Harry’s Place

As long as the telecommunications firms and construction businesses are raking in the billions, what’s your problem? You some kind of socialist who thinks the peoples’ money should be spent on schools, hospitals and homes, is that your problem?

The story on this big database thing reminds me of one of those old vote Conservative posters about socialism and inspectors

http://img301.imageshack.us/img301/9901/inspectorsce3.jpg

Just what do the government need this for?

Hmmm, I haven’t seen any of this reported elsewhere, but that doesn’t mean it isn’t true. But even if it is, there are roughly one billion contradictions in that Register piece.

I will lay my mortgage that even if all the data we’re talking about was kept in Number 10, it wouldn’t all be in one single database. But more than this:

Reports on the proposals suggest authorities will still need to go to the courts to gain access to the database.

So let’s get this straight:

1 - The data is already collected and held by disparate companies.
2 - The proposal is to hold this data centrally, although as I say above, I doubt ’single database’ is at all accurate.
3 - The state will still have to seek permission from the courts to access the data in the future even after it has been centralised.

Hmmm.

The Assistant Information Commissioner says:

We are not aware of any justification for the state to hold every UK citizen’s phone and internet records

I like the use of “state to hold” given the provision that the state won’t actually be able to see any of this data without a court order.

I note also that the most recent data will be at least 6 month old and the oldest 2 years, and no record of the content of calls or internet browsing wil lbe retained: it’s all about times of access.

Data collection is the new Europe. A meaningful debate about the facts is next-to-impossible thanks to the misinformation spread by a belligerent and ignorant mass media that wouldn’t know a relational database if one bit them on the arse.

This is kinda ill judged while the government is running tv scare ads about the power of it’s existing databases to zoom in on car tax evaders and tv licence dodgers.

I am not one of the loons who believes that the UK is spiralling into a fascist/Stalinist state, but I do believe that there is now a perception that the government is going too far.

Not just a perception. The Government is going too far with this. (Oh and with ID cards, detention without trial etc).

If nothing else, police states are always poor. I really do not want to have to pay for this authoritarian idiocy.

Brownie,

Even given the comments, would you agree that any signals coming from a Brown government of this nature are going to be detrimental to any chances of success in the next election?

bill,

Why are ID cards lumped in with detention without trial? 21 EU states have some form of national ID card in operation. This fact doesn’t end the debate about an ID card program in the UK, but it doesn’t do much for any argument that such schemes are by their very nature “authoritarian”. Do you think it at all possible that doemstic opposition to ID cards tells us more about our national psyche than it does the inherent authoritarianism?

BTW, the domestic opposition is a relatively new thing. It’s only in recent months (after the benefits recrods were lost in the post) that there has been polling evidence that a majority oppose ID cards.

Neil,

Probably right.

detention without trial

This is simplistic short-hand though isn’t it?

The amount of judicial and parliamentary oversight of the 42 pre-charge detention seems perfectly adequate.

That said, I won’t be upset if the bill fails to pass, since I believe that these sorts of debate are required to find the correct balance between security and civil liberties. The idea that consensus can be built on this issue is wrong-headed. It requires parliamentary and civil debate, and even strong disagreement.

@Brownie

If there’s no real difference between holding the information centrally and it being held by disperate companies then why do it?

I would go so far to say that domestic opposition to ID cards (never mind the accompanying database) being related to a British “national psyche” is absolutely spot on.

hat would be the same national psyche (along with other sound constructs such as constitional monarchy, the House of Lords, etc, which serve reasonably effectively to counterbalance the tyranny of professional politicans) which ensured that the UK was one of the minority of European states that did not fall into anything even closely resembling an authoritarian dictatorship or quasi-police state in earlier times of trouble - ie between WWI and WWII.

Of those 21 EU member states that have ID cards - - - how many of them spent more than two-thirds or three-quarters of the last 100 years as a democracy?

I’m no “minarchist” (does anyone beyond the web use that term?), nor am I one of the “oh no! scary EU=USSR” lobby either - - - but I don’t think there is any doubt that the current government has shown its true colours regarding exactly the degree of respect for privacy - and just general respect - in which it holds those who have to endure it.

Not that I have any faith in a future Conservative government being very much less authoritarian - - - proposals for ID cards were well on the go prior to 1997, too: but it took Labour authoritarianism (and tolerance of incompetence and general love of state interference and busybodism) to chuck in the database alongside it.

