Recent Blog Posts

Tonight is the premiere of David Bond's new film 'Erasing David,' which will also be shown on More 4 at 10pm on 4th May. If you have any doubt in your mind about whether we have already sleepwalked ...

One of the biggest flaws in the National ID Scheme's architecture is its failure to support peer-to-peer authentication in any meaningful way. The government has promoted it as a way to interact ...

The Technology Strategy Board has allocated up to £8m to invest in highly innovative collaborative research and development projects in the area of trusted services. The tools, techniques and ...

Please excuse the off-topic posting, but it's time for the annual charity event. Those of you whom I've pestered for sponsorship before will know that for the past three years I've cycled from my ...

As the country goes to the polls, the three main parties have committed to specific policies on Privacy, Data Protection and Security. In particular, the Conservatives have promised radical reform ...

Over the past few years the Government’s reputation for Information Assurance (IA) – managing the risks associated with information handling – has taken a beating. Individual incidents and serious ...

Google is reported to be recruiting bond traders. So what? They're a big company, they doubtless have a corporate treasury function (although being Google they've probably come up with a much more ...

A very unpleasant little amendment to the Licensing Act (2003) is in front of Ministers for approval as a Statutory Instrument (SI). If you're not familiar with the process, a SI is a delegated ...

The financial year end is nearly upon us. In a couple of weeks' time, government departments are expected to draw a line under many of their existing procurement contracts and move to a new budget ...

The US Federal Trade Commission has just found so-called privacy and security certification service ControlScan guilty of failing to monitor the practices of its certified sites. In their ...

The RSA Conference Europe is now accepting calls for papers for the conference on 12-14 October in London. I've always found the event to be a great mix of security, identity and privacy content, ...

An Italian court has flown in the face of the convention by convicting four Google executives - including Peter Fleischer, Google's Global Privacy Counsel - over a YouTube video that showed the ...

The Ministry of Justice has once again dropped plans to increase penalties against those who recklessly or deliberately misuse personal information. As part of its response to the Data Sharing ...

The Nudatrons* are back in the news again, as the Equality and Human Rights Commission has warned that their use in UK airports may be illegal, with a primary concern about how individuals might be ...

The Electronic Frontier Foundation (EFF) has launched an interesting new project to highlight just how hard it is to avoid being tracked online. The project is based upon information theory - using ...

It doesn't particularly concern me as anyone can look in the phone book and find my name, but some magistrates could be really worried - there will be those who will be terrified.

The Information Commissioner has confirmed that from April he will have new powers to fine organisations up to £500,000 for wilful or reckless misuse of personal information. Actions likely to ...

The attempted Y-Front bombing of a US-bound flight by Umar Farouk Abdulmutallab on Christmas Day has been the dominant international news story of the past few weeks. The repercussions for privacy ...

I've noticed a somewhat grumpy trend in my blogs over recent months: the problem is that there's so much to grumble about. Public sector appears to be in meltdown with accusations of ministers ...

The Information Assurance Advisory Council has been quoted as threatening government with a refusal to change existing contracts in order to comply with the requirements of the Hannigan review of ...

It had to happen sooner or later - the police have been accused of arresting people solely for the purposes of adding further 'suspects' to the National DNA Database. It's time to revisit why the ...

I wrote on the topic of the appointment of the new Identity Commissioner, and since then a comment has literally flooded in. I'm indebted to a spokesman for the Home Office, who writes: Today’s ...

Chris Williams of the Register has written an excellent analysis of the recent jailing of a schizophrenic man for refusal to release cryptographic keys to the police. This was a scenario foreseen ...

Newly-appointed Identity Commissioner Sir Joseph Pilling has addressed the Home Affairs Committee in his first public appearance since taking up the post. What he had to say was interesting, and I ...

I attended a very good session at the RSA Conference Europe in London this afternoon, entitled "Privacy Concerns with Adopting DLP Technology". The panel, which comprised RSA's Katie Curtin-Mestre, ...

