Friday, 30 April 2010

Tough on crime ...


I’ve been invited to a meeting with representatives from the law enforcement community next week.

The venue is the Birch Room in a building in Great George Street.

Like the “Papal Visit Preparers” at the Foreign & Commonwealth Office, these guys obviously have a great sense of humour.

I just hope the Hang Room and the Flog Room aren’t on the same floor.

Saturday, 24 April 2010

Our leaders debate ... (?)


Two great debates over, and just one to go. This is the first time that the party leaders have ever agreed to get together during a general election and debate the great issues of the day on live television.

And what have they said about the great data protection issues of the day during these three hours?

...

Oh well, perhaps they might mention something during their final debate.

I’m not betting the house on it, though.

Saturday, 17 April 2010

Liberal Democrat Party manifesto 2010: What inspiration for the data protectors?


I’ve tried to find commitments in the Liberal Democratic Party’s manifesto to supporting the work of the Information Commissioner’s Office. It’s 112 pages long, so I may have missed some, although it does contain some quite detailed commitments. In a nutshell, there is a degree of respect between those who have issued the manifesto, as pictured in the image on the left, and those who regulate from the People’s Republic of Wilmslow.

Let’s have a quick look at anything that appears in the document that could be of interest to a data protection/surveillance geek.

On cutting crime with more and better police:

We will focus on what works to cut crime ... more police are needed on the streets – to provide a longer arm for the law. And we need to help the police to be more effective at catching criminals, spend less time on bureaucracy and more time preventing crime, reassuring the public and helping keep everyone safe. Liberal Democrats will:
• Pay for 3,000 more police on the beat, affordable because we are cutting other spending, such as scrapping pointless ID cards.
• Reduce time-wasting bureaucracy at police stations with better technology that can be deployed on the streets.
• Turn the National Policing Improvement Agency into a National Crime Reduction Agency with a wider remit to test what policing techniques and sentences work and spread best practice across police services and the criminal justice system.


On practical steps to make you safer:

We will do all we can to prevent crime with practical measures that we know will make a difference and keep people safe. We will:
• Make hospitals share non-confidential information with the police so they know where gun and knife crime is happening and can target stop-and-search in gun and knife crime hot spots.
• Require better recording of hate crimes against disabled, homosexual and transgender people, which are frequently not centrally recorded.


On fair and local politics, protecting your freedom:

Britain’s hard-won civil liberties have been eaten away ... we will introduce a Freedom Bill to restore the civil liberties that are so precious to the British character.

• Introduce a written constitution. We would give people the power to determine this constitution in a citizens’ convention, subject to final approval in a referendum.
• Strengthen the Data Protection Act and the Office of the Information Commissioner, extending Freedom of Information legislation to private companies delivering monopoly public services such as Network Rail.


On restoring your freedoms:

Liberal Democrats believe it is an individual’s right to live their lives as they see fit, without discrimination, with personal privacy, and with equal rights before the law. Decades of Labour and Conservative rule have overthrown some of the basic principles of British justice and turned Britain into a surveillance state.

Liberal Democrats will protect and restore your freedoms. We will:
• Introduce a Freedom Bill. We will regulate CCTV, stop councils from spying on people, stop unfair extradition to the US, defend trial by jury, and stop children being fingerprinted at school without their parents’ permission.
• Restore the right to protest by reforming the Public Order Act to safeguard non-violent protest even if it offends; and restrict the scope of injunctions issued by vested interests.
• Protect free speech, investigative journalism and academic peer reviewed publishing through reform of the English and Welsh libel laws – including by requiring corporations to show damage and prove malice or recklessness, and by providing a robust responsible journalism defence.
• Scrap intrusive Identity Cards and have more police instead, and also scrap plans for expensive, unnecessary new passports with additional biometric data.
• Halt the increase in unnecessary new offences with the creation of a ‘stop unit’ in the Cabinet Office. Every department in Whitehall would have to convince this unit of the need for a new offence.
• End plans to store your email and internet records without good cause.
• Remove innocent people from the police DNA database and stop storing DNA from innocent people and children in the future, too.
• Ensure that everyone has the same protections under the law by protecting the Human Rights Act.
• Scrap the intrusive ContactPoint database which is intended to hold the details of every child in England.

We believe that the best way to combat terrorism is to prosecute terrorists, not give away hard-won British freedoms. That is why we will:
• Reach out to the communities most at risk of radicalisation to improve the relationships between them and the police and increase the flow of intelligence.
• Scrap control orders, which can use secret evidence to place people under house arrest.
• Reduce the maximum period of pre-charge detention to 14 days.
• Make it easier to prosecute and convict terrorists by allowing intercept evidence in court and by making greater use of postcharge questioning.


