It’s the beginning of the festive season, and it's also been an exceptionally busy week, with my usual DPA work being augmented by two drinks receptions and two launches. And one of those events has spawned an idea that might make my fortune. Well, someone’s fortune, anyway.
Before I turn to that idea, I ought to point out that one of the receptions I attended this week was a real challenge if you were dyslexic. It was held in a building that was hosting a slightly different reception on the concourse above, and members of both groups spent sometime rather wistfully wondering if they should have been mingling with the other lot. The event I attended was signed “ICO reception”, and the star guest was the new Information Commissioner, Christopher Graham. Just above and behind us, party guests were attending an event signed “IOC reception”, where the star guest was the Princess Royal. We appeared to be enjoying our food and drink to a much nosier extent that that crowd upstairs, so every now and again disapproving glances were sent in our direction. We didn’t care, though. Hardly any of that lot appeared fit enough to actually participate in the Olympics – I think they must have been the Olympic accounts teams, or something. They were eating a lot of pies. But if you wanted to mingle with real royalty, rather than DPA royalty, you had (literally) to be above us rather than on our level.
Both launches I attended this week were significant. Stewart Room’s book on “Data Security : Law & Practice” (attended by Lords, Ladies and the great and the good of the data protection world at the offices of Field Fisher Waterhouse) should give us all some very useful indicators as to the possible direction of regulatory travel. Designed for the professional, I do hope that it's going to be a very useful place for me to start from to locate that reference to that thing that’s on the back of my mind. It ought to be an essential piece of kit for everyone who regularly attends data protection events. The second launch, in the River Room at the Millbank Tower, by the Tate Gallery, was for the ICO’s new plain English guide to data protection, this time a more down-to-earth look at the principles of the Act, using practical business-based examples. It’s the sort of publication designed for those who don’t usually attend ICO or data protection events, but who still ought to know a bit about the legislation.
But my mind was most taken this week by another event – this one where I must have been invited to by mistake, as there were hardly any data protection folk there at all. At this particular party, though, a group of extremely highly paid solicitors were laying Wii golf. And this is where I had my idea. Why Wii golf, I thought to myself? Why don’t those good folk a Nintendo develop a Wii DPA game? Surely that would be a best seller.
On the train back home I started to develop a few basic concepts for the game. Were the players to be people fighting to get their Subject Access Rights, or perhaps they were DPA Officers dealing with an ICO Assessment – or trying to register all their processing purposes, etc. Then every now and again we could have a new set of DPA policies suddenly descend upon us all, or a job offer from another company, where we could start again and create a data protection concept from new. Points could be awarded for attending DPA conferences, double points for speaking at these conferences, and triple points for actually saying something new at the conferences. Points could be deducted for each data breach (for which there was an element of corporate responsibility), and they could be won for creating new measures what made it harder for data breaches to occur, but which actually let the business carry on and do some business.
Yes, I thought to myself. A DPA Wii would be a brilliant way of guiding people through the data protection maze. Let me give more thought to the concept. And if it ever hits the streets – watch the date of this posting – as I’ll be demanding my IP rights, if any IP lawyer wants to help me out (on a conditional fee basis, of course).
Saturday, 28 November 2009
Saturday, 21 November 2009
Falling like Lucifer
I’ve been reflecting recently on what happens to people in public life who have made serious mistakes and attempted to resurrect their careers. And I wasn’t thinking about Lord Jeffrey Archer, or what Jonathan Aitken did with his “simple sword of truth”, either. Nor any other of the current crop of hapless politicians, for that matter.
What started me off was being reminded of the exploits of a British politician from a very different age. My memory was jolted when I saw an old copy of his memoir “To Fall Like Lucifer” for sale in a Crouch End charity shop. I remembered first reading it some 30 years ago. He really had class – and was a true gentleman. Ian Harvey was educated at Fettes College and Oxford University (just like former Prime Minister Tony Blair), a former distinguished army officer, married with 2 children, who turned to politics and by 1958 was a junior Foreign Office Minister.
As Wikipedia tells it, in November 1958, Harvey and a Guardsman from the Coldstream Guards were found in the bushes in St James’s Park; Harvey tried but failed to escape, and attempted to give a false name on arrest. Both were charged with gross indecency and breach of the park regulations. The indecency charge was dropped at the trial and both were fined £5. Harvey subsequently resigned his ministerial post and his seat, and paid the guardsman's fine as well as his own.
