Recently in Identity Category

Will 2012 be the Year that convergence finally happens?

| No Comments | No TrackBacks
| More

The rise of the smart-phone as the global social networking and on-line browsing device of choice has expedited the convergence  of fixed and mobile communications into "ubiquitous broadband" - even in the UK (which went from leader to laggard during the dead-end decade of local loop unbundling). Hence the driving force behind deals which upstage BDUK Broadband policy like that of O2 and Kensington and Westminster  in much that same way that BSkyB upstaged IBA Satellite policy, two decades ago.   

Meanwhile the fragmentation of debate over privacy, surveillance, on-line safety and cyberwarfare continues to complicate the spread of cost-effective information security by design - as opposed to coating that which is inherently insecure with layers of expensive and ineffectual scareware. Will that change as more businesses realise that using the identity chips already embedded in PCs and mobile phones enables identification of the physical device with which they are communicating? The routines are not totally spoof-proof (nothing ever is), but they do enable better, faster, less obtrusive security at lower cost. They also restrict anonymity to those willing to pay for the privilege. I look forward to seeing a converged debate flushing out the hidden agendas of those who wish to see this happen, those who do not, those who wish use all to be uniquely identifiable and those who wish to have multiple on-line personas with different attributes which they can manage separately.  

KYC = Kompromise Your Customer (by exposing their credentials to unnecessary risk)

| No Comments | No TrackBacks
| More

My Christmas Message sparked a small flame war with an accusation (probably tongue in check) that those who q uery doom and gloom scenarios are damaging bids for information security budgets and research projects by introducing a dose of reality. I then spent a couple of hours  of on-line research (alias semi-random browsing) beginning with Alex Muffett's blog entry  on "Londoncyber: our very own Star Trek Conference" and his presentation "Why Cybersecurity is Rubbish" and ending with "Pirates of the ISPs: tactics for turning on-line crooks into international pariahs".

I then enjoyed a  discussion on how much of the growing jungle of regulation to supposedly "reduce" the risk of fraud and compromise is not only worthless, but serves to actively increase it.  The first example was all those "know you customer" routines which require you to carry that which a mugger can sell to those who will use it to obtain electronic credentials in your name. Copies are then stored with sometimes spectacular insecurity.

 

Rationalising the slew of semi-incompatible Information and Identity Governance proposals

| No Comments | No TrackBacks
| More

Tomorrow I am due to help open the first discussion at the ETICA conference in Brussels on bringing together Ethics, Innovation and Politics. I have been piggy-in-the-middle between politicians and techies for over thirty years and believe Ethics entails accepting responsibility for the consequences of our past actions - not evading responsibility because the unexpected has happened or technology has changed.  My first point will therefore be that not only is technology  neutral but that the implications of most of the supposedly emerging technologies were being discussed over twenty years ago, albeit some of the terminology was different.

ID Card good-bye - Welcome "Passport to Pimlico" and post code lottery?

| No Comments | No TrackBacks
| More

The cancellation of national ID cards may, paradoxically, lead to a burgeoning of spend on public sector ID systems as the removal of uncertainty allows local councils to move forward with low cost residents' cards, as are used to improve service around the world at the same time as cutting cost, waste and fraud. Yesterday, after a meeting of the Information Society Alliance group meeting on identity governance practices in other countries, I spent an hour with one of the organisations that provides such services - with incremental savings and revenues often enabling roll out on positive cash flow. The barrier to such an approach in the UK was not the capital cost of systems development or equipment.    

Should you have a choice whether your personal information is sent offshore?

| No Comments | No TrackBacks
| More
The revelation that NHS trusts are routinely sending personal records for processing in a nation with no data protection legislation reminds me of when a former Inland Revenue CIO suggested (at a PITCOM meeting) that it be made a criminal offence to send data collected under statutory powers off-shore for processing. He had discovered that, despite a prohibition in the contract, one of their suppliers had sent a file containing current records to the USA for testing they had been told was being done in the UK. 

Drowning in Data Slurry as the "pipes" clog and burst

| No Comments | No TrackBacks
| More
The HMG actions to put more of its information on-line at data.gov.uk are surprisingly modest compared to today's hype. They are right to be so. THere are major issues to do with the accuracy of much of the data on their files, The Audit Commission and the Information Society Alliance (EURIM) are organising a round table on February 22nd on the quality of public sector information and the actions needed to ensure that much more of it is "fit for purpose".    

Speak now or else for-ever hold your pace

| No Comments | No TrackBacks
| More

This is to remind you that February 13th is the deadline for inputs to the Identity and Passport Service consultation on the secondary legislation under the Identity Cards Act 2006 that will establish the detailed procedures required to introduce ID cards and in particular for the Critical Workers Identity Card Scheme that is due to start in late 2009. 

Once in Royal David's Digital City

| No Comments | No TrackBacks
| More

I am indebted to GC Weekly for notice of this alarming announcement from the Herod Office and the respsnse from the No2AD campaign.

The government has published controversial plans for gathering data on individuals with new bionumeric technology, while helping small businesses. The use of bionumerics, or "people counting", will involve everyone registering in person at a national network of taxation offices. Everyone will travel to their family's town to enrol, a move which the government believes will boost the hard pressed tourism and donkey industries.

 

Another day, another data loss: Which culture must we change?

| 1 Comment | No TrackBacks
| More
The recent loss of offender data shows how the cultural malaise regarding other people's data pervades the ICT profession, not just government bureaucracies. But the need is to protect people not their data. So which culture is it that we need to change?   

The transformation of government begins: burying good news instead of spinning bad

| No Comments | No TrackBacks
| More
The GC Weekly  newsletter was headed "A dim way to bury good news": referring to the way that Transformational Government - our progress in 2007  had been included in the slew of reports rushed out just before the start of the recess. That set me to wondering why the publication of an account of genuine success mixed with thoughful comment and "real" news should be delayed and then "leaked" rather than launched.

About this Archive

This page is an archive of recent entries in the Identity category.

Governance is the previous category.

Information Assurance is the next category.

Find recent content on the main index or look in the archives to find all content.

Archives

Recent Comments

 

-- Advertisement --