The database will be the downfall of the ID card, say experts

Whether you're happy to carry an ID card or terrified at the prospect, no one can deny that the introduction of the cards will be a massive challenge for the government - and the IT companies it picks to get the deployment underway.

Speaking at a public debate on the subject, key politicians and figures from the public and private sectors revealed their concerns on the issue - and it's not the rationale behind the rollout that worries them most; it's the database behind it all.

While civil libertarians and the Home Secretary's supporters have debated the rights and wrongs of expecting every man and woman in the UK to carry a card and pay anywhere up to £75 for the privilege, it seems everyone's chewing their fingernails over the tech.

The card's just a piece of plastic in your wallet - the register of all your data is much more of an issue, according to David Davis, shadow Home Secretary.

"The issue is not about a card. We carry any number of cards," he said, "The database is the real challenge to civil liberties." The motives for Blunkett's crusade aside, the government's record on success with big IT projects is less than exemplary, he added.

David Cameron MP took a similar stance: "The more you want to put in it and the more different agencies that rely on it will make it more useful." But that would also mean that any breakdown would be critical, he said.

So, who can take a look at your data? And why? Certain government officials have the right to view it without having to present any justification - the head of the intelligence services, for example, and GCHQ.

Peter Williamson, president of the Law Society, described the access protocols for the database as "going far beyond" what the Society considers necessary and the policy of disclosure as "extremely wide...it does not inspire confidence".

Some medical staff such as doctors and nurses - with the exception of A&E - will be using the card on an everyday basis, as they're expected to check biometrics before they can offer medical care. That means there will be an iris scanner in all hospitals, outpatient clinics and GP surgeries across England.

Staff will need to be trained in using the tech, told the protocol for applying it and make sure the right security measures are in place. Fine. But where will the funding come from?

No one is quite sure. It's not in Blunkett's oft-discussed £3bn figure for the rollout. And the NHS isn't well known for its deep pockets.

There's also the problem that will get any good sysadmin waxing lyrical about the ignorance of the average user - giving out the password, or, in this case, your ID registration number.

As a recent survey showed, users are notoriously lax with their passwords. Why should we think that the average person will be any different with their ID card registration number?

And, as sysadmins will tell you, once the base level of security is breached, the whole system is insecure.