NSA monitored calls of 35 world leaders after US official handed over contacts it said in the Guardian yesterday and in every other newspaper.
That comes as news to most of us.
But then we remember: "News that Kofi Annan and other senior UN figures may have been routinely bugged by US or British security services has caused a huge political row around the world. But it will also have caused alarm among other people in the public eye who deal with sensitive information - or anyone, indeed, who values their privacy" – that's from the BBC News website, 2 March 2004, 9½ years ago.
It didn't cause "a huge political row around the world" then.
Maybe this time. Maybe the penny is beginning to drop.
Individuals complaining about invasions of their privacy have little traction.
With companies, it's different. Once they realise that it is questionable whether any of their dealings can be conducted in confidence they will take action. And unlike individuals, they have money and lobbying power and politicians listen to them.
Showing posts with label GCHQ. Show all posts
Showing posts with label GCHQ. Show all posts
Friday, 25 October 2013
Kofi Annan, the NSA and GCHQ – maybe this time
NSA monitored calls of 35 world leaders after US official handed over contacts it said in the Guardian yesterday and in every other newspaper.
That comes as news to most of us.
But then we remember: "News that Kofi Annan and other senior UN figures may have been routinely bugged by US or British security services has caused a huge political row around the world. But it will also have caused alarm among other people in the public eye who deal with sensitive information - or anyone, indeed, who values their privacy" – that's from the BBC News website, 2 March 2004, 9½ years ago.
It didn't cause "a huge political row around the world" then.
Maybe this time. Maybe the penny is beginning to drop.
That comes as news to most of us.
But then we remember: "News that Kofi Annan and other senior UN figures may have been routinely bugged by US or British security services has caused a huge political row around the world. But it will also have caused alarm among other people in the public eye who deal with sensitive information - or anyone, indeed, who values their privacy" – that's from the BBC News website, 2 March 2004, 9½ years ago.
It didn't cause "a huge political row around the world" then.
Maybe this time. Maybe the penny is beginning to drop.
Wednesday, 10 July 2013
Smiley's people
Writing in today's Guardian, Simon Jenkins makes the case that reality comprises the bits John le Carré cuts out of his novels.
There follows the transcript of an interview with John Le Carré by BBC Radio 4 Front Row’s Mark Lawson. This interview never happened.
ML: My guest today is David Cornwell, better known as John le Carré, the chronicler of the secret services who needs no further introduction. John, we were talking before going on air about how much of a novel never sees the light of day and that seems a good place to start, do you write and then discard a lot of scenes?
JleC: Not if I can help it. Writing is quite hard work and you have to be organised in order not to waste your energy. But occasionally a scene will slip in, it will get past the positive vetting procedures and then fail at the editing stage. For example, in my latest novel, I had a character called Simon, an atheist so fascinated by churches that he visited them compulsively and wrote erudite books about them.
ML: Was church history going to play a major rôle in the book?
JleC: Of course not, that’s my point, this was a case of over-elaborate characterisation, a beginner’s mistake, you just don’t get such people in real life and they don’t make long speeches about the security services being out of political control. I actually made the same mistake with another character, Janet, an American, long settled in the UK, a trained philosopher, once a firebrand socialist, now mugged by reality, she was supposed to have a column in the Telegraph. I ask you! It’s embarrassing just to remember it. Who’s going to believe that? Maybe some earnest young undergraduate, but my readers wouldn't take the tosh I had coming out of her mouth about US presidents sanctioning mass surveillance and impounding journalists’ notebooks. My readers demand reality, feet firmly on the ground.
ML: That sounds very serious. Is there no humour allowed in a le Carré book?
JleC: There’s the odd high table epigram, I suppose, but you have to be careful with humour. I had a character called Stephan, for example, and I thought the scenes with him in were going swimmingly but then my editor pointed out that poor old Stephan just sounded like a buffoon, not the idea at all, and his appearances were verging on slapstick. Complete loss of dramatic tension. Out he had to go. What I think people want from my books is an insight into the hidden decision-making processes of public administration. Stephan was arguing that all personal information should be made public for the greater good. But he couldn't think of any way the greater good would be advanced. In everyday life, that would be the end of his project, Whitehall would kick it out, but in early versions of my book he was allowed to pursue his ridiculous programme. No good, you see – I'm not selling fantasy.
ML: I'm interested that you should talk there of public administration and Whitehall civil servants. Your books are political but there are no politicians in them.