And as for tight conditions being imposed, court orders, etc, before data can be accessed - please: We’ve already seen how “anti-terrorist” legislation is used on the slightest pretext than bears no resemblance to what was supposedly intended by unaccountable bureaucrats in local authorities.

The point is that ID cards fundamentally change the relationship between the individual and the state.

They would be an illiberal imposition.

you beat me to it, I was going to post on this particular subject.

but supposing, just for the sake of argument, that instead of keeping a record of every email, every sender, every recipient, etc and excluding telephone calls, suppose that it only kept the details of person X sending a particular email to person Y, not the content just a record of the transaction.

suppose that is all it does, how does it collect that information? how does it ensure that it is accurate? how is it to be kept centrally?

those are just a few questions apart from, what will it cost? how long will it take to develop? what are the benefits? are there any real benefits ?

it’s fairly obvious that technology could be developed to circumvent it, and anyone that might be of critical interest (crime lord, terrorists or neo-nazi fanatic) already use encrypted systems and the piggybacking of traffic to avoid detection

it is not terribly difficult, there is already at least one product out there that does it, if not more

bearing in mind that something like two thirds of all government IT projects vastly run over budget and times, the benefits of such a database are certainly questionable?

and even if HMG could get it running, and running well, what is the chance of a major data leak? highly likely

and how big would this system eventually grow to?

because email traffic is growing exponentially, so any system that would monitor it would have to continually grow and grow and grow, costing ever more by the day

it all sounds very dodgy to me

This report is probably a Tory hoax. In any event, why should any law abiding citizen worry? Speaking for myself I don’t want technology restrained just so I can rob the Chigwell branch of Barclays….

The point is that ID cards fundamentally change the relationship between the individual and the state.

Alternatively, we keep the cards in our wallets and purses and 2 weeks after they’ve been introduced and the novelty has worn off we continue about our lives as if nothing has changed.

Probably because it hasn’t.

Of those 21 EU member states that have ID cards - - - how many of them spent more than two-thirds or three-quarters of the last 100 years as a democracy?

It might be more relevant that they’ve almost all been democracies for 3 decades and more and yet nearly 80% of them think having a modern means of self-identification is a good idea.

modernity,

I count 9 perfectly valid questions in your comment. I’d like to know the answers to some of them myself. Yet you conclude “it all sounds very dodgy to me”. Surely if these are genuine questions, you have nothing on which to base this conclusion? I don’t mean to be confrontational about this, but this is exactly what I’m referring to above about the near-impossibility of a sensible discussion on this and related subjects. Just because I’m not instinctively opposed to things like ID cards and data consolidation, it doesn’t mean I don’t have data privacy and security concerns.

I think you do too, but I work in a related field and, quite frankly, the ignorance not just of the public (understandable) but professional hacks (unforgivable) is without limit.

bearing in mind that something like two thirds of all government IT projects vastly run over budget and times

You could leave out “government” and change “two thirds” to “three-quarters”.

Yes, it looks like a bi-election scare tactic.

Yes the thing I hate about the ID card debate is the way people whip themselves up into believing it’s some major change of relationship with the state, as if they don’t already have a passport, a national insurance number, a bank account and a mobile phone - all of which the state already uses to monitor you. This outrage about ID cards is just something the media and opposition parties use to scare people to the benefit of themselves. If we’re honest we’re all in favour of ID cards; they are entirely sensible.

The cards per se aren’t the worry to me, it’s the databases that’ll be behind them allowing the state and presumably hackers to go prying into every aspect of the citizens private life… Providing of course the IT systems aren’t total white elephants.

But you can already get your private details stolen on the passpart and bank databases. The idea that this will be some new astonishing development that will rock civilisation is false.

Brownie wrote:

I think you do too, but I work in a related field and, quite frankly, the ignorance not just of the public (understandable) but professional hacks (unforgivable) is without limit.

Brownie, if you wish a pissing competition on databases we could talk about third normal form, Codasyl, various implementation of Oracle and SQL, etc plus, if you want I can bore on email system too, IBM stuff, cross protocols etc (remembering that I am rather old)

but frankly, that’s a bit unnecessary

my general point is that the Government doesn’t have a terribly good record of 1) implementing IT projects (any say NHS??) 2) the benefits are questionable 3) the technical implementation could be difficult 4) it might be out of date by the time its implemented 5) with increasing traffic it would need to be constantly updated

in short, it is a money pit

Brownie, since you asked, ‘Why are ID cards lumped in with detention without trial?’

