The better way is to make it easier for claimants to acquire and demonstrate trust. Then you can raise the bar of proof without treating everyone in a hostile and suspicious manner.

The non-ideal 2012 [correction: 2011] Census will see Lockheed Martin paid £500m-odd of money we can ill afford to undertake a clunky process of data gathering which will take 2-3 years to complete and feed back.

But if everyone had a personal data store such as Mydex….

….one could simply add to the personal data store the fields needed to complete the Census questionnaire. ONS could invite people to volunteer this information, or could see how far it got compelling it by law with threats of dire consequences. It could poll the information once every ten years if that were good enough for statistical purposes and for planning public services. Or it could poll people’s personal data stores ever 10 months, 10 weeks, 10 hours, 10 minutes, or 10 seconds. Lockheed Martin could go back to making rockets and bombs. We’d save a pile of money. And we’d start to be able to plan public services based on real needs and preferences instead of an out-of-date decennial view.

The immediate question (to anticipate any ONS trolling [amendment: pushback]) is universality. How can you possibly make PDSs universal in the way the census needs to be? Perhaps the answer is: given the huge benefits both to the individual and the state of working with PDSs, how much incentive can we plan for the individual to help this to spread far, wide and fast? Remember the core principle has to be gaining the individual’s trust, so intrusive data gathering and playing fast & loose with the data is ruled out.

But if you want a Big Society fuelled on accurate, up to date data on personal needs, circumstances and preferences this has to be the way to go. The 2012 2011 Census is going to feel about as far from Ideal as procuring a Stealth bomber to run the country’s Neighbourhood Watch Schemes.

Reasons For Not Introducing Fingerprinting To [xyz] School

Privacy is a fundamental human right which underpins our dignity. One important concept of privacy concerns information privacy, the establishment of rules governing the collection and handling of personal data such as credit information, and medical and government records. It is also known as “data protection”.

George Orwell’s 1984 paints a bleak view of a future where information privacy is not respected. Although fingerprinting in the [xyz] cafeteria may not compare with 1984, the principle remains the same. There are legitimate uses for biometric testing such as tracking criminals, preventing terrorism and (arguably) border control, but its use for a marginal increase in efficiency in the cafeteria is disproportionate.

By capturing biometric data in exchange for lunch, we are unnecessarily exposing our [children] to several direct and indirect risks, for example:

Loss of Respect for Personal Information. Fingerprinting at school conditions children to embrace the idea of Big Brother-style biometric tracking. The patterns of activity we develop during early years clearly set the tone for how we behave in later life.

Identity Theft. Encouraging our children to give out their thumbprints on a daily basis leads them to think this is a natural activity. Who else will they give their biometrics to, without consulting their parents and asking questions like “why, and what will it be used for?

Criminalisation. If a child has never touched a fingerprint scanner, there is zero probability of being incorrectly investigated for a crime. Once a child has touched a scanner they will be at the mercy of the matching algorithm for the rest of their lives. In 2008, Jim Knight, then minister for schools and learning, said that the police could help themselves to the children’s fingerprints if they are trying to solve a crime – regardless of whether they have ever previously been in trouble with the law. The abuse of biometric information turns us from a nation of free citizens into a nation of suspects.

UK law states that privacy invasion must be proportional to the threat. [IS THIS TRUE?] Access to lunch does not warrant capture of biometric data. The alternative to fingerprinting is the use of swipe cards, a proven and uncontroversial technology. Swipe cards share all of the efficiency benefits of fingerprinting except that boys may lose them. Boys are used to carrying, losing and replacing Oyster cards. If TFL is able to handle the odd missing card, why can’t [xyz]? Substantial efficiency gains are achieved whichever system we adopt. Only one of them de-humanises our children and degrades their human rights. As leaders of an outstanding school we should not trivialize the capture of personal information, we should not unnecessarily impose a fingerprinting system upon our [children].

