May 19th, 2010
|04:59 pm - Long post on the basket of measures|
The new coalition has presented a basket of measures within a narrative of 'restoring civil rights'. I know a little about three of these measures (virtually nothing about the rest). I think an argument could be made in favour of each of these measures, but each one represents a tricky and delicate trade-off, where there will be serious consequences whichever route is chosen. The narrative that has been used is simplistic, and makes me feel that the genuine rights dilemmas have not been considered.
The three are: the abandonment of the transferable identity scheme, legislation on biometrics in schools, and the cancellation of the Contact Point system. As with most news stories when you know anything about the subject, the way it is presented seems to be way off. I get the impression that this misleading narrative has been fed to the press by the PR teams of the coalition parties.
I've spoken before about transferable identity. The point of it is to allow commercial companies to process transactions of behalf of the government (as they do now) but without having to store personal details. This allows a greater range of small suppliers to bid for contracts, it allows big information systems to be broken up into independent subsystems, and it means your personal facts are not held in as many places. The alternative (which we currently use) is for the facts to be held in replicated form by several large corporations as well as by government. In both cases your data is held, with real risks. Some people think that corporations are more motivated to protect and error-check the data fairly and securely, others think the government is. That is the issue which should be debated, I think.
The second issue is biometrics in schools - falsely called fingerprinting school children. A few schools use a system of lunch-payment , which uses finger-touch technology. This is so pupils don't have to bring money to school. This system does not store the pupils' fingerprints, but uses a stored binary template (it's like a system which recognises you by the distance between your eyes, without storing an image of your face). It was recognised, nevertheless, as a controversial suggestion, and you can read some guidelines on best practice here saying that schools should consult with parents before implementing. A small number of parents say they were not consulted. I do not know if this is because some head teachers did not follow the legal guidelines, or because they did not repeat the consultation regularly enough (so new pupils were missed for example). The issue is to what extent additional legislation is required to address this slippage - perhaps indeed further tightening of the law is needed, but in my opinion this issue has not been presented in a truthful way. Note the proposed legislation only tightens the issue of parental consent, which is already covered by existing legislation (possibly not stringently enough).
The third point is the abandonment of Contact Point. This was established in the wake of the tragic abuse and murder of Victoria Climbie. A problem was identified at that time, which was that if abusive parents/carers moved between regions, they avoided detection, and children were (and are still) killed. Here is a BBC report from 2005 on the problem.The database therefore allows child protection teams in different regions to share information. I agree that this is a problematic and difficult situation. I would welcome an open discussion of other ways of tackling this hideous problem. I see no evidence that this very serious issue is being treated responsibly, but it is being framed within (as I am saying throughout) a spurious narrative which ignores the difficult issues which are raised.
I think it's a security thing in a big school where a teacher might not know everyone. Stop one pupil pretending to be another.
|Date:||May 20th, 2010 07:04 am (UTC)|| |
The underlying premise for all these proposals is that the government (and councils and large corporations) cannot be trusted with our personal data. I agree with that.
The solutions proposed all involve removing or reducing the data held. Fair enough but, as you point out, there was probably a reason it was being collected in the first place and so we ought to be more careful about unintended consequences.
Presumably many of the difficulties would go away if the government became trustworthy with this stuff. This is not going to happen unless we make the consequences of error or misuse much more severe than they are at the moment. If the bank was going to get a £100m fine if it misuses my data, or if a government minister was going to get the sack if a disc goes missing in their department, then maybe they would start to pay a bit more attention. We would need penalties like this which are deliberately disproportionate, because simply trusting to people's ordinary best efforts clearly doesn't work.
In most cases personal data is already collected by both government and large corporations. It is hard to see how our society could function without that data. Any system which streamlines it or joins it up is a trade-off. If you store the same data in multiple places (as now) there is increased chance of error. If you store it in one place then the chance of error is reduced, but the impact of error is increased.
I think even more than punitive measures, what is required is a public service ethos. It needs to be boosted and respected in my opinion. With sanctions for those who betray the trust.