Recently in IDv2.0 Category

Transparency skin deep for IDv2.0

| No Comments
| More
The thing rendered most transparent by the Cabinet Office transparency programme is the transparency programme itself: you can see right through it.

This became apparent when Prime Minister David Cameron dropped his pants over the News International phone hacking scandal. The government has made a principle of transparency where it suits, and a patsy where it does not. That's a shame, because there are things like the ConDem's next generation ID scheme that would really benefit from the sort of transparency the government made a commitment in its coalition agreement.

The promotional blurb for the Cabinet Office transparency programme declared its power to "strengthen people's trust in government" and "encourage greater public participation in decision-making."

Computer Weekly had this in mind when it sought details of Cabinet Office dealings with industry over the next generation ID scheme. Just like Labour's horrifying, original ID scheme, the ConDem scheme is being concocted in secret meetings with industry. Of particular concern is power it may give banks and markets over people's personal data.

But Cabinet Office refused the information because, it said, collating it would take too much effort. We bet it didn't take much effort to get the ideas from industry in the first place, nor to keep them informed about their progress.

Government actually finds transparency very easy to do when it suits.

Within hours of News International chief executive Rebbecca Brooks resigning under pressure from the phone hacking scandal on Friday, the Prime Minister had (under fire over the suspected intimacy of his friendship with her) published a list of meetings he had with the press in the last year. It was good to get this cleared up before police arrested her at the weekend. (UPDATE *)

Yet appeals under Freedom of Information law for details of government dealings with private business show how opaque government continues to be. We only know about the next generation ID scheme because Computer Weekly exposed it.

Now we know about it, we are refused further disclosure. We will likely not here more about it till the plans are finalised. So much for greater public participation in decision making.

ConDem transparency policy has always been opportunistic. Forged in the shadow of the 2009 expenses scandal, it has given us little more than open data, which was already afoot under Labour and quite conveniently serves serves the ends of the Big Society programme - that is, the dismantling and fire sale of public sector.

That's not to say that when this government's transparency programme was unveiled in the May sunshine after the 2010 general election, the Cameron and Deputy Prime Minister Nick Clegg didn't believe what they were saying.

"For years, politicians could argue that because they held all the information, they needed more power," they said in the coalition agreement.

"Technological innovation has - with astonishing speed - developed the opportunity to spread information and decentralise power in a way we have never seen before. So we will extend transparency to every area of public life," they said. What is really astonishing is just how shallow this transparency programme is.

UPDATE 22 JULY 2011

Oops. This story originally said that the Prime Minister's disclosure revealed only two meetings with Brooks, and did so in a way that implied this was convenient to him:

"Lo and behold, he had only two meetings with Brooks, though more than any with News International as a whole," it said.

It did in fact reveal seven meetings with Brooks, three with the Murdochs and about 36 per cent of press meetings (26 in total) with News Corp. overall.
 

Cabinet Office refuses disclosure of IDv2.0 plans

| No Comments
| More
So much for the "astonishing speed" with which the Prime Minister David Cameron and his Deputy Nick Clegg said technology was "spreading information" and "decentralising power" when they launched their transparency programme in May 2010. They were going to strengthen the FOI Act. What is really astonishing is just just how antiquated the FOI act still is.

The FOI Act allows public bodies to refuse requests that may take more than £600 of someone's time to answer. That's a lot of time and since most things are stored electronically nowadays, it's a lame excuse.

That doesn't stop public bodies from refusing FOI requests on the excuse it would take them too long to answer. It's sometimes simply inconvenient for departments to produce requested information. A case in point is Computer Weekly's request for information about the Cabinet Office's next generation ID Scheme, which is already shaping up to be as controversial as New Labours' ID Scheme ever was.

When your humble correspondent makes a request that may on the face of it seem like a lot of work, he calls on a widely ignored power of the FOI Act to avoid the sort of situation that usually occurs: where the department responds to the request a month later with a terse refusal on the grounds that it would take too long to answer it.

That power is the "Duty to provide advice and assistance" to which public bodies are held accountable under Section 16 of the FOI Act.

The Act describes the duty as follows: "It shall be the duty of a public authority to provide advice and assistance, so far as it would be reasonable to expect the authority to do so, to persons who propose to make, or have made, requests for information to it."

Whenever your correspondent has appealed for help under this FOI provision, it has always been to seek advice about formulating a reasonable request for information and not one that is likely to be rejected because it would cost too much answer.

This appeal is always ignored

Punch card.pngAs it was when Computer Weekly's asked Cabinet Office for details of its dealings with industry in respect of its next generation ID Scheme.

CW asked for details of report authors, meeting minutes, board members, distribution lists and schedules relating to its draft plans. It's a fair variety of information, but should be readily available in electronic form.

