[Reader-list] India's ID project catches fancy of US lawmakers- 163

[Jeebesh]

dear patrice,

thanks for this mail. it opens up something that we hope will be taken  
up for investigation by people here.

warmly
jeebesh

On 26-Jul-09, at 2:50 PM, Patrice Riemens wrote:

>
> More comments from Eduard de Jong (HFH) on the Indian ID scheme.
> reposted with permission.
> Cheers, p+2D!
>
>
> ---------------------------- Original Message  
> ----------------------------
> Subject: Re: [discussion] [Fwd: [Reader-list]  India's ID project  
> catches
> fancy of US lawmakers- 163]
> From:    "Eduard de Jong" <info at dejongfrz.nl>
> Date:    Sun, July 26, 2009 11:05
> To:      discussion at hippiesfromhell.org
> --------------------------------------------------------------------------
>
> The figures and time-scale and budget for issuing
> these cards in India seems a complete fantasy.
>
> At present it may be possible to by 1.2 Bilion
> cards at $1 per card, although that will require
> a lot of negotiating... Total world market for
> 2008 was 5.4 Billion, of which 65% goes into GSM
> phones and 3%!! for government projects
> (<http://www.eurosmart.com/index.php/publications/market- 
> overview.html>)...
> To me it is unclear where the Indian program
> could actually procure such a large quantity
> (20%!!!, 7 times  the used capacity for this
> market segment of last year) of chips/cards and
> also have them delivered to you over the planned
> 3 month issuing period...
>
> It seems absurd to think that the local Indian
> production capacity will be able to handle such a
> volume. The largest card manufacturers are in
> France (no1, no3) Germany (no2) and China...
> together these companies provide over 70% of the
> world market.
>
> A similar issue is the capacity to personalize
> the chips, that is write the individual citizen
> data in the chip memory and print the outside:
> Atop range machine can do 7000 cards an hour:
> such a machine does 15M cards in 3 month
> (assuming it is operational 7*24 for the full
> period,  highly  unlikely). The totall
> personalization capacity required would be 1000
> of such machines, at least..... I'm sure the
> German!! manufacturers of such machines will be
> happy to fulfill such an order..... Not sure how
> many months pr maybe years!!! that will take....
>
> As to the costs, the cost of issuing the card is
> not in manufacturing the chip+card it is in
> gathering the data for personalization and
> actually handing them out to the INTENDED
> recipient. Just only think of all the incorrect
> addresses that must be present in the citizen
> database: if that is 5% (extremely low) 60Million
> cards have to be hand processed for correction.
> Add to that the handling of other incorrect data,
> and an average figure of 15$ per card may be
> realistic yet low estimate of the issuing costs!
> Net effect it will be at least 10 times as
> expensive!!!
>
> And likely it will take 3 years to complete. For
> instance in Germany they plan a full year to
> issue 60Million new healthcare (insured) cards,
> with initial trial issuance in one state over a 3
> month period with a planning for evaluation and
> possible adjustments.
>
> Of-course, India can do this on-a-shoestring,
> rushing cards out, ignoring data errors etc, and
> maybe this way the cost overrun can be limited to
> 3 times the estimate, and issuance completed in a
> year. Then again, this also makes the whole
> exercise utterly useless, as an unknown fraction
> of the cards are incorrect: The cards will not be
> a reliable citizen id card, and those institution
> needing such reliable identity will ask for
> complementary documents.
>
> India may have a centralized database of all its
> citizens and use that to make the personalization
> data for the ID cards, the USA certainly has not.
> In the USA the most reliable source of citizen
> data is the state issued drivers licence. Many
> states use different IT systems, different data,
> different formats, so creating a consistent data
> set as input to card personalization will be a
> huge technical effort. And require a lot of
> political will.  Even so, the reliabilyo of this
> data is relatively low, as it has not been
> collected for the purpose of identification...
> The Bush government, AFAIK, introduced measures
> to make individual states enhance the data
> collection for drivers licences, in an attempt to
> establish a de-facto national ID. Not sure how
> well these initiatives have fared....
>
> Finally once more on technology:  the card
> intended for use is based on the SCOSTA card mask
> (some people call that an OS, i don't) which is
> basically a fixed function, static data-model
> application card. It does not support in-field
> application management.  Changing functions, or
> replacing broken cryptography or adding
> applications wont be possible other than by
> reissuance all cards. Even if the first issuance
> does not become a financial and logistic debacle
> it is now heading for,  who-scale reissuance will
> be a very hard sell, politically..... Without
> such update capacity the issued cards are doomed
> for technical obsoleteness within 5 years....
>
> Oh, and i haven't seen anything about stepping
> stepping up the IT support infrastructure to
> support 1.2 Billion users of it devices, of which
> likely over 20% will fail in each year requiring
> support actions ranging from holding hands in
> use, modifying card data to  reissuance of the
> card. A smart card is an IT device not a piece of
> paper that does not require maintenance....  I
> guess, maybe they count on local governments to
> fill the gaps when angry citizens start
> complaining.
>
> In Japan, the citizen id card program has
> recognized this need for flexibility, and the
> card's functions are planned to be upgraded and
> modified, possibly with per prefecture different
> functions.  The central government specifies and
> controls a small application and issuance is
> delegated to local levels, which also control
> additional functions of the card. They went to
> the effort of initiating an ISO standard for card
> function maintenance (ISO/IEC 7816-13). And
> planned this as a long term project, 5+ years:
> technical agility of the card is essential on
> such a project time frame.
>
> It will be interesting to see how this Indian
> id-card project will evolve, certainly it will be
> of historic interest: most likely as yet another
> example of a failed government IT project.
>
> cheers
> Eduard
>
> P.s.
> The sad thing is, of course, that in this
> interconnected world citizens need a reliable,
> privacy protecting credentialing device for their
> interactions on the web.  None of these conceived
> Id-cards get
>
> At 10:10 -0700 24/7/09, Carl Guderian wrote:
>> More proof that Senator Cornhole (my other idiot
>> Senator) is completely out to lunch.
>>
>> Even right after 9/11 and before the mess of
>> Iraq became too big to hide, and even up to
>> Katrina, while the mass media were sniffing
>> Bush's codpiece and people were scared enough to
>> accept government organs with sinister-sounding
>> names like the Department of Homeland Security
>> and Total Information Awareness (with its
>> eye-in-the-pyramid logo), US citizens still
>> didn't go for national ID cards. The Republicans
>> got ID requirements passed in various states in
>> order to shake down poor (Democratic-leaning)
>> voters for 20 bucks, but that's as far as it got.
>>
>> So the Senator's pushing the idea now, at a time
>> when rightwing talkshow hosts are stoking fear
>> of the government during the Obama
>> administration, and dipshits are threatening to
>> secede?
>>
>> FAIL
>>
> _________________________________________
> reader-list: an open discussion list on media and the city.
> Critiques & Collaborations
> To subscribe: send an email to reader-list-request at sarai.net with  
> subscribe in the subject header.
> To unsubscribe: https://mail.sarai.net/mailman/listinfo/reader-list
> List archive: &lt;https://mail.sarai.net/pipermail/reader-list/>