JleC: I think the odd minister may turn up every now and again but, no, in the main, it’s best to have the politicians as silent characters, influences who make their requirements known mysteriously, they’re more effective that way. I tried putting a character called Nick in at one stage, a deputy prime minister who bore no resemblance whatever, I need hardly add, to any living person. Nick, in the book, was trying to introduce a computerised national electoral roll while heaping opprobrium on the previous administration for trying to introduce ID cards and a computerised national identity register. He claimed that he was a liberal, promoting democracy, and at the same time legislated to make it a criminal offence not to register. Hopelessly incredible, out went those scenes and the book is much improved now, in my opinion, with Nick saying nothing.
ML: The waste paper basket next to your desk is beginning to overflow, isn’t it?
JleC: Now now, Mr Lawson, I know I'm old, but waste paper basket, indeed! No, I press the delete button, just like other writers. But yes, you’re right, my recycle bin is filling up. I had a couple of journalists in the first draft, Fraser and Charles, writing sermons in defence of the security services, but they were caricatures, no journalist today would bend the knee just because of a D-Notice and Fraser, in particular, was meant to be a brave Leveson refusenik. It didn't make sense having him support official mass surveillance in the same breath. And I went a bit over the top having Charles compare Edward Snowden to the real spies of the Cold War. A silly mistake that the character Charles was far too intelligent to make.
ML: So what are we left with in the novel, John, what is there for your loyal readers to look forward to?
JleC: I'm rather hoping they’ll buy the book and find out for themselves but it’s not giving too much away to say that the plot revolves around a pretty young salesman called Martha who convinces a cynical former permanent secretary that all public services in the UK should be delivered on the internet and they hire a web designer from the Guardian and put him in charge of creating a national identity assurance system. He’s never done anything like that before but they get him a computer guru to help, some chap who’s left the BBC under mysterious circumstances, and soon they have a veto over government policy and they take control of government cloud computing. Only, a few days later, it’s announced that the US National Security Agency have access to everything in the cloud, there is no privacy, no confidentiality, no secrecy. Coincidentally, parliament has just decided to put all its computing in the cloud and there’s a tense scene where Joan, the woman in charge, says that it doesn’t matter about the NSA listening in, or the Chinese, or the Russians, because everything in parliament is meant for public consumption anyway and on the same day that the Intelligence and Security Committee announce that cyberattacks are the biggest threats facing the country the Board of Trade kicks off an initiative called "midata" to get everyone to store all their personal data in cyberspace.
ML: And that’s the bit you expect your readers to believe? Good luck with that, Mr Cornwell, and thank you for that insight into the writer's craft. More reality, my guest tomorrow has amassed a fortune making radical feminist films in the backstreets of Havana. Join us again to find out how it's done. Until then, goodbye.
Smiley's people
Writing in today's Guardian, Simon Jenkins makes the case that reality comprises the bits John le Carré cuts out of his novels.
Sunday, 30 June 2013
The China Syndrome
The China Syndrome is a fiction. The idea is that if a nuclear reactor runs short of coolant the core will burn through its container and burrow all the way through the earth, coming out the other side, in China.
Don't try this at home.
Not least because you'll be disappointed – as Wikipedia tell us, "the Three Mile Island accident's molten core got exactly 15 millimeters on its way to 'China' before [it] froze at the bottom of the reactor pressure vessel".
The film The China Syndrome was released 12 days before the Three Mile Island incident. It's extraordinary what some studios will do for a bit of publicity.
In the film, Jack Lemmon has proof of a conspiracy to cover up known safety problems with a nuclear reactor. By the time he's ready to go public with it, he's so tired and nervous that he comes across as a gibbering wreck with no credibility.
The physics may be all wrong but the film is a warning to whistleblowers against suffering their own China Syndrome credibility meltdown. If you want to have an effect, you need to be taken seriously – try not to look like a gibbering wreck.
The Commissioner's case is strong and the legal team is particularly optimistic since the CEO of Google Ruritania rang, asking for a meeting at which the tax situation would, the CEO believed, be settled fully and finally, to the satisfaction of all parties.
Today's the day. The Commissioner is in the office, there's a knock at the door and the Second Secretary ushers in the CEO and, to the consternation of the Commissioner, two other people. One is the Permanent Secretary at the Ruritanian Board of Trade and the other is the Ruritanian National Security Advisor.