I’d say both smack of authoritarian bullying. However, it’s fair enough to separate them. One is merely a bad idea (which will waste millions, possibly billions, that could be spent on better things); the other undermines the laws and liberties of the country.

Mike, however, says:

Yes the thing I hate about the ID card debate is the way people whip themselves up into believing it’s some major change of relationship with the state, as if they don’t already have a passport, a national insurance number, a bank account and a mobile phone - all of which the state already uses to monitor you. This outrage about ID cards is just something the media and opposition parties use to scare people to the benefit of themselves. If we’re honest we’re all in favour of ID cards; they are entirely sensible.

which suggests that anyone who thinks ‘the state’ should have a record of your mobile phone number, your bank account etc and should use them to ‘monitor’ you should love ID cards. I’m not sure that’s a popular argument, however.

Brownie, if you wish a pissing competition on databases we could talk about third normal form, Codasyl, various implementation of Oracle and SQL, etc plus

Ha! I shall Boyce-Codd your ass!

Is it possible that “the State” might actually be able to protect your privacy? For instance, we’ve all got annoying telemarketing calls at one time or another. The only entity which had the authority to do something about it actually did! Thanks to the government (and lots of irate consumers), You can literally drop off the map from a marketing perspective.

It takes time and effort but it CAN be done.

Morgoth,

I am sure you could, that’s typically ITish and you are a bright bloke, but at my age in life I am not interested in pissing competitions nor am i interested in people (why I don’t know and don’t know me) telling me that my many decades with computers is worthless and that they know best. I am sure you appreciate that :)

I have seen a few HMG projects up close and I wasn’t very impressed, but let’s remind ourselves of one: the NHS.

“Computing, 16 Jun 2006, The total cost of the 10-year National Programme for NHS IT is estimated to be £12.4bn, a National Audit Office (NAO) report concludes today.”

http://www.computing.co.uk/computing/news/2158476/nhs-computer-project-cost-4bn

“The NHS IT project, one of the world’s largest public sector IT programmes, is already four years late.

Parts of the project are progressing well and some savings have already been seen but Summary Care Records, a key part of the project, are now unlikely to be widely rolled out until 2014 or 2015, rather than the original target of 2010.
…

In 2006, when the NAO last looked at the National Programme for IT (NPfIT), it was going to cost £12.4bn. But it is now likely to cost closer to £12.7bn.”

http://www.theregister.co.uk/2008/05/16/nhs_it_delays/

The amount of judicial and parliamentary oversight of the 42 pre-charge detention seems perfectly adequate.

No, this fundamentally misses the point. People should not be detained on the say so of judges or parliament, it undermines all of the principles on which our system of justice is based.

Brownie, if you wish a pissing competition on databases we could talk about third normal form, Codasyl, various implementation of Oracle and SQL, etc plus, if you want I can bore on email system too, IBM stuff, cross protocols etc (remembering that I am rather old)

WTF? I was referring to the general ignorance amongst the MSM and the general public. I mentioned that I thought you, like me, worked in this or a related field, is all. A bit touchy this morning, aren’t we?

my general point is that the Government doesn’t have a terribly good record of 1) implementing IT projects (any say NHS??) 2) the benefits are questionable 3) the technical implementation could be difficult 4) it might be out of date by the time its implemented 5) with increasing traffic it would need to be constantly updated

Ignoring for a second the fact that the government doesn’t implement anything, everything you say above applies in spades to any IT project, anywhere, anytime. It’s a good argument for keeping a paper-based office, but not much else.

at my age in life I am not interested in pissing competitions nor am i interested in people (why I don’t know and don’t know me) telling me that my many decades with computers is worthless and that they know best.

Is there another thread in a parallel universe where I’ve offended you, modernity? The thing with imagined slights is that they are precisely that: imagined.

I am sure you could, that’s typically ITish and you are a bright bloke, but at my age in life I am not interested in pissing competitions nor am i interested in people (why I don’t know and don’t know me) telling me that my many decades with computers is worthless and that they know best. I am sure you appreciate that :)

Modernity, I was taking the piss, in a typical ITish way, as you know. You got the reference and that’s all that counts. Incidentally, I’ve met C.J. Date…..interesting chap, believe it or not.