There’s quite a bit of meat here – more meat than in the manifestos of either the Labour or the Conservative Party.

But let’s see how these commitments are managed in future. It’s not what you say, it’s what you do that counts.

Those that want to will, I’m sure, point their browser in the direction of http://www.libdems.org.uk/our_manifesto.aspx

Conservative Party manifesto 2010: What inspiration for the data protectors?


I’ve tried to find commitments in the Conservative Party’s manifesto to supporting the work of the Information Commissioner’s Office. It’s 120 pages long, so I may have missed some. In a nutshell, I detect a degree of respect between those who have issued the invitation, as pictured in the image on the left, to join the Government of Britain, and those who regulate from the People’s Republic of Wilmslow.

Anyways, let’s have a quick look at anything that appears in the document that could be of interest to a data protection/surveillance geek.

On national security:

Labour have failed to tackle the extremism which drives terrorism. The terrorist threat remains serious in scale and duration, and continues to be both home grown and international in scope. To restore trust and improve the working of Government we will:
• Introduce a National Security Council to bring together the work of different Government Departments;
• Review and consolidate the reams of counter-terrorism and security laws introduced by Labour;
• Conduct a review of the Government's Preventing Violent Extremism Strategy, which is supposed to stop vulnerable people from becoming terrorists but which has been accused of spying on innocent Muslims.


On Crime:

There are a million violent crimes a year; a hundred serious knife crimes every day. Yet police officers spend more time on paperwork than they do out on patrol. We can't go on with the police filling in forms instead of fighting crime.

On civil liberties:

To protect and strengthen our civil liberties, we will:
• Replace the Human Rights Act with a UK Bill of Rights;
• Roll back Labour's surveillance state, curtail powers of entry for state officials, and introduce new protections over the use of personal data;
• Scrap ID cards immediately;
• Reform Labour’s DNA system with the slimmer and more efficient Scottish system as our model;
• Change the rules on the DNA database to allow a large number of innocent people to reclaim their DNA immediately.


The policies are described in greater detail in the document:

Restore our civil liberties

We will scale back Labour’s database state and protect the privacy of the public’s information. We will introduce a balanced approach to the retention of people’s DNA and reform the criminal records system so it protects children without destroying trust. Labour have subjected Britain’s historic freedoms to unprecedented attack. They have trampled on liberties and, in their place, compiled huge databases to track the activities of millions of perfectly innocent people, giving public bodies extraordinary powers to intervene in the way we live our lives. The impact of this has been profound and far reaching. Trust has been replaced by suspicion.

The database state is a poor substitute for the human judgement essential to the delivery of public services. Worse than that, it gives people false comfort that an infallible central state is looking after their best interests. But the many scandals of lost data, leaked documents and database failures have put millions at risk. It is time for a new approach to protecting our liberty.


Protect our freedoms

Labour’s approach to our personal privacy is the worst of all worlds – intrusive, ineffective and enormously expensive. We will scrap ID cards, the National Identity Register and the Contactpoint database. To protect our freedoms from state encroachment and encourage greater social responsibility, we will replace the Human Rights Act with a UK Bill of Rights. We will review and reform libel laws to protect freedom of speech, reduce costs and discourage libel tourism.

Wherever possible, we believe that personal data should be controlled by individual citizens themselves. We will strengthen the powers of the Information Commissioner to penalise any public body found guilty of mismanaging data. We will take further steps to protect people from unwarranted intrusion by the state, including: cutting back intrusive powers
• of entry into homes, which have been massively extended under Labour;
• curtailing the surveillance powers that allow some councils to use anti-terrorism laws to spy on people making trivial mistakes or minor breaches of the rules;
• requiring Privacy Impact Assessments of any proposal that involves data collection or sharing; and,
• ensuring proper Parliamentary scrutiny of any new powers of data-sharing.

The indefinite retention of innocent people’s DNA is unacceptable, yet DNA data provides a useful tool for solving crimes. We will legislate to make sure that our DNA database is used primarily to store information about those who are guilty of committing crimes rather than those who are innocent. We will collect the DNA of all existing prisoners, those under state supervision who have been convicted of an offence, and anyone convicted of a serious recordable offence. We pushed the Government to end the permanent retention of innocent people’s DNA , and we will change the guidance to give people on the database who have been wrongly accused of a minor crime an automatic right to have their DNA withdrawn. We believe that people working in positions of trust with children should go through a proper criminal record check. But Labour’s new system goes too far. So we will review the criminal records and ‘vetting and barring’ regime and scale it back to common sense levels.



