OBJECTIONS.
PLEASE READ THIS ONE
Can I begin by saying that I am entirely opposed to the introduction of the new card, and I wish for my response to be counted accordingly.
I am concerned that the cards proposed violate our privacy. If the cards cannot be avoided, then I wish them to incorporate the newly-available privacy-friendly encryption technology. This makes it possible for the incorporation of a variable and controllable amount of privacy protection, whilst still meeting their declared objectives.
A standard card based on X509v3 or similar reveals everything stored on it to everyone allowed to verify. This is regardless of whether this is necessary for the purpose in hand.
Revealing the identity, or identity-determining data, at every transaction allows verifiers to collaborate in building a database of every transaction. Even one link to actual the users actual identity links the lot. All this is already happening on the internet, with the Double-click organisation effectively circumventing the cookie rules set up in good faith to give privacy.
If this were inevitable, then maybe so be it.
But new cryptographic techniques allow selective revealing of only the data necessary for the purpose. ie the fact of entitlement, with the identity hidden. Indeed, revealing can be limited to any boolean combination of stored data suitable for the purpose ie that the holder is both over 18 and under 65 (say), or that he is entitled to some service, without revealing his actual birthdate or identity.
I would be most surprised if your technical people were unaware of these smartcard developments. See the reference at the foot of this email.
Just a little delay would allow you to create a smartcard which would meet all your genuine needs, and yet simultaneously meet all the privacy concerns of the objectors.
I hate to say it, but I am becoming fearful that you have no interest or motivation to do so, because in truth this is a first step towards a "Total Information Awareness" database which will ultimately be used for massive surveillance and monitoring of the population. A destination to which a huge majority would object if it were revealed now.
The reference to the new privacy-friendly smartcards is the following book:
"Rethinking Public Key Infrastructures and Digital Certificates - Building in Privacy" By Stefan A Brands, Published by the MIT Press 2000 ISBN 0-262-02491-8
Please do not disregard my input because it may have similar wording to many others you receive. This is a technical matter of which I have in-principle understanding sufficient to be sure that I strongly support the privacy-friendly route it offers. If a universal entitlement card really cannot be avoided, I believe this is the only technology which could go any way towards meeting my privacy concerns.
I request that my input be taken seriously, and incorporated into any blanket statistics of responses which you may issue as a firm objection to the card. My support for a card using the new technology is only as a last resort if introduction cannot be prevented.
__________________________________________________________________
XXXXXXXX DO NOT COPY THIS XXXXXXXXXXX
THE SECOND VERSION BELOW IS A BIT DIFFERENT, MORE SUITABLE FOR SENDING TO AN MP
___________________________________________________________________
NEW PRIVACY-FRIENDLY SMARTCARD TECHNOLOGY COULD REDUCE OBJECTIONS TO UNIVERSAL ENTITLEMENT CARD.
PLEASE READ THIS ONE - IT CONTAINS VALUABLE TECHNICAL DETAIL
I am concerned that the cards proposed violate our privacy, when it is no longer necessary technically to do so in order to meet their objectives.
A normal smartcard based on the X509v3 standard or similar reveals everything stored on it to every machine allowed to read it. This is regardless of whether this is necessary for the purpose in hand.
Revealing the identity, or identity-determining data, at every transaction allows the reading organisations to collaborate in building a database of every transaction. Even one link to actual identity links the lot. All this is already happening on the internet, with the Double-click organisation effectively circumventing the cookie rules set up in good faith to give privacy.
If this were inevitable, then perhaps so be it.
But new cryptographic techniques allow selective revealing of only the data necessary for the purpose. ie the fact of entitlement, with the identity hidden. Indeed, revealing can be limited to any boolean combination of stored data suitable for the purpose ie that the holder is both over 18 and under 65 (say), without revealing his actual birthdate or identity.
I would be most surprised if the governments technical people were unaware of these smartcard developments. See the reference at the foot of this email.
Just a little rethink would allow the creation of a smartcard which would meet all your genuine needs, and yet simultaneously meet all the privacy concerns of the objectors.
I hate to say it, but I am becoming fearful that the government has no interest or motivation to take this option, because in truth this is a first step towards a "Total Information Awareness" database which will ultimately be used for massive surveillance and monitoring of the population. A destination to which a huge majority would object if it were revealed now.
If you were to decide that amongst all the demands on your time you might wish to take an interest in this issue, I think a look at the first chapter of the book below might make you a convert. The rest of it gets highly mathematical, but the first chapter is clear, understandable, and (for me at least) most persuasive.
You can learn more at
http://news.com.com/2010-1069-977908.html?tag=lh, down near the bottom of the page. Yours faithfully
..........................................
REFERENCE
The main reference to the new privacy-friendly smartcards is the following book :
"Rethinking Public Key Infrastructures and Digital Certificates - Building in Privacy" By Stefan A Brands, Published by the MIT Press 2000 ISBN 0-262-02491-8
Bystander