Opposition from Politicians and Business

“Are you not concerned about the impression children are going to get of what it is to live in a free country and what it is to be British if, in order to get the right school meals, they have fingerprints taken? It seems to me completely astonishing.” Baroness Carnegy, Conservative, 19th March 2007, speaking in the House of Lords

“The practice of fingerprinting in schools has been banned in China as being too intrusive and an infringement of children’s rights? Here, it is widespread. We have even had a head teacher tricking three year-olds into giving their fingerprints by playing a spy game. Will the Government ban schools from carrying out this practice, unless parents specifically opt into the system following full and independent information about the so-called benefits of the system and the dangers of identity fraud?” Baroness Walmsley, Liberal Democrat, 19th March 2007, speaking in the House of Lords

“People have to be stark, raving mad to use conventional biometrics to improve the efficiency of a children’s lunch line.”
Kim Cameron (chief architect for identity at Microsoft), 5th April 2007

Further Reading

http://www.identityblog.com/?p=734
http://www.archrights.org.uk/issues/fingerprints/fingerprinting.htm
http://www.privacyinternational.org
http://www.leavethemkidsalone.com
http://www.no2id.net
http://www.publications.parliament.uk/pa/ld200607/ldhansrd/text/70319-0002.htm#0703193000008
http://www.identityblog.com/?p=725

IdealGovernment has wanted this for years. But – as he himself proves – it won’t be easy. Let me get some things off my chest. Then let the new era of civilised and mutually respectful dialogue commence.

I don’t agree with everything Mr Wills said, so I’ve taken his speech and commented in line. Attention conservation notice: this is quite a long post

Databases lie at the heart of this revolution. They offer the opportunity to improve dramatically the efficiency and responsiveness of public services. Take the Tell Us Once project, for example.

But the TellUsOnce problem won’t be solved by databases. If it was, you could have solved it by 2005 (as you promised you would in 2000).

OTOH a VRM platform would show this problem solved for so little money that the invoice wouldn’t even cross your desk – a fraction of the cost of yesterday’s “One Place” web site (which in turn you could have had for free a decade ago if you had practised respectful and courteous dialogue and listened to Stef).

The increasing sophistication of data management has sparked serious public concern about privacy and civil liberties

We’d be fine if the approach were sophisticated. It’s the crudeness, combined with raw power, that concerns us.

Go onto Google UK and search for ‘UK government big brother state’ and you get one and a half million entries.

WTF? Is this how we gauge if it’s of public concern? As a joke maybe, eight years ago. Oh look: go onto Google UK and search for: ‘Wills eejit or ****?’ and you get 1.21m entries. Does that make it the question everyone is asking?

He talks of ‘striking a balance’ between security and liberty. He’s no Benjamin Franklin. It’s not about striking a balance. It’s about getting it right because we need both privacy and security in the systems which underpin essential public services. Mr Wills claims that kids can’t get free school meals, that voters can’t vote without data sharing by public bodies. This is absurd. He says hardly any constituents complain about surveillance but they demand CCTV in their hundreds.

To reconcile all this we need, he says

“democratic discourse, rational and mutually respectful discourse, wary of anyone, on any side of the debate, who claims a monopoly of wisdom. These issues are complex and difficult and resolving them will require intellectual rigour, a willingness to learn from experience and to engage continually with alternative points of view. Only through such a democratic iterative process can we hope as a society to resolve this issue satisfactorily.”

Hurrah. This could be straight out of the Ideal Government guide to, well, ideal government. We like that.

Sadly, such a rational, respectful discourse, so essential to the creation of public policy on this crucial issue, has been largely absent in recent years, replaced all too often by reciprocal caricaturing and stereotyping, with understanding and respect all too seldom present. And this matters.

This is true too. I must say I welcome his recognition of it, and his acceptance that

Government must take its share of the blame for this failure of discourse.

Mr Wills’ spin doctors had leaked his speech to a class-obsessed tabloid journalist David Aa. I can see now that when I saw the next bit in that hostile context I misread it:

Too often, we have been overly defensive and dismissive of criticism. Government believes it is acting benignly and legally and has not adequately recognised the fears of those who believe this is not the case.

Mr Aa is paid to be annoying, and it works. In my irritation I took the extract to mean that government was defensive and should be more assertive, but Mr Wills’ point here (and the context makes it clear) is a more subtle one which I welcome.

He then says companies make mistakes too. True, but we withdraw our business from them when they are mediocre. They’re not entrusted with passing laws, taxing us, and trying to run public services. He goes on

Where government gets it wrong, we are learning to hold our hands up and take immediate steps to put matters right. The loss of Her Majesty’s Revenue and Customs disks triggered radical reforms of data security in government.