The Evening Standard reports that PC World was asked to withdraw a £750 printer after the Met police "revealed it could produce replicas of the proposed new ID card and EU driving licenses." It's ...

Returning from Spain yesterday, I thought I'd jump the queue by using the IRIS biometric entry system. It's been a while since I've used it, since on recent returns to the UK, the gateway has been: ...

The Identity and Passport Service has just launched a Public Panel and Experts Group. In their words: The Public Panels will provide an opportunity for IPS to have a conversation with the public ...

The Conservatives have unveiled their plans for reversing the rise of the surveillance state. Seeking to pull the surveillance infrastructure out of government, their views are commendable, but it ...

The Conservatives will this morning describe their plans to reverse the rise of the surveillance state. Espousing three principles: that individuals, not the state, own personal information; that ...

DNA fingerprinting is 25 years old today. Speaking to the BBC, Professor Sir Alec Jeffrey, who pioneered the technique, called for the scrapping of innocent peoples' entries on the National DNA ...

Once in a while, a spam hits your inbox that raises a smile - which this one did. I've always rather liked Radisson hotels, but was particularly impressed with the list of jobs available in this ...

In the excellent Datonomy blog, Roger provides an interesting overview of the definition of 'Identity'. Arguing that it is about the autonomy of the data subject to control their personal data, he ...

The Home Office has refused to meet with Adam Laurie, the researcher who demonstrated an attack on the Foreign National ID Card last week. "...the Home Office again refused to see the ...

The Information Commissioner's Office has commissioned a study into the business case for privacy. Building on the Privacy by Design report, this project seeks to research and develop an easily ...

The BBC reports that Palm's long-awaited next-generation handset, the Pre, has been returning system and location data to Palm without users being aware or giving consent. Developer Joey Hess ...

Last week the Daily Mail published a feature piece in which it claimed that security expert Adam Laurie had managed to hack an ID Card in 12 minutes. The Home Office rubbished the article and ...

I was very disturbed to read the Guardian's claim that the police have been instructed by the Home Office to ignore the European Court's ruling that the UK DNA Database breaches human rights law, ...

Apologies for the lack of blogging over the past few weeks, I've been taking a break that included cycling to Paris and living in the woods for 10 days. In reviewing the mountain of news items that ...

Please forgive the off-topic post. Next week I will set out on the 400 miles ride from Hampshire up to London, then back to Paris via Portsmouth/St Malo. I'm part of a team cycling in aid of Action ...

Centre-right think tank the Centre for Policy Studies has published a new paper that sets out a vision for IT policy under a Conservative government. Written by technologist and Conservative ...

Robin points out that the 118800 mobile phone directory service has been suspended. Operators Connectivity claim that the suspension is to allow revisions to the beta version of the service, but ...

Datonomy reports on the new fee levels being set by the ICO for Data Protection notification. Small organisations won't see any hike from the existing £35 annual fee (free in certain cases), but ...

Sorry about the extended break from blogging - I've been away in the woods on a Bushcraft course, so no phone or email for me - but we're back to normal service now. I spoke on the topic of ...

I'd like to offer my congratulations to the Communications team at the Identity and Passport Service for successfully pulling off one of the most audacious and downright clever pieces of media ...

It would be good to see the lessons being learned in Scotland replicated across the rest of the UK, rather than being rejected by the government. In the meantime, Scotland appears to be well on the ...

Shadow Home Secretary Chris Grayling appeared briefly on this morning's Today programme to ask the five framework suppliers under the National Identity Service - CSC, EDS, Fujitsu, IBM, Thales - to ...

The Digital Britain report is out, and I'm glad I didn't hold my breath waiting for it. Ian has summarised the main recommendations, which appear to consist of propping up unsustainable copyright ...

I've finally got round to reading the US Cyberspace Policy Review. Authored by Melissa Hathaway, Cybersecurity Chief at the National Security Council, this document was published at the end of May, ...

The Sunday Times reports that new Home Secretary Alan Johnson has ordered a review of the National Identity Service. Claiming inside information that he "is more sympathetic to civil liberties ...

