Interesting idea, but what happens when you lose your wallet and your card is lost?

Sadly, Dr Cox, this is an excellent technical solution to what is essentially a political problem.

The concept of a voluntary system limits its use to equally voluntary commercial participants - the government is unlikely to be interested in a system that can be legitimately avoided. As such, it provides little additional benefit over existing identification systems, except - perhaps - in commercial risk minimization.

The critical area that is not outlined in the brief description here is how, exactly, will an individual be able to obtain one? This procedure needs to be foolproof, in the sense that one individual can never, under any circumstances, be able to hold two of them. Also, that the system cannot be used to "create" an individual from scratch, using for example forged driver's license, temporary rented premises as a home address and so on.

Another area rarely addressed in these cases is what to do if you obtain an Edentiti, but it is then lost or stolen. Who, exactly, polices this, and how? This alone would - one would most sincerely hope - prevent the system being used to obtain an "official" identity.

Privacy is a precious attribute, and any proliferation of "means of identity" can only decrease our stock of it. If, or when, we are required by law to be permanently identifiable to the world, we will have lost the last vestige of privacy, and will have been given absolutely nothing in return.

"encrypted identification number."
What's the point of encrypting it? If no one can get the number from the card it doesn't need to be encrypted and if can be retrieved then the encrypted version can be copied and used in its place.

"impossible and illegal to store ID card information in other data repositories"
It's impossible, but it also needs to be illegal? That doesn't add up.

"Each individual has a set of online authenticated verified identifying data that they control, they supply and which requires their permission to access."
Data that exists in the hands of someone else, ie. edentiti. And it requires a connection for authentication to take place, thus edentiti could potentially create an audit log viewable in real time, containing at least the time and organisation of every single authentication or transaction.

"with permission from the individual, gives the minimum information needed and gives a new number that the organisation is to use for identification."
It would still be possible for organisations to use that data, or the data on the card itself, to identify people beyond a single relationship and thereby share personal details with other organisattions.

Biometric IDs would certainly reduce ID theft, but it won't work for systems or personal computers that are compromised.

The author thanks people for the comments as it helps work out how to better explain what is proposed.

We have answers to all the issues raised but I cannot answer them in the 350 words allowed so I will do it over a couple of posts. There are two important principles in the system design that need to be better explained.

The first is that an edentiti is controlled by the individual and NOT by any other organisation. That is everything that happens to the edentiti is known by and approved by the individual. Hence the person looks after their own identity and has the tools to do so. This helps prevent abuse because we do not depend on "the system" to protect us but we look after our own identity.

The system also works on the assumption that data about a person will be misused and that people will attempt to steal identities. As well as making it difficult to steal we have set up mechanisms that make it very likely that any attempt will be detected. Hence the remark it is impossible and illegal is not contradictory. It may be "impossible" in the sense that there are no known ways it could be done but that is not to say it will remain impossible for ever and hence we make it illegal if the impossible is ever achieved.

Short answers to some of the other issues. The card itself does not have the authenticating data on it. Thus you lose the card and you can be reissued with another one and the old one is cancelled when someone tries to use - in exactly the same way credit cards now work. The authentication of your identity is done not from the card but from other data and from your interaction.

More in a second response.

Second part of the author's response.

A mistake in thinking about the issue is that an id card has to be universal and everyone has to have one. It doesn't. Other methods of identification can be acceptable. However if it makes life easier then it will be adopted.

The idea that a person cannot hold two identity cards is also not a requirement of an id card system. An id card system is something that identifies you so that you can be "found" or so that it is the physical you that matches the card. Sometimes I am an individual, sometimes I am the member of an organisation. Why shouldn't I have two id cards?

A person cannot create an edentiti from documentation alone. They need to present themselves, have biometrics recorded, have referees, and have "friends" who vouch for them.

Once a person has established certain information then they cannot change it without other edentities agreeing to the change.

Keeping data in silos makes it is easier to maintain privacy because every organisation knows you by a different number. It is possible to use other information to data match but if an organisation does match they are obliged to tell you. The important point is they cannot use ID numbers for matching.

Edentiti has an agreement with users that it will not "look" at or use the data about the person in any way that the person does not agree to. Of course Edentiti (or any other identity provider) could break the agreement but why would it because it would be out of business and liable for prosecution.

The point about encryption is that you can't get the number from the card unless you are the individual who owns the card. You can only get the encrypted data and that is of no use.

I would ask people to throw away the idea of how you think ID card systems work and think of it as a static representation of a unique dynamic electronic identity that the individual controls.

The problem will be identifying individuals so that the thing is accurate in the implementation. Several major sources of ID will be required- how do we identify maybe 5-10% of citizens that fall outside the ID requirements (no tax file or medicare number)& those people that simply will ignore it?
It's useless if voluntary as its purpose is to identify, not inform.
The Implementation of an 'Australia Card' will not 'Identify', it will simply allow the database accessors to invade privacy to a great extent.
I suggest we examine the 'Cards' proposing this scheme & check that they are truly 'Australian'!