I fully agree with you on Government IT Projects, and with Venichka on ID Cards. I will never carry an ID card and will publically set light to it if they ever try to foist one on me. I am not a mere ID-number, the state derives its power from my consent and from my fellow Britons, no matter what the likes of Brownie or the EU thinks.

What modernity said in response to Brownie (once in a past long ago I was a database and network designer)

I still want to know why this is needed. Typically the two most common reasons for centralizing data a) to reduce cost and b) to start analysing it in some way. This data already exists and is maintained by 3rd parties presumably at their cost so the cost saving argument doesn’t seem to apply. Therefore it’s to be analysed in some way although if the youngest data is 6 months old. How useful is that?

Personally (and I’m being honest here) I’m not in favour of ID cards. There are a number of reasons including the simple one that obtaining one will cost me money and provide me with no benefit. Passports allow me to travel, credit cards allow me to buy things, cell phones allow me to contact and be contactable wherever I am. Each of these things cost but provide me a benefit (as well as being optional). A NINO doesn’t obviously provide me benefit in the same way but then again doesn’t cost me anything.

If this is true, I would agree that it is too far and agree with Ven’s comment. However, until then I am also drawn to Brownie’s initial comment. If people are worried about Internet searches being tracked, when did they last google while logged-in?

the state won’t actually be able to see any of this data without a court order.

Until the threat of terrorism requires otherwise. And until then they will just be able to find it in a taxi or buy it online like everyone else.

everything you say above applies in spades to any IT project, anywhere, anytime.

That is supercilious nonsense. Some IT projects are completed and some aren’t. Some run successfully (as measured against their objectives) and others fail. If you cannot be bothered reading the literature on how well government IT schemes have performed (hint: badly) or following how government IT schemes have been secured (hint: badly) at least flick through your back issues of Private Eye to find reports of the worst excesses.

As for ID cards, tying ID cards to a central database (the entire point of the UK ID card scheme) would be illegal in Germany. It also tends not to impress Belgian or French citizens who have it explained to them when they go “oh but we have had ID cards for years”. ID cards are useful though. Teenagers are already using fake ones to buy booze & fags.

What modernity said in response to Brownie (once in a past long ago I was a database and network designer)

What is this? An IT recruitment site?

Brownie said fuck all to modernity other than that a lot of non-government IT projects overrun and come in over budget and there is an awful lot of general ignorance in the MSM and on the street about this kind of work. Feel free to point out which parts of this you disagree with.

That is supercilious nonsense. Some IT projects are completed and some aren’t. Some run successfully (as measured against their objectives) and others fail.

Where would we be without insight like this, eh?

If you cannot be bothered reading the literature on how well government IT schemes have performed (hint: badly) or following how government IT schemes have been secured (hint: badly) at least flick through your back issues of Private Eye to find reports of the worst excesses.

How much literature do you think there is about government IT projects that have run smoothly, come in on time and on or under budget? You’re hardly going to read about that in Private Eye, are you?

Of course there are haven been some mamouth fuck ups. The bigger the proejct, the greater the contingency, the more exposed to risk and the more likely an overrun and cost issue. ERP tools don’t slot in the same way as time mangement systems. Has there ever been an SAP implementation that didn’t overrun? What does that say about the comptency of the hundreds of blue-chip organisations across the globe?

The NHS project mentioned above is one of the most far-reaching IT projects ever embarked upon. It doesn’t excuse mismanagement if there has been any or any other fault. But the answer is to review processes and methodologies to mitigate risk to future projects rather than to throw our hands in the air and conclude we’d all be better off if there was no data to process in the first place.

ID cards are useful though. Teenagers are already using fake ones to buy booze & fags.

Sounds like a really good idea to include biometrics. I’ll guess that trying to fake fingerprints and irises just to get a litre of Merrydown will be considered a fruitless endeavour by most 16 year olds.

Here’s the ICO statement on the proposed database.

“Jonathan Bamford, Assistant Information Commissioner, said:

‘If the intention is to bring all mobile and internet records together under one system, this would give us serious concerns and may well be a step too far.”

It goes beyond the requirements of the EU Data Retention Directive.

Brownie, the fact that industry is not very good at IT doesn’t excuse the government being even worse.

Brownie & Mike - this government would be a lot better served if it’s activists turned round and told it to stop coming up with any more ideas in the big brother mould especially when they have a proven incompetence when it comes to safeguarding data.

Seriously they are driving Labour supporters to distraction with this crap.

Where would we be without insight like this, eh?

