The Digital Dilemma: part III
From digital dystopia to digital rights
ALEX KLAUSHOFER
The first part of The Digital Dilemma identified the fork in the road we’ve arrived at in the West, one that presents a choice between being herded into a digital surveillance and control system or taking the road less-trodden and forging a better, more human, future.
The second piece in the series dealt with the mass breach of privacy rights and erosion of consent currently underway, as the state, tech companies and the financial sector demand more and more of our personal information under the guise of “safety” and “convenience”. The demands are spreading exponentially as hotels, holiday companies and estate agents are asking for biometric data.
This, the third and final piece in the series, addresses the practical question which emerges now the reality of our situation has become crystal-clear: what do we do? With a stricter version of Australia’s social media ban – the first in the world – announced in the UK with device-level surveillance similar to spyware and ID verification for all smartphone users. As governments around the world are following suit, the digital dilemma crystallises into some very practical questions most of us will soon have to face.
Digital ID is on the doorstep, bringing the prospect of unprecedented tracking of our actions and the possibility of being excluded from services we need and like. If you’ve realised that simply giving in and going along will only create more problems – the compliance fallacy – considering the steps to take, both on an individual and collective level, is unavoidable.
For this piece, I’ve spoken to some of those leading the pushback to gather their views on where we go from here. And there’s some good news: a new digital rights movement is coming into being.
Solution no 1: Digital dissent
Refusal is the first and most obvious response. Without personal information from the majority of the population, digital ID systems simply can’t work. But non-compliance is more complex than just saying no and forcing the authorities to back down. While, following the public outcry, government has shelved plans for mandatory digital ID, it’s continuing to introduce digital ID by stealth, working group by group, gradually taking more and more of us into its net. The main examples in the UK are the digitalisation of passport and driving license applications and the tax system.
Refusing to participate in these systems is fairly straightforward. It involves sticking to paper systems which public bodies have to provide because there are millions of people in the UK who lack access to computers, phone or who don’t have the skills to navigate digital systems. Paper forms and a trip to the Post Office avoid the need to use an online account.
The demand by Companies House that company directors must verify their identity digitally, a process which involves giving a 3D scan of your face – proper biometrics of the kind used in facial recognition – is of a different order since compulsion is involved. It’s a clear breach of the principle of consent, a kind of data version of vaccine passports. But since it’s backed by law, refusal calls for a deeper level of non-compliance. And so the new digital coercion generates a complex and evolving picture as people respond in different ways to a new kind of threat.
At one end of the scale, some people wait until the digital beast is banging at their front door before seeking a solution from online strangers. They’ve got a letter from Companies House insisting on digital verification – how can they get around it? This kind of response is both passive and holds within it the seeds of empowerment. There’s a chance the questioner may collapse into compliance with the common “but I had to!” Equally, s/he may find a workaround that buys time for something else to develop, whether inner strength or a change in external circumstances.
At the other end of the spectrum are those who forestall the problem with clear action. Some company directors have decided to de-register their companies in order to stay out of digital verification: at a recent conference I heard from the two community leaders (one of Hope Sussex) that they are giving up their status as community interest companies. Then there’s the stance by an individual exemplified below: clear, assertive and arguing within the terms of established British values.
The argument about discrimination may be a reference to the Equality Act 2010 which states that service providers have a legal duty to make “reasonable adjustments” to remove barriers to access. Technically this requirement applies to disabled people but, since the nine protected characteristics include religion and belief that definition is a broad one, especially as the latter includes “philosophical” belief. For a belief to qualify as a protected characteristic, it must, according to the Grainger criteria established in UK case law, be genuinely held, concern a weighty aspect of human life, be cogent and serious and worthy of respect in a democratic society.
If I examine my own position, I find it meets the Grainger criterial. It’s based on a firm belief in privacy and consent, the foundational values of a democratic society and I can provide evidence its genuineness in a variety of ways that include not using a smartphone and publishing dissenting articles. But there are no legal precedents regarding digitalisation: existing law has been formed on the basis of climate change, veganism and gender critical beliefs, a pertinent reminder that the British legal system is as susceptible to ideological trends as any other area of life. Recent legal cases against other areas of government overreach have gone both ways. For now, I’m going to settle for simple statements such as “I don’t give biometric data”.
It’s significant that the original author of the above post seems to get a very different response from Companies House than many do: confirmation that non-digital forms of verification are acceptable. This variation makes sense if, instead of clinging to a belief in the consistency and omnipotence of bureaucracy, we remember a deeper psychological truth about standing up to bullies. That, combined with the fact that public bodies are keen to demonstrate “good practice” in accessibility, may explain the fact that when I rang HMRC after getting a letter telling me I had to go digital, all it took to get a paper form was a single sentence.