Her Majesty’s data was not on that disk. Mine was. Nevertheless, horrified, many of us welcomed that loss, because it finally started to show how bad things had really got.

Did it trigger radical reform? Well, it certainly triggered half a dozen reports from tame senior officials and management consultants. It triggered episodic bans on Blackberries and memory sticks, and the glueing up of USB ports. But we have yet to see the radical reform we need which is to restore control of personal data to the individual.

When we recognised that data sharing provisions in the Coroners and Justice Bill had been too widely drawn we immediately withdrew them.

It’s true. Eventually they did. This would be a good moment for Mr Wills to thank the selfless NGOs who campaigned so hard to rectify this awful mistake he was trying to make. But instead he speaks of

opponents…too quick to assume the worst of government without any evidence to support their assumptions, replacing argument with rhetoric.

But…but…but how then did the unpaid NGO volunteers successfully win the argument against your proposed policy and show it was so ill-conceived? Do you recall how hard you and your officials resisted?

Michael: you and your colleagues will find this cultural change you call for harder than you yet realise. But as long as you try, and appear sincere in your endeavour, we will support you every step of the way. Have we all taken on board the rules you call for? No rhetoric. OK. No rhetoric.

To reject all the benefits that databases offer the public, simply because a mistake might be made, is to strike the balance in the wrong place.

1. Name the benefits. 2. This isn’t about striking a balance, it’s about doing it the right way.

Should we really avoid trying to do all we can to prevent another Soham tragedy?

Oh, please leave the memory of those poor girls in peace! Why blame your poor personal data practices on them, and on the equally unfortunate Victoria Climbie? Michael: this is rhetoric.

Or stop doctors accessing vital medical records?

Doctors can have it with my permission. I choose not to share it with bureaucrats and the forces of law and order. That preference will not endanger society.

Or fetter the provision of welfare entitlements, such as free school meals, for the most vulnerable?

Just get your act together. Deliver the services to which people are entitled, without hoovering up their data when they are at their most vulnerable and brewing it up into HMG’s patent toxic soup.

Basic principles for protecting the use of data are that it should be proportionate and necessary

Indeed. Furthermore, that in the absence of a specific and lawful purpose there should be informed consent. Assuming that 12 year olds understand this and are cool about it is not sufficient. Allowing hundreds of thousands of officials access to childrens’ records or to identifiable medical data is unlawful, just as taking and retaining the DNA of innocents has proven to be.

But you acted all surprised when you lost the Marper case. And you’re behaving as if we had a proper implementation of the EU data protection directive, and are acting all surprised that Europe is taking enforcement action against the UK.

We don’t live in a database state as much as a database society.

Yes, but we’ll sort ourselves out with the Twitterverse. Government runs the state part of it. That’s what you’re screwing up, because of the history of groupthink and the poor dialogue you rightly point to. That’s what we want whoever wins the next election to sort out. Hey! It could be you! Maybe.

They deliver real benefits for the public and it skews debate about the challenge they pose to all of us if anyone ignores this or pretends otherwise.

Let’s see if we can find real evidence for these benefits, because there’s a strong case to be made that the database state is designed to serve an unholy alliance of administrative convenience and security fears.

Meanwhile it is becoming everywhere apparent that a wholly organisation-centric “CRM” approach to life is nothing like as advantageous to the public, or indeed to large organisations, as it was sold as being by the management consultants which Alistair Darling has just banned.

What’s it costing you per data subject to keep records up to date in WUYJ, MIAP, BusinessLink, ContactPoint, eCAF, CfH? How accurate are the data? How complete? And how much duplicated? How much is explicitly permissioned by the data subject? Is it proven to a legal standard that in every case government is holding only data which is necessary and proportionate in a democratic society? Can you demonstrate clear auditable and informed consent?

But, like all technologies, databases can do damage if misused. The issue is not whether to have them but how they can be deployed without damaging privacy.

Ah! Phew! Hooray!

It’s a question of balance and the challenge is how to strike it.

No it’s not! It’s not about balance, any more than climbing to the moon on a ladder is a question of balance. I don’t care how good your balance is: it’s the wrong way to go to the moon.