We’d be talking about how all IT projects have problems “in spades”. Or rather we wouldn’t.

How much literature do you think there is about government IT projects that have run smoothly, come in on time and on or under budget?

Given that all IT projects apparently come in late and over budget I don’t see your point here.

The NHS project mentioned above is one of the most far-reaching IT projects ever embarked upon.

The tax credits, CSA, doctor’s assignments, income tax and jobseekers systems were less large scale. Just to name the ones I can remember off the top of my head.

It doesn’t excuse mismanagement if there has been any or any other fault. But the answer is to review processes and methodologies to mitigate risk to future projects rather than to throw our hands in the air and conclude we’d all be better off if there was no data to process in the first place.

There are a number of problems, and my point is that just talking about all projects having them “in spades” will not lead to the resolution that is needed.

But when some of those problems are ideological, they cannot be tackled. The procurement, funding structure, management, ownership structure, and often the objectives of these large-scale database projects have ideological constraints and so will not be modified enough to solve the problems that they cause. The projects will therefore continue to fail.

Back to ID cards:

Sounds like a really good idea to include biometrics. I’ll guess that trying to fake fingerprints and irises just to get a litre of Merrydown will be considered a fruitless endeavour by most 16 year olds.

Fingerprints are easy, see Bad Science’s piece on it. Also take a look at a glass the next time you have a drink.

For irises just rub your eyes and when the reader fails offer a fingerprint. Or get an older sibling or a parent to lend you a 10MP camera and sit still for a minute “for a school project”.

Failing that join a long queue and just flash the card. You’ll get lucky eventually.

speaking in my official role as IT geek/nerd here (and being careful because I work on some of the big gvt it projects for my employer) I can see a couple of problems with the plan.

Emails seems the obvious place to start, first there already are records of every email sent and received in the UK in the log files of the mail servers. At a high level there is nothing technically all that hard about consolidating all these into a single database -in fact it wouldn’t be a database as such but a data warehouse, parse the log files into a consistent format and export them to the database.

But the sizing would be huge every system I ever designed had to purge it’s log files at least monthly because the amount of space required was huge. It’s not so much the disk space that would be needed to store the data, but the bandwidth to transfer the records to the central db and the front end to process the records into the central db would be huge: hundreds of millions of records per hour -and most of it would be spam, viruses or other forms of junk. Apart from proving that person a emailed person b, it would be completely useless without the content of the emails.

At the moment the project would be a non-starter, that’s not to say that the gvmt won’t try it and that my employers won’t win the contract to fail to deliver it, but it seems so far-fetched that it must have come from the office of made up stories.

“Sounds like a really good idea to include biometrics. I’ll guess that trying to fake fingerprints and irises just to get a litre of Merrydown will be considered a fruitless endeavour by most 16 year olds.”

So, off licences are going to be finger printing and iris scanning customers to make sure sure the data on a card matches the person carrying it, are they?

It’s true that private sector IT projects often run into problems as well as government ones - I’ve seen it in the organisation I work for.
It’s also true that the answer when these things happen is to try and learn lessons for next time rather than give up on IT altogether. The problem is that these lessons just don’t seem to be learned.
There does seem to be a wider and more fundamental problem about how these things are managed. The companies producing the systems rarely seem to be made to bear the cost of their failures and furthermore they continue to be awarded lucrative contracts regardless of how they have performed in the past. There seems to be no transparency or accountability for projects whose failure can cost hundreds of millions of pounds in extra cost as well as the damage done to the people relying on these systems to work. Any attempt at proper scrutiny of the decision making behind the projects, the contracts and the bidding processes are blocked on grounds of “commercial confidentiality”.
The relationships between the government, the civil servants responsible for procurement, the consultants who advise them and the IT companies are far too cosy. And it’s not just IT projects that suffer from this - take into account as well the whole PFI industry and basically the public sector has been turned into a gigantic trough for chancers, cowboys and snake oil salesmen to feed at.

dirigible,

Instead of going all round the houses with you on this, I’ll re-post what Andrew wrote immediately above.

It’s true that private sector IT projects often run into problems as well as government ones - I’ve seen it in the organisation I work for. It’s also true that the answer when these things happen is to try and learn lessons for next time rather than give up on IT altogether.

