“The General Register Office, which oversees the registration of births and deaths, is to become part of the Identity and Passport Service in a move that is likely to see sharply increased data sharing between the two bodies.”

This is, or should be, the story of the week.

“The government plans to give IPS staff online access to births and deaths information which could be cross checked with ID card or passport applications. Data sharing between the two bodies was given a legal basis in July by an order made under section 38 of the Identity Cards Act.”

In the story linked to above, Phil Booth of No2ID makes the badly needed points, and I doubt if he’ll mind if he’s quoted at length:

“But Phil Booth, national coordinator of the No2ID campaign monitoring the government’s ID card and data sharing plans, described the merger as “chilling.”

It was “deeply worrying” that the GRO, a “formerly independent agency should be subsumed in this way, with no debate and for no apparent reason other than bureaucratic convenience,’ he said.

Birth and death dates might form part of an individual’s official identity, but register offices also recorded other information such as details about parents, Booth pointed out.

“The ID program is insinuating itself deeper and deeper into people’s lives. This is not so much ‘feature creep’ as a blatant land-grab of personal identity.

“That an agency which until a little over a year ago was limited to issuing passports is now grabbing control of citizen data from cradle to grave, and openly talks about ‘registration of life events,’ confirms what NO2ID has said all along. It’s not about ID cards, but the creation of a detailed, lifelong government dossier on every person,” Booth said.

He added “And that this sits in the dysfunctional and acquisitive culture of the Home Office should certainly make people think twice.”

I have a story in The Register today about new rules proposed by the TSA. The basis is that the operation of the no-fly and watch lists is supposed to transfer to the TSA from the airlines, so the TSA’s idea is that airlines would have to submit passengers’ names and identifying information 72 hours before the flight takes off, and each passenger will only be issued a boarding pass if the TSA comes back with an OK. There was a public hearing in DC on September 20, and I listened to the audio on the Web. Comments are still being accepted until October 22, and there are instructions on Ed Hasbrouck’s site about how to find the proposal and comment on it. The privacy objections to the proposals have to do with essential rights and freedoms, specifically the right to assemble, which is guaranteed under the First Amendment, plus concerns over the amount of data that’s going to be collected by the airlines, and retained by them as well as being forwarded to the TSA. (There’s a secondary issue wrt this data, which has been reported on by the Identity Project. The airline industry objections revolve around logistics: the cost to the industry, the feasibility of the schedule TSA has in mind. Qantas did ask why it was necessary, citing Australian practices that focus on preventing the wrong people from boarding the plane rather than receiving a boarding pass. The really key players - the computer reservations services who manage all the data for the airlines - did not testify in public.

While I was writing that piece for the Reg, it occurred to me that what the TSA wants to do is something the British ID card could also support: transform a default yes into a default no. Given the high-techery that will be present in the ID card, it’s easy to imagine the development of a permission-based society, especially since over time increasing amounts of checking versus the database can be done online (you don’t need to carry the card if everything is keyed to your name and fingerprint, or your number and fingerprint) - and this is what I wrote in net.wars.

While the TSA proposals are new to us, they weren’t any surprise to Ed Hasbrouck, who says that at last year’s ICAO meeting on machine-readable documents (which sounds like the event to catch if you want to find out what’s coming in travel security/practice) it was clear that this was the direction they wanted to go in. The conflict between this and the First Amendment and other laws seems not to have been considered.

wg

Via Kable, I learn that “A group of MPs has recommended that a senior official be appointed to lead a coordinated approach to tackle identity fraud. The All Party Identity Fraud Group published a report on 6 October 2007 calling on the government to appoint an identity fraud tsar. It says this would ensure a joined up approach to tackling the problem by creating a single point of contact across government, the police and private sector. In the last two years there have been three ministers with responsibility for identity fraud, and the group believes this has undermined efforts to create a coordinated approach to the threat. The report sees the secure sharing of data between the government and the private sector as a key way to tackle identity fraud, and suggests that a central shared database could be set up to allow financial institutions to verify identities and quickly establish cases of deceased fraud.”

Okay–government involved: check. Single government point of contact–er, check? (Kind of a big government…). Private industry involved: Check.

Er, excuse me? If you don’t involve the citizen you will not resolve the issue.

More prosaic than new robots, less dramatic than Galileo funding (eppur’ si muove), the DfES may compel an answer to the eternal schoolchild’s plaint, ‘Please sir, I want some more.’ Children who don’t want their fingerprints scanned may yet find a school dinner waiting for them.

What alternatives to full compliance are available to citizens who don’t want to be included in databases? The government compels private companies to offer opt-out mechanisms for commercial databases, and strongly prefers that such databases be opt-in only. Does this not suggest that the government understands that participation should not be compelled?

Just asking.

