The better way is to make it easier for claimants to acquire and demonstrate trust. Then you can raise the bar of proof without treating everyone in a hostile and suspicious manner.

The non-ideal 2012 [correction: 2011] Census will see Lockheed Martin paid £500m-odd of money we can ill afford to undertake a clunky process of data gathering which will take 2-3 years to complete and feed back.

But if everyone had a personal data store such as Mydex….

….one could simply add to the personal data store the fields needed to complete the Census questionnaire. ONS could invite people to volunteer this information, or could see how far it got compelling it by law with threats of dire consequences. It could poll the information once every ten years if that were good enough for statistical purposes and for planning public services. Or it could poll people’s personal data stores ever 10 months, 10 weeks, 10 hours, 10 minutes, or 10 seconds. Lockheed Martin could go back to making rockets and bombs. We’d save a pile of money. And we’d start to be able to plan public services based on real needs and preferences instead of an out-of-date decennial view.

The immediate question (to anticipate any ONS trolling [amendment: pushback]) is universality. How can you possibly make PDSs universal in the way the census needs to be? Perhaps the answer is: given the huge benefits both to the individual and the state of working with PDSs, how much incentive can we plan for the individual to help this to spread far, wide and fast? Remember the core principle has to be gaining the individual’s trust, so intrusive data gathering and playing fast & loose with the data is ruled out.

But if you want a Big Society fuelled on accurate, up to date data on personal needs, circumstances and preferences this has to be the way to go. The 2012 2011 Census is going to feel about as far from Ideal as procuring a Stealth bomber to run the country’s Neighbourhood Watch Schemes.

Reasons For Not Introducing Fingerprinting To [xyz] School

Privacy is a fundamental human right which underpins our dignity. One important concept of privacy concerns information privacy, the establishment of rules governing the collection and handling of personal data such as credit information, and medical and government records. It is also known as “data protection”.

George Orwell’s 1984 paints a bleak view of a future where information privacy is not respected. Although fingerprinting in the [xyz] cafeteria may not compare with 1984, the principle remains the same. There are legitimate uses for biometric testing such as tracking criminals, preventing terrorism and (arguably) border control, but its use for a marginal increase in efficiency in the cafeteria is disproportionate.

By capturing biometric data in exchange for lunch, we are unnecessarily exposing our [children] to several direct and indirect risks, for example:

Loss of Respect for Personal Information. Fingerprinting at school conditions children to embrace the idea of Big Brother-style biometric tracking. The patterns of activity we develop during early years clearly set the tone for how we behave in later life.

Identity Theft. Encouraging our children to give out their thumbprints on a daily basis leads them to think this is a natural activity. Who else will they give their biometrics to, without consulting their parents and asking questions like “why, and what will it be used for?

Criminalisation. If a child has never touched a fingerprint scanner, there is zero probability of being incorrectly investigated for a crime. Once a child has touched a scanner they will be at the mercy of the matching algorithm for the rest of their lives. In 2008, Jim Knight, then minister for schools and learning, said that the police could help themselves to the children’s fingerprints if they are trying to solve a crime – regardless of whether they have ever previously been in trouble with the law. The abuse of biometric information turns us from a nation of free citizens into a nation of suspects.

UK law states that privacy invasion must be proportional to the threat. [IS THIS TRUE?] Access to lunch does not warrant capture of biometric data. The alternative to fingerprinting is the use of swipe cards, a proven and uncontroversial technology. Swipe cards share all of the efficiency benefits of fingerprinting except that boys may lose them. Boys are used to carrying, losing and replacing Oyster cards. If TFL is able to handle the odd missing card, why can’t [xyz]? Substantial efficiency gains are achieved whichever system we adopt. Only one of them de-humanises our children and degrades their human rights. As leaders of an outstanding school we should not trivialize the capture of personal information, we should not unnecessarily impose a fingerprinting system upon our [children].

Opposition from Politicians and Business

“Are you not concerned about the impression children are going to get of what it is to live in a free country and what it is to be British if, in order to get the right school meals, they have fingerprints taken? It seems to me completely astonishing.” Baroness Carnegy, Conservative, 19th March 2007, speaking in the House of Lords

“The practice of fingerprinting in schools has been banned in China as being too intrusive and an infringement of children’s rights? Here, it is widespread. We have even had a head teacher tricking three year-olds into giving their fingerprints by playing a spy game. Will the Government ban schools from carrying out this practice, unless parents specifically opt into the system following full and independent information about the so-called benefits of the system and the dangers of identity fraud?” Baroness Walmsley, Liberal Democrat, 19th March 2007, speaking in the House of Lords

