Home

That data, those cards and data protection, nuclear style

21.11.07
at 20:34
tagged with:

I seem to remember being told that once upon a time Inland Revenue officers used not to be allowed to work on different tax schedules so that no one officer would ever know a citizen's true financial position. Oh for such propriety today when whole records in their millions are transported around different departments merely for audit purposes. Much has been said today about the loss of disks containing the child benefit records of 25 million people and many have suggested that it would be quite wrong now to go ahead with ID cards knowing that information security is so lax in a government department that already holds sensitive data on each and every one of us.

I want to take a slightly different line. I have always been and remain utterly opposed to the system of ID cards linked to a database that is now legislated for. However when I was on the Lib Dems' Civil Liberties working party eight years ago or so I did propose a wholly different type of ID card/account that would come into its own in this situation.

My idea was that we could all have a card or account that would "lock" all data held on us by government and that would require us to be present, or able to authenticate online or on the phone like you do with your telephone or internet banking systems, before any government officer could access your data or authorize any transfer of a part of it to someone else. A sort of a "nuclear key" where both the data subject's and the data user's half of that key would effectively be needed to decrypt any of the data subject's personal information. Yes, it might slow certain things down, but let's face it, there are some things we really don't want government interfering in unbeknownst to us. One needn't even have to trust government to guarantee one's identity - you could open it up so an individual could choose a firm like Thawte, who provide guarantees of identity to online commerce sites we trust with £40bn of our custom each year, to guarantee their identity and private key.

Data about us is part of us. It is our right to know it's secure, especially when we have no choice in handing it over - and such circumstances should be minimized. Whether it's bank account details or DNA it's an invasion of our privacy and self-ownership and every additional byte stored about us is a step towards totalitarianism. The apparatus of government should be our servant and not our master and many fought and died to ensure that we were not enslaved by overbearing states in the twentieth century.

I do not see why the National Audit Office should want all the records on the database. Surely audit is about taking a sample to prove that procedures were being followed and the bona fides of the person being audited and the figures they have produced. HMRC should have a system of internal audit that itself can be verified without any other department needing access to the original data. And if they do need access to the original data, then it should be done on site in a secure area or through secure access direct to the systems concerned. No other business surely sends all of their customer records to their external auditors do they? Nor should they in the civil service, and if that's how NAO and District Audit work then that too should change and urgently.

Commentators like Richard Murphy are just plain wrong in insisting that this is not an extremely serious breach that highlights systemic problems in organizations that handle such huge amounts of data without the effective scrutiny of competition for their customers to keep them on their toes. No junior official, in fact I'd go so far as to say no individual official should have had access to the whole data universe without a great deal of additional verification. It defies belief that anyone thought this system was sufficiently secure.

And finally - a word of warning...

In this highly interactive and globalized society, if we continue to insist on potentially intangible bases - our incomes - for tax, the amount and intrusiveness of data they will need to hold on us can only increase. Another plus for taxing land.

Appreciated this post? Support my blogging with coffee!

Trackback URL for this post:

http://www.jockcoats.org.uk/trackback/710

Comments

Tax

On 23.11.07 at 22:53 Paulus (not verified) said:

I recently heard a programme on the BBC World Service on the subject of tax in South America. People there, notably in Argentina, just don't pay tax because they believe the money will disappear. They think it falls straight into the pockets of politicians. They’re probably right. When I hear about the level of MPs’ expenses I am afflicted by similar qualms. But the waste in the civil service is worse. The tax take increases and public services are cut while at the same time improved productivity in the private sector reduces the real cost of goods and services.And then you have moments like this one (lost data disks) – when civil servants demonstrate how incompetent they are. There are many such “aha” moments – Child Support Agency, criminals lost by the Home Office, piles of unsorted files on asylum seekers, unregistered workers in the Home Office, Asset Recovery Agency abandonned. You can see where the money goes. There may be corruption, but it pales into insignificance when placed alongside the waste that results from incompetence. I try not to follow day-to-day politics. It is far too depressing. But am I right in thinking that a large part of the reason why the NHS cannot cope financially despite the huge injection of cash is that the negotiation with doctors was botched? Their payout absorbed far more money than was intended, so there is not enough to pay nurses or to stop people catching MRSA and C difficile.By the way, I like your idea of a double-key system to unlock data which ensures your presence every time a civil servant looks at your file. However, you can imagine Sir Humphrey explaining exactly how much it would cost and how many more civil servants it would need to implement.

Argentina is an odd case. 

On 23.11.07 at 23:26 Jock said:

Argentina is an odd case.  When their monetary system simply disintegrated a few years back, they had to find alternatives to keep the place going - hence all those stories about "swap shops" creating a barter economy.  The only absolute reason for a "legal tender" is that there needs to be something which is accepted for the purposes of paying tax - and they didn't have one effectively.  So there were instances of local government for example swapping services or supplies rendered for the tax bills - paying your tax in kind effectively.  So it's no wonder they have a weird relationship with tax!

I don't know if that's the whole reason behind NHS not having money to stop MRSA etc, but I certainly believe that its monopoly position and the protectionism of doctor licensing and so on creates huge "economic rent" in doctors' salaries, which can't help.  It seems to me that exclusive drugs deals must be part of it too.

Barbed wire economics

On 26.11.07 at 18:27 Paulus (not verified) said:

I used to travel to Argentina regularly soon after the Falklands war. I was working in agriculture and interviewed ranchers. I can't remember the rate of inflation at the time – it was in the hundreds of per cent. I do remember that Uruguay, which had an inflation rate of about 35%, was regarded as the Switzerland of South America. At that time inflation was so fierce that ranchers would do their accounts by converting all monetary sums into bales of barbed wire.Cool

 

Add comment

The content of this field is kept private and will not be shown publicly.
To combat spam, please enter the code in the image.