As you can see from the correspondence below, Paul Martin takes a different approach. In submitting a formal Notice of Objection and Restriction of Data Usage, he reminds HMRC of some basic legal and human rights principles and their responsibilities as data controllers. Government bodies can’t just jettison a body of laws and rights that took centuries to build, nor can it expect to get off scot-free for misusing or leaking data.
Or can they? The terms and condition on One Login, the service that company directors are being compelled to use, effectively absolve it from any consequences: “We make no express or implied representations, warranties or guarantees that your access to, or use of, GOV.UK One Login will be unbroken or completely secure. We will not be liable or responsible for any loss or damage caused by a virus, denial of service attack or any other harmful material that may infect your device, equipment, programs, data or other proprietary material due to your use of GOV.UK One Login.”
In that light, handing over personal information to a third party which explicitly tells you it takes no responsibility for the likely consequences – and one linked to other parties with professed interests in limiting what you say and consume – is an odd approach. Would you hand over the keys to your house or your credit card to someone you know to be untrustworthy, with a “okay, as long as you’re sensible?”
This is a symptom of putting too much faith in authority, a sign of the residual belief that behaviours we would not dream of accepting in everyday life – theft, the invasion of privacy – are somehow acceptable when they come from those with power. The lack of clarity about this is amplified by a failure to make the connection between digital and analogue and recognise an old issue in a new form. If a government official stood in your living room, telling you your teen was not allowed to reach a certain book, or to read at all after a state-imposed curfew, you’d be outraged. Yet with the social media ban significant numbers of parents are calling for exactly that.
At the same time, the British people have clearly rejected digital ID. Public understanding of the implications of the new digital systems is patchy and often impeded by a belief that democracy somehow guarantees us effort-free protection. Even those of us who realise we’re dealing with a kind of machine intent on steamrollering the public into a new, highly controlling system, haven’t worked out the best way to proceed.
And so different forms of resistance are emerging. Their variety tells a story far more complex than Tyrannical Government Tries to Impose Digital Control On Resistant Population. The people of established democracies are re-learning how to refuse and assert themselves, and the result is a chaotic and evolving situation that contains both elements of warfare and a new rights movement.
A first step of such a movement is saying NO publicly as part of a wider group. NO2ID, the campaign founded to oppose attempts by the Blair government to introduce digital ID in the early 2000s has just launched the NO2ID 2026 pledge in which you download a certificate and sign it in front of a witness. It is, according to coordinator Phil Booth, a simple action which they call “preemptive resistance”.
Such responses are quite compatible with a position based on a pragmatic expectation that the situation will change. If I never visit certain European countries again because I won’t give my finger prints under the Electronic Entry System, then so be it. At the same time, it seems likely the new system of biometric verification will collapse, either because enough people come to understand it’s a mechanism of control or because ongoing data breaches destroy its credibility. Or both! In this light, my hope that the biometric wall will come down in my lifetime is a reasonable one.
And while on the ground ordinary citizens working things out in an ad hoc and piecemeal fashion, a host of activists and privacy experts are working on solutions based on a clear understanding of what’s at stake.
Solution no 2: Privacy tech
It’s no coincidence that many privacy activists are also tech-heads. They understand digital technology and its potential for control in a way most of us don’t – and by the same token, they also understand how to create technical solutions. Tech folk tend to be committed to the noble ideals that prevailed in the early days of the internet and excited by the way it has democratised information and opened up new opportunities for learning and connection. So they are motivated to work quietly away in the background, creating open source alternatives to the commercial platforms sold by Big Tech and set up by government.
For the last eighteen years Booth has been working with others to build free and open software for the public. He told me that many hitherto unknown systems are ready to be released and used at scale. As concerns about Palantir grow, OpenSafely already provides an alternative for NHS data. Such developments are testament to human ingenuity and creativity which extends beyond the technical. Just as those with power seek to exploit the digital revolution to accumulate more power and resources, there are Robin Hoods acting as countervailing forces.
With Britain’s free speech crisis escalating, every time I go on X I see a flood of altruistic communications from tech-savvy individuals: instructions on how to set up a self-hosted decentralised VPN and advice on to avoid age-gating by Apple and Google. There’s so much new information that I’ve set up a folder on my desktop; every time I see something potentially useful I take a screenshot and put it in for later. Apparently – and this is a warning rather than a recommendation – a digitally-minded teen can easily build a new social media platform.
Recently I asked my Brave browser whether it was possible for a government to block a decentralised VPN. This was the answer:
.
There are of course other things a determined government can do to restrict the internet. The possibilities are many (and beyond my technical knowledge), but the countries which largely succeed in restricting access to the internet provide a foretaste of what a Western government would have to do to enforce restrictions. China’s Great Firewall is made up of a combination of technical blocks and filters and a legal framework and enforced by a comprehensive surveillance operation by cyber police units. Shutdowns in countries such as Iran and Sudan are increasingly common, ranging from total blackouts to more subtle methods such as slowing internet speeds to unusable levels, a tactic which has obvious economic costs. North Korea bans the world wide web entirely, replacing it with a domestic intranet.
All these measures are based on the idea that a national government can replace a global communications system with a “sovereign internet”, limiting what citizens can read and post to its jurisdiction. This, significantly, is what the UK regulator Ofcom seems to be attempting to do with its attempts at global enforcement, levying fines on platforms such as 4chan in the US.
The fact the information about the extremes involved in real enforcement is readily available on line makes the ignorance of British lawmakers baffling. In January the House of Lords voted to ban VPNs for under-eighteens. Technology Secretary Liz Kendall says we can expect an announcement about restrictions on VPNs (14 mins) in July. The Opposition is no better informed: the social media ban is supported by Conservative leader Kemi Badenoch while Party Chairman Kevin Hollinrake says he hopes it can be implemented “without digital ID”.
Meanwhile in Australia, almost three-quarters of children are getting round the social media ban. In the UK, academics and children’s charities are warning the ban won’t achieve its stated aim of protecting children online. All of which raises the question: how did Britain’s political establishment become so tone deaf – and so tech-illiterate?
Head of Advocacy at Big Brother Watch Jack Coulson has had a close-up view of events in Parliament from his former job in the Lib Dem Whips office. From his perspective, the problem largely stems from a failure to keep up with the changes brought by the digital revolution. “In the last thirty years we have been through an incredible change in what is possible and legislation often is playing catch up,” he says. “A piecemeal approach and attempts to try and combine pieces of European and British legislation haven’t created the conditions where it’s clear to someone [a legislator] what their touchstone is.”
“I think we are legislatively in a bit of a muddle now and there are quite serious changes coming through. As we’re seeing with the social media ban, quite a lot of the critical decision making is being relegated to secondary legislation. It’s essentially handing powers to ministers that I think are quite serious and wouldn’t fly if we were talking about physical rights as opposed to digital ones.”
What Coulson describes is part of a wider trend that began with Covid in which Britain’s political class have been ignoring objections from outside Westminster and changing laws without the customary scrutiny.
To be clear: I know (and have written previously about) the powerful, extensive network of organisations and forces behind the push to control power, information and resources. In this piece, I’m focusing on everything below the top of that pyramid, from legislators and policymakers to civil society and individuals. After all, if our political system were stronger, if the population was better informed and more assertive, the likes of Bill Gates and Tony Blair wouldn’t have much sway.
The upshot of the ignorance of Britain’s political establishment about digital matters means we’re likely to enter a messy period in which foreseeable mistakes are made while we make up our minds what kind of country we want to become. This time of restrictions and resistance will present dilemmas for you and me.
Every citizen who doesn’t relish the prospect of becoming technocratic fodder should learn and implement some basic privacy measures. Doing so does two things: it affords some protection to individuals while the collective gets its act together. And it also contributes to the pushback, demonstrating through concrete action that you’re not okay with Daddy Government deciding what you can and can’t do online.
There’s a wealth of useful tools and guides online. Privacy Guides has a comprehensive set of resources as does The Ludlow Institute and the Privacy Academy.
Solution no 3: Legal protections
Looking further ahead, and assuming Britain doesn’t go full-China, we need a set of legally enshrined rights fit for the digital age.
It’s important to recognise that theoretically we already have most of the rights we need, in two senses. First are our natural rights as human beings to live free of domination by others, natural/divine rights that are always there in the background, underpinning our existence, no matter what government X or Y does.
Second are the privacy rights foundational to democracy and expressed in human rights laws. While conceived before the digital revolution, they provide a good basis for protection from abuses made possible by new technologies and are the source of data protection legislation. But with government bodies demanding digital verification, the police using facial recognition and the EU making biometrics a condition for travel, it’s clear they are not being respected. Ironically, these rights are being systematically eroded or breached by the very authorities who should be protecting them.
Given this curious position: we both have rights, and at the same time are having our rights removed, there is a need for s new understanding of how privacy and consent apply to online life. A fresh consensus about digital rights needs to be established. Privacy does matter. Governments and corporations can’t just take our most intimate information – medical, biometric – and use it for their own purposes. The digital sovereignty of individuals must be protected.
Coulson argues there’s a need for “a defined piece of legislation that takes as its premise the need to enshrine digital specific rights” informed by current human rights legislation, he says, a kind of “digital Magna Carta”.
But the authoritarian turn of political life in Britain presents campaigners with a new challenge: getting heard by politicians. “They’re simply not listening,” says Booth. “They say they’re going to engage and then they don’t. We’re dealing with a completely different political animal now.”