The argument can be (and has been) made that satellite imagery for meteorology has saved more lives than penicillin. So it should not be a surprise that a technology ‘win’ is announced regarding a new Astrium satellite that was able to peek through the clouds and report on the flooding this summer around Tewkesbury. And what a relief to talk about a positive development–I’m thinking of getting a Cassandra tattoo. (but where…?)

Quoting liberally from the Times story today, “The satellite, TerraSAR X, is not due to become officially active until next year, but during testing it took pictures of the Tewkesbury area of Gloucestershire in flood.” “Astrium’s Infoterra division in the UK has overlaid these images, which are accurate to within three metres, on Ordnance Survey maps and aerial photographs. This has enabled the company to produce a list of every house, water station, electricity sub-station and field affected by the flood.”

“In Tewkesbury, Astrium has calculated that if the water level had risen by a further 50cm the number of properties flooded would have doubled to 388. A 2m rise would have affected an extra 1,261 properties. This sort of modelling could allow insurance companies to calculate household premiums according to likely risk.”

Mashing satellite imagery with Ordnance Survey maps. This is the Web 2.0 model at work–but raises the question of what else can be mashed together…

Exciting times.

Via Computer Weekly, we see that “The London Borough of Brent is working on a project to provide a single view of residents’ data which will allow the council to improve customer service and the overall accuracy of council records. When complete in November, the project will allow Brent to conduct customer profiling in order to improve council services and offer additional services to residents. It will also help Brent comply with the Data Protection Act, which requires that information stored on an individual should be accurate.”

This could be very good. “The project has involved mapping out which systems hold the most accurate information. Customer data is extracted from the nine core council systems each night. The Initiate tool then matches customer records from each of these systems and links them together to form a master index of all customer information called the Client Index. Aside from building the master customer record the project also includes identifying change of circumstances eg change of address that have been recorded on council systems. All changes are passed back to council departments to ensure their systems are kept up to date. ”

Does anyone else notice that UK local governments have been leading the way for a couple of years?

I do look at other sources, but this again via Kable: “Liberty has published a report on the rise of the surveillance society, which seeks to restore the balance of the relationship between the individual and the state.” (Warning–I could not find the report on the Liberty website.)

This comes one week after news that the EU Human Rights Commission is considering whether DNA retention should be allowed absent a conviction for a serious crime, and only 3 days after a NHS hard drive with confidential patient information appeared on eBay.

As the Kable article is a short piece, more quoting becomes almost theft, but I’ve got good IPR lawyers… “Published on 13 September 2007, the report, ‘Overlooked: Surveillance and Personal Privacy in Britain’ explores the increase in surveillance, including the mass retention of personal information on government-run databases and the growth of the national DNA database.

It comes a week after Liberty won a six month battle with the Avon and Somerset Constabulary to have the DNA of a 13 year old boy, falsely accused of writing graffiti, removed from the DNA database.

According to the pressure group, the DNA database is the largest in the world with 3.9m samples. Rules allowing DNA samples to be taken at the point of arrest rather than conviction has disproportionately affected black men, with nearly 40% of black men represented, compared with 13% of Asian men and 9% of white men.”

And again, one interesting fact in the body of the story: “A YouGov poll commissioned by Liberty found that only 17% of Britons trust the authorities to keep their personal details confidential, while 57% believe the UK has become a “surveillance society”.”

And yes, regarding the title of this post, I did spend 4 years in the Navy and yes, I’ve been waiting for a chance to use the phrase.

We have tended here to concentrate on protecting information flows through computer networks. This is in part because there is so much work still to be done in this area, but I think also in part because most Blindsiders are of a computer-centric generation (you may well say ’speak for yourself, Fuller’, and I’ll eat humble pie).

However, mobile computing is growing faster than just about anything that gets measured in tech terms (well, except for Larry Ellison’s ego…) and I am personally convinced that a combination of mobile computing, location-based services and pervasive computing is going to explode onto the scene, offering new possibilities and new threats. I not only believe this–the success of my private pension scheme depends on it.

I think the day is coming very fast when the fact that I sit in a room at a desktop will instantly identify me as a grumpy old man (I think women will adapt to the new paradigm without much fuss). I think mobile devices with Japanese butterfly fan screens that fold up will move computing outside the converted second bedroom and into the street, and flash memory lapel pins will hold more information than my laptop.

It’s all going to be great fun, and I’m looking forward to it. But one reason I think it’s going to be fun is the fact that I’m not charged with assuring information flows within a government organisation. I think the number of nodes in organisational networks is set to grow logarythmically and that the edges of networks are going to blur dramatically.

I think IA specialists in 10 years are going to reminisce fondly about how life was so simple in 2007, before they had to build concentric circles of protection and build data hierarchies that have to exist in different forms within each circle.