Outgoing Information Commissioner Richard Thomas was appointed CBE in the Queen's birthday honours list at the weekend. Richard steps down from his post this Wednesday, and his successor ...

I don't use Facebook much - there's nothing wrong with it, I suspect I'm just a little too old. My friends aren't big users, so there seems little reason for me to spend time there. However, thanks ...

Now - in the middle of a recession - is precisely the time to innovate. We need to challenge our assumptions about what is expected of public authorities; about how we procure IT and from whom; ...

The British Standards Institute has today published the first version of its BS10012:2009 - Data Protection: Specification for a Personal Information Management System. Is this the panacea that ...

I've surfaced from last week's Identity and Privacy conference to start work on some lengthier and more detailed posts, but this particular item caught my eye - the Guardian reports on a review of ...

It's been the busiest of weeks for privacy, identity and consent: MPs' suffering data loss on the most spectacular scale (or at least that's their version of events); the Home Office choosing to ...

Thinker, entrepreneur and social activist William Heath is engaged in a running battle with mobile telco Orange after a contract was fraudulently taken out in his name. Despite his reporting the ...

Next week beings the first Identity & Privacy Forum. Our keynote speaker this year is the Information Commissioner, Richard Thomas. We also have a host of experts from the fields of privacy, ...

The National Programme for IT is steaming ahead within the NHS (if you believe the press releases), but remains controversial as ever. Pilots in two different areas demonstrate the incredible ...

The Register notes that the Identity and Passport Service refused to issue a passport to a woman who had changed her name to "Ms Pudsey Bear" (in aid of the BBC's Children in Need charity), despite ...

"Mark Thompson" has commented on the previous short item on 'Phiting Dirty,' and I think his comment merits a blog item in its own right. I've reproduced his text below: This new 'smear' website ...

Deep Packet Inspection outfit Phorm is busy covering itself with glory today. This morning we had the Freedom of Information revelation that contrary to previous statements, the Home Office not ...

Some weeks ago I was interviewed by the BBC, who asked what I thought the greatest security threat to the National Identity Scheme (NIS) would be. The answer was easy: the biggest threat to ID ...

The controversial deep-packet inspection service offered by Phorm has been making the news again. But despite some of the hostile coverage that Phorm has received, there are possible benefits as ...

If you haven't already done so, set your video, Sky+ or PVR to record Sunday's Dispatches on Channel 4. Heather Brooke, the UK's leading Freedom of Information expert, investigator and journalist, ...

Professor Sir Alec Jeffreys, the scientist behind the development of DNA testing methods used in modern policing, has attacked the government DNA database. Speaking to the BBC, he said: "My concern ...

The Identity and Passport Service has announced the award of the first two contracts under the National Identity Scheme. CSC has been awarded the £385m contract for Application and Enrolment, whist ...

The Telegraph is reporting that in trials of facial recognition scanners at Manchester Airport, the machines had such difficulty recognising people against the facial image in their passport, that ...

I had a big clear-out of my attic over the weekend, and made in-roads into 15 years' worth of junk that had taken over the top of the house. Nothing exciting there (except for a mouse-filled Xmas ...

Google has launched its Street View service in the UK to inevitable howls of protest about the privacy implications. Is it really such a big deal? And might customisation offer a compromise for all ...

The Department of Social Scrutiny has published its identity theft guide - compulsory reading for all concerned citizens.

The government is once again bigging up the need for the proposed Interception Modernisation Programme (aka the GIMP) by arguing that it's essential to collect and retain all social networking ...

The government has announced that it will withdraw clauses 152-154 of the draft Coroners and Justice Bill in the face of a broadside of criticism from opposition parties, professional bodies and ...

The BBC is reporting that a number of police authorities have admitted to data loss incidents and misuse of police computers by staff. Of these, the most disturbing is an incident involving Gwent ...

I've just received a cracking advance-fee fraud attempt that's trying to pitch leftover funds from some "sharp practice" in the stadium construction. I can't wait to see the first one claiming to ...