The first time he headed a campaign opposing digital ID, he and other members of civil society sat on the Privacy and Consumer Advisory Group in the Cabinet office. It was a position that gave campaigners and privacy experts considerable influence over government thinking. The scheme was scrapped by the Conservative-Liberal Democrat government in 2011, with the drives containing the first digital IDs physically destroyed.
“Wind forward twenty years and, while the technologies have obviously moved on, it’s essentially the same underlying architecture, the same basic principle,” says Booth. “And frankly, it’s many of the same players. The Blair government-in-exile has been pushing for this for some time.”
The actual government’s softly-softly approach of making digital ID the access point for public services presents another challenge to a campaign initially focused on identity cards. Booth is particularly concerned about provisions for a single unique identifier, based on the NHS number, in the Children’s Wellbeing and Schools Bill. He cites comments from minister Darren Jones saying that parents “will be able” to apply for digital ID for their newborns. “Well, it’s obvious. If you architect a system for a single baby, you architect it for everyone from birth.”
He reminds me of a telling statement by Blair about “beating those privacy people this time”. Its framing is perhaps more revealing than the former Prime Minister realises, with its assumption that the only obstacle to his enduring desire to impose digital ID on a nation is a handful of activists. It suggests that the public can be easily led into the digital net with endless cries of “It’s for your safety!” “It’s so convenient!“ “It’s progress!”
This takes us to the need for a greater public understanding of matters digital.
Solution no 4: A cultural shift
For Digby Furneaux, a filmmaker currently producing a documentary about digital ID for a mainstream audience, the best way forward is to raise public awareness about digital ID.
“It’s scary stuff, really serious stuff,” he told me. “Because if we don’t do something about it now, then we’re all screwed because they will have access to every element of our life, all of our personal, private information that can be used against us at any time. You don’t just have to worry about this government, you have to worry about future governments and what they want to do with it.”
The film, aimed at the kind of audience who haven’t seen The Agenda, may be on Apple TV, Amazon Prime or Netflix by the end of the year. The timing depends on Furneaux securing a final £20 000, a situation which reflects the David and Goliath situation of those fighting on the digital rights frontline.
Real understanding of the implications of digital technology – what it can do, the interests driving those who provide it – would do more than help get the Blair/UK Gov digital ID scheme scrapped. It would bring about a privacy renaissance that would create enduring protection against all forms of digital overreach.
Both Coulson and Booth recommend that people take a more thoughtful approach to their use of technology, limiting their time on social media and considering how they share their data. Meanwhile there’s a growing awareness among the public that online life has downsides. Increasingly I hear people talking about giving up social media or throwing away their smartphones. In the excitement of the digital revolution a fundamental truth was forgotten: it takes time for humans to adapt successfully to change. “These are still relatively new technologies in human terms,” says Booth. “It takes about thirty years for humanity to adapt to a new type or class of technology.”
Some years ago I was staying in a Palestinian refugee camp (effectively a West Bank village) when some of the better-off households had landlines put in. For the first couple of weeks, the proud new telephone owners went a bit mad, phoning their neighbours up unnecessarily. My Palestinian friends insisted they would call me in London, brushing off my protests that international calls would be costly. But before long, the excessive phoning stopped and, after leaving several messages on my answer-machine, my friends confessed that calling was “too expensive”.
First came the technology, then the culture. Some psycho-social learning had taken place.
Solution no 5: A digital rights movement
The learning that needs to happen with digital technology has a political dimension. Governments and businesses will naturally seek to take advantage of new developments; the antidote is more responsibility and less innocence on the part of the public.
“They are just building this thing around us and, step-by-step, it’s pushing us to the point at which they’ve just assigned you an official number, biometrically locked you at birth and whoever’s in control of the systems then can manage you throughout your life. It’s the database state,” says Booth. “So, where we are now, the question is, is saying no enough? No, it isn’t.”
“DEMAND alternatives,” he says emphatically, “analogue ways of using services. Remind politicians that they serve us, not the other way round.”
The Workers of England Union is one of a number of groups calling for guaranteed alternatives to digital systems – paper forms, phone calls and face-to-face interactions. As I described above, a legal basis for such alternatives already exists in The Equality Act. But since public bodies such as the NHS are flouting the law with demands that patients sign up to an app, there’s a clear need for an explicit, no-quibble guarantee of non-digital routes to essential services.
A number of digital rights organisations have just come together to launch Stop Killing the Internet. Aiming to start a global movement, the coalition is a sign that civil society is organising more effectively against this new threat to freedom and democracy.
While I was writing this piece, visions of people of the past hovered in the back of my mind. They included Suffragettes, civil rights activists and my ancestors in Britain’s non-conformist and Chartist movements. All of them had to go against the grain, all had to see beyond the rhetoric that told them this was just “how things were”. The incipient movement for digital rights is the latest in a noble tradition which diverted humanity off a bad path and into a better future. Hopefully we will come to understand the cost of our telephone calls and develop a grown-up relationship with digital technology.