Defend our security

We will establish a National Security Council to co-ordinate responses to the dangers we face, which will be chaired by the Prime Minister. In addition, we will:
• create a National Security Adviser and a new National Resilience Team for Homeland Security;
• develop a National Security Strategy and oversee a Strategic Defence and Security Review that implements that strategy; and,
• establish a new Permanent Military Command for Homeland Defence and Security to provide a more structured military contribution to homeland security.

Terrorism remains a major threat to our country and some of the biggest threats to our security do not come from abroad – they are home grown. A Conservative government will ban any organisations which advocate hate or the violent overthrow of our society, such as Hizb-ut-Tahrir, and close down organisations which attempt to fund terrorism from the UK. In Northern Ireland, we will continue to give our fullest support to the police and other agencies in their efforts to combat the threat from dissident republican and other terrorist organisations.


More details are available at http://www.conservatives.com/Policy/Manifesto.aspx

So, there's quite a bit here. Lets see what happens next ...

Labour Party manifesto 2010: What inspiration for the data protectors?


I’ve tried to find commitments in the Labour Party’s manifesto to supporting the work of the Information Commissioner’s Office. Actually, I can’t find many. Perhaps they are just getting their own back for being damaged by the great Parliamentary expenses scandal of recent years. After all, if Richard Thomas hadn’t tried so hard when he was the Information Commissioner, many of us would still be unaware of just what parliamentarians have been spending public money on. Now the cat’s well and truly out of the bag, there can’t be much love lost between those who seek to govern the promised land, as pictured in the image on the left, and those who regulate from the People’s Republic of Wilmslow.

Anyways, let’s have a quick look at anything that appears in the document that could be of interest to a data protection/surveillance geek.

On using technology to cut crime:
We will continue to make full use of CCTV and DNA technology: new weapons deployed to strengthen our fight against crime. We are proud of our record on civil liberties and have taken the DNA profiles of children off the database and tightened the rules around the use of surveillance – but we are also determined to keep our streets safe.

CCTV reduces the fear of crime and anti-social behaviour. We have funded cameras in nearly 700 areas, and brought in a new power for people to petition their local authority for more CCTV.

Advances in DNA technology have been critical in solving serious crimes – last year alone there were 832 positive matches to the DNA database in cases of rape, murder and manslaughter. Labour will ensure that the most serious offenders are added to the database no matter where or when they were convicted – and retain for six years the DNA profiles of those arrested but not convicted.

The new biometric ID scheme which already covers foreign nationals will be offered to an increasing number of British citizens, but will not be compulsory for them. It will help fight the growing threat of identity theft and fraud, as well as crime, illegal immigration and terrorism. In the next Parliament ID cards and the ID scheme will be self-financing. The price of the passport and ID cards together with savings from reduced fraud across the public services will fully cover the costs of the scheme.


On Terrorism and organised crime:

Our counter-terrorism approach is one of the most sophisticated in the world, and investment has trebled since 2001, with thousands more counterterrorist police and a doubling of security service numbers. We will continue to give the police the tools they need to fight terrorism while giving Parliament and the courts oversight to ensure these powers are not overused. We will develop our Prevent strategy to combat extremism.

We will continue to make Britain a hostile place for organised criminals, harassing them with asset seizures, tax investigations and other powers; strengthening the Serious Organised Crime Agency and encouraging police forces to cooperate across force boundaries and international borders; and responding quickly to new threats including cybercrime.


And that’s it. Nothing about strengthening the powers of the ICO, or the databases that have caused some media interest recently.

If anyone can find anything else, please let me know. Their full manifesto can be found at http://www2.labour.org.uk/manifestosplash?gclid=CLPLiKbMjaECFVBc4wodwTNINw

BigBrotherWatch: their manifesto for the next Parliament


It’s general election time, so its a great opportunity for like minded folk to set out their stall and explain to the general electorate just what it is that they will be doing, or campaigning for, in the coming years.

So full marks for the siblings at BigBrotherWatch, who have just launched their manifesto, full of bright ideas lovingly borrowed from their chums at No2ID and Privacy International.

I know they’re not actually standing in any of the seats. But who said you had to contest an election before you were entitled to make your views known?

And full marks for developing a document that’s also a really easy read. When you print it off, the printer just spurts out 2 pages. No need for the reams of paper wasted when trying printing off the alternative versions from the major parties.

So what do we have here?

The campaigning work is set out into three main areas, and in each area the siblings explain what they would like to achieve within 3 months, what should be achieved in the first year, and what could be achieved within 5 years.

And, very cleverly, they restrict their activities to 3 areas, those which relate to privacy, liberty and surveillance.

