As Government launches 'Verify' scheme, our digital identities are becoming more important than we realise

Sign up to our free weekly IndyTech newsletter delivered straight to your inbox

Sign up to our free IndyTech newsletter

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy notice

I recently stopped hanging up on cold callers. Instead I started engaging them in conversation. This sometimes takes me in delightful directions. Like the Bangalorean man I spoke to recently who, while agreeing his call was indeed a scam, assured me it was a very high quality scam. Who could be angry at a young man with such pride in his work? Usually, though, I end up in a flaming row with the caller, over where and how they got my data.

Just this morning I had a call. Against my protestations, the contact centre agent gamely asserted that I’d recently had an accident in my (non-existent) car. In return I pushed her to tell me where she’d got my name and number. She must have used the phrase ‘Sir, you provided your data through an online form’ as often as Jeremy Paxman said ‘Did you threaten to overrule him?’ that one time on Newsnight.

I was a fool to even try. The idea I can chase down my stray data like some online sheep-dog, and corral them back into the security of my hard drive, is a pipe dream. Fragments of my identity are scattered across the internet like a billion traces of my DNA. Every cold caller knows something about me, though none has the whole picture. Today’s was aware of me as a car-owning, accident-prone individual who bore only a passing resemblance to the real Matthew Blakstad – though the accident-prone bit is to be honest pretty accurate. This situation is unsatisfactory in all kinds of ways. If we want to be engaged with the contemporary world, we’re forced to give up the same set of information over and over again – post code, mother’s maiden name, credit card details, favourite subject at school. We’re sowing our data far and wide, bringing ever closer the inevitable theft of our identity, and the ensuing frenzy of password changing and card-chopping.

Something needs to change. Everyone involved in providing online services knows this, but the thousands of separate actors have never managed to get together and solve the problem. Even the most libertarian entrepreneur agrees that this is one of those problems needing a kick-start from government. Hence last week’s launch of gov.uk’s Verify service – ‘the new way to prove who you are online’. At first this flexible token of identity will be used to give us access to government services like tax returns, car registration and Universal Credit. At some point, though, it’s bound to be taken up by the private sector, too. Our Verify identity will become a central part of who we are online.

I have a special interest here. My debut novel Sockpuppet follows the tribulations of Bethany Lehrer, a government minister who tries to launch an ‘online ID card’ called the Digital Citizen. Any resemblance between Digital Citizen and the real-life Verify service is of course entirely coincidental. Still, I’m delighted the government has chosen to mark the publication of my book by launching its service. Sockpuppet demonstrates, through the medium of a noisy thriller, what happens when the Internet turns on a public figure in a wave of trigger-happy scorn. The hapless Ms Lehrer and her digital identity system suffer a catastrophic failure of trust, with deadly consequences.

A loss of trust spells disaster for this kind of service. We need to have faith in Verify, if we’re to give up our personal details to it. On the other side of the picture the government, too, needs to trust we’re who we say we are. What everyone in this picture needs is someone – or something – to step in and verify that everyone's who they say they are. This is why the Verify system leans so heavily on the notion of a ‘trusted third party’. Let’s say I want to claim a benefit online. To avoid being scammed, the DWP needs to know I’m entitled to what I’m claiming. As far as they’re concerned, though, I’m just a Gmail address and an internet location. Like a young buck in a Fielding novel, up in London for the first time, what I need to be admitted to their house is a letter of introduction. A nod from a person of quality who can speak for me. A third party that DWP and I both trust, and who already knows who I am. They vouch for me, the DWP web service lets me in; and from then on, they trust me, too.

All well and good, but why should I trust this third party? To make the system work, at some point I need to entrust someone with enough personal information to establish my identity. Which is why the government has handed out this vital role to a slew of private contractors. They’re saying, look, don’t trust the unreliable old public sector. You can choose who to trust, from a list of accredited organisations like Barclays and the Royal Mail. You know, organisations who never, ever lose people’s data. This approach, says gov.uk, ‘gives people more choice and control over their personal data than if we were using a single supplier or if government were doing all the verification work.’

See what they did there? In comes the inevitable mantra of choice. The true subtext, though, is that if the government held all our data in a single location, there’d be too great a risk of the whole lot getting hacked in a single criminal exploit. Far better to divide and conquer, by portioning our data out to multiple private firms. It remains to be seen, though, which of these models – if either – the public prefers to trust.

At the start of my novel, the Digital Citizen service does indeed appear to have been hacked; and the online hoo-hah that boils up as a result could all too easily come to pass in the real world. Still, even though I’ve chosen in my book to dramatise a major collapse of public trust, I sincerely hope the same does not occur to Verify. I’d like to see a time soon when I can stop giving up my data to a million separate websites, creating ever more prey for cold-calling boiler-room operations. I can only wish the good folk at gov.uk a far smoother go-live process than I’ve allowed their fictional counterparts.

Sockpuppet is published by Hodder & Stoughton on 19 May.