You get accurate data at lower cost and personalised services without privacy intrusion by putting people back in charge of their own data. The Internet works at both ends, you know. You just can’t have every part of public services grab every piece of data they can about everyone, take away the barriers to data sharing, then hope to create an accurate picture of everything such that you can eliminate fraud, keep the public safe, and provide personalised services. Try doing the maths.

You know all that great “Power of Information” work the government has done on opening up APIs and letting public data out? Sometime soon a Secretary of State or a PM will announce, in a second such major policy shift, that the really big prize is in how we work with personal data. Government will relinquish the desire to own and control it. You will open up government APIs and let people’s structured, scalable private data in, under thier control. You will leave people in charge of their own lives, which is how reality is because we have to put all the pieces together anyway.

I repeat: this is not a question of striking the right balance. It’s about creating a secure platform for personalised services and new value. Getting it wrong, which we described in our report Database State, wastes vast amounts of money and of people’s time; it fails to deliver good customer services and breaks the law. We the taxpayer are thus intruded upon, failed by public services, caused to waste endless time sorting it out. We’ll have to pay to get it wrong and then pay again to see it all put right.

But where we should have a constructive dialogue, we have all too often an impoverished discourse where slogans substitute for evidence.

Too true. I’ve seen so much of that from government politicians and officials. I’m so weary of it. So many of us are so weary of it. But it cheers me up when NGO-world gets creative and cheeky. I love the pertinent art, the campaigning. Not just because it’s often witty, but also because it’s based on a deeper truth, coupled with a better sense of human nature, than your officials have served you up with.

The Rowntree Report on what the authors called the Database State is a good example of how the public discourse is flawed.

It shows how bad things have got. It’s pretty shocking that the fact that much of what you’re constructing falls outside what it is legal to do in Europe should come as such a surprise. It has taken you a full NINE MONTHS to reply to it. Did you really not consider these questions before you embarked on Transformational Government, and mixed up the security agenda with the public-service agenda? Was that wise? Don’t shoot the messenger here.

This could have made an important contribution towards meeting the challenges of new technology. The subject matter was important and its academic authors have a distinguished provenance.

I think you’re building up to shooting the messenger.

However, a detailed reading of the report reveals it was riddled with factual errors and misunderstandings and reached conclusions without setting out the evidential base for doing so.

Argh! You just shot the messenger!

So opaque was its methodology that it has taken months to work through it to respond in detail.

Stop shooting! Remember, this is the new era of respectful dialogue!

The methodology is clear as day. We wrote up 46 large databases (with precious little help from government). We discussed them against European criteria for legality. During the course of the work the Marper judgement confirmed that the DNA database was indeed illegal. We gave all our references.

I’ll get on to the government’s response in due course. It has taken their however many dozens of staff nine months to reply, so working at the same pace I should be ready to reply by around 2030-2050.

I hope that all those who read the original report and provided publicity for it will do similarly for today’s response to it.

I’m sure they will if it’s interesting, credible and passes the Mandy Rice-Davies test.

It is important that we now move beyond rhetoric

I think I may find myself quoting this again, perhaps frequently We may need a new acronym to go alongside Wibbi: IMBR.

new and detailed dialogue between all concerned to ensure that we seize the opportunities of this new information age while protecting ourselves against its risks. So when government is considering how data might be used for the public good, the voices of users and practitioners can be heard. That requires an open, constructive approach on both sides.

Yup, we all sign up to that. High bloody time.

To that end, I am announcing today that the Ministry of Justice will host an event early in the New Year to consider how we approach the data sharing aspects of reforms to the electoral register.

Alright then. But not in Feb; I’m in Iran.

He goes on to talk about cross-referencing the electoral roll with the NI number. Well, you need to do something to make this process more secure. Not so sure about the NI number: it might suddenly look as if we have 80m registered voters in the UK.

Those identifiers will not be available to the public, for obvious reasons – they are solely for the electoral registration officer’s use.

Not obvious to me at all Michael – I think you have organisation-centric assumptions engrained so deeply you’re not even aware of them.

I also intend to jointly host an event with Delyth Morgan from the Department for Children, Schools and Families which will focus on ContactPoint.

Clearly it would have been helpful to have this dialogue before you specified the system and started spending hundreds of millions of pounds of taxpayers’ money on it with Cap Gemini. So when we say “better late than never” it is with quite a heavy sigh.