Then, after a period of a few years, he returned to public life, becoming Chairman of his local Conservative Association and a senior board member of the Inner London Education Authority. He died in 1987.
My thoughts then turned to Bob Quick, the Metropolitan Police’s former Head of Counter-Terrorism, who resigned in April of this year after he had accidentally revealed details of a covert investigation, which forced police to bring forward anti-terror raids. He was photographed by the press outside 10 Downing Street holding documents that were clearly visible marked SECRET.
He was about to brief cabinet ministers on Operation Pathway, spearheaded by MI5 and Special Branch, which was apparently designed to thwart a series of suicide attacks at shopping centres in Manchester over the Easter weekend, dubbed the “Easter spectacular.” The unintended leak, technically a breach of the Official Secrets Act, caused authorities to speed up their timetable, making raids across North-West England.
While the police apparently did manage to arrest all their suspects without much trouble, no bomb factory was found, no evidence leading to indictments was published, and all 12 suspects were subsequently released without charge. That shows what happens when you rush an investigation, I suppose. By allowing sensitive material indicating the existence of a very serious criminal investigation to pass prematurely into the public domain, the chances of a successful set of prosecutions were fatally undermined.
But I don’t expect a proficient copper will be kept down for good. As James Cleverley, Deputy Leader of the London Assembly’s Conservative Group and the Mayor of London's Ambassador for youth, put it in his blog on 9 April, “Bob made a serious mistake and took responsibility for his actions. You don't see that very often these days, do you?”
Having been roundly praised for doing the decent thing and actually resigning, I’m sure it won’t be too long before we see Bob Quick returning to prominent policing or security roles. Or perhaps he’s already working on the 2012 Olympics, and I've just not noticed.
I wonder who will be the next celebrity to fall - but then arise again - after a decent interval.
What started me off was being reminded of the exploits of a British politician from a very different age. My memory was jolted when I saw an old copy of his memoir “To Fall Like Lucifer” for sale in a Crouch End charity shop. I remembered first reading it some 30 years ago. He really had class – and was a true gentleman. Ian Harvey was educated at Fettes College and Oxford University (just like former Prime Minister Tony Blair), a former distinguished army officer, married with 2 children, who turned to politics and by 1958 was a junior Foreign Office Minister.
As Wikipedia tells it, in November 1958, Harvey and a Guardsman from the Coldstream Guards were found in the bushes in St James’s Park; Harvey tried but failed to escape, and attempted to give a false name on arrest. Both were charged with gross indecency and breach of the park regulations. The indecency charge was dropped at the trial and both were fined £5. Harvey subsequently resigned his ministerial post and his seat, and paid the guardsman's fine as well as his own.
Then, after a period of a few years, he returned to public life, becoming Chairman of his local Conservative Association and a senior board member of the Inner London Education Authority. He died in 1987.
My thoughts then turned to Bob Quick, the Metropolitan Police’s former Head of Counter-Terrorism, who resigned in April of this year after he had accidentally revealed details of a covert investigation, which forced police to bring forward anti-terror raids. He was photographed by the press outside 10 Downing Street holding documents that were clearly visible marked SECRET.
He was about to brief cabinet ministers on Operation Pathway, spearheaded by MI5 and Special Branch, which was apparently designed to thwart a series of suicide attacks at shopping centres in Manchester over the Easter weekend, dubbed the “Easter spectacular.” The unintended leak, technically a breach of the Official Secrets Act, caused authorities to speed up their timetable, making raids across North-West England.
While the police apparently did manage to arrest all their suspects without much trouble, no bomb factory was found, no evidence leading to indictments was published, and all 12 suspects were subsequently released without charge. That shows what happens when you rush an investigation, I suppose. By allowing sensitive material indicating the existence of a very serious criminal investigation to pass prematurely into the public domain, the chances of a successful set of prosecutions were fatally undermined.
But I don’t expect a proficient copper will be kept down for good. As James Cleverley, Deputy Leader of the London Assembly’s Conservative Group and the Mayor of London's Ambassador for youth, put it in his blog on 9 April, “Bob made a serious mistake and took responsibility for his actions. You don't see that very often these days, do you?”