For all of us who have retirement in mind before 2017, we may breathe a sigh of relief that it won’t happen on our watch (although it still may). And it might be fair to say that a fairly large share of Blindsiders fall within this group. But I think we owe it to the next generation of information assurance professionals to set the stage for them.

When memory becomes so small and cheap that your life fits into your belt buckle, when people will normally carry four or five objects on their person that have network connectivity, when hundreds of services offer local data based on segmentation rather than aggregation, when p2p dating services sit next to real-time data flows from your banking and investment activity, when government networks imperceptibly bleed into and through a myriad of specialist networks, information assurance will take on a different meaning.

We are entering that period of time where the evolutionary explosion fills an environmental niche created by a new technology. The prelude is finished. It’s just a bit funny that it’s not just one new technology–that computer science, biology, nanotechnology and whatever else I’m forgetting are coming of age at the same time.

Who needs science fiction?

This just in from Kable: “The European Court of Human Rights could make DNA retention without conviction illegal, according to a privacy law expert. Lord Justice Sedley’s proposal to put everyone in the UK on a DNA database could be dependent on a British man’s case against the UK at the European Court of Human Rights, reports The Register. Michael Marper is objecting to the retention of his DNA information on the Home Office’s database, despite the fact that he has never been convicted of a crime. He has appealed through the English courts and the ECHR agreed earlier this year to hear his case.”

Wow. What happens if the EU says it’s illegal?

The reaction from (I think) almost everyone who contributes to the Blindside project would be no. However, after hearing our impassioned arguments, many in Government still believe it is in the UK’s best interests to order everyone in the UK to submit DNA to government for inclusion in a national database.

Instead of starting off with my reasons why I think this is a seriously flawed idea, I want to focus on the reasons why some think it is good–or at least necessary. I don’t believe that all who support a comprehensive DNA database are either evil or fools, and some clearly have given thought to this.

A national registry of DNA would help government perform some things more efficiently without requiring structural change. Currently, the national media keeps attention focused on certain major issues–crime, and to a lesser extent (this year at least), immigration. Government supporters of a DNA database evidently believe that it would help deal with those issues.

My argument (FWIW) against this is that a DNA database would help in solving crime and identifying current illegal immigrants, but would do much less in preventing crime and future illegal immigration. Similar arguments were advanced regarding CCTV’s potential for deterrence of crime, and these arguments proved invalid. CCTV has not deterred crime, but has helped identify criminals after the fact. I don’t think DNA DB would play out much differently. Hence, to me it seems a major sacrifice of personal liberty for a false hope. If a DNA database proves ineffective in dealing with crime and immigration, they will not throw away the DB in disgust.

But the current structure of police forces, with fewer cops on the beat actually deterring crime, has shifted its focus to high tech resolution of crime instead. A DNA database would allow them to keep the same structure, beefing it up and increasing their powers. A DNA DB would allow the judicial system, currently fighting a backlog at the same time it resists internal technological change, to be (it hopes) more efficient without, again, undergoing structural change.

The persistence of the desire for such a database in the face of all the problems that have been noted in the concept means to me that government feels besieged, not just by crime and immigration (which aren’t nearly as bad as the effects of media coverage of same), but by all the effects of the 20th and 21st centuries, and are searching for a silver bullet that will allow them to do things the way they want to do them.

There has been considerable reorganisation of government departments over the past 5 years, but it’s hard to avoid the impression that much of that has been name changing and seat shuffling. I think the most passionate advocates of a DNA database are really defending their way of life more than anything else.

I do think every discussion of a national DNA registry should include a brief summary of some of the most important objections to it:

1. Data will be entered incorrectly, lost or sold illegally. As the system gets used for more purposes, the effects will be fatal to some. Lives will be lost.

2. People will learn how to defeat the system, reducing its reliability. The most common means will be via corruption of civil servants.

3. The money spent on such a system, if redirected towards a more visible police presence in city centres on Saturday nights and at the principle points of entry into the UK, would actually reduce crime and illegal immigration to the extent that the DNA registry would not be necessary.

4. As currently constituted, the UK government is incapable of holding this information securely. It will be stolen. It will be sold.

5. Maintaining border security by identifying ‘legitimate’ citizens and assuming anyone not on the list is illegitimate will result in wide-scale violations of human rights and crimes against those who do not appear on the list.

I almost got through that list without mentioning human rights, and I didn’t talk about liberty either. They evidently are not a major consideration in this argument, so why beat a dead horse?

Let me just mention what I would support. A database for the NHS with voluntary contributions of DNA to assist in patient care. Mandatory DNA sampling of criminals convicted of a serious crime. That’s it.

And by the way, it should be obvious that arguments against a national DNA registry transfer without much modification to a National Identity Card Programme. As with a DNA registry, it is being proposed to benefit government, and the burden of proof needs to be placed squarely on the shoulders of its proponents.