This was essentially my point. Of course not ALL IT projects fail, but the narrative amongst those who don’t know any better could lead you to believe that they either do or that private sector projects are somehow immune to the problems that plague government shcemes. I was countering this fantasy, is all. Yeah, it might have bene a good idea if I’d clarified that I didn’t truly believe that 100% of all IT projects ever started going right back to punched card have ended in failure, but what can you do?

The tax credits, CSA, doctor’s assignments, income tax and jobseekers systems were less large scale.

The tax credits debacle wasn’t a failure of IT. It’s a failure of process in that changes of circumstance were being reported so long after the fact, some claimants were being landed with hefty repayment bills. The model doesn’t work, not the IT.

The CSA was an ideological fuck-up from the beginning and, again, many of the issues were to do with process. There was also a clear lack of centralisation as they were maintaining parallel systems: one which processed new claims and one holding the historical data. You can call it an IT screw up if you like, but there’s at least some evidence that centralisation would have actually helped in this case.

Doctors assignments I don’t know an awful lot about but that did smell of a clusterfuck.

Imcome tax. The major issue I’m aware of here was the lack of infrastructure to deal with the deluge of last-minute online return submissions at the end of January. Not good, but not the disaster it was painted in the press, especially as the deadline was extended to protect those who couldn’t submit until early February as a result.

Job seekers I know nothing about, either.

You appear to be mistaking me for someone who thinks there are no issues of mismanagement, whether it be in the procurement or deployment phase of these projects. Of course there are, but your “projects will therefore continue to fail” conclusion is defeatist nonsense.

Fingerprints are easy, see Bad Science’s piece on it. Also take a look at a glass the next time you have a drink.

There something of a difference between capturing an image of a fingerprint and even producing an electronic copy and being able to manufacture a convincing physical duplicate that will fool a reader. Of course I’ve no doubt it can be done, but probably not by the youths hanging around outside Threshers or even many of the world’s terrorsit organisations.

For irises just rub your eyes and when the reader fails offer a fingerprint. Or get an older sibling or a parent to lend you a 10MP camera and sit still for a minute “for a school project”.

I’m missing something, clearly. How would producing your own picture circumvent iris-recognition technology, exactly?

So, off licences are going to be finger printing and iris scanning customers to make sure sure the data on a card matches the person carrying it, are they?

It’s undecided. The list of what will be the IPS accredited organisations is yet to be published. I think it would be a good idea to apply this sort of test in off licences, but my guess is that it will be benefits offices, post offices, banks, etc. that use this stuff first.

The companies producing the systems rarely seem to be made to bear the cost of their failures and furthermore they continue to be awarded lucrative contracts regardless of how they have performed in the past.

There are almost always penalty clauses and you see the same companies tendering again and again because so few are equipped to handle projects of these dimensions.

There seems to be no transparency or accountability for projects whose failure can cost hundreds of millions of pounds in extra cost as well as the damage done to the people relying on these systems to work.

I know this will go down like a sack of shit, but you know it is just possible that sometimes there is no-one at fault. Some of these projects are truly bleeding-edge. On the other hand, I wouldn’t disagree that there could be greater accountability.

Any attempt at proper scrutiny of the decision making behind the projects, the contracts and the bidding processes are blocked on grounds of “commercial confidentiality”.

Sometimes true.

The relationships between the government, the civil servants responsible for procurement, the consultants who advise them and the IT companies are far too cosy.

True but not necessarily the problem you think it is. Again, the limited number companies capable of undertaking these projects contributes to this.

And it’s not just IT projects that suffer from this - take into account as well the whole PFI industry and basically the public sector has been turned into a gigantic trough for chancers, cowboys and snake oil salesmen to feed at.

It seems we’ve come over all Daily Mail. Hyperbolic twaddle.

At the moment the project would be a non-starter, that’s not to say that the gvmt won’t try it and that my employers won’t win the contract to fail to deliver it, but it seems so far-fetched that it must have come from the office of made up stories.

Well, I’m still wiating for this to be picked up by the MSM, so I’ve got my doubts, also.

OK rephrase that - let’s just say I agree with Modernity about the shortcomings of mega-large databases in general and government ones in particular. I don’t like mention the way a lot of the data held about citizens is transferred abroad for processing without the option.

and I am particularly suspicious that the whole thing is being driven forward by consultancies keen to get their hands on the next big contract.

Mrs Ben (former member of the Higher Education Funding Council’s Advisory committee on networking policy)

Perhaps the government might be worried that ISP’s could be infiltrated by terrorists who’d clean up the log entries relating to their accomplices before transmitting them to the home office. Sounds possible.

So hang on. ALl this data is currently out there. it’s held by telco’s and ISP’s, who have to dig out the data and provide it to governemnt as and when government turns up with a warrant.

this costs the telco’s and the ISP’s money.

So some muppet of a civil servant comes up with a suggestion that the telco’s and the ISp’s should be allowed to dump all their data on government, and let government foot the bill for sorting the data out and finding the relevant stuff.

Shortly after passage of relevant bill civil servant who suggetsd it exits stage left to make more money working for newly much more profitable telco or ISP.

It’s easy once you ask who benefits.

I echo many of the points above, Anthony Adams expresses it well.

Morgoth, no problem, I wasn’t offended by yourcomment, but I dislike how such discussions often take on a “we know best” mentality and in disregarding the genuine concerns of others come over as arguing in bad faith.

I think there are very legitimate worries not only for the implementation of such a proposal but its long term implications, and I think it is wrong to be so dismissive of them, as some here are.

I’ll bet this proposal came out of the mind of some Permanent under Secretary who’d watch too much Star Trek (ahh looking thru yesterday’s Times, it seems to be part of an EU directive)

Even, IF you could implement it and do it in under £200 million, then want would such a system do?

not very much, as the existing targets of police/intel action often use encrypted messaging already and could easier develop their own internal email system to circumvent these proposals

the proposers of this system seem to think that their opponents will stand still?

when and if this idea were to be implemented, they won’t, they’ll use alternatives, not the common or garden email system, just packet up messages inside other traffic (hide things within other things) which defeats the objective of this system

so unless you are going to keep a record of every packet between multiple points for years and years then getting around this is very simple.

in the future email and Internet traffic will only INCREASE so any monitoring system would have to account for that, continually expanding in terms of data storage and processing capacity

finally, will HMG extend the data retention laws ? or force companies (not only ISPs) to keep email records on-line (rather than archived off-line) for years and years? If so, then there are many risky consequences to such an idea.

So all in all, sounds like another Child Support Agency fiasco in the making

PS: I defer to Mrs. Ben :)

Anyone ever hear a telco complaining about the cost of complying with home office requests for call records? No they have to keep that data anyway for their billing system.

billing records are generated slightly differently than keeping track of the caller and the recipient, also the data is often stripped out, after which it will be archived (put off-line)

Mod, my point is that it’s not going to be unmanageable amounts of data as telcos are already able to process bills and billing enquiries quite efficiently and the cost at present is passed on to the consumer anyway, in response to gareth.

BTW, the domestic opposition is a relatively new thing. It’s only in recent months (after the benefits recrods were lost in the post) that there has been polling evidence that a majority oppose ID cards

Opposition has been growing for some time, though the loss of the benefits records certainly has been a stimulus to those of us who oppose the scheme. I remember when ID Cards were first announced - by Blunkett 2 days after the September 11th attacks - as a ’security and and law and order’ initiative. It made absolutely no sense then and it still makes no sense now.

If we recall the words of the 2006 bill, ID Cards are for the ‘efficient delivery of public services’; ‘better community relations’!!!! through less illegal migration and working’; a means of combatting terrorism and organised crime; and reduced identity fraud. This is not a coherent policy: it’s a set of pious wishes. If we look at the 21 countries in the EU that have ID Cards we will see the same sort of problems that ID Cards are meant to help with. So we are prompted to ask: just how effective will ID Cards be in achieving these benefits? It is this over-egging of the ID Card case which has been the government’s undoing. They would have been more successful by just promoting ID Cards as a secure means of identification. But that would have also presented them with a problem, for in that model of ID Card there would be no need for a National Identity Register as a master index to all state and financial records held for an individual. It is this master index which the Home Office appears most keen to acquire and which appears to be main motivation behind this initiative.

Speaking for myself I don’t want technology restrained just so I can rob the Chigwell branch of Barclays….

Do you think that’s something you’re likely to do ChrisC? How would an ID Card database, telecommunications database, universal DNA database, prevent you from robbing that bank if you had a mind to do so?

Furthermore, ID cards are an inherent part of, and a key enabler of a “papers please” stype of state. Don’t try to worm your way out of this, Brownie, you might be happy to live in such a fascistic ordungian society, but over my fecking dead body will I carry an ID card.

Britain fought two world wars to stop such a society taking root here.

Sounds like a really good idea to include biometrics. I’ll guess that trying to fake fingerprints and irises just to get a litre of Merrydown will be considered a fruitless endeavour by most 16 year olds

So who is going to pay for the fingerprint reader in every off licence and supermarket checkout? Who is going to pay for the comms infrastructure to check the backend database to ensure that the card or biometrics haven’t been forged? Answer: the off licence, pub or supermarket. Since they can rely on looking at a photograph on the card, they are not going to bother unless compelled to do so by the government. So we are back to where we started - a photo id card, which I believe young adults can already acquire on an entirely voluntary basis.

Don’t try to worm your way out of this, Brownie, you might be happy to live in such a fascistic ordungian society, but over my fecking dead body will I carry an ID card

Well he could say that compulsory carry is explicitly excluded from the 2006 ID Cards Act. Of course, if the government’s pipe dream of access to goods and services routinely requiring authentication through ID card then compulsory carry would be beside the point. You try doing anything in a city without cash or credit card in your pocket. But there’s no law that compels you to have money in your pocket. To be honest though, I think is likely to remain a pipe dream, as no one appears to have considered the practicalities of installing tens of thousands of biometric readers across the country and comms infratsructure to connect them to the NIR. It’s likely to be decades, if ever, before that happens, unless private businesses see a very strong commercial case for it. And they did, they are more likely to implement biometrics on credit cards.

Jon D wrote:

my point is that it’s not going to be unmanageable amounts of data as telcos are already able to process bills and billing enquiries quite efficiently

processing billing for a short period on a live production system, is entirely different from keeping two+ years of data hanging around for enquiries, and remember that each billing system is different from the other, so you’d have to neither enquire via proxy, or suck out the data and shoved it into a db for a later enquiry, then you get the issues of data transfer, security, compatibility and accuracy

don’t get me wrong, technically you could probably do it, but cost versus the gains is a big question

equally, you could build a land bridge to northern Spain, it is probably technically feasible but certainly horrendously costly and have limited benefit? that’s what this system sounds like to me

Let us bear in mind the context of this report. It arrives on our screens a couple of days after we read the accounts of an apology by the Police and CPS, because when faced with clear televised evidence of real incitement to violence and terrorism, they tried to shoot the messenger, and made no attempt to bring prosecutions.

In the light of all that they have done to avoid confronting real threats to national security, why should they be allowed to set up such a database. They obviously don’t want to use it to catch terrorists or criminals. No wonder folk are suspicious of their motives.

Ok forget billing, the telcos are required to keep logs of phone calls for 12 months and satisfy home office enquiries ‘in a timely manner’, the telcos manage to do this with computers and software that exists now. It’s not a land bridge to spain.

Britain fought two world wars to stop such a society taking root here.

During which wars everybody carried an id card.

Mod Http://theregister.co.uk/2007/10/3/telco_data_retention
(Or click my name - hopefully) to learn more of the *staggering* difficulty of retaining summary call log data on common or garden IT.

Jon D,

Thanks :)

Morgoth, no problem, I wasn’t offended by yourcomment, but I dislike how such discussions often take on a “we know best” mentality and in disregarding the genuine concerns of others come over as arguing in bad faith.

Mod, ther’s nothing more “bad faith” than refusing to address your point to the person about whom you’re commenting. And it’s funny you have the perception you have, because to my mind, you were doing a very good impression of someone trying to argue from authority, as if you’re the only person who’s seen a tablespace in his puff.

BTW, the legitimate concerns are not disregarded. I mentioned above that of course I have my own concerns about security and privacy. On the other hand, the ill-informed, sare-mongering shite that characterises much of the debate about ID cars and related issues very much is disregarded.

I think there are very legitimate worries not only for the implementation of such a proposal but its long term implications, and I think it is wrong to be so dismissive of them, as some here are.

For “dismissive” read “don’t necessarily share Mods’ analysis”.

You can be rather precious sometimes, mod.

You try doing anything in a city without cash or credit card in your pocket.

Um, but surely this is an infringement of civil liberties/human rights/Magna Carta and the death of liberal democracy as we know it? And given this is so, does it mean I can demand evidence of Morgoth’s dead body over which he insisted something like this ought to happen?

Imagine having to fill that extra slot in the wallet - between the credit card, cash card, driving licence, student card, union card, party card, store card, phone card and gym card - with you ID card.

Makes you tremble, doesn’t it?

So who is going to pay for the fingerprint reader in every off licence and s