Having been roundly praised for doing the decent thing and actually resigning, I’m sure it won’t be too long before we see Bob Quick returning to prominent policing or security roles. Or perhaps he’s already working on the 2012 Olympics, and I've just not noticed.
I wonder who will be the next celebrity to fall - but then arise again - after a decent interval.
It's unfair to change the rules without any warning
I’ve just returned from the gym and am still really wound-up with frustration.
Let me explain.
I live in North London and am proud to be a citizen of Crouch End. Until recently, we have had a very benevolent local council (Haringey) who have very kindly allowed us, the mere rate-payers, to use a car park at the rear of the local public library every Saturday so that we can do our local shopping (and use the library). During weekdays, the car park is reserved for local authority workers. But at weekends, for the past 15 years or so, it’s been freely available for anyone to use. This arrangement has not caused any problems with council workers, as they don’t use those car park spaces on weekends anyway.
So you can imagine my mood change when I arrived at the car park this morning to see a new set of signs by the entrance gates. We ratepayers are now only permitted to use a fraction of the par park, and even then we can only park for 2 hours. That’s not sufficient time for the many Crouchenders like me who first use one of the local gyms and then queue for ages at the check outs in Budgens and Waitrose before we can return to our cars. So we’re annoyed. Really annoyed. In fact, we’re so annoyed that we’re even blogging about it...
The signs at the car park entrance are pretty shamefully worded too. They explain that “Wheel clamps and vehicle removals are in operation”. Parking is not permitted in spaces now reserved for library staff. The clamp fee is £100. The tow fee is £100. Storage charges for these towed vehicles are £30 a day. And all patrons are warned that there could be long delays in unclamping vehicles. Finally I read the statement; “Library staff have no involvement in parking issues and do not call Wing Security to clamp or tow vehicles – for all enquiries regarding these matters call the number above”.
Pathetic.
No prior warning was given that the parking rules were to be changed. Nor is there any explanation for this radical change of policy. Nor are there any contact details for those responsible for this matter. All we locals can do is vent our frustration at the security contractors who are are hardly going to be sympathetic as they likely to benefit financially as a result of this new policy. A lot of people were caught unawares and are very angry.
We can all live with situations where we are given fair warning that the rules are about to be changed, as we can then plan ahead and make other arrangements. But, when no warning at all is given about an abrupt change in strategy that costs victims a possible penalty of £230, it really does erode the confidence I have (or had) in my local council.
Saturday, 14 November 2009
“Am I bovvered?” (Setting a maximum penalty for data breaches)
Has the Ministry of Justice embarked on yet another attempt to undermine the Information Commissioner’s Office?
That was the first thought that came into my head when I read the “consultation document” the MoJ has recently rushed out on setting the maximum penalty the Commissioner will be able to impose for serious breaches of data protection principles.
To be brutally honest though, it’s not really a proper consultation document. Those awfully clever mandarins at the MoJ have managed to publish something which has 22 pages. But, it really is a dead cert to win the annual “Don’t tell him, Pike” award (sponsored by the BBC's "Dad's Army programme) for the crassest attempt to provide as little evidence as possible from which consultees can base their views.
What would an uneducated reader learn from the consultation document itself? Hardly anything. The proposal is set out (on page 8) in 123 words. The background to the issue is sketched out in 198 words, while the “evidence” on which views are sought is covered (on pages 8 and 9) in just 190 words. And that’s it. There’s nothing else to read, really. Blink and you’ve missed it.
The real evidence – and the really interesting stuff, is tucked away elsewhere, about which there is just one single reference in the entire consultation document, This is the "Impact Assessment", which is 33 pages in length and contains some very interesting assumptions about just how the Information Commissioner’s Office would really use the powers it was given.
In a nutshell, the MoJ mandarins have worked out what the Information Commissioner might do if he were able to award maximum fines of £50,000, £500,000 or £2.5million per offence. If the maximum fine were to be just £50,000, then 12 data controllers would be in for the chop each year. If the maximum fine were to be raised to £500,000, then just 8 data controllers would be up before the beak. But, if the maximum fine were to be a whopping 2.5 million, only 6 data controllers would need to stiffen themselves for a whacking every year. These assumptions appear on pages 4,6 and 8 of the analysis.
