The Musings of Harry

Victorian Maiden has an uncharacteristicly wrong take on the Oxford Union debate, in this blogger’s opinion. She is, unfortunately, in good company.

While it is certainly true that the Oxford Union is engaging in naked publicity seeking, most likely in an attempt to annoy Cambridge, it is not true that they are wrong to give Griffin and Irving a platform from which to speak.

To give such people publicity is not to grant their ideas legitimacy, it is to give them the opportunity to expose themselves for the ignorant buffoons that they are. The solution to “bad” speech is not less speech, it’s more speech. The Oxford Union put two fools on a stage — dangerous fools, I grant, but fools nonetheless — and gave a large group of very bright people the opportunity to witness their idiocy for themselves. Quite rightly, there was also a gaggle of protesters outside to help them along. To echo Charon QC’s comments, it’s better that they face a public grilling and lose, than to win an implicit victory by virtue of the refusal of others to engage with them.

Some people’s ideas are objectionable, and some are abhorrent, but it is the mark of a free society that we allow their expression anyway. No one would claim that these people should be entitled to a platform to air their views, but the inverse position — where they are prohibited, if only by custom, from having any platform at all — would have chilling effects on everyone’s freedom. Short of inciting people to commit criminal acts, anyone should be able to say whatever they like, from wherever they like: if the Oxford Union wish to waste their time debating with morons in a shameless publicity stunt, that’s their business.

It may be stupid, but it’s not wrong.

ContactPoint, another of NuLabour’s database panaceas, has been delayed to allow “security procedures” to be reviewed in the wake of the HMRC data loss scandal. Work started on ContactPoint after the Victoria Climbie inquiry. It will contain details of all children in the country, and access to it will be given to 330,000 people. It is, in other words, a one-stop-shop for child molesters, but never mind that. This is a database. It must be vital.

Anyway, the delay raises a number of questions in my mind. First of all, this government doesn’t seem that bothered about following its own security procedures, because it doesn’t care about data protection. It’s not procedures that need changing; by and large, they’re obvious. It’s staff attitudes that are wrong and a culture of respect for privacy that is needed, and a couple of weeks’ worth of meetings to hobnob about procedures isn’t going to handle that.

Second, if one accepts that the HMRC debacle has raised questions that need to be considered  before work continues on big database projects, why has it been deemed unnecessary to suspend development on the National Identity Register or the NHS Spine, too? These projects are far larger in scope and far more dangerous that ContactPoint or the records lost by HMRC. What happens when someone loses your identity records and biometrics? What happens if they fall into the wrong hands? What happens when an identity thief gets hold of somebody else’s biometric data, whether it be by virtue of a leak or by standing around in an airport skimming passport data?

Perhaps the government would propose that we change our fingerprints. Such a suggestion would be only mildly  more absurd than their recent  attempts to reassure us that all is well.

Ever since the announcement by Alistair Darling in the Commons that the Government had lost 25 million people’s personal data, ministers have been spouting the fantasy that biometrics will prevent the same thing happening with the National Identity Register, which will underpin the ID cards scheme.

It is nice to see that someone has finally called their bluff. Academic ninjas Ross Anderson and colleagues have published an open letter to the Government explaining, in excellent language that even a minister could understand, why biometrics won’t make a jot of difference. This is splendid news, although I suspect it’ll be ignored along with the rest of the advice that academics have offered the Government over the last few years. Nevertheless, somebody had to do something to counter the stream of fantastical nonsense which has been flowing, unstemmed, from the mouths of Government ministers over the last week or so:

“The key thing about identity cards is, of course, that they will mean that information is protected by personal biometric information. The problem at present is that, because we do not have that protection, information is much more vulnerable than it should be.” — Alistair Darling, 20/11/07

This is a complete non sequitur. It makes no sense whatsoever to anyone with even the most frail grasp of the technology at work. The ignorance this demonstrates is appalling.

“What we must ensure is that identity fraud is avoided, and the way to avoid identity fraud is to say that for passport information we will have the biometric support that is necessary, so that people can feel confident that their identity is protected.” — Gordon Brown, 21/11/2007

Is it now? Is it actually safe given that in April — 7 months ago — academics in the states managed to reconstruct a fingerprint capable of fooling a scanner from the data which is sent from a passport to a reader over the air when its RFID chip is scanned? The very same data which, despite being encrypted, has such a weak key that it can be cracked in a few minutes by anyone with a desktop PC?