Let’s look at some examples:

In the area of privacy, within 3 months

• ContactPoint, the database of British children, will be scrapped,
• Any official forcing entry to a home must have a warrant
• The intercept modernisation programme, intended to monitor and log our internet and phone use, will end [Woops! they must have missed my blog of 23 January, which drew attention to its new name. Arguably, the IMP has already ended!]

Within the first year

• End use of Detailed and Summary Care Records (the“spine”),
• Have a significant reduction in the number of people entitled to enter private property and powers which allow council officials to enter the home
• End the roll-out of full-body scanners at UK airports, and allow alternative forms of search for those who choose it

Within 5 years

• Introduce far greater control over confidential medical records, limiting number of non-medical personnel with access
• Ensure EU police databases are secure [This is a really good idea - only yesterday "The Register" reported that it had mistakenly been sent an unencrypted file containing the full names and dates of birth of 10,006 people in jobs or applying for jobs where a Criminal Records Bureau disclosure is required. It detailed the results of the checks going back to 2001 and identified 863 people as having been in trouble with police. In many cases it recorded their occupations, including dozens of taxi drivers, school and hospital workers. Someone from Gwent Police probably needs a new pair of trousers.]


In the area of liberty, within 3 months

• Scrap the National Identity Register and the ID card scheme
• Set a timetable for the removal of innocent people from the National DNA database
• Introduce no new large state databases and have greater checks on data sharing within government

With the first year

• Introduce procedures for the removal of the DNA profiles of innocent people
• Stop the transfer of police powers to private security firms and council wardens
• Strengthen the Freedom of Information Act

Within 5 years

• Devise a European Freedom of Information Act and Data Freedom Act, so we can know more about what the European Parliament is doing and know what the EU has on file about us


And finally, in the area of surveillance, within 3 months

• End the obligation on Internet Service Providers and Telephone Companies to retain information on subscribers and supply it to government
• A commitment to not introduce “pay-as-you-throw” legislation, opening the door for the activation of bin microchips
• Any Council use of RIPA to require a Councillor’s sign off

Within the first year

• End the use of RIPA except for imprisonable offences
• Oblige councils and regulators to tell innocent people that they were under surveillance

Within 5 years

• Bring far greater transparency to the ANPR system, the technology used to record the numberplates of vehicles in this country, which generates significant revenue for the state. [Today's "Daily Mail" reports that the number of cameras has increased from 1,935 in 2000 to about 6,000 today. In total, 16 million tickets have been issued since 1997, raising £913 million. Of course, this has helped road deaths fall to 2,943 in 2007, the lowest since records began in 1926, but it still seems like a lot of money. The Daily Mail report co-incidentally includes a quote from Jennifer Dunn, policy analyst at the TaxPayers' Alliance, whose founders helped create BBW.]


So there it is. I’m not going to place any money on a televised debate between Matthew Elliot, BBW’s Chief Executive and the other party leaders during this general election, but it’s going to be useful to see which of the other parties who manage to form the next Government associates themselves with any of these policies. The siblings have set out their stall, now we can wait and see what gets implemented during the course of the next Parliament.

For those that wish to, here’s the link to take a closer squint at the manifesto: http://www.bigbrotherwatch.org.uk/manifesto.pdf

Wednesday, 14 April 2010

Another one for the naughty step?


A little while ago I was blogging about various public authorities who had found ways of circumventing the mighty RIPA (Regulation of Investigatory Powers) regime when they wanted communications data from internet and communication service providers.

On 27th March I blogged that the FSA and Ofcom had joined the DWP on the naughty step by seeking to use non-RIPA powers.

I may have found another public authority that finds RIPA inconvenient too, so I’m really glad that I’ve come across this image of a brickwork staircase in construction, as I don’t think that my naughty step is going to be big enough in future to hold everyone who doesn’t want to use RIPA. Paul Sevenoaks and Julian King’s creation has been featured in Channel 4’s “Grand Designs” TV series. I wonder if they might be able to design something similar for me.

I particularly like the cupboard they are building under the stairs – I could easily find a use for that once it’s been bricked in too ...

Anyway, back to the story. Who might I need to name and shame this time? Is it time for the Office of Fair Trading to step forward? Or am I only dreaming?

The anoraks among us will remember that last April, the Home Office issued its consultation paper on the additional authorities it thought had a case for seeking communications data, and naturally it considered that the OFT should be among those authorities. As it explained in its consultation paper, teasingly entitled “Regulation of Investigatory Powers Act 2000: Consolidating Orders and Codes of Practice”, it wanted Parliament to approve a single statutory instrument which set out all of the additional authorities in one document. And in February of this year, Parliament duly obliged. What did the consultation document say about the OFT? Oh yes: “The UK’s consumer and competition authority uses RIPA to investigate
• breaches of competition law and fraudulent and aggressive practices under the Competition Act 1998 and the Enterprise Act 2002, including conducting both civil and criminal investigations into cartels (regarded as amongst the most serious forms of anti-competitive behaviour, causing serious detriment to consumers and legitimate businesses cartels); and
• consumer crime (rogue traders and scams to con recipients with false or misleading claims). UK consumers lose up to £3.5b a year to rogue traders and consumer scams, including bogus lotteries and deceptive premium-rate prize promotions."