“People have to be stark, raving mad to use conventional biometrics to improve the efficiency of a children’s lunch line.”
Kim Cameron (chief architect for identity at Microsoft), 5th April 2007

Further Reading

http://www.identityblog.com/?p=734
http://www.archrights.org.uk/issues/fingerprints/fingerprinting.htm
http://www.privacyinternational.org
http://www.leavethemkidsalone.com
http://www.no2id.net
http://www.publications.parliament.uk/pa/ld200607/ldhansrd/text/70319-0002.htm#0703193000008
http://www.identityblog.com/?p=725

IdealGovernment has wanted this for years. But – as he himself proves – it won’t be easy. Let me get some things off my chest. Then let the new era of civilised and mutually respectful dialogue commence.

I don’t agree with everything Mr Wills said, so I’ve taken his speech and commented in line. Attention conservation notice: this is quite a long post

Databases lie at the heart of this revolution. They offer the opportunity to improve dramatically the efficiency and responsiveness of public services. Take the Tell Us Once project, for example.

But the TellUsOnce problem won’t be solved by databases. If it was, you could have solved it by 2005 (as you promised you would in 2000).

OTOH a VRM platform would show this problem solved for so little money that the invoice wouldn’t even cross your desk – a fraction of the cost of yesterday’s “One Place” web site (which in turn you could have had for free a decade ago if you had practised respectful and courteous dialogue and listened to Stef).

The increasing sophistication of data management has sparked serious public concern about privacy and civil liberties

We’d be fine if the approach were sophisticated. It’s the crudeness, combined with raw power, that concerns us.

Go onto Google UK and search for ‘UK government big brother state’ and you get one and a half million entries.

WTF? Is this how we gauge if it’s of public concern? As a joke maybe, eight years ago. Oh look: go onto Google UK and search for: ‘Wills eejit or ****?’ and you get 1.21m entries. Does that make it the question everyone is asking?

He talks of ‘striking a balance’ between security and liberty. He’s no Benjamin Franklin. It’s not about striking a balance. It’s about getting it right because we need both privacy and security in the systems which underpin essential public services. Mr Wills claims that kids can’t get free school meals, that voters can’t vote without data sharing by public bodies. This is absurd. He says hardly any constituents complain about surveillance but they demand CCTV in their hundreds.

To reconcile all this we need, he says

“democratic discourse, rational and mutually respectful discourse, wary of anyone, on any side of the debate, who claims a monopoly of wisdom. These issues are complex and difficult and resolving them will require intellectual rigour, a willingness to learn from experience and to engage continually with alternative points of view. Only through such a democratic iterative process can we hope as a society to resolve this issue satisfactorily.”

Hurrah. This could be straight out of the Ideal Government guide to, well, ideal government. We like that.

Sadly, such a rational, respectful discourse, so essential to the creation of public policy on this crucial issue, has been largely absent in recent years, replaced all too often by reciprocal caricaturing and stereotyping, with understanding and respect all too seldom present. And this matters.

This is true too. I must say I welcome his recognition of it, and his acceptance that

Government must take its share of the blame for this failure of discourse.

Mr Wills’ spin doctors had leaked his speech to a class-obsessed tabloid journalist David Aa. I can see now that when I saw the next bit in that hostile context I misread it:

Too often, we have been overly defensive and dismissive of criticism. Government believes it is acting benignly and legally and has not adequately recognised the fears of those who believe this is not the case.

Mr Aa is paid to be annoying, and it works. In my irritation I took the extract to mean that government was defensive and should be more assertive, but Mr Wills’ point here (and the context makes it clear) is a more subtle one which I welcome.

He then says companies make mistakes too. True, but we withdraw our business from them when they are mediocre. They’re not entrusted with passing laws, taxing us, and trying to run public services. He goes on

Where government gets it wrong, we are learning to hold our hands up and take immediate steps to put matters right. The loss of Her Majesty’s Revenue and Customs disks triggered radical reforms of data security in government.

Her Majesty’s data was not on that disk. Mine was. Nevertheless, horrified, many of us welcomed that loss, because it finally started to show how bad things had really got.

Did it trigger radical reform? Well, it certainly triggered half a dozen reports from tame senior officials and management consultants. It triggered episodic bans on Blackberries and memory sticks, and the glueing up of USB ports. But we have yet to see the radical reform we need which is to restore control of personal data to the individual.

When we recognised that data sharing provisions in the Coroners and Justice Bill had been too widely drawn we immediately withdrew them.

