Comments on: Dashboard Identity

By: Tom Fuller

Tom Fuller — Tue, 31 Jul 2007 08:54:22 +0000

Hi all,

Glad this is turning into (almost) a thread. Wendy, I don’t want government controlling our access to data–but I would be pleased as punch if government became an advocate on our behalf to provide easy access to data we cannot get (or can get with only great difficulty) at present. And Caspar, yes, that’s exactly what I’m thinking of–notification of a transaction, not details thereof, and going through the third party’s log-in if I want to chase it up. The IDM used to validate my entry into this portal can then be accessed by other government departments as either a sole-source or confirming support for other IDM–but I get notified of most government requests, and I get a chance to flag up information I believe is incorrect.

By: wendyg

wendyg — Sat, 28 Jul 2007 00:15:24 +0000

I’m with Caspar on this. Maybe, Tom, you could get most of what you want if the government mandated that companies that retain important information about you (credit scoring, other financial matters) be required to make available to you some kind of secured RSS feed that you could subscribe to through the aggregator of your choice. If the government led the way by also creating RSS feeds of its transactions with you, then you could have your single portal - but not have the underlying data shared with anyone.

Seems to me the last thing we want is government controlling our access to transactional databases with other people.

By: Caspar Bowden

Caspar Bowden — Thu, 26 Jul 2007 19:32:16 +0000

Hi Tom
I am scratching my head how govermnent would keep track of all the private sector use of personal data. The Information Commissioner has a duty to maintain a public register of all data controllers in the UK (http://www.esd.informationcommissioner.gov.uk/esd/search.asp). Wouldn’t your proposal entail creating live database links from all of these into your proposed government portal, indexed by a single citizen number? If this system really tracked all disclosures of information (implicit in most transactions that happen electronically) that sounds like a formidably complete surveillance trail of everyone’s life concentrated in one place. Do you think that’s a good idea, or what kind of safeguards can you imagine to prevent function creep and appropriation of that data to intensify the “Surveillance Society”?

The Data Protection Act already gives you a right to insist inaccurate data is corrected - but admittedly it’s a real timewasting pain chasing down errors in practice.

What I am proposing is that you should have separate authentication credentials to log into separate data sources, but through one easy-to-manage authentication interface, and a legal right to access transactional/disclosure data online. A dashboard to allow the individual to correlate and consolidate seperate sources of data sounds fine to me, but frankly it surprises me that you think it is a good idea for government to manage this.

By: Tom Fuller

Tom Fuller — Thu, 26 Jul 2007 05:49:55 +0000

Hi Caspar,
I think it would be great–and probably a better service–if a private provider put up such a portal, but I would then want the private portal to include government information about me on it. In sad fact, I think we are still in disagreement, as I think this is or should be a government initiative.

I think a dashboard that flags activity around use of my private information is something that would allay my fears about the hidden economy in personal information. I think that extending it to private party use of my information is exactly what I wish government would do in this space. I think giving me the opportunity/responsibility to insure the accuracy of this information gives me power that I don’t currently have, but should in any reasonable definition of civil society and private property.

I think it solves practical and philosophical problems for government. It helps keep their database clean and their reputation as open and honest alive. It provides a mechanism for private citizen to approach private parties regarding error and fraud that otherwise might become a dead weight cost for government. It also may allow for the improvement in provision of private party information services and security.

Maybe I’m painting myself into a corner here, but the more I think of this idea, the more I like it… Maybe when I come back from a week off I’ll mock up the service on a dead URL–maybe if you see it you’ll change your mind. Or maybe you’ll mock my web design skills as well as my ham-handed approach to issues that have bedeviled the information society for so long.

By: Caspar Bowden

Caspar Bowden — Wed, 25 Jul 2007 20:33:20 +0000

Hi Tom

I don’t know why we are in disagreement. One of the distinctive elements of the European Union privacy regime is the individual ALREADY has a clear and absolute legal right to know not only what information is held by ANY organisation (subject to the exemptions above), but ALSO how it is used and disclosed. But the duty for fulfillment of this legal right falls on the data controller (in your example Experian), and they only have a legal duty to tell you this information by offline means (i.e. dead trees and snail mail), and they get to charge you up to ten quid each time (less for credit scores - but that doesn’t include disclosure info). So the question is - what is Experian’s incentive to let you access this information securely online?
This part of the Data Proetction Act (Section 7) needs reform and updating. I think IT infrastructures and authentication technologies have matured to a level where it is reasonable to expect new systems to implement a right to secure online access for free or a nominal flat cost (so phase it in over say 5 years). But only if the individual wants this - they may be skeptical about the security and should be able to block online access, and still get snail mail for ten quid if they want instead.

My quibble was with the suggestion that this should this be done through a government portal?