“There is of course an important protection in an identity card system, through the use of biometrics. Biometrics will link a person securely and reliably to his or her unique identity. It will therefore become much more difficult for people to misuse other people’s identity, even if full details of their biographical information are already known. The current plan for the national identity register is for biometric information to be held separately from biographical information, thereby safeguarding against the sort of eventuality that the right hon. Gentleman described.” — Jacqui Smith, 21/11/2007

In response to this pleasant-sounding fantasy, David Davis replied that he did not look forward to the day when somebody asks for this data and is sent it. Indeed. How, also, does Ms Smith propose that biometrics be used to secure information when a fingerprint, suitable for fooling a scanner, can be lifted from a tumbler or a CD case and attached, almost undetectably, to the tip of one’s finger?

These people are living in a complete fantasy, and a dangerous one at that. I don’t think the HMRC scandal is the nail in the coffin for the ID cards scheme, but it’s certainly one of them. Nor do I think that, were the ID cards scheme to die a quiet death, the problem would be solved.

This government has big plans for centralisation of data, and big plans for lots of neat technology, but they lack the most important ingredient: a culture of privacy protection and respect for people’s personal information. The absence of this trait is stark and worrying. What does it say about a government that hires expert consultants, for hundreds of thousands of pounds, to produce policies on data handling that fill inch-thick books with obvious advice, only to leave them languishing in a drawer while giving junior office lackies access to half the population’s personal data without any effective supervision or oversight?

Is it really prudent for this Government to create more and more and more and more databases when these incidents are happening over and over and over and over again? What planet are these people on? When will they be jolted out of this utopian technological fantasy?

If this hasn’t done it, what will?

Please commit some of the £780 million pre-tax profits you made this year to reducing ticket prices. You say that ticket prices are higher to pay for improvements to infrastructure: this would be fine if it were true. £780m profits and £286,000 in bonsus to your executives tell a different story. Don’t piss on my leg and tell me it’s raining.

I’d like to think that my gentle chastisement will prompt Network Rail to immediately change their stripes: such should be the way of the world. It is, of course, fantasy. They have no competition and will therefore rampantly profiteer until it becomes so unpalatable that the Government steps in and slaps them on the wrists. Yes, it’s true: rail companies are bastards.

In other obvious news, girls don’t want to be fat, men are competetive, no one likes condoms and Facebook isn’t private. Go figure!

Inevitably, a large swathe of yesterday’s Prime Minister’s questions related to the latest of HMRC’s cock-ups. Cameron rightly asked whether the Government could be trusted to run the National Identity Register given that they don’t seem to be very good at handling personal data (Nominations for the prize for gross understatement gratefully accepted…).

Brown, interestingly, dodged the bullet completely. Cameron quipped that Brown “wants to control everything, but cannot control anything”, and Brown, with no mention of ID cards, responded with a quasi-Blairite stream of statistics. Sigh… that’s just so 2006.

In all honesty, the high point of the whole thing was the sight of Patricia “The Patroniser” Hewitt asking a terribly dull question about the EU from the back benches. My hatred for this irksome woman is rivalled by none of her governmental colleagues: she really is awful. Let’s hope the frame of this crusty Blairite ancient graces the back benches for a good long while yet.

I read today, via No2ID, that the information commissioner suggested just last week that severe data breaches should be criminalised. This is a marvellous, not to mention timely,  idea.

Unfortunately, in light of a certain government department’s 25 million-person-strong clusterfuck, I don’t see it happening any time soon.

So, the government has done it again. Yet another demonstration of incompetently lax data handling. Apparently, Her Majesty’s Revenue & Customs do actually have good data handling procedures in place. Unfortunately, this did not stop someone from dumping 25 million people’s personal data onto a few CDs and bunging them in the post.

Remember that next time the government say that the security in place for the National Identity Register “are some of the most sophisticated currently available”. Raise an eyebrow when the same government say that, although their systems are super-secure, they can’t tell us how or why.

All the security procedures in the world don’t stop people being stupid.

False! Guns are good!

Today I had the good fortune to bump into some more of Neil Harding’s ill-argued, authoritarian claptrap. In this post, he defends the handgun ban, claiming it to be responsible for a 50% reduction in gun deaths in the UK. This is a stupid argument, but if you want to know why, go and read the post and its accompanying comments. One of the commenters (”Stephen”) is doing a marvellous job of rebutting the claptrap, and it’s a pleasure to read.

“You are potificating from the point of near total ignorance.”

Perhaps it should be his tagline?