Since these are criminal penalties, a companyy cannot lay off the risk financially in the smallpriont of their contracts with the Government.

DDrectors of Companies, Trades Unionists, and individual staff who work on the National identity Register infrastructure, or even on any “accredited” third party company system which is connected to it, could be prosecuted if there are any software or hardware or configuration errors, or power failures or strikes or industrial action or even a contract dispute over late payments etc. etc. which makes it

” (3) For the purposes of this section the cases in which conduct causes a modification of information recorded in the Register include-

(a) where it contributes to a modification of such information; and

(b) where it makes it more difficult or impossible for such information to be retrieved in a legible form from a computer on which it is stored by the Secretary of State, or contributes to making that more difficult or impossible.”

This offence has worldwide scope, applies to non-UK citizens as well as UK ones, and also includes “acts of ommission” in the definition.

It also appears to preclude the use of any third party encryption wrappers e.g. mobile telephony, SSL/TLS session encrypted web pages or Virtual Private Network encrypted tunnels – encryption, by definition, and in practice makes things “more difficult or impossible” to read “legibly”.

Shareholders should ask serious questions about the professional competence of any company directors who expose a company to such uncessary risks.

Section 29 was presumably origianlly intended to address potential Denial of Service attacks , but there is no reason why the National Identity Register should be treated differently under law than attacks on other parts of the Critical National Infrastructure or on real time control systems where lives may be lost if they fail.

The Police and Justice Bill currently in the House of Lords, is amending the Computer Misuse Act anyway (even though in an inept and overbroad way), so there was no need for this section 29 at all.

However, since it was stuck at the end of the list of clauses to be debated, it never once even debated by the Commons, and hardly mentioned at all by the Lords, throughout the Draft Bill and the two versions of the Identity Cards Bill.

Wouldn’t It Be Better If politicians actually read and understood the full text of the legislation they currently rubber stamp through Parliament ?

However, very few if any other countries are likely to copy the UK’s crazy ID project.

Participation in the UK’s dodgy ID project is very likely to damage the reputation of any company; representing a serious commercial risk.

The NHS IT project shows the risks of dealing with this UK government: Participation even in this apparently socially acceptable project has lead to poor profits, heavy penalties and very bad press.