By: Tom Fuller

Tom Fuller — Wed, 25 Jul 2007 06:10:58 +0000

Hi Caspar (and all)
I disagree–I would like a mechanism whereby I can monitor activity regarding my and my identity by third parties. As it stands today, if someone queries Experian about my credit score, I not only do not know that they did so, I don’t know what Experian told them. If someone grabs my credit card number at a restaurant while I’m paying the bill, I may not know about usage until my statement comes.

I am not in control of how information about me that is collected by third parties is used. Those third parties include government. Notification of activity is the first step towards retaking control.

I see the point and largely agree that notification probably would never include active criminal investigations, but I think the larger danger is the trivialisation of normal data exchages, especially as a stronger FOIA would allow for some truth checking after the fact on criminal justice issues.

But the rationale for something like this is again, robust identity management without user input is extremely difficult and expensive. Engaging the user requires offering something of value to encourage participation. Knowledge of how public and private institutions are using your information is of immediate and growing concern. Hence my modest suggestion.

By: Caspar Bowden

Caspar Bowden — Tue, 24 Jul 2007 20:26:54 +0000

I agree with Wendy that it seems weird to want to access your credit history through a government portal. Why? Isn’t that like saying it’s a little confusing having “so many of these website thingies” (in my best quavering high court judge voice), why don’t we just access everything through one website? To justify this with the argument that some people would find this jolly convenient seems plain dangerous to me. Some people would still think it jolly convenient to put all information into a single government database (and the owner of one well known database vendor proposed exactly that after 9/11).

To Robin’s point, it’s true that S.29 of the Data Protection Act has a law enforcement exemption to the individual’s right to know about their own personal data and what has been done with it. But this exemption is fairly narrow - it should not apply unless the data relates to a current criminal investigation specifically concerning that person. Caveat - this is not true of the nat.sec exemption (S.28), which can deny whole classes of data about everbody under a neither-confirm-nor-deny security doctrine (and this was a major issue in the recent Home Office decision to use road camera data in real-time for counter-terrorism)

Apropos a different Blindside thread, there’s more to Kim Cameron’s work than the seven laws/principles. The Identity Metasystem is a vision for interoperability between different identity systems - and there are good practical and theoretical reasons why different systems are needed for different purposes. Information Cards (and Microsoft’s implementation of the concept - “Cardspace”) provide a general mechanism both for authentication with context-specific credentials, AND for conveying identity claims from one system to another. So it would be an ideal way to manage access to many portals with a consistent interface, and to shunt useful data from one to another, but with the individual retaining full control.

More here - http://www.identityblog.com/wp-content/resources/Identity_Metasystem_EU_Privacy.pdf

By: Robin Wilton

Robin Wilton — Tue, 24 Jul 2007 11:43:09 +0000

Then again, you might have multiple dashboards, corresponding to different functional and regulatory ’silos’, or different patches of your digital footprint.

There’s still something you will have to simply put up with, which is that you will not get told about all the accesses to your data. We have to be clear that there are going to be (at least) two discrete ‘views’ of your data: a ’service delivery’ view and a law enforcement view. The dashboards would relate to the former.

By: Tom Fuller

Tom Fuller — Mon, 23 Jul 2007 20:56:16 +0000

Hi Wendy,
My thinking is this: You don’t have to reveal any information on the dashboard site. Just tell them that an action has occurred (e.g., a request for change of address has been received by your local council–click here to see details). Second, people keep asking me what citizens want from government electronic services–here’s a chance to aggregate important information on a government hosted website–if they invite Experian or the Royal Bank of Scotland or Visa to feed account activity information to a citizen, the citizen has information she/he can use and is likely to keep coming back. The citizen then becomes guardian of the accuracy of her/his information. Again, you wouldn’t ever say ‘your council tax is past due,’ or ‘Visa reports you charged £300 at William Hill’s.’ It would say ‘Your council would like you to contact them’ or ‘click here to see recent activity on your Visa account.’ You would then identify yourself to the third party however they saw fit. But the dashboard would also tell you what government knows about you and how government uses your information.
As for the adverts, I was half joking, but really–why not? If this was self-funded or fundable, maybe Google would do it for free.

By: wendyg

wendyg — Mon, 23 Jul 2007 19:32:57 +0000

I think your first problem with this idea is that you’re confusing public sector (ie, government) and private sector (credit scoring companies) about you. It might be alarming to some people to be able to access their credit information via a government web site because that would imply the government had access to it. Which, at this point, they don’t without a court order.

Separately, I have to say that I don’t think advertising has any place on a government web site unless it’s for government services. I think it’s better if governments don’t have outside sources of revenue. It’s one of the only things that keeps them accountable to us. By the people, for the people, of the people, yeah? (And yes, I know that’s Another Country. But still.)