Somewhat confusingly, page 17 of the analysis reports that the ICO estimates that monetary penalties are imposed approximately 25 times each year for serious contraventions. I can only explain the difference in these statistics by assuming that this larger figure refers to court fines, rather than the new penalties that are being discussed in this consultation document.
The bean counters have also done their sums in anticipation of the income that would be generated from those caught in the firing line. Should the maximum penalty be £50,000, the working presumption is that each of the 12 will be fined £25,000 (raising some £300,000). If the maximum fine were to be £500,000, the 8 unfortunates will be fined £100,000 (raising £800,000). Finally, if the maximum fine were to be £2.5 million, the 6 miscreants will be fined £1 million (raising £6 million).
In 2009 there were about 319,000 data controllers registered on the public register of data controllers. So if they all behave alike, they can’t each expect to get caught that often. If the maximum fine were to be set at £500,000 then they might expect their own £100,000 fine to be levied once every 39,875 years. So if I were a data controller’s accountant, I would suggest that they set aside £2.50 each year for the “ICO statutory fine” pot.
And what would the benefits be to society? It’s been assessed that if the maximum fine were £50,000 or £500,000, then controllers would take additional precautions that would result in 4 serious data breaches being prevented every year. And if the maximum fine were to be increased to £2.5 million, then the additional controls might ensure that 6 serious data breaches would be prevented every year. These really are the assumptions that appear on pages 4,5 and 7 of the analysis.
That does not appear (to me) to be much of a deterrent. Nor, is it assessed (by me), will it have much of an impact.
Custodial sentences, on the other hand, might concentrate the minds of some of the more reckless data controllers. But that's my view - not the stated views of any of the MoJ mandarins, as far as I have been able to glean from the two MoJ documents I've referred to in this blog.
I was interested to understand whether the MoJ felt that larger companies would feel more motivated to improve their data protection standards if larger fines were likely. After all, the Financial Services Authority is able (and willing) to fine banks and other financial institutions millions of pounds for inadequate security controls, yet it appears that the ICO is not to be allowed to aware similar fines when data controllers allow other breaches to occur. It's not at all clear why the protection of someone's financial information is apparently more important than the protection of their “sensitive” personal information about matters such as their health, sexuality, religious views, political persuasions or criminal background.
And I’m still none the wiser.
So, what messages should the reader be picking up from the MoJ, as it strives to find a slogan that most adequately sets out its aspirations? Having recently re-read (bits of) Jonathan Swift’s “Gulliver’s Travels”, I think it’s fair to assume that, as power is steadily devolved from Westminster to the “People’s Republic of Wilmslow”, visitors to that new land should expect to be greeted by natives who are as friendly as those who lived in Lilliput, rather than as fearsome as the gigantic beasts that Gulliver encountered during his later voyage to Brobdingnag.
That was the first thought that came into my head when I read the “consultation document” the MoJ has recently rushed out on setting the maximum penalty the Commissioner will be able to impose for serious breaches of data protection principles.
To be brutally honest though, it’s not really a proper consultation document. Those awfully clever mandarins at the MoJ have managed to publish something which has 22 pages. But, it really is a dead cert to win the annual “Don’t tell him, Pike” award (sponsored by the BBC's "Dad's Army programme) for the crassest attempt to provide as little evidence as possible from which consultees can base their views.
What would an uneducated reader learn from the consultation document itself? Hardly anything. The proposal is set out (on page 8) in 123 words. The background to the issue is sketched out in 198 words, while the “evidence” on which views are sought is covered (on pages 8 and 9) in just 190 words. And that’s it. There’s nothing else to read, really. Blink and you’ve missed it.
The real evidence – and the really interesting stuff, is tucked away elsewhere, about which there is just one single reference in the entire consultation document, This is the "Impact Assessment", which is 33 pages in length and contains some very interesting assumptions about just how the Information Commissioner’s Office would really use the powers it was given.
In a nutshell, the MoJ mandarins have worked out what the Information Commissioner might do if he were able to award maximum fines of £50,000, £500,000 or £2.5million per offence. If the maximum fine were to be just £50,000, then 12 data controllers would be in for the chop each year. If the maximum fine were to be raised to £500,000, then just 8 data controllers would be up before the beak. But, if the maximum fine were to be a whopping 2.5 million, only 6 data controllers would need to stiffen themselves for a whacking every year. These assumptions appear on pages 4,6 and 8 of the analysis.
Somewhat confusingly, page 17 of the analysis reports that the ICO estimates that monetary penalties are imposed approximately 25 times each year for serious contraventions. I can only explain the difference in these statistics by assuming that this larger figure refers to court fines, rather than the new penalties that are being discussed in this consultation document.
The bean counters have also done their sums in anticipation of the income that would be generated from those caught in the firing line. Should the maximum penalty be £50,000, the working presumption is that each of the 12 will be fined £25,000 (raising some £300,000). If the maximum fine were to be £500,000, the 8 unfortunates will be fined £100,000 (raising £800,000). Finally, if the maximum fine were to be £2.5 million, the 6 miscreants will be fined £1 million (raising £6 million).
In 2009 there were about 319,000 data controllers registered on the public register of data controllers. So if they all behave alike, they can’t each expect to get caught that often. If the maximum fine were to be set at £500,000 then they might expect their own £100,000 fine to be levied once every 39,875 years. So if I were a data controller’s accountant, I would suggest that they set aside £2.50 each year for the “ICO statutory fine” pot.
And what would the benefits be to society? It’s been assessed that if the maximum fine were £50,000 or £500,000, then controllers would take additional precautions that would result in 4 serious data breaches being prevented every year. And if the maximum fine were to be increased to £2.5 million, then the additional controls might ensure that 6 serious data breaches would be prevented every year. These really are the assumptions that appear on pages 4,5 and 7 of the analysis.
That does not appear (to me) to be much of a deterrent. Nor, is it assessed (by me), will it have much of an impact.
Custodial sentences, on the other hand, might concentrate the minds of some of the more reckless data controllers. But that's my view - not the stated views of any of the MoJ mandarins, as far as I have been able to glean from the two MoJ documents I've referred to in this blog.
I was interested to understand whether the MoJ felt that larger companies would feel more motivated to improve their data protection standards if larger fines were likely. After all, the Financial Services Authority is able (and willing) to fine banks and other financial institutions millions of pounds for inadequate security controls, yet it appears that the ICO is not to be allowed to aware similar fines when data controllers allow other breaches to occur. It's not at all clear why the protection of someone's financial information is apparently more important than the protection of their “sensitive” personal information about matters such as their health, sexuality, religious views, political persuasions or criminal background.
And I’m still none the wiser.
So, what messages should the reader be picking up from the MoJ, as it strives to find a slogan that most adequately sets out its aspirations? Having recently re-read (bits of) Jonathan Swift’s “Gulliver’s Travels”, I think it’s fair to assume that, as power is steadily devolved from Westminster to the “People’s Republic of Wilmslow”, visitors to that new land should expect to be greeted by natives who are as friendly as those who lived in Lilliput, rather than as fearsome as the gigantic beasts that Gulliver encountered during his later voyage to Brobdingnag.
Friday, 13 November 2009
Behavioural Blogging: My 12 simple rules of internet etiquette
Am I writing this blog simply to promote me as the sage of all data protection wisdom? Or to stimulate debate on issues I get passionate about? A bit of both, really. So, I thought, before I go off the rails and get ignored by just about everyone I know (or knew), I had better create a dozen simple rules to follow as I blog. Feel free to let me know when I overstep these marks.
1 Tell the truth.
2 Write short blogs.
3 Publish them regularly.
4 Focus on a single issue for each blog.
5 Respect everything supplied in confidence.
6 Stick to what I know (or what I think I know).
7 Use plain language, not technical gobbledegook.
8 Make serious, as well as trivial, points in each blog.
9 Develop my own ideas, in my own time, using my own equipment.
10 Change the text when I write something that causes unnecessary offence or embarrassment.
11 Credit everyone I plagiarise.
12 Try to look on the brighter side of life. (I think I sense a song coming on...)
1 Tell the truth.
2 Write short blogs.
3 Publish them regularly.
4 Focus on a single issue for each blog.
5 Respect everything supplied in confidence.
6 Stick to what I know (or what I think I know).
7 Use plain language, not technical gobbledegook.
8 Make serious, as well as trivial, points in each blog.
9 Develop my own ideas, in my own time, using my own equipment.
10 Change the text when I write something that causes unnecessary offence or embarrassment.
11 Credit everyone I plagiarise.
12 Try to look on the brighter side of life. (I think I sense a song coming on...)
Defending the Realm
On Wednesday, in London, I paid my respects to those who had sacrificed their lives defending the realm, by visiting the Cenotaph in Whitehall and reflecting on the wreaths that had recently been laid there by those who are so much braver than me.
Also on Wednesday, my work colleagues gathered around me to sing “Happy Birthday”, and I was presented with the book token I had been hoping to get which enabled me to pop out and exchange it for a copy of the first edition of “The Defence of the Realm: the authorized history of MI5” by Christopher Andrew. Covering 100 years (and 1,000 pages), it’s an account that I can’t wait to delve into. And to complete my birthday celebrations, yesterday Jonathan Evans, the Director General of MI5, very kindly signed it for me!
This morning, I woke to hear Evan Davies questioning the Prime Minister on Radio 4 on the Government’s strategy in Afghanistan, where lives continue to be lost as our servicemen seek to further protect our country.
These events have helped reinforce the point that some of what I do (at work) really matters. I remain absolutely convinced that communications records should be available to those who are on the front line, and to those whose role it is to support those who are on the front line, in the fight against terrorism and in defence of national security.
But this does not automatically mean that communications records should also be available to those who just want to see whether I’ve been voting each week for my favourite X Factor contestant. My preferences as to whether I want Stacey Soloman, the Jedward twins or Olly Murs to win really ought to be just a private matter between me and Simon Cowell.
For the record, however, I recon it’s a shoo-in for Olly.
Despite raising it in a somewhat flippant manner in this blog, I do appreciate it is actually an extremely serious question, and one which I’ll reflect and report back on later.
Also on Wednesday, my work colleagues gathered around me to sing “Happy Birthday”, and I was presented with the book token I had been hoping to get which enabled me to pop out and exchange it for a copy of the first edition of “The Defence of the Realm: the authorized history of MI5” by Christopher Andrew. Covering 100 years (and 1,000 pages), it’s an account that I can’t wait to delve into. And to complete my birthday celebrations, yesterday Jonathan Evans, the Director General of MI5, very kindly signed it for me!
This morning, I woke to hear Evan Davies questioning the Prime Minister on Radio 4 on the Government’s strategy in Afghanistan, where lives continue to be lost as our servicemen seek to further protect our country.
These events have helped reinforce the point that some of what I do (at work) really matters. I remain absolutely convinced that communications records should be available to those who are on the front line, and to those whose role it is to support those who are on the front line, in the fight against terrorism and in defence of national security.
But this does not automatically mean that communications records should also be available to those who just want to see whether I’ve been voting each week for my favourite X Factor contestant. My preferences as to whether I want Stacey Soloman, the Jedward twins or Olly Murs to win really ought to be just a private matter between me and Simon Cowell.
For the record, however, I recon it’s a shoo-in for Olly.
Despite raising it in a somewhat flippant manner in this blog, I do appreciate it is actually an extremely serious question, and one which I’ll reflect and report back on later.
Wednesday, 11 November 2009
Whither the Interception Modernisation Programme?
For the past couple of days, journalists have been trying to decipher the signals that have emerged from the Home Office about the fate of its proposals to “protect the public in a changing communications environment”.
Earlier on in the year the story appeared to be that some outfit called the “Interception Modernisation Programme” had been created to devise ever more ingenious ways of requiring the retention of records relating to phone, text, email and internet communications. This was to ensure that the law enforcement community could continue their vital role in preventing and detecting crime. In April, when the Home Office’s much awaited consultation paper was published, the big story was that whatever was going to happen, it would not include a gigantic central database, where all these records would be carefully stored. “The Register” was the runnaway winner in the “name-that-database” competition: “Wacky Jacquie’s Uberdatabase” was born” – in honour of the then Home Secretary Jacquie Smith.
The trouble was that the consultation paper didn’t give much else away as to any options that remained on the table. Comments were invited on any ideas as to what to do in place of the central database. Where was “Plan B”?
