It's transparently obvious that, even putting aside the war on terror, we are in a pickle about security in general and identity in particular. There's a theory that better identity management might help fight crime and terrorism. But there is also a sense that better identity management might be disastrous for civil liberties. The hunt is on to find the right balance between identity management, technological implementations and human rights. The hunt is on for the "privacy settlement" I have referred to previously in this paper.

It is difficult to figure out what that settlement should be and what role technology should play in it. The role of government is particularly difficult. Is it part of the problem or part of the solution? In the US, many law enforcement agency websites list names, addresses, dates of birth, social security numbers and sometimes even provide photographs. Everything that an ID fraudster needs.

In Australia (where the authorities receive 4,500 fraudulent applications for business registrations per day and one mobile operator is losing $5m a week to fraud), the former minister of health Neal Blewett said that privacy is a "bourgeois right that is very much associated with the right to private property".

So what does the UK government want? I think it wants ID cards as a "magic bullet". But does the government really want no privacy at all? Surely it must be in the government's best interests to encourage the use of technologies that can actually help it to achieve worthwhile goals?

There is a range of technologies widely used to implement ID cards and related systems. Smart cards, digital certificates and so on are hardly new. We have a choice about how these technologies are to be configured and deployed. To make those choices, we need to know what the problem is: do we need to know who someone is in all circumstances?

I don't think so. What you need to provide is some sort of credential rather than your actual identity. Suppose the local council gave you an ID card and you needed that ID card to get into the leisure centre. What is being checked when you are asked to present the card at the desk? Your name? Why? What the leisure centre needs to know is not who you are, but what you are (ie, a resident of the borough, or whatever).

There are, of course, cases where absolute knowledge of someone's identity is important. Opening a bank account online would be easier if a consumer could put his identity smart card into his PC when connecting to a bank, as is the case in Finland. There are still, however, different "levels" of absolute knowledge of identity. The UK government has proposed three in relation to its government gateway: authentication based on "balance of probabilities", "substantial assur ance" for activities such as tax returns, and "beyond reasonable doubt" for activities such as passport applications.

However these authentication levels might be established, it is important to minimise the cases where knowledge of identity is required for a transaction. Every time a person is required to establish his absolute identity there is an increase in the potential for identity theft and other privacy invasions. At The Rack, a bar in Boston, about 10,000 people a week hand over their drivers' licences to a doorman, who swipes them through a machine. It also stores, unbeknown to the customers, their name, address and other personal details. The owner bought the machine to keep out underage drinkers, but soon found he could build a useful marketing database.

As this case demonstrates, there's a world of difference between being asked whether you are over 18 (a credential) and being asked who you are (an identity). Moving to an environment where identity is disguised and credentials are used in transactions (known as "pseudonymity") is a simple way to minimise the potential for privacy violation. It is perfectly feasible to opt to base mass-market identity management schemes on pseudonymity (see, for example, the work of Stefan Brands at Credentica) and therefore preserve individual privacy in the emerging online environment.

Pseudonymity (between, for example, a person using a smart card with a PIN to purchase something in a shop and the shopkeeper) makes it possible to arrange anonymity in legal transactions with accompanying legal certainty. Pseudonymity is therefore both socially useful - because it preserves a socially desirable "organised anonymity" -and an excellent basis for evolving a real privacy settlement that works for government, citizens and businesses alike.