And, it was proposed that “Any member of the Senior Civil Service with responsibility for cartels or criminal enforcement would be entitled to demand any information other than traffic information for the purposes of preventing or detecting crime or disorder, or for the economic wellbeing of the UK.”

Don’t see a problem with that.

But what would surprise me is if some oik from the OFT were to decide that, all of a sudden, they wanted to look into the trading practices of a number of websites whose practices may infringe UK consumer protection legislation, and rely on powers conferred under the Regulation 21(1)(b) of the Consumer Protection from Unfair Trading Regulations 2008, and Sections 224 and 226 of the Enterprise Act 2002 to require a communications service provider to make relevant documents available.

“What’s wrong with RIPA?” I hear you cry.

“What’s wrong with RIPA?” I suspect the Home Office (and Sir Paul Kennedy, the Interception of Communications Commissioner) may cry.

“What’s all the fuss, just give us the information!” I suspect the oik from the OFT may reply.

But then again I doubt that the OFT would ever allow a situation like this happen. Once it reminds itself that it has RIPA powers, I’m sure it will decide to rely exclusively on them.

And, in that case, I won’t need to contact Paul Sevenoaks and Julian King to commission a naughty staircase to replace the naughty step that the miscreant additional authorities are presently standing on.

Sunday, 11 April 2010

“As we all know you’ve got cancer ...”


I had to check today’s date after reading the report in the Sunday Times. Apparently, the Labour Party has been sending cancer patients mailshots saying that their lives may be at risk under a Conservative government. Surely this can only be an April Fools Day story. Does anyone seriously expect me to believe that the Labour Party has been processing what we data wonks term “sensitive personal data” for unlawful purposes? Surely, if this is true, someone needs to be locked up for thinking of such a horrific wheeze. Oh, of course, the Ministry of Justice bottled out a couple of months ago and couldn’t bring itself to introduce custodial penalties for the most serious infringements of data protection law. I can see why they bottled out, now. (Just kidding!)

There has to be more to this story. There is a General Election after all, so you would expect a bit of rough and tumble between the parties (although, of course, no dirty tricks). So what else does the article, written by Chris Hastings, Maurice Chittenden and Nyta Mann say?

Well, Andrew Lansley, the Shadow Health Secretary, is quoted as saying: “It is shameful that the Labour Party, knowing that we are the only party that is going to increase investment in the NHS, have decided to deliberately scare patients and misrepresent what we have said.

“I’m actually rather shocked that they are trying to target breast cancer patients and alarm them by making up stories about what the Conservative Party would do.”

"I think Andy Burnham, the Health Secretary, should write to every woman Labour sent these cards to apologise and withdraw these claims.”

Cards addressed to sufferers by name warn that a Labour guarantee that patients will see a cancer specialist within two weeks would be scrapped by the Tories. Labour also claims that the Conservatives would end the right to be treated within 18 weeks.

Labour reacted furiously to the attack. Mr Burnham said: "It is categorically incorrect to imply that we targeted cancer sufferers and we regret if any offence or anxiety was given to people who have suffered cancer.

“But we make no apology for highlighting the difference between Labour and the Conservatives on cancer care. Under Labour, anyone suspected of having cancer will see a specialist within two weeks. Under the Conservatives you don't. The choice is simple."

Cancer patients who received the personalised cards, sent with a message from a breast cancer survivor praising her treatment under Labour, said they were disgusted and shocked, and feared that the party may have had access to confidential health data.

Labour sources deny that the party has used any confidential information. However, the sources admit that, in line with other political parties, it uses socio-demographic research that is commercially and publicly available.

The postal campaign started last month before the general election was called. This is the first election in which parties have been able to use internet databases and digital printing to personalise their mailshots.

Labour has sent out 250,000 “cancer” postcards, each addressed to an individual, asking: “Are the Tories a change you can afford?”

Many of those receiving the cards have undergone cancer scans or treatment within the past five years.

The cards are being distributed by Ravensworth, part of Tangent Communications, which has won accounts sending out mail for the Department of Health and Cancer Research UK.

Tangent claims that it specialises in “highly targeted marketing”.

The cancer cards are part of a wider postal campaign targeting various groups.