It’s true. Eventually they did. This would be a good moment for Mr Wills to thank the selfless NGOs who campaigned so hard to rectify this awful mistake he was trying to make. But instead he speaks of

opponents…too quick to assume the worst of government without any evidence to support their assumptions, replacing argument with rhetoric.

But…but…but how then did the unpaid NGO volunteers successfully win the argument against your proposed policy and show it was so ill-conceived? Do you recall how hard you and your officials resisted?

Michael: you and your colleagues will find this cultural change you call for harder than you yet realise. But as long as you try, and appear sincere in your endeavour, we will support you every step of the way. Have we all taken on board the rules you call for? No rhetoric. OK. No rhetoric.

To reject all the benefits that databases offer the public, simply because a mistake might be made, is to strike the balance in the wrong place.

1. Name the benefits. 2. This isn’t about striking a balance, it’s about doing it the right way.

Should we really avoid trying to do all we can to prevent another Soham tragedy?

Oh, please leave the memory of those poor girls in peace! Why blame your poor personal data practices on them, and on the equally unfortunate Victoria Climbie? Michael: this is rhetoric.

Or stop doctors accessing vital medical records?

Doctors can have it with my permission. I choose not to share it with bureaucrats and the forces of law and order. That preference will not endanger society.

Or fetter the provision of welfare entitlements, such as free school meals, for the most vulnerable?

Just get your act together. Deliver the services to which people are entitled, without hoovering up their data when they are at their most vulnerable and brewing it up into HMG’s patent toxic soup.

Basic principles for protecting the use of data are that it should be proportionate and necessary

Indeed. Furthermore, that in the absence of a specific and lawful purpose there should be informed consent. Assuming that 12 year olds understand this and are cool about it is not sufficient. Allowing hundreds of thousands of officials access to childrens’ records or to identifiable medical data is unlawful, just as taking and retaining the DNA of innocents has proven to be.

But you acted all surprised when you lost the Marper case. And you’re behaving as if we had a proper implementation of the EU data protection directive, and are acting all surprised that Europe is taking enforcement action against the UK.

We don’t live in a database state as much as a database society.

Yes, but we’ll sort ourselves out with the Twitterverse. Government runs the state part of it. That’s what you’re screwing up, because of the history of groupthink and the poor dialogue you rightly point to. That’s what we want whoever wins the next election to sort out. Hey! It could be you! Maybe.

They deliver real benefits for the public and it skews debate about the challenge they pose to all of us if anyone ignores this or pretends otherwise.

Let’s see if we can find real evidence for these benefits, because there’s a strong case to be made that the database state is designed to serve an unholy alliance of administrative convenience and security fears.

Meanwhile it is becoming everywhere apparent that a wholly organisation-centric “CRM” approach to life is nothing like as advantageous to the public, or indeed to large organisations, as it was sold as being by the management consultants which Alistair Darling has just banned.

What’s it costing you per data subject to keep records up to date in WUYJ, MIAP, BusinessLink, ContactPoint, eCAF, CfH? How accurate are the data? How complete? And how much duplicated? How much is explicitly permissioned by the data subject? Is it proven to a legal standard that in every case government is holding only data which is necessary and proportionate in a democratic society? Can you demonstrate clear auditable and informed consent?

But, like all technologies, databases can do damage if misused. The issue is not whether to have them but how they can be deployed without damaging privacy.

Ah! Phew! Hooray!

It’s a question of balance and the challenge is how to strike it.

No it’s not! It’s not about balance, any more than climbing to the moon on a ladder is a question of balance. I don’t care how good your balance is: it’s the wrong way to go to the moon.

You get accurate data at lower cost and personalised services without privacy intrusion by putting people back in charge of their own data. The Internet works at both ends, you know. You just can’t have every part of public services grab every piece of data they can about everyone, take away the barriers to data sharing, then hope to create an accurate picture of everything such that you can eliminate fraud, keep the public safe, and provide personalised services. Try doing the maths.

You know all that great “Power of Information” work the government has done on opening up APIs and letting public data out? Sometime soon a Secretary of State or a PM will announce, in a second such major policy shift, that the really big prize is in how we work with personal data. Government will relinquish the desire to own and control it. You will open up government APIs and let people’s structured, scalable private data in, under thier control. You will leave people in charge of their own lives, which is how reality is because we have to put all the pieces together anyway.

I repeat: this is not a question of striking the right balance. It’s about creating a secure platform for personalised services and new value. Getting it wrong, which we described in our report Database State, wastes vast amounts of money and of people’s time; it fails to deliver good customer services and breaks the law. We the taxpayer are thus intruded upon, failed by public services, caused to waste endless time sorting it out. We’ll have to pay to get it wrong and then pay again to see it all put right.