So, we said to the Cabinet Office, please advise us how much of this information we can request without being unreasonable: the last thing we want is for you to come back weeks later only to say you won't give the information because the request is unreasonable.

And what did the Cabinet Office do? It came back weeks later and said you can't have the information because the request is unreasonable.

We suspect the Cabinet Office is telling porkies and that its problem is not that the request was unreasonable but that it was inconvenient. It would have detailed the full extent of industry's part in formulating the ConDem government's next generation ID scheme.

As has been shown here, Freedom of Information is often a misnomer. The system operates to the advantage of departments that want to block the publication of information. They continue to do so in betrayal of the Cabinet Office's own transparency program, which purports to aspire to improve government decisions by increasing public participation in them.

Far from being an instrument of transparency for the networked age, FOIs are like using punch card computers in the 1970s.

Latest technology allows Cabinet Office to answer FOIs with astonishing speed.pngWhen you wanted to make a query of a mainframe computer system held by those few with power and money to have mainframe computer systems, you would have to punch out a card with your query coded in a way that could be input by its operators. The card would get sent off and you'd get a response weeks later. If you'd made a mistake, you'd have to go through the whole rigmarole again. That's what the ConDem's mean by transparency. It's quite astonishing!

How Gov aimed to exploit personal data trade

| No Comments
| More
The £3bn trade in tip-offs about people caught in car accidents has exposed the seedy side of the personal data market. Seedier still are draft government plans to cash in on this bonanza when it ought to be sticking to the Tory manifesto promise to give people a right to call the shots over their own personal data.

Plans to replace Labour's ID scheme with a private sector system of identity assurance, which Computer Weekly revealed Cabinet Office had floated to industry in April, have led inevitably to a proposal for the private sector to become more active as custodians of people's personal data as well. This is already happening to a large extent but, much to people's dismay, the private sector seems less interested in being custodian than exploiter.

In the Cabinet Office plan, British citizens would be represented by electronic identity and attribute agents (attribute being jargon for an item of personal data) in a "marketplace in trusted data provision."

"The 'trusted attribute service' economy is based on the exchange of attributes (aka claims) which are data items from a trusted source relating to an authenticated individual," said the Cabinet Office draft technical blueprint.

"They also provide a mechanism for third parties to expose such data, and operate in a market for that service," it said.

It went on to say how government could cash in on the billions already being made in the market for personal data. The idea was that people build a network of trusted relationships online and personal data supplied from members of their network can be assembled in combinations of ever-greater numbers of attributes to meet higher and higher levels of security clearance. Companies providing that data could charge for it, like police forces and insurance companies have been charging ambulance chasers for tip-offs when people are caught in a car accident.

"Government attribute providers" would under the Cabinet Office plan exist in all major government departments and feed personal data about the citizens in their charge to private sector identity and attribute agents.

"Possible examples" of data the government could trade included "nationality", the "right to work", and verification of national insurance and driving licence numbers.

"The government could potentially charge the private sector for this service," said the draft plan.

That might simply involve verification of data: whether someone is a benefit claimant or a disqualified director, or a confirmation of their nationality. In the virtual world, a yes/no answer is indistinguishable from the actual transmission of a string of data such as: "unemployed, disqualified director, from Jamaica".

These were draft plans presented for discussion. Though it is not unknown for the government to trade in people's data. DWP had for example been giving BT access to its national insurance database under arrangements that have not been disclosed.

The Cabinet Office Identity Assurance Scheme could not rely on a private sector ID market if it did not engage in actual exchange of personal data with private sector providers. The draft plan proposes people should have control over the trade in their data. But it is tempered by a warning that this may not always be possible.

That, as has been demonstrated by the example of the insurance scam, is the element of the coalition government's private sector ID scheme set to match in dread Labour's Big Brother: a market in which people's "attributes" are traded in such a frenzy that it inflates prices, leading people to be fleeced simply for being "known", pestered by vultures like ambulance chasers, and with who knows what other unforeseen consequences.

An answer to this problem has been proposed by the personal data model government has piloted at Brent and other councils, and with which the DWP and Cabinet Office have been closely involved.

That is the Mydex model, in which people are given the means to control their own personal data in their own personal agent: deciding who gets to see it, who gets to use it and on what terms. It would even give people the means to flog their own data, making them the primary agents in any market.

If that sounds too good to be true, its because the market is already getting carried away with itself. Banks are getting in on the act, as if early evidence hasn't already shown how the personal data market can inflate to the detriment of ordinary people without their help.

The government needs to act quickly to carry its pre-election promises on civil liberties to their logical conclusion. That does not mean making a song and dance about dismantling Labour's ID scheme only to throw everyone's identities to the dogs in the private sector. That means ensuring people have the means to control their own personal data, wherever and however it is held.

Subscribe to blog feed

Archives

-- Advertisement --