A couple of days ago, the Home Office published its summary of responses to the consultation paper – amid so much confusion that some commentators reported that all of the proposals had been shelved, while others warned that the plans were merely to be delayed. Shami Chakrabarti of “Liberty” called for “A bold alliance of phone companies who fear losing public trust and concerned citizens to come together in opposition to these plans”. (London Metro, 10 November)
The last person to lead the alliance against "Wacky Jacquie’s Uberdatabase" was Richard Thomas, the then Information Commissioner. Richard has done more to raise awareness about the significance of protecting personal information, and at the same time to focus public attention on the need to publish information our public officials would like hidden away, than all of his predecessors put together. Funnily enough, and despite victories that parliamentarians will rue for decades, he wasn't knighted when his term of office ended. Surely some mistake?
So what’s the truth about the IMP? And how should I know? Have those awfully clever members of the Interception Modernisation Programme really been told to pack up their pencils and head back to their other jobs? In the words of the disciples who implored their brave leader in the musical (and film) Jesus Christ Superstar, “What’s the buzz – tell me what’s a happening....”
Well, as Gerry Adams once said of the Provisional IRA, "They've not gone away you know."
And how do I know? Yesterday, I accompanied a well dressed (and frightfully well mannered) bunch of telecoms oiks to a Central London location to learn from the authors of the consultation document just what they thought the Government meant when it published its summary of responses. These Home Office officials were (almost certainly) the same bunch that wrote the original consultation document, so I’m confident they know what they are talking about.
The telecoms oiks who accompanied me to this meeting comprise what can only be described as a very junior telecoms equivalent to the Advisory Council on the Misuse of Drugs. They are a bunch of experts from various providers, all of whom give freely of their time to give honest advice on what is technically feasible on their networks. They are all trusted individuals who are sworn to secrecy. But,they have in the past found it really hard to remember what the IMP has told them in confidence, and therefore must not be shared with anyone who doesn’t know the golden password, and what the IMP has told everyone else in public, and therefore can be discussed in polite company.
Unlike some members of the Advisory Council on the Misuse of Drugs, these telecoms oiks continue to attend meetings convened by the IMP even if they appear to disagree with Government policy. A few have left the group over the years – but that’s because they’ve been made redundant from their respective companies. I’m certain that such redundancies have had nothing to do with their differences of views on the issues the IMP has ever wanted to discuss.
I won’t give away the location of the last meeting in case that’s protected by the golden password. Suffice to say, it’s in Westminster. You have to enter a building up one small flight of stairs, and nod to a doorkeeper to your left, whispering “IMP” just loud enough for him to hear. You then get pointed to an unmarked door under the stairs, which you enter, turn sharp right and are faced with a locked door which has a window. If the next doorkeeper likes the look of you, you are let in and relieved of your electronic equipment. Your credentials are checked, then you are issued with a coloured pass, and you then wait for a grown up with a differently coloured pass to carefully escort you out the door you had just entered, across the corridor, through another locked door and down the special staircase to the special conference rooms below. You are then warmly greeted by people who you’ve met before (and on lots of occasions) but who seem to have arrived at these special conference rooms via another route. To get out, you need to leave a few minutes earlier than you would do in any other type of office building. But that’s another story.
So, what’s the buzz?
The view from the “Provisional” wing of the IMP is that “Doing nothing in the face of challenges from rapidly changing technology was not an option”. (See page 23 of the Summary of Responses)
The view from the “Real” wing of the IMP is that “The Government will continue to develop the approach it proposed in the consultation document with a view to bringing forward the necessary legislation”. And, “The Government will also continue to work closely with communications service providers to ensure that any additional requirements will be feasible and reasonable, and to minimise, as far as possible, any impact on the industry”. (See page 16 of the Summary of Responses)
So, its clear. Something will be done. Dunno what, though.
And nor do they.
Watch this space.
So let’s see who joins Shami and her colleagues in forming “A bold alliance of phone companies who fear losing public trust and concerned citizens to come together in opposition to these plans”.
And in our spare time, please we can all search for Richard's lost knighthood.
Earlier on in the year the story appeared to be that some outfit called the “Interception Modernisation Programme” had been created to devise ever more ingenious ways of requiring the retention of records relating to phone, text, email and internet communications. This was to ensure that the law enforcement community could continue their vital role in preventing and detecting crime. In April, when the Home Office’s much awaited consultation paper was published, the big story was that whatever was going to happen, it would not include a gigantic central database, where all these records would be carefully stored. “The Register” was the runnaway winner in the “name-that-database” competition: “Wacky Jacquie’s Uberdatabase” was born” – in honour of the then Home Secretary Jacquie Smith.