I'm delighted to announce that Identity and Privacy 2009 will be held in London on 14th and 15th May 2009. [I trust you'll forgive the blatant plug for this event, but it's not often I do such a ...

I don't normally bother reporting on spam emails, since we all accept them as part of the dot-com world. I assume that they must still work, otherwise the Lads from Lagos wouldn't keep sending ...

In yet another chilling demonstration of the burgeoning 'us and them' culture that has developed in Westminster over recent years, MPs have voted for their home addresses to be kept secret and not ...

The Register is reporting that a number of prominent Scots - including Gordon Brown - had their medical records accessed by a doctor without authorisation: The files were part of the Emergency Care ...

The RSA Conference Europe 2009 has published its call for speakers. It's a great event for security professionals to learn and network, and remember that if your paper is accepted you gain free ...

I'm indebted to William van Zwanenberg, who has provided such a detailed and extensive comment on yesterday's "Nothing to hide, nothing to fear" (NTHNTF) article that is merits a blog entry in its ...

The idea that an individual can live in a surveillance society with nothing to fear so long as they have nothing to hide may, on the face of it, appear attractive. For those of us who think of ...

I spoke today at a Social Market Foundation event on biometrics. The keynote was Prof James Wayman, who was exceptionally fluent and interesting on the topic, and I was pleasantly surprised to see ...

I'd like to draw your attention to one of the most important civil liberties events of this - or any other - year. The Convention on Modern Liberty is a series of events running around the UK this ...

The Independent reports that Justice Secretary Jack Straw is planning to amend the data sharing provisions of the Coroners & Justice Bill when it reached report stage next month, with the ...

I wish there were an emoticon for <slaps forehead with one hand whilst lightbulb goes on over head>. I was pondering Coroners & Justice on the flight home last night, when I realised what ...

The Coroners and Justice Bill has had its second reading in the Commons and gone to Committee. Why should we care about a Bill that is, on the face of it, intended to reform the operation of ...

The government has been ordered to publish OGC Gateway reviews of the National Identity Scheme. The reviews, which are a standard component of major IT programmes in central government, examine the ...

The Register is carrying an entertaining story about Ireland's most prolific traffic offender - a Pole called "Prawo Jazdy" who had clocked up 50 speeding fines and parking tickets without ever ...

Social networking site Facebook has made an about-turn on changes to its privacy policy. On 4 February, the site published changes to its Terms of Service that would allow it to use any information ...

There's little doubt that privacy is a major issue for Cloud Computing, and few can claim to fully understand the issue, but Sun Microsystems has made it clear how important the issue is: they've ...

The excellent Datonomy blog has pointed out an article in the Daily Mail about the dumping of customer receipts as the stores closed down. But something feels wrong about this data loss story. The ...

Google has just launched its 'next big thing' - Latitude, a location tracker that can be used to share your location details with others. Is this a great leap forward, or a threat to privacy? ...

The ICO has published the full list of organisations that have signed up to its new Personal Information Promise. The list, which is copies below, includes many household names, who are to be ...

Wednesday 28th January is Data Privacy Day across Europe. I'm normally somewhat cynical about this sort of thing, but this year the Information Commissioner has come up with a real gem of an idea - ...

From the BBC technology website - does the government not notice that databases have a habit of getting breached?

The Home Office has been reprimanded by the Information Commissioner for last year's loss of 84,000 prisoner records on a memory stick issued to contractor PA Consulting. This is an important ...

The government took everyone by surprise today by not only dropping the 3-line whip on the bill to prevent disclosure of MPs' expenses, but also withdrawing the motion. Faced with a possible ...

Tomorrow the House of Commons will vote on a statutory instrument to exempt MPs from declaring their detailed personal expenses. This is a disgraceful sidestepping of Freedom of Information laws ...

The "Coroners and Justice Bill" has been placed in front of Parliament. Does this sound a little irrelevant to a privacy article? Not if you look in the small print of the Bill... The Coroners and ...