But where we should have a constructive dialogue, we have all too often an impoverished discourse where slogans substitute for evidence.

Too true. I’ve seen so much of that from government politicians and officials. I’m so weary of it. So many of us are so weary of it. But it cheers me up when NGO-world gets creative and cheeky. I love the pertinent art, the campaigning. Not just because it’s often witty, but also because it’s based on a deeper truth, coupled with a better sense of human nature, than your officials have served you up with.

The Rowntree Report on what the authors called the Database State is a good example of how the public discourse is flawed.

It shows how bad things have got. It’s pretty shocking that the fact that much of what you’re constructing falls outside what it is legal to do in Europe should come as such a surprise. It has taken you a full NINE MONTHS to reply to it. Did you really not consider these questions before you embarked on Transformational Government, and mixed up the security agenda with the public-service agenda? Was that wise? Don’t shoot the messenger here.

This could have made an important contribution towards meeting the challenges of new technology. The subject matter was important and its academic authors have a distinguished provenance.

I think you’re building up to shooting the messenger.

However, a detailed reading of the report reveals it was riddled with factual errors and misunderstandings and reached conclusions without setting out the evidential base for doing so.

Argh! You just shot the messenger!

So opaque was its methodology that it has taken months to work through it to respond in detail.

Stop shooting! Remember, this is the new era of respectful dialogue!

The methodology is clear as day. We wrote up 46 large databases (with precious little help from government). We discussed them against European criteria for legality. During the course of the work the Marper judgement confirmed that the DNA database was indeed illegal. We gave all our references.

I’ll get on to the government’s response in due course. It has taken their however many dozens of staff nine months to reply, so working at the same pace I should be ready to reply by around 2030-2050.

I hope that all those who read the original report and provided publicity for it will do similarly for today’s response to it.

I’m sure they will if it’s interesting, credible and passes the Mandy Rice-Davies test.

It is important that we now move beyond rhetoric

I think I may find myself quoting this again, perhaps frequently We may need a new acronym to go alongside Wibbi: IMBR.

new and detailed dialogue between all concerned to ensure that we seize the opportunities of this new information age while protecting ourselves against its risks. So when government is considering how data might be used for the public good, the voices of users and practitioners can be heard. That requires an open, constructive approach on both sides.

Yup, we all sign up to that. High bloody time.

To that end, I am announcing today that the Ministry of Justice will host an event early in the New Year to consider how we approach the data sharing aspects of reforms to the electoral register.

Alright then. But not in Feb; I’m in Iran.

He goes on to talk about cross-referencing the electoral roll with the NI number. Well, you need to do something to make this process more secure. Not so sure about the NI number: it might suddenly look as if we have 80m registered voters in the UK.

Those identifiers will not be available to the public, for obvious reasons – they are solely for the electoral registration officer’s use.

Not obvious to me at all Michael – I think you have organisation-centric assumptions engrained so deeply you’re not even aware of them.

I also intend to jointly host an event with Delyth Morgan from the Department for Children, Schools and Families which will focus on ContactPoint.

Clearly it would have been helpful to have this dialogue before you specified the system and started spending hundreds of millions of pounds of taxpayers’ money on it with Cap Gemini. So when we say “better late than never” it is with quite a heavy sigh.

We can never be complacent about databases – the challenge in getting the balance right

No it’s not about balance! It’s about getting it right!

But we can only do this on the basis of a rational and mutually respectful dialogue between all concerned. I hope the measures I have announced today can be the start of such a dialogue

Indeed. IMBR. I think you, your speechwriters and spin doctors will find this a major cultural adjustment. You’re clearly not there yet. But we will support and uphold you in your attempt to do just that, and for my part (I cant speak for anyone else) I shall try to do the same.

Was this whole long rambling post worth doing? Is Mr Wills going to get his act together and sort this out? I checked out his currency with one of Westminster’s most effective and reliable lobbysists. The verdict: “I wouldn’t expend too much effort on trying to enlighten him.” I find that harsh. He’s still a Minister after all.

Let us give Mr Wills credit for officially ushering in – if not yet himself exemplifying – the era of mutually respectful and courteous dialogue about the right way for government to work with personal data in public services. From the moment I click on “Publish” on this post I undertake to exemplify it myself. Hurrah!

I’ve been asked (by pacifists and others concerned that the 2011
census is managed by a US defence contractor) what are the legal
options for non-participation. I know it’s not a question you’ll
welcome, [however] I believe I fully understand the arguments about why it’s
safe and a good thing to do, and that Lockheed Martin will process the
data in the UK and lawfully etc.

You should not underestimate the concern people now have about the
database state. This is of course not principally the fault of ONS
(it’s ContactPoint, ANPR, health records, ID cards & register, DNA,
CCTV, e-borders etc etc). But the loss of trust in the state’s
intentions and competence with personal data may affect ONS.

So I’d be grateful if you could advise me of any acceptable and legal
basis for non-participation in the 2011 census (eg being out of the
country, dual nationality, homelessness). If you have an exhaustive
list of circumstances, that would be ideal.

Wibbi a new administration used the occasion of the census to offer every British citizen the chance to use a secure independently-issued user-centric online ID?

Public sector organisations should avoid creating large centralised databases of personal information and keep clear audit trails of how identity data is used, under new proposals published today.

Leads into their consultation on privacy (see below).

The draft privacy principles are worth repeating:

# Proving identity or entitlement: people should only be asked for identity when necessary and they should be asked for as little information as possible
# Governance and accountability: private and voluntary sectors which deliver public services should be contractually bound to adhere to the principles
# Risk management: Privacy Impact Assessments should be carried out to ensure new initiatives identify and address privacy issues
# Data and data sharing: Organisations should avoid creating large centralised databases of personal information and store personal and transactional data separately
# Education and engagement: Public bodies must explain why information is needed and where and why it is shared

Why is it the Scots in Edinburgh understand this, but the Scots who run Whitehall resist it so strongly?

..a place where the collection of information is both infinite and at the same time monstrous, where the entire world’s knowledge is stored, but not a single word understood. In this “labyrinth of letters,” Borges wrote, “there are leagues of senseless cacophonies, verbal jumbles and incoherences.” In addition to the civil liberties and constitutional defects in the new surveillance law, another compelling argument against it is that it only increases the amount of “senseless cacophonies” in America’s Library of Babel.

The normal UK/USA rule of thumb suggests we have a cheaper smaller version which works even less well.

An entrepreneur whose fledgling business was ruined by a false entry in a court database has had his claim for compensation rejected by a High Court judge. The decision could set a broad and troubling precedent, because Mr Justice Bill Blair QC – brother of the former PM Tony Blair – ruled that the civil service cannot be found liable for the damage caused by its record keeping mistakes.

The case was brought by Andre Power, from Benfleet in Essex, against the Ministry of Justice, which is responsible for HM Courts Service. It was prompted by the failure of Chi-qi.com, a world music download service and social network Mr Power set up with a business partner in 2006.

After sinking tens of thousands of his own money into the venture, Mr Power fell three months – or about £5,000 – behind on his mortgage payments and was taken to Southend County Court by his lender in July 2007. He settled the debt in full before it came before a judge.

An unknown official at Southend County Court nevertheless registered a County Court Judgement (CCJ) against his name for £254,000, the full value of the mortgage.

Commenting on the error, Phil Booth, the national coordinator of the campaign group NO2ID, said: “In the database state, it’s the citizen who takes all the risk and suffers the consequences – even when he or she has done nothing wrong. My sympathies go to Mr Power. I fear he’s not the first and he definitely won’t be the last.”

*sigh* Grrrr. This is, we need hardly say, far form Ideal. It is the Kafkaesque as opposed to Orwellian face of joined-up government. Experian’s conniving role in this is beyond the pale.

Wibbi: government accepted liability for damages caused by inaccurate data. Experian too.

Wibbi subject access requests were free, and automated, so we could more easily see what garbage government and Experian are circulating about us.

* Cardiff and Glasgow councils sacked staff after they looked up celebrities’ personal records
* Tonbridge and Bromley councils sacked workers for looking up their friends
* Brent sacked someone who looked at their girlfriend’s details
* A worker at Torfaen was sacked for looking at his own details

But this may just be the tip of the iceberg. Many of the breaches were discovered after sample checks, raising concerns that other breaches may gone undetected. Over 200,000 government officials have access to the database, including staff at 480 local authorities, and numerous government departments, including the Department of Work and Pensions, HM Revenue & Customs, and the Courts Service. The Child Support Agency uses the CIS to trace missing parents…

Happily a DWP spokesman was quickly on the scene

“The small number of incidents shows that the CIS security system is working and is protected by several different audit and monitoring controls, which actively manage and report attempts at unauthorised or inappropriate access.”

But….but….but… the staff all seemed so plausible and nice when we interviewed them for their jobs. They all passed the most stringent tests and checks.

Ah well. No doubt there has been a thorough review to ensure that the blindingly inevitable doesn’t ever happen again.