CEO: Commissioner, I must thank you for seeing me at such short notice. You do me a great honour. Relations between Google and Ruritania are nothing but cordial.
Comm: I wish that were the case, CEO. Perhaps today's meeting will bring about a rapprochement but, as things stand, Google's reluctance to pay the corporation tax due is an obstacle to unfettered cordiality between us.
CEO: Precisely why I am here, Commissioner, and once again I must thank you for coming so quickly to the point. Just to be sure that all of us in the room are clear, could I prey upon you to state the Revenue's argument in summary?
Comm: We have a large number of cases decided at the Upper Tribunal confirming that the Revenue must ignore the intermediate stages of a transaction if the sole purpose of those stages is to avoid tax. You know, CEO, as well as I do that those cases are remarkably similar to the way Google organises its affairs. If our unfortunate and unnecessary dispute were taken to the Tribunal, their decision would be in favour of the Revenue, Google would have to pay the tax due, with interest and with penalties on top. That's the law. Your pretence that business obviously transacted in Ruritania is actually transacted in Carpathia is laughable. You can give in now. Or you can give in later, when the interest bill will be even higher, as will the reputational damage done to Google by all the media coverage.
CEO: Thank you, Commissioner, for your pre-Leveson warning and for that succinct statement. And I must say that if we keep our eyes fixed exclusively on Google's accounts, we can hardly fault the Revenue's case. But there is a bigger picture. There are other costs to consider and I wonder if perhaps at this juncture the Ruritanian National Security Advisor who has so graciously agreed to accompany me today might say a few words.
Security: Commissioner, you read the newspapers. You know of PRISM and Boundless Informant and Tempora and Echelon. These security initiatives need data. That is the arrangement we have with our cousins across the sea. We provide data. As much data as possible. We receive much consideration in return. Consideration which mitigates Google's low tax bills. A large proportion of our data comes from Google. Anything which threatens Google's access to data is a threat to Ruritania and I must ask you to take this into account in framing your case. Please don't worry about Google, Commissioner.
Comm: I do indeed read the newspapers, esteemed Security Advisor. I am not immune to your argument and I am not entirely naïve. But you too, if I may say so, must look at the bigger picture. It is my department's job to collect taxes. There are limits. Limits which it is inadvisable to breach. Our parishioners grow reluctant to make their contributions when they see wastage by the public administration. And when they see poor quality public services. Not to mention slush funds of hush money and golden goodbyes. A delicate balance needs to be struck to preserve the orderly operation of the political settlement. That becomes harder still to achieve when foreign companies are seen to trade here without the impediments suffered by Ruritanian businesses.
CEO: And that, Commissioner, is why the Permanent Secretary is here with us today.
Trade: Your department, Commissioner, has its job, and so does mine – to expand the economy. How do you do that? You sell more. How do you do that? You advertise more. You need to create demand. You need to discover people's wants, needs and interests, their preferences and their aspirations. You need to help people to discover the truth about themselves. That way you know what to supply to whom. In all of these matters, there's Facebook of course, but Google is at the heart of our strategy for growth. Don't worry, Commissioner, about collecting taxes. Once we have got the economy growing again, the taxes will follow. But for that, we need Google. Do not stand in the way of Google, Commissioner. If you do, you stand in the way of not only national security but also the health of the Ruritanian economy. And that is not the Revenue's job.
Comm: My dear colleague, you and I have worked together for years, the collaboration between Trade and the Revenue has been a fruitful one, we speak our minds and we get results. Your prescriptions for the economy, as we have told you on many occasions, would fail at GCSE. Further, why should Google avoid tax while other businesses can't? Excusing Google would look to the public like patronage, a special favour and random whereas the law is meant to be impartial. If implemented, your prescriptions would make my job impossible.
CEO: Not so much impossible, Commissioner, as unnecessary. Don't you worry about the public. And don't worry about the law – much of it is mere mythology. Quaint. You see Trade's plan is for every person in Ruritania to maintain a personal data store, managed by state-appointed trusted identity providers. That includes both types of person, natural persons and legal persons, i.e. corporations, trusts, and so on. Once these personal data stores are populated, where is the need for the Revenue? A tax farmer app can simply calculate the amount of tax due and make life more convenient for everyone by filing their tax returns for them and direct debiting the money from their bank accounts. It would be naïve of anyone not to see that that is the purpose of a personal data store and that that is also why the Revenue as currently constituted serves no purpose in the digital-by-default new world.