Others are aimed at parents whose children attend Sure Start centres, pensioners and the owners of small businesses.

Labour has so far sent out 600,000 cards. It plans to distribute 4.5 million during the election campaign.

Experian, the data management company, confirmed that both Labour and the Conservatives use its Mosaic database, which divides voters into 67 groups. The databases can use anonymised hospital statistics, including postcodes and the diagnoses of patients, to identify the likely addresses of those with particular illnesses.


So how many of the 600,000 recipients of the cards were sent it because the Labour Party actually knew they had cancer? Or were they simply targeted to votors living in areas that had a higher than average proportion of residents who had reported a history of cancer? I’m sure we’ll be told soon.

And if it appears more likely that the mailshot was simply sent to lots of people who were likely to have had cancer (because they lived in an area that had experienced an unusually high percentage of residents living with cancer) then I’ll have to think carefully about the credibility I give to anything else I read from the journalists Chris Hastings, Maurice Chittenden and Nyta Mann. After all, soon, Rupert Murdoch will be inviting me to subscribe to the timesonline so that I can read this stuff.

Would I really want to part with decent money to read more like this? Or should I stick to my horoscope subscriptions?

Watch this space.



[Today’s image is a close-up image of a cancer cell, caught in the act of dividing, which won an international photography prize in October 2005. It was taken by Dr Paul Andrews, from the University of Dundee, using a digital deconvolution microscope. The image shows a cancer cell dividing its chromosomes (shown in white) into two new cells.]

Saturday, 10 April 2010

More juicy bits from the apple


With brilliant timing, those friendly folks from Apple have come up with another cunning application – the iPhone OS 4.0, which will enable developers to provide folks with even more excuses to demand an iPhone next time their current device comes out of contract.

As well as finding a way to allow third-party apps to multi-task without slowing the device to a crawl or draining its battery life, the really smart move appears to be the unveiling of a new adventure into the advertising world, with a platform called iAds. This gizmo allows for adverts to run inside mobile apps, allowing users to view interactive video content without leaving the app. Just any old ads – nah – behavioral ads. And I’ve every confidence that the ads will be presented to the willing, rather than those who resent such intrusions into their private lives.

Presumably, Apple have found a great way of explaining to customers what “free apps” actually mean. I'm betting that their customers will be faced with a couple of choices when they visit the apps store. They can have the “apps with ads “ version for free, or the “apps with no ads – but you gotta pay” version for whatever the market will bear.

This could be the real test – let’s see just what actually happens when real people, rather than data protection wonks, get an opportunity to make a real choice about whether to tolerate behavioural advertising. And let’s see whether mayhem and chaos breaks out, or whether people accept that sharing their browsing habits with a bunch of servers can bring benefits – like the ability to use stuff that’s both fun and relevant - and free.

For the record, I don’t have an iPhone nor do I have shares in Apple. But if anyone at Apple’s Cupertino headquarters in California fancies sending one over to me so that I can play with it and – yes, oh yes, let me trade my personal browsing habits for some real cool apps, please get in touch.

I’m sure you know where I live.

[And can I pay tribute to Jos van Riswick, a remarkable Dutch painter living and working in Nijmegen, Holland, whose image I have copied and pasted today. Check him out at www.postcardfromholland.com]

Wednesday, 7 April 2010

MPs give their digits to the Digital Economy Bill


MPs were given an opportunity to show their interest in the Digital Economy Bill by attending today’s Parliamentary reading. And, according to The Telegraph, at its peak turnout, only 40 MPs, approximately five per cent of the total 646 members, showed up to listen to the debate which preceded the vote.

It’s not that often that a piece of legislation which has generated so much public comment gets so little Parliamentary attention. But don’t blame the parliamentarians. No, just blame the timing of the election. Nothing to do with the business managers of the House. Oh no.

Changes have certainly been made to the Bill today. But with a meat cleaver rather than a scalpel. There simply hasn’t been time to properly consider all of the clauses. There simply hasn’t been time even to read the document aloud from cover to cover today. After all it’s a big Bill. And there are more important matters to attend too. Didn’t you know there was an election on?

Does anyone really care? Probably not, as the debating chamber of the House of Commons has long since ceased to exist as a place where Parliamentarians listen to passionate debates and make their own minds up on the basis of the speeches they had just heard. With the obvious exception of the weekly Prime Minister’s Question Time, there are usually more people to be found in any of the Reading Rooms of the British Library than there are on the floor of the House.

In that case, perhaps the party leaders have done us all a favour. No need to wait to listen to a bunch of politicians pontificating before the inevitable vote is taken, resulting in a decision so many knew was going to be taken anyway. Why not do us all a larger favour next Parliament, say by ensuring that while Parliamentary debates could be held during the week, all Parliamentary votes were reserved for a special time, say between 3pm and 5pm every Wednesday. That way, the Parliamentary whips need ensure that their MPs needed to be rounded up just the once, and then those that wanted to, could “return to their constituency work” for the remainder of the week. I think that’s how the European Parliament works, and it doesn’t seem to have done much damage to that institution...

Parliament, thanks to the sterling efforts of Lord Mandleson, has legislated, and HM Queen will shortly be conferring her Royal Assent.

The real issue of course is not what is passed by Parliament, but whether any behavioural changes occur as a result of what was passed by Parliament.

So, will anyone be pay attention to the will of Parliament? What if the legislation, as written, really isn’t fit for purpose? What if it doesn’t deter those nasty illegal file sharers? What will happen next?

Time will tell.

Tuesday, 6 April 2010

Hanging by its fingertips


As I write this blog, the Digital Economy Bill is awaiting its fate in Parliament. Today , the Bill had its Second Reading in the House of Commons. This occurred shortly after HM Queen graciously consented to the dissolution of Parliament, which will occur next Monday. So here it is. After many months of behind the scenes lobbying, and 3 months of deliberation in the House of Lords, MPs will get just a few more Parliamentary hours to offer their considered views, before they create a legislative instrument that’s fit for purpose. How much of the Bill will actually make it all the way to the Statute Book before the General Election?

My interest in the Bill is in the bits that will set out how the government intends to give itself powers to deal with current – and new and unforeseen - methods of copyright infringement. Including, possibly, a right to block access to websites. And the investigator in me wonders just how the Government will create powers that may enable copyright owners to demand information about the identity of the subscriber of a particular device that had logged onto a particular website, particularly when there appears to be no corresponding obligation on the part of all relevant Internet Service Providers to retain details of the websites its subscribers accessed in the first place.

Lots of smoke and mirrors. But “something” must be done. And before Parliament is dissolved. So it needs to be done quickly. In what’s quaintly called the “wash-up” session. Not much in the way of public debate. Think of backroom deals, not democracy on display. Their Lordships didn’t appear to manage to come up with a workable and affordable solution while it was kicking around their chamber. Perhaps the MPs can be sufficiently ingenious to conjure up a workmanlike solution in the few Parliamentary days that remain.

But will whatever is done actually do the trick? Will it really reduce the amount of copyright infringement going on, or will it encourage the infringers simply to adopt slightly different tactics to avoid detection and continue to share whatever it is that they want to share anyway?

What does the Pirate Party think? I really ought to take a squint and report back.

Friday, 2 April 2010

When can young people consent?


Young people and the issue of consent. It’s an emotive subject, but not one we should ignore. Especially at Easter. Why Easter? Because it reminds me of a very important legal case which established that young people can exercise certain rights to consent, even when they don’t want their parents to know what they have consented to, or when they fear that their parents might have firmly disapproved. The case actually involved the issue of contraception. And, as Easter commemorates an event central to the teachings of the Roman Catholic Church, I thought it was apt.

It’s also a topical issue as public interest is increasing about the types of location based services that are currently available. One side of the fence wants anyone to be able to subscribe to these location based services. Lots of them look quite fun, and others are obviously very handy for certain things. But the other side of the fence wishes them to be “adult only” services, or at least placed behind age restriction bars. This to prevent children from being abused by predators who, it is feared, will take advantage of the location information made available on line about children and cause them harm.

The trouble is, of course, on the internet, the only “quick and dirty” age restriction tool currently available is that which is used by the credit providers. But, if its really the only one that is to be permitted to be used, then only the over18s and the credit worthy may get the chance to use location based applications. So that’s likely to be a non-starter, as far as the apps providers are concerned.

Surely though, there’s no need to reinvent the wheel here. There will be other circumstances where young people may need the assistance of professionals to provide them with various services, and surely there must have been ethical committees that have created rules that the location based services industry could apply too, if it wanted?

Yep, and as I sat in another data protection meeting at the offices of the Wellcome Trust, a medical charity, a few days go, the penny dropped. Let’s just gloriously plagiarise the standards that the medical community have used for the past few decades. If it’s ok for your spots, then it must be ok for your location applications, too.

So what advice does the medical profession give, and how easily can their advice on “consent” be translated into data protection terms and applied to applications involving location based information? I had a quick squint at the material on the Department of Health’s website and at www.patient.co.uk and now offer, for further consideration, a general practical guide to applying medical standards to obtaining consent from children and young people. I don't really like that descriptive term. I wonder if it'll eventually be replaced by, say, "emerging adults"?

Anyway, here goes.

Young people should be involved as much as possible in decisions about their LBS applications, even when they are not able to make decisions on their own.

General principles
• When obtaining consent, the apps provider should establish whether the person is legally competent (in legal terms, 'have capacity' to give consent).
• Everyone aged 16 and over is presumed in law to have the capacity to consent unless there is evidence to the contrary.
• If a young person is deemed not legally competent, consent will need to be obtained from someone with parental responsibility, unless it is an emergency.
• The legal position differs, depending on whether they are aged over or under 16.


Young people aged 16 and 17
• Once someone reaches the age of 16, they are presumed in law to be competent. In many respects they should be treated as adults and can give consent for their own lbs applications.
• It is nevertheless good practice to encourage them to involve their families in such decisions, unless it would not be in their interests to do so. This can be achieved by the lbs applications provider producing guidance along the lines of “If you are under 18 please tell your parents you have downloaded this application”.
• Someone aged 16-18 cannot refuse an lbs application if it has been agreed by a person with parental responsibility or the Court, and it is in their best interests. Therefore they do not have the same status as adults. (But they can always try and turn their device off if they don’t want to be tracked!)



Young people under the age of 16
• People in this age group are not deemed to be automatically legally competent to give consent.
• The courts have determined that they can be legally competent if they have "sufficient understanding and maturity to enable them to understand fully what is proposed".
• This concept - now known as Gillick competency - was developed some 25 years ago, in the case of Gillick v West Norfolk & Wisbech HA, back in 1986. The term Fraser competency is also used in this respect (Lord Fraser was the judge who ruled on the case).
• Much will depend on the transparency of the lbs apps provider’s privacy policy, and with whom the location information is being shared.
• A young person who has the capacity to consent to a straightforward, relatively risk-free application may not necessarily have the capacity to consent to an application involving high risks or serious consequences.
• The emphasis in the ethical guidance is that the their families should be involved in decisions about them, unless there is a good reason for not doing so.
• If however, a competent person under the age of 16 is insistent that their family should not be involved, their right to confidentiality must be respected, unless such an approach would put them at serious risk of harm.


I like the approach used by the Department of Health’s guide for children and young people on “Consent – what you have a right to expect”, as it uses no-nonsense language to make it clear to them about their rights and responsibilities. First published in July 2001, the text remains fresh and direct and, suitably adapted, would make an excellent privacy policy:

When can you give consent for yourself?

Always if you’re 16-18 years old
You can give consent to being examined or treated in the same way that adults can. If you agree to a particular treatment, the doctor or nurse does not have to ask your parents for consent as well. But if you decide to refuse a particular treatment, sometimes your parents may get involved.

Sometimes if you’re under 16
If you are under 16, you may still be able to give consent for yourself – provided you’re able to understand what is involved in the proposed treatment. This means that you may be able to agree by yourself to some treatments, investigations or immunisations, and not to others. For
example, if you’re 13 or 14, you may be able to give consent yourself for an injection to protect you against meningitis. However, the information needed for agreeing to something as serious as a heart operation might be too much to weigh up by yourself.

When should your parents play a part?

Even if you are able to give consent yourself, it’s still a good idea to include your parents in your decision. If they know what is happening, they will be able to help you think through your decision and to support you better. That is why doctors, nurses and other people caring for you will encourage you to involve your parents. If you are close to other adults, such as your grandparents or an aunt, you might like to involve them too.

What if you don’t want your parents to know?
Sometimes young people want to be able to get advice or treatment, such as contraception, but may not want to tell their parents. If you are able to agree for yourself, the doctor or nurse will not tell them without your permission except in exceptional circumstances to protect you or
someone else from serious harm.

When can other people give consent for you?
If you’re under 18 and you find it too difficult to decide or you feel you don’t understand enough, other people can give consent on your behalf.

Usually this will be:
• your parents or guardian if you are living with them or being looked after by the local authority with the agreement of your parents;
• either your parents or your social worker if you are under a care order.

What if you don’t want to consent but your parents do?
The rules say that your parents may still decide that it is in your best interests to have a particular treatment, and give their consent on your behalf. This rule applies until you reach the age of 18. However, it is exceptional for a disagreement to get this far without being sorted out.
In very serious or complicated situations, a court can be asked to decide whether it is right for your doctor to go ahead with a particular treatment. This might happen, for example, if you and your parents disagreed over whether you should have a very serious operation.


So now we know.
Happy Easter!

The two documents I’ve referred to in this blog can be found at
http://www.patient.co.uk/doctor/Consent-to-Treatment-in-Children.htm
and
http://www.dh.gov.uk/prod_consum_dh/groups/dh_digitalassets/@dh/@en/documents/digitalasset/dh_4116903.pdf