The Privacy, Identity & Consent Blog

The Information Commissioner has published fresh guidance about acceptable use of CCTV cameras. The most notable part of this is a recommended ban on microphones to record conversations. Why is this such a big deal?

The risks associated with social networking sites are becoming a hot topic, but a recent incident demonstrates a new low for employer attitudes towards staff use of the Internet.

Last year's data loss incidents have sparked a fascinating discussion that compares personally identifiable information with radioactive waste - and who is supposed to pay to clear it up.

BAA is trialling the biometric identification systems that will be used throughout the new Terminal 5, but is this an appropriate solution, and what exactly is the problem?

A little while ago, the Association of Chief Police Officers (ACPO) renewed the debate about building a compulsory DNA database for all UK citizens. The Home Office has rejected this idea, and two individuals are challenging the existing of the UK DNA database at the European Court of Human Rights. What's all the fuss about?

Media attention is shifting away from London Heathrow's new Terminal 5. A backlog of 28,000 bags is being cleared via Milan, and the number of cancelled flights seems to be gradually coming down. But what about the biometric security controls?

Infosecurity starts today, and it will doubtless be the biggest, busiest and boldest conference yet. So why am I feeling rather underwhelmed at the prospect?

At Monday's Enterprise Privacy Group meeting, a debate arose around the value of identity management - and in particular the Identity Metasystem - in the grand scheme of human endeavour. Why do we fret about identity when there are lots of apparently bigger issues out there? But stacked up against climate change, curing cancer and ending world hunger, identity management is a lot more important than you might think.

A senior police officer has stated that the pervasive use of CCTV in the UK has failed to cut crime and is an 'utter fiasco'. with only 3% of London's street robberies being solved using security cameras.

Data Protection guru Chris Pounder has put forward an excellent argument that there is no legal requirement for a security breach notification law in the UK because we already have a requirement for this under the Data Protection Act (1998). I'd also argue that there is no need for such a law because there's simply no point in it. Unless you're a pilot.

A new market is developing in environmentally-friendly low-carbon energy management solutions for businesses. Whilst visiting a public authority recently I witnessed an innovative solution to controlling energy use by their air-conditioning systems. Here's how they've done it...

Today's Dilbert focusses (geddit?) on workplace surveillance.

Online auction house eBay's reputation-driven trust scheme is a much-admired and much-emulated model. Or at least, it was until recently when eBay made a significant change to its operation.

Apologies to all for the lack of posting recently, it's been silly season in preparation for the summer - but finally that's here! Today I depart for a 350-mile cycle ride to London and then on to Paris, in aid of Action Medical Research and Riding for the Disabled. The team has raised well over £30,000 so far, so please sponsor us here - and you can follow our progress here.

Normal service will be resumed next week!

Another day, another data loss, and another struggle for an original headline. However, the RBS / NatWest / Amex loss of 1m sets of personal information isn't as straightforward as it might at first look.

New Forest District Council has been rapped by the Information Commissioner for posting up personal information on its planning website. The problem is not new, and a number of councils have been warned about this in the past. However, having been warned before about this, New Forest's response to the criticism was: "... signatures and other unique information are not now available for public scrutiny".

Out of interest, I went to their planning portal, punched in a postcode and pulled down the documents from a random applications. Guess what? There's the signature, together with all the other personal information. In the very first document I downloaded. So, is the New Forest District Council lying, or do they not understand their own system? Let's hope the enforcement notice is in Monday's post - because I'm off to steal a pony's identity.

(Partial signature reproduced here)