Digital ID

2 Articles

The EFF Nails It: What’s Wrong With UK Digital ID

December 9, 2025 by 60 Comments

It sometimes seems as though we are in a constant tussle over privacy between governments and the governed, with each year bringing fresh attempts to extend surveillance, and consequent battles. For Brits the big news at the moment comes in a new digital ID scheme, something that will be required for anyone wishing to work in the country, as well as for certain government services. It’s something that has attracted a lot of opposition, and now the EFF have produced an analysis  of why they think it won’t work.

From the perspective of a British writer it would be easy to write screeds about the flaws in the scheme, the way it over-reaches, and about the historical distrust of Brits for their government’s bureaucracy. With the parliamentary petition opposing it approaching three million signatures, there’s no shortage of people who don’t support it. Perhaps the most obvious thing for most of us is how unnecessary it is for its stated aim of preventing illegal immigrants from seeking employment, it neglects that we already have to show proof of right to work before being hired, and that if crooked employers ignore that they will surely also ignore the digital ID.

If you’re reading this elsewhere in the world from where this is being written then it’s still of relevance, because governments like to point to other countries to justify these measures. Follow the EFF on this matter, and take note.

Art: British Passport SVG by Swapnil1101, Public Domain

This Week In Security: Good Faith, Easy Forgery, And I18N

May 27, 2022 by 26 Comments

There’s a danger in security research that we’ve discussed a few times before. If you discover a security vulnerability on a production system, and there’s no bug bounty, you’ve likely broken a handful of computer laws. Turn over the flaw you’ve found, and you’re most likely to get a “thank you”, but there’s a tiny chance that you’ll get charged for a computer crime instead. Security research in the US is just a little safer now, as the US Department of Justice has issued a new policy stating that “good-faith security research should not be charged.”

While this is a welcome infection of good sense, it would be even better for such a protection to be codified into law. The other caveat is that this policy only applies to federal cases in the US. Other nations, or even individual states, are free to bring charges. So while this is good news, continue to be careful. There are also some caveats about what counts as good-faith — If a researcher uses a flaw discovery to extort, it’s not good-faith.
Continue reading “This Week In Security: Good Faith, Easy Forgery, And I18N”