The government in the UK is pretty prone to losing its citizens' information at the best of times. They are prone to losing discs (they've owned up to losing 2 child benefit discs, 4 DVLA discs (in two separate incidents) and 4 court case discs). It is worth noting that all of these discs, apart from the court case ones, were unencrypted.
They also have seriously insecure databases. Mostly they are insecure because too many people have access to them,
Their laptops are not secured properly and are often stolen. The MoD have lost an average of three laptops a fortnight to theft since 2004. One of the laptops stolen last week had 600,000 soldiers' details on them. The Child Benefits department's record isn't much better, because they had one laptop stolen from them only once a fortnight. Indeed,
the Government does not even know how many laptops in legitimate government workers' hands could contain sensitive data.
All this data is very widely distributed and not properly tracked or verified - hence why when the Inland Revenue lost all the 2005 data, they couldn't just get the information from other departments. They had to go back and ask the people who'd already submitted their taxation details to submit them again. Both my parents had to re-send their entire financial details for that year.
The picture from this is that the more data the government is given, and the more ways it is given that data, the more threatened that information is. It has been worked out that somewhere between 25 and 37 million of the 60-odd-million British citizens have already had their data lost by the Government at least once - the last thing we should want to do is to give the Government another opportunity to lose more.
Furthermore, the ID card project involves linking three databases together, two of which are known to have been compromised already. This increases the risk to the data in all three databases.
Oh, and did I mention that nearly every major IT operation the Labour government in the UK has engaged in since 1997 has failed, often with criminal implications?
As to the cards themselves, RFID (the technology storing personal information on the ID cards -
though the government won't call it that) is inherently insecure -
US passport-level chips were readable at 69 feet back in 2004. At least it took a while for the US version to be cracked remotely -
the UK test edition got cracked within 48 hours of issue. With just a £250 standard RFID reader, such as you would find in an average library.
This is about levels of risk. Frankly, it's a pretty major risk even being a UK citizen right now, but the more databases the government has, the more risk carried to any information in the database. Also, the more times data is lost, the greater the chance of someone with serious intent to commit a serious crime (aside from the information theft) against you becomes.