I was surprised to hear a former colleague mentioned on Radio 4’s News Quiz last week. Harvey Mattinson – now with GCHQ – suggested that it was ‘absolute bunkum’ for politicians to claim that ID cards would help thwart terrorism.

This was an aside in Harvey's detailed presentation on information assurance and the Data Handling Review to a society of public sector IT managers, SOCITM, in Newport. The presentation, available on the SOCITM website, is about ‘pragmatic, appropriate and cost-effective risk management of the confidentiality, integrity and availability of information and information systems’.

He also discussed the efforts, championed by cabinet secretary Sir Gus O’Donnell, to improve the framework within which departments manage information.

‘To speak for Buncombe’ (a county in North Carolina) is to speak for show or popularity. Last week’s announcement by home secretary Jacqui Smith that the ID cards project was on-time, on-budget and would ‘help protect our communities against crime, illegal immigration and terrorism’ may have been intended to highlight popular objectives.

Whether ID cards will help to achieve these objectives is widely disputed. Back in 2004 the Law Society, giving its evidence to the Home Affairs Committee, expressed serious doubts about whether an ID scheme would significantly reduce the incidence of identity fraud, illegal immigration or of other crimes, including terrorism. It suggested we stop and ask a ‘larger, more fundamental question’: had the government made the case as to why a complex and costly ID scheme was needed? It thought not. Since then the bill has become an act, the Passport Service has become the Identity and Passport Service, and the scheme is in the early stages of implementation.

The government’s case for ID cards does not appear to have strengthened. But perhaps this is missing the point.

Fighting terrorism and crime with biometric ID cards sounds like it should be a great deal more popular than offering an incremental improvement in the administration of central and local government. Opposing ID cards as a fundamental change in the relationship between the citizen and the state is significantly more compelling than having concerns about the rigour of some information assurance procedures in local authorities.

But concerns about privacy and security in relation to computer databases have been with us since the early 60s. Since then, computers and databases have become bigger and faster. Our personal data are entangled in items ranging from cards in our wallets to tags in our clothing. We can search Google for pictures of our houses, and a teenager a thousand miles away can install software on our home computer to read every word we type. ‘It is pointless to talk about surveillance society in the future sense’ said a report for the information commissioner. We are already there.

At a micro level, individual solicitors and their firms already face many of the macro issues that GCHQ and the Passport and Identity Service are grappling with. Such issues include using electronic data to identify clients, maintaining the confidentiality and integrity of client data, exchanging information securely, data protection compliance and business continuity. There are also the serious legal issues raised by practice management systems that allow ‘silent’ time recording and oversight of email.

Harvey was making important points. The first is that information assurance matters. It is clearly important for solicitors and the Law Society is taking forward work on advice and reporting points to help strengthen information assurance across the legal sector. The second is that some mechanism is needed to authenticate and protect users of electronic government services.

The prize is better, more joined-up services. There could be a role for biometric identity cards in this. Perhaps there is an alternative solution.

We need detailed debate, not bunkum.

Tim Hill is IT programme manager at the Law Society