The trouble was that the consultation paper didn’t give much else away as to any options that remained on the table. Comments were invited on any ideas as to what to do in place of the central database. Where was “Plan B”?
A couple of days ago, the Home Office published its summary of responses to the consultation paper – amid so much confusion that some commentators reported that all of the proposals had been shelved, while others warned that the plans were merely to be delayed. Shami Chakrabarti of “Liberty” called for “A bold alliance of phone companies who fear losing public trust and concerned citizens to come together in opposition to these plans”. (London Metro, 10 November)
The last person to lead the alliance against "Wacky Jacquie’s Uberdatabase" was Richard Thomas, the then Information Commissioner. Richard has done more to raise awareness about the significance of protecting personal information, and at the same time to focus public attention on the need to publish information our public officials would like hidden away, than all of his predecessors put together. Funnily enough, and despite victories that parliamentarians will rue for decades, he wasn't knighted when his term of office ended. Surely some mistake?
So what’s the truth about the IMP? And how should I know? Have those awfully clever members of the Interception Modernisation Programme really been told to pack up their pencils and head back to their other jobs? In the words of the disciples who implored their brave leader in the musical (and film) Jesus Christ Superstar, “What’s the buzz – tell me what’s a happening....”
Well, as Gerry Adams once said of the Provisional IRA, "They've not gone away you know."
And how do I know? Yesterday, I accompanied a well dressed (and frightfully well mannered) bunch of telecoms oiks to a Central London location to learn from the authors of the consultation document just what they thought the Government meant when it published its summary of responses. These Home Office officials were (almost certainly) the same bunch that wrote the original consultation document, so I’m confident they know what they are talking about.
The telecoms oiks who accompanied me to this meeting comprise what can only be described as a very junior telecoms equivalent to the Advisory Council on the Misuse of Drugs. They are a bunch of experts from various providers, all of whom give freely of their time to give honest advice on what is technically feasible on their networks. They are all trusted individuals who are sworn to secrecy. But,they have in the past found it really hard to remember what the IMP has told them in confidence, and therefore must not be shared with anyone who doesn’t know the golden password, and what the IMP has told everyone else in public, and therefore can be discussed in polite company.
Unlike some members of the Advisory Council on the Misuse of Drugs, these telecoms oiks continue to attend meetings convened by the IMP even if they appear to disagree with Government policy. A few have left the group over the years – but that’s because they’ve been made redundant from their respective companies. I’m certain that such redundancies have had nothing to do with their differences of views on the issues the IMP has ever wanted to discuss.
I won’t give away the location of the last meeting in case that’s protected by the golden password. Suffice to say, it’s in Westminster. You have to enter a building up one small flight of stairs, and nod to a doorkeeper to your left, whispering “IMP” just loud enough for him to hear. You then get pointed to an unmarked door under the stairs, which you enter, turn sharp right and are faced with a locked door which has a window. If the next doorkeeper likes the look of you, you are let in and relieved of your electronic equipment. Your credentials are checked, then you are issued with a coloured pass, and you then wait for a grown up with a differently coloured pass to carefully escort you out the door you had just entered, across the corridor, through another locked door and down the special staircase to the special conference rooms below. You are then warmly greeted by people who you’ve met before (and on lots of occasions) but who seem to have arrived at these special conference rooms via another route. To get out, you need to leave a few minutes earlier than you would do in any other type of office building. But that’s another story.
So, what’s the buzz?
The view from the “Provisional” wing of the IMP is that “Doing nothing in the face of challenges from rapidly changing technology was not an option”. (See page 23 of the Summary of Responses)
The view from the “Real” wing of the IMP is that “The Government will continue to develop the approach it proposed in the consultation document with a view to bringing forward the necessary legislation”. And, “The Government will also continue to work closely with communications service providers to ensure that any additional requirements will be feasible and reasonable, and to minimise, as far as possible, any impact on the industry”. (See page 16 of the Summary of Responses)
So, its clear. Something will be done. Dunno what, though.
And nor do they.
Watch this space.
So let’s see who joins Shami and her colleagues in forming “A bold alliance of phone companies who fear losing public trust and concerned citizens to come together in opposition to these plans”.
And in our spare time, please we can all search for Richard's lost knighthood.
Subscribe to:
Posts (Atom)
Posts