We can never be complacent about databases – the challenge in getting the balance right

No it’s not about balance! It’s about getting it right!

But we can only do this on the basis of a rational and mutually respectful dialogue between all concerned. I hope the measures I have announced today can be the start of such a dialogue

Indeed. IMBR. I think you, your speechwriters and spin doctors will find this a major cultural adjustment. You’re clearly not there yet. But we will support and uphold you in your attempt to do just that, and for my part (I cant speak for anyone else) I shall try to do the same.

Was this whole long rambling post worth doing? Is Mr Wills going to get his act together and sort this out? I checked out his currency with one of Westminster’s most effective and reliable lobbysists. The verdict: “I wouldn’t expend too much effort on trying to enlighten him.” I find that harsh. He’s still a Minister after all.

Let us give Mr Wills credit for officially ushering in – if not yet himself exemplifying – the era of mutually respectful and courteous dialogue about the right way for government to work with personal data in public services. From the moment I click on “Publish” on this post I undertake to exemplify it myself. Hurrah!

What the hell has Facebook, the greatest of all public noticeboards for the inner landscape of our dreams, got to do with surveillance? Oh Lord, oh Lord, how much of this stuff the entitled middle classes can turn out without blushing.

David: Facebook holds and shares the details of 350m people in ways almost none of them understand. It’s an extraordinary and largely positive phenomenon. But have you ever looked at how it works and considered its implications? This is not a class thing.

He detects a “fashionable paranoia about data and surveillance” and dismisses the concerns raised in Database State as semi-apocalyptic.

My worry that that the report’s authors, far from being dispassionate in their assessment of 46 government databases, had in fact been chosen as much for their ready-made opinions as their expertise. Looking back I understated the problem. Four of the six authors of the report were almost better described as parti pris campaigners than experts.

But David, we chose ourselves. Our affiliations are clearly stated and blindingly obvious. When you rang me and vented at me for 10-15 minutes you had no idea who I was and hadn’t read my blog. Google exists, you know? Even though your boss seems to wish it didn’t.

It seems to have taken you *nine months* to work out the well-documented good work Terri Dowty does. Now you “reveal” it as some great hidden truth. Is this the valuable journalism Mr Murdoch says we’re all going to want to pay for on-line? Don’t you understand it’s perfectly possible to be a campaigner and yet to be well informed? Why do you think people become campaigners FFS? Through wilful ignorance? Because they read facile columns full of class-obsessed and fashion-conscious invective?

You’ve managed to work out Michael WiIls works for the government. But you’ve eaten up his chocolate-covered waffle without a sceptical glance.

Mr Wills also accepts that government must take blame for the poor level of debate because it has too often been “overly defensive and dismissive of criticism. Government believes it is acting benignly and legally and has not adequately recognised the fears of those who believe this is not the case.”

This is tripe. The poor level of debate on technology in public services isn’t because the government hasn’t been shoutey enough. It’s because the government is too assertive and indulges in groupthink, failing to take other views into account. At a shallow level they have a good intention, but they fail to realise the less desirable consequences of their ill-thought-out implementation.

I wouldn’t say there’s a deep underlying malevolence, but the poor manner in which they engage with others who have a different good intention is tantamount to malevolence. Your own article illustrates this very well.

Central to this is their documented failure to listen effectively to the views of scientists (not that I claim to be one, but two of my co-authors are) and also of service users and front-line practitioners. This is why NHS CfH has failed, as even the government now admits, and why the ID Scheme and ContactPoint will fail.

But [Wills’] overall point is this: proper use of new technology by the State allows a far more effective delivery of services to those that need them and a much better level of information about what is happening in society so that needs can be predicted and met. For the poor at any rate, such benefits are more than speculative.

This is true. But would David or Michael understand what proper use of technology is? Do CCTV cameras everywhere, ANPR, centralised databases, state-issued identifiers and audit trails and the removal of barriers to data sharing constitute proper use of technology by the State, allow effective services, and help all of us? That’s the debate we need to have.

We’ve been having it here since 2004 David. Did you ever join in, or were you too busy striking a contrarian pose to whatever was fashionable that day?

Wouldn’t it be better to have user participation in a design process of co-creation? Of course it would, as we’ve said here since 2004 and as the government has belatedly acknowledged in its Smarter Government white paper published yesterday.

Perhaps this is why, unnoticed by the Rowntree report, bodies such as Barnardo’s and the NSPCC had welcomed the Contactpoint database. They, at least, were not operating on the libertarian assumption that almost everything the State does is malign, or that an exaggerated notion of privacy always outweighs something that, to be old-fashioned, we might call the “public interest”.

We didn’t write about this in the report, but it’s not news to any of the authors or indeed to anyone who has taken an interest in this. The untold story is just how and to what extent funding arrangements for these charities has changed in recent years, the extent to which they are now dependent on state funds, and the political price exacted for that dependence. Are there any quality journalists around who might like to look into that? Be warned: it would require research, and not just opinion.

Aaronovitch gripes on about the census and how important it should be accurate. More than five years ago on IdealGov I wrote about how the Finnish census, which is register-based, is so much better than ours and also so much cheaper it can be done annually. It’s because the data quality is good and levels of trust in government are high. What’s more the Finnish government works constantly to try to earn ever higher levels of trust. David – we want something much better than what you’re asking for.

Oddly, the Rowntree Reform Trust, which is largely run by Liberal Democrat grandees, gives as its objectives the promotion of civil liberties and social justice.

There’s nothing in the least odd about that. What are the objectives of your employer News International? To prop up the UK tax base? Hardly. At least the JRRT pays it’s full share of UK tax. That’s why it can act as a campaigning organisation.

I think the libertarians, the aged hippies and the privileged have taken over the argument and that their cultural preferences have tilted the balance against social justice. Of course, the rich have themselves; the poor have only the Government

So the well-paid and powerful columnist can fire off a broadside of ad-hominem and ad feminam attacks, but miss the fundamental point. The poor and needy have every bit as much right to dignity and privacy about their affairs as the wealthy. But now they have no choice but to submit their data to insecure and often ineffective public services.

Informational self-determination – enshrined as a right for example in the German constitution – isn’t a class thing. It should be for everyone, whatever Michael Wills says, and whatever David Aa says. Pfff.

I’ve been asked (by pacifists and others concerned that the 2011
census is managed by a US defence contractor) what are the legal
options for non-participation. I know it’s not a question you’ll
welcome, [however] I believe I fully understand the arguments about why it’s
safe and a good thing to do, and that Lockheed Martin will process the
data in the UK and lawfully etc.

You should not underestimate the concern people now have about the
database state. This is of course not principally the fault of ONS
(it’s ContactPoint, ANPR, health records, ID cards & register, DNA,
CCTV, e-borders etc etc). But the loss of trust in the state’s
intentions and competence with personal data may affect ONS.

So I’d be grateful if you could advise me of any acceptable and legal
basis for non-participation in the 2011 census (eg being out of the
country, dual nationality, homelessness). If you have an exhaustive
list of circumstances, that would be ideal.

Wibbi a new administration used the occasion of the census to offer every British citizen the chance to use a secure independently-issued user-centric online ID?

Public sector organisations should avoid creating large centralised databases of personal information and keep clear audit trails of how identity data is used, under new proposals published today.

Leads into their consultation on privacy (see below).

The draft privacy principles are worth repeating:

# Proving identity or entitlement: people should only be asked for identity when necessary and they should be asked for as little information as possible
# Governance and accountability: private and voluntary sectors which deliver public services should be contractually bound to adhere to the principles
# Risk management: Privacy Impact Assessments should be carried out to ensure new initiatives identify and address privacy issues
# Data and data sharing: Organisations should avoid creating large centralised databases of personal information and store personal and transactional data separately
# Education and engagement: Public bodies must explain why information is needed and where and why it is shared

Why is it the Scots in Edinburgh understand this, but the Scots who run Whitehall resist it so strongly?

..a place where the collection of information is both infinite and at the same time monstrous, where the entire world’s knowledge is stored, but not a single word understood. In this “labyrinth of letters,” Borges wrote, “there are leagues of senseless cacophonies, verbal jumbles and incoherences.” In addition to the civil liberties and constitutional defects in the new surveillance law, another compelling argument against it is that it only increases the amount of “senseless cacophonies” in America’s Library of Babel.

The normal UK/USA rule of thumb suggests we have a cheaper smaller version which works even less well.