Comm: Oddly enough, CEO, this may surprise you, but no, I don't worry. You rely on a semantic web which doesn't exist, you have no philosophy of language, no theory of meaning. And you rely on the study of artificial intelligence, which is certainly artificial but not intelligent – your minions talk trivially of the "quantified self" but you have no philosophy of mind and your grasp of psychology is as tenuous as your economics. Your failure is guaranteed. No worries there.
CEO: We'll see. But you won't. I have an inkling that Ruritania will soon relieve you of your commission.
Don't try this at home.
Not least because you'll be disappointed – as Wikipedia tell us, "the Three Mile Island accident's molten core got exactly 15 millimeters on its way to 'China' before [it] froze at the bottom of the reactor pressure vessel".
The film The China Syndrome was released 12 days before the Three Mile Island incident. It's extraordinary what some studios will do for a bit of publicity.
In the film, Jack Lemmon has proof of a conspiracy to cover up known safety problems with a nuclear reactor. By the time he's ready to go public with it, he's so tired and nervous that he comes across as a gibbering wreck with no credibility.
The physics may be all wrong but the film is a warning to whistleblowers against suffering their own China Syndrome credibility meltdown. If you want to have an effect, you need to be taken seriously – try not to look like a gibbering wreck.
---------- o O o ----------
---------- o O o ----------
Before 6 June 2013, anyone suggesting that a huge number of telecommunications in the US and the UK are intercepted by the security services would have been regarded as a gibbering wreck, a paranoid and ridiculous conspiracy theorist.
Now, anyone who expresses the mildest surprise at the allegation of widespread surveillance is accused of naïvety, they are credulous, delightfully innocent simpletons, unaware of how the world works – and has to work – for their own good.
That's quite a change.
It releases the brakes on the imagination.
Perhaps it's not just the US and the UK?
That is the contention of an article the Guardian published last night:
The article has now been unpublished and if you search for it and click on the link that Google returns, you get a Guardian page headed "Taken down: deals to hand over private data to America", saying "This article has been taken down pending an investigation".
Probably best, in the circumstances, to keep the brakes on and await developments.
After all, you don't want to look naïve do you?
That promises to be the fashion crime of 2013.
Naïvety.
And, wreck that you are, just look where your gibbering leads –
Don't Worry – a China Syndrome play for tomorrow
For years, the Commissioner for the Inland Revenue has been pursuing Google, a company whose income from activities in Ruritania is equivalent to 2% of GDP, a company whose associated costs are negligible and yet whose profits – judging by its corporate income tax payments – are somehow also negligible.
The Commissioner's case is strong and the legal team is particularly optimistic since the CEO of Google Ruritania rang, asking for a meeting at which the tax situation would, the CEO believed, be settled fully and finally, to the satisfaction of all parties.
Today's the day. The Commissioner is in the office, there's a knock at the door and the Second Secretary ushers in the CEO and, to the consternation of the Commissioner, two other people. One is the Permanent Secretary at the Ruritanian Board of Trade and the other is the Ruritanian National Security Advisor.
CEO: Commissioner, I must thank you for seeing me at such short notice. You do me a great honour. Relations between Google and Ruritania are nothing but cordial.
Comm: I wish that were the case, CEO. Perhaps today's meeting will bring about a rapprochement but, as things stand, Google's reluctance to pay the corporation tax due is an obstacle to unfettered cordiality between us.
CEO: Precisely why I am here, Commissioner, and once again I must thank you for coming so quickly to the point. Just to be sure that all of us in the room are clear, could I prey upon you to state the Revenue's argument in summary?
Comm: We have a large number of cases decided at the Upper Tribunal confirming that the Revenue must ignore the intermediate stages of a transaction if the sole purpose of those stages is to avoid tax. You know, CEO, as well as I do that those cases are remarkably similar to the way Google organises its affairs. If our unfortunate and unnecessary dispute were taken to the Tribunal, their decision would be in favour of the Revenue, Google would have to pay the tax due, with interest and with penalties on top. That's the law. Your pretence that business obviously transacted in Ruritania is actually transacted in Carpathia is laughable. You can give in now. Or you can give in later, when the interest bill will be even higher, as will the reputational damage done to Google by all the media coverage.
CEO: Thank you, Commissioner, for your pre-Leