51 comments

[ 0.25 ms ] story [ 66.5 ms ] thread
Why is the UK politics scene so focused on digital ID? Blair first proposed it and I feel like I've heard about it continually since with no progress. Different justifications every time too
The UK has a bunch of deeply divided issues: 40% want lower house prices and rents (tenants and would be buyers) and 40% want higher house prices and rents (landlords and owners). The same is true for taxes and immigration and crime/justice and welfare etc.

So governments are desperate NOT to do anything on most issues. And they are desperate to do SOMETHING (as a distraction) on issues seen as more neutral and less likely to offend vast numbers of people.

Governments are always looking for better ways to track (and control) their subjects. The idea of a national ID[1] has been floated by various US politicians since before it would have been digital. Many Americans oppose it because they fear a government using it to round up dissenting citizens, and others oppose it because they fear it would be used to more effectively identify illegals (some oppose it on both grounds), so between them it's never gotten started.

The UK government does seem especially keen on the idea of a digital/video dystopia, though. Weird, like they're trying to prove Orwell right.

[1] Social Security numbers aren't unique and you aren't required to carry your SS card, so it doesn't work for that purpose.

Digital ID works great in the nordic countries and doubtless elsewhere.
It's BS. Having a single ID instead of having to show a gas bill to prove your address is the right approach. Most European countries have a single ID card, and that's perfectly fine. In fact anyone who drives in the UK already have an ID card -- driving license. Now it's just a question of one card everyone would have and you could use to ID yourself when using banks or government services.
The UK already has (various) digital IDs but this is the 'new' one https://www.gov.uk/using-your-gov-uk-one-login. So what's going to be different? Just making it mandatory?

I can see some justification (sorta) for not making it mandatory, but saying it won't improve citizens lives is complete rubbish. Having one login for all government services would massively improve the efficiency, especially if other departments can share data (with consent ala oauth) with each other. Even in the NHS itself this would be a huge boon, if you get referred to two different NHS trusts they basically cannot see any other data. If all medical records could be linked to an ID (that is more sophisticated access control wise than the NHS number) it would actually be a huge boon for privacy/audit/logging.

The already tried one login for all government services (Government Gateway Id), but they released it when all the services had their own tech teams and it was a general disaster.

Each service would issue you a different one.

It's not so bad now, but it's extremely irritating to have a number as the user id as when you run a business or two, you end up with more, and then you have no idea which is which.

How would this solve the disparate NHS systems issue? The NHS id exists and is used by all of them. It's the various systems with no central data repository that is the problem. Throw in the fact that Scotland and NI have completely separate NHS's again and I don't see how another id ever solves it. The solution is bringing the NHS in all regions into the 21st century - which costs money they don't have.
> Having one login for all government services would massively improve the efficiency

I'm quite surprised that's not a thing over there

In Poland you can log in into governmental services platform by: scanning QR code with a digital id app (requires authorizing it beforehand but once it's done it works like a charm), a separated national id card app - only for newer documents with rfid chip, 3rd-party login via bank (as long you pick bank that offers it - some smaller ones don't), a qualified digital certificate within yet another app. There should be another option for EU citizens who in theory would use their national SSO platform as a provider but seems it doesn't work right now.

That digital id app will likely integrate everything else since it already provides a way to secure your national id number (a SSN equivalent) and driving license, health services (doubling the functionality) and train tickets components.

A separated health service app is also available where you can manage prescriptions for medicines, referrals for tests and vaccinations.

Has anybody bothered to specify what this will actually cover, and what it will be mandatory for? Does it imply an increase in "papers please" sweeps?
My wife who is from a large mainland European country, has an ID card. Everyone has one and they're mandatory. It makes it trivial to prove your bona fides and is good for air travel within the Schengen area. Her ID even has a chip which can be used to create digital signatures for situations where rock-solid proof of identity is required.

Amazingly, they've always had ID cards and the world hasn't ended. These countries are in some ways freer and more democratic than the UK.

'Civil libertarianism' has become a self-licking ice cream cone, and their advocacy is not only shrill and counterproductive, but also enables common criminals and bad geopolitical actors, engaging in aggressive hybrid war against free countries.

One of the few ways we are going to be able to fight off the Russian and Chinese hybrid war aggression that is assailing the West online is to hold online commenters accountable by binding their online identities to real-world strong IDs.

The libertarians may not like it, but this is the direction the world is going. Strong ID is a common sense, tried-and-true approach to protecting ourselves against criminals and foreign aggressors. And we'll eventually get digital strong ID, unless the boot-leather connoisseurs amongst us win this argument.

Counterpoint...the UK government is already jailing people for voicing opinions they don't like. You are basically saying that this is OK by you. This can be abused very badly by bad actors in the government. It is also one of the things we criticize China for. Becoming like an authoritarian system isn't the solution for opposing authoritarian systems.
> And we'll eventually get digital strong ID, unless the boot-leather connoisseurs amongst us win this argument.

Using "boot licker" as some sort of insult on moderates is getting really old. I appreciate the alternative term though.

I don’t want this, but I don’t really see a future where it isn’t a thing. One group of people are right to point out the scope for abuse and control of a population, and another are correct that we already have multiple forms of digital ID in the shape of driving licenses, national insurance numbers, and passports. At this point, I view it as a thing we have to navigate as a society and get to the other side of. If I have any energy at all to fight anything related to this, I’m saving it for after the implementation because, as I said at the start of this post, I view it as inevitable. Luckily for us, though, through total coincidence, we’re now going to have massive AI data centres to help us with this brave new digital identity.
So there are a number of digital IDs, but the problem is they are not really joined up or all that useful.

In principle, there is nothing really that wrong with a digital ID, as at the moment you have a bunch of UUIDs (mostly) so its not actually that hard to marry you up between departments.

In practice, what they'll do is hire accenture or some other dipshit company, spend _billions_ re-inventing a cross between a passport and oauth2, and it'll fail hard and be horribly insecure.

The better option is to tie everything to your government gateway ID (the thing that lets you renew passports, talk to the HMRC online, and a bunch of other services)

> In principle, there is nothing really that wrong with a digital ID, as at the moment you have a bunch of UUIDs (mostly) so its not actually that hard to marry you up between departments.

It depends. Here's a nice example for you - A while ago the BBC ran a series on council house investigators and their cases. It was very clear for it, that councils don't routinely check whether a prospective council tenant (who'd eventually become a buyer) doesn't already own a property. No checks are done with HMRC for their income levels either.

Of course, if a future government just wants to round up dissidents and send them to camps, I'm sure it won't be that big of an issue. But as of right now, this is enough to stop routine fraud prevention, which is likely an immediate threat to far more people.

If this is an argument > In practice, what they'll do is hire accenture or some other dipshit company, spend _billions_ re-inventing a cross between a passport and oauth2, and it'll fail hard and be horribly insecure.

then we'll never do anything in the UK and we should all just give up on changing anything.

Also, btw the passport renewal is done without government gateway ID.

OTOH - partly playing devil's advocate here - I'm dealing with several bank and inheritance-related issues in the UK from my home in Sweden now, and needing to do pretty much ANYTHING with an authority in the UK feels like stepping back into the 17th century.

There's a constant requirement for paperwork to prove who I am - always in the form of items that are 100% digital nowadays in the Nordic countries (like a "utility bill" or a "credit card statement" - on paper, posted by snail-mail to my home address!)

These then need to be 'notarized' by a legal person - with seals and embossed stamps before they can be used to identify me. It's medieval.

I visited Sweden this summer. One or two things accepted only Swish payment. Seems to be impossible for a visitor to use, you need to set it up with your bank.

I managed by asking a friend to use theirs. But don't assume that tech that "makes life easier" automatically means that it's inclusive. (See also parallel discussion today about EU Age Verification app [0]).

[0] https://news.ycombinator.com/item?id=45359074

Agree. Proof of ID in the UK often means copies of utility bills. You can fill out your own with an online template pretty easily. Inside the UK you don't even need to bother with the notarization requirement. It is indeed backwards.

You can say "well you have a driving license" except if you're a teenager or an elderly person who surrendered theirs, you don't. You can also say "use a passport" but they're not convenient to carry and some people have never left the country so never owned one.

An ID card isn't a bad idea per se. It's the same as a driving license except everyone can have it.

What is bad in this round is the government making everyone have it on their phone "because digital is cheaper" (guarantee it will cost billions either way). Similar problems - what about people who don't have phones, how do you mandate I install this on my dumb phone?

The previous iteration might've worked had they not gone overboard on sequencing everyone's genome and giving every government agency and their dog access (only slight exaggeration) to the data.

I haven't had any organisation insist on a paper copy of a bill/statement for probably 10 years now
I too not long ago went through the inheritance gunk with the UK.

> These then need to be 'notarized' by a legal person - with seals and embossed stamps before they can be used to identify me. It's medieval.

My experience of this was they (the insurance/solicitors) were just being obstructionist for fun, because when confronted with the requested notarized documents they kept moving the goalposts around, and only a threat to withdraw business from them on other fronts made them snap out of it.

The clearest example of the deficiencies of identity documents in the UK is the "Right to Work" process.

If you're an employer, you are legally required to check that anyone you hire has the right to work in the UK. The penalty for hiring an illegal immigrant - even accidentally - is a £60,000 fine. The guidance on how to perform a Right to Work check is 60 pages. A whole industry of third-party identity verification providers has sprung up, because the system is so complex that most employers don't feel able to do it themselves.

Ironically, performing a right to work check on a legal migrant with a work permit is trivially easy, because we've digitalised the visa system. They give you their Home Office share code, you type it in to a website, and the website shows you a photo of that person and clearly states whether or not that person has the right to work. We already have a really good digital ID service, but British nationals can't use it.

https://assets.publishing.service.gov.uk/media/6878ead80263c...

https://www.gov.uk/evisa/view-evisa-get-share-code-prove-imm...

On the other-other hand, here in Spain we have universal digital IDs, and we still need notarised paper copies of every document for every official process. Sometimes these processes are lining enough pockets they will never die...
Can anyone explain why this is a bad thing? All I hear about this is conspiracy theories or anti-government rhetoric but never a clear reason to why this is bad. I can't see a reason considering all of the benefits it can bring, and similar things have been rolled out across Nordic countries.
I think its that some anonymity gives safety from the government.

IE during WW2 Holland kept such meticulous records on its citizens that it indirectly leads to the greatest numbers of imprisoned ethnic groups ( because the information was there , easily accessible by the invading forces.

I think thats a good example of how too much info results in vulnerability for citizens.

I dont have an opinion on this just sharing what I think is a good example.

There are several reasons. I believe, many would acknowledge that it absolutely has good sides. But there are worrysome sides. As I life at the moment in Switzerland I know a little bit about the discussion there:

The implementation of an E-ID could just not good. In Switzerland people voted against E-ID already once and I believe now everyone agrees nowadays that it would have been an bad bad implementation back then (too much reliance on external companies). The same was true e.g. for Covid Certificates. The different implementations around Europe had different qualities and e.g. Switzerland ended up with one of the better (or maybe best) ones, where the identity of people were protected.

Let's just take the example of voting. It is already hard to explain to people that voting works as intended. Look e.g. at the US were I've the impression people do not trust regular voting anymore, despite having people from other countries checking if voting works correctly in the US. But overall it is a system almost everyone is able to understand. But the moment you bring cryptography into the game it's over. 99% will never ever understand why they should trust this. And honestly I feel with them. There are a lot of software people here and we all know how awful our whole industry cares about security overall and how critical software components depend sometimes on a few people. At least the whole implementation should be open source, everything else should not be tolerable.

What I have the impression most people fear, is not the E-ID itself, it is how it will be misused. Suddenly websites will now request verification for dubious reasons. While it is not the case with a regular ID, it will be trivial to do so in the future. The same with mass surveillance, it was not practical before internet, now it is, so governments do it. I think here comes one of the main arguments against it people would bring up, there is no simple instrument for people how they can fight back in case they dont like to identify with their E-ID.

To some degree there is mistrust in government (in Switzerland less then in Europe I believe) for very valid reasons. But still e.g. in Switzerland they had records of many people years ago. After the whole topic came to the surface it was a debacle and new laws were created to explicitly forbid this. E.g. in Switzerland it is not allowed by law to just store some information because are from the left-wing or right-wing (just regular left-wing/right-wing, not extremist), just as one example of something simple. Despite of this government still started to do again. Several newspaper requested this information, which now has to given out, and found it, despite being against the law, the government is doing it again. This kind of thing you can find for other European countries as well, and for the US I assume I don't even have to start.

Then what about people without Internet? At the 38C3 in germany last year was a presentation about this topic (Don't remember the full name, just that is is somehwere on https://media.ccc.de/c/38c3): that we always think it is just the old people, but this is not true.

Sure you could argue, that people give away they privacy willingly anyway, but I'm not sure if this a good reason to argue against all the suspicious some people have.

Here an article from a Online newspaper in Switzerland, tough its German: https://www.republik.ch/2025/08/29/ein-klares-jein-zur-e-id

At least in Switzerland I believe, if they just slightly would change the law it would benefit everyone. E.g. that in case an internet page expects an E-ID, that first it needs to through (a probably costly) evaluation what data is really, really needed, with many privacy experts at the table, to always reduce it to the absolut min...

Would you be willing to publish your browsing history with your real name attached? Why not list your real name in your HN bio?
You don't want Palantir to be able to buy list of Uber riders traveled to/from locations near MI6. A universal government backed ID cards on signup, or worse yet used as substitute for credit cards, makes that kind of things easy.

You can have such ID card system that can produce proof of authenticity of card itself, without any digitized card-face information included. I think that's how most existing systems are implemented.

Well, for one thing, the project would be gifted to one of the usual gravy-train companies, Fujitsu/TCS/Cognizant/Accenture. They will spend untold tens of billions on a half-baked bag of crap, beg for yet more money to fix it (blaming gov in the process). Eventually it'll be rolled out several years late and many billions over budget. And of course, there'll be board positions for those in gov that play along.
This time it might be given to Palantir instead, so there's that to look forward to.
Only big tech should be allowed to have databases of people and all their preferences (or the other companies / governments they sell their databases to).
(comment deleted)
No. The onus isn't on anyone to explain why it's bad
If you work really really hard, and come up with a really good media campaign, and there's not a riot or a genocide that your country is supporting that will allow digital ID to be rammed through, you'll be able to put it off for the 4 years until new Prime Minister Nigel Farage (or Zarah Sultana, or whoever) announces it as the government's first priority.
In the UK we already have population-wide tracking of internet usage, no warrant required.

Once we have a citizen id number, it's probable the UK government will mandate that it is bound to our internet access.

The UK government has form for arresting people (about 30 per day at the moment) for online speech under vague laws criminalising messages that cause ‘annoyance’, ‘inconvenience’ or ‘anxiety’ [1]

This is widely criticised as politically-motivated (Google "two tier Kier" and you'll see what I mean). This phenomenon will only get worse once we have citizen id numbers and the cost of investigation trends toward zero.

Also the technical barriers to shutting down an individual's access to online and IRL services will be reduced.

As we saw during Covid, the UK government seized advantage of the situation to remove civil liberties, and it's likely to do so again, given the lack of apology for bad policy-making at the time.

Digital ID is bad news for the UK.

[1] https://www.europarl.europa.eu/doceo/document/E-10-2025-0022...

> Mandatory digital ID would fundamentally change the relationship between the population and the state by requiring frequent identity checks as we navigate our daily lives.

This seems like a dubious fear. We already have plenty of ad-hoc digital IDs (see physicsguy's comment) and none of these fears have come to pass.

The Swiss are voting again for the e-ID this weekend. It is likely to pass this time although there are still some issues.

The implementation of the self custody wallet is open source: https://github.com/swiyu-admin-ch . What is missing is the verification system used to issue the ID which is not open at this time and the law is vague on who gets to ask for the ID. These two things still need to be settled.

Chiming in as a Brit: I m generally opposed to this.

I already have a passport and that is digitalised and universal. Why not just use that?

The UK has a bad habit of launching these programs and not being able to deliver on them.

We have had National Insurance numbers for a long time, these are used to track income tax payments and benefits. But that doesn’t work apparently. So I had to set up a Unique Tax Reference number. Just to do my tax return. This involved several letters back and forth. Actual paper sent in the post over several weeks. The government already have all the tax information they just need me to do 20h of work because they can’t keep their files straight.

They made a mess of that. So I now have an additional Unique Tax Reference number. 2 unique IDs…

And they are still getting my taxes wrong. And writing to me about other peoples taxes/benefits payments because they have similar names and live in the same municipality.

Also, I’ve never had any difficulty proving who I am online when I want to. And I should not need to do so anymore than I already chose to.

I half agree, but a passport is a mid sized paper book, and an ID card is plastic and credit card sized. A plastic card goes in my wallet. I do not want to carry my passport around with me - having done this previously in Europe (both to use as ID and to not leave it in the hotel room with no safe), it is very annoying.
I don’t find what either side is saying here very convincing.

Anti-ID “it will change our relationship with the state, cause irreversible damage to our civil liberties and fail to deter illegal immigration”. They say it will lead to “frequent identity checks as we navigate our daily lives”. That last part isn’t true, for sure. I’ve lived in a country with a digital ID and you had to verify your identity a few times a year at most - submitting taxes, opening bank accounts etc. They’re exaggerating here.

The pro-ID group is even less convincing, if that can be imagined. Tony Blair, former PM has been batting for this for ages - Digital ID is the Disruption the UK Desperately Needs (https://institute.global/insights/tech-and-digitalisation/to...). And it all sounds like snake oil to someone who is even a little tech inclined. He’s promising all kinds of things, like the UK will see dramatically higher growth. I’ve seen India before and after Aadhaar. It helped, but it didn’t fundamentally remake the economy. UPI did do that, but it’s not dependent on Aadhaar.

And the government wants to show they’re cracking down on illegal immigration so this is an easy win. But it will take more than 5 years to roll out and by then the PM would be out of a job. Even if it could be rolled out to 70 million people in 2 years (that’s 100k people per day), it wouldn’t have all these incredible benefits. As for illegal immigration, it would catch a few but not all.

The technical issue is that while you can issue everyone an ID, it would take much, much longer to make that ID the primary key in every database. The NHS ID has existed forever, and it is still not possible to query all the healthcare information associated with an ID. (This is why the NHS can’t estimate how much a patient costs). Adding a second ID doesn’t make that nearly unsolvable problem solvable.

Almost no one is being realistic or well informed. I just don’t know how you can have a political discussion when everyone is exaggerating like this.

If the UK rolled out a system like Aadhaar, it wouldn’t be earth shattering. It would take many years, it would have several hiccups along the way, take way longer than expected, but it would get over the line eventually. And it would make a few admin tasks smoother, certainly. It would reduce some kinds of fraud slightly. And that’s about it. No one’s civil liberties would be destroyed.

To end on a lighter note, the political comedy Yes Minister covered the idea of introducing a universal ID in the 1980s. Political suicide, the minister was advised. https://youtu.be/ZVYqB0uTKlE. Thank god the UK is no longer in the EU, so Brussels can no longer force a compulsory ID on British people. Downing Street can take all the credit for this one.

I'm really looking forward to a future where participating in society is completely dependant on agreeing to a legal document with either Google or Apple, and staying in their good books forever.
At this point, the benefits of an official governmental digital ID system exceed the drawbacks; the argument against digital identity documents died a long time ago with the total loss of privacy due to the amalgamation of all existing systems combined with the ubiquitous tracking of physical and online presences; that horse has bolted, and trying (and failing) to shut the stable door now won't help.

The current battle for digital personal rights is the right to private communication and data storage, and thanks to encryption and open source software, that one's not lost yet.

For me the objections in the UK is not really about the principle (although there are always going to be some privacy/liberty/etc. concerns in that sense), but about the likely implementation.

If we could be assured that whatever was put in place was genuinely privacy/security focused, had open and transparent governance, and wasn't susceptible to capture by corporations/other powerful actors, I suspect many people wouldn't be too bothered. But that's not really the offer, it never is with public IT infrastructure in the UK. The likelihood is that it would be farmed out to one more private corporations to build and maintain, generally for a lowest bid, and overseen by people without sufficient expertise to avert many/any of the potential harms from a poor implementation.

There are good ways to do things like this: public ownership, open governance, security/privacy baked in, all based on a reflective national conversation about trade-offs and the valid fears that many have. What people don't trust is not really the concept of ID cards, it is instead the track record of this and previous governments with both IT and privacy impacting legislation, and even more so the potential inclinations of future governments, particularly at a time when far-right parties are floating ideas like mass deportation of people legally entitled to be here.

Digital ID and a free society are not inherently opposed, but there is no sign that this or other administrations are sufficiently interested in, or aware of, the complexities involved to produce anything other than a semi-permanent disaster.

Labour (and the Tories before them) seem to be pushing very hard to stop any anonymous internet usage in the UK with the justification that the government knows best and have a duty to track everything we do[1].

I really wish that they would instead at least consider strongly improving our rights because it's highly likely they will loose next general election and the incoming government will not be "good actors".

Sadly, instead we get Baroness[2] Thangam Debbonaire rolling her eyes on Newsnight at any critism of what they're doing.

Labour need to stop making these petty unforced errors that don't deliver but instead just piss people off.

1. https://www.bbc.co.uk/news/technology-68625232

2. She was made a Baroness to keep her in power after she was voted out as an MP at the last election because, again, the government knows best.

They might get away with calling it EuroClub Express.
They dont need to do anything. No matter what the UK govt does, the adoption of this stuff is a disaster anyway.

Unless its mandated by law, who cares.

The implementation bothers me.

They've announced it'll take the form of an app on a smartphone. What do non-smartphone users do? They don't even know yet.

I'm fine with a unifying ID, even a digital one. But why must it be on my phone? Am I going to need to carry my phone with me everywhere I go? I know some people already live like this, but I don't, and I don't want to have to.

At the moment it's just for right to work, but in the end I'm sure it'll be linked to more things. Eventually not carrying a smartphone around with you (and all the internet connected sensors that it holds) is going to make you suspicious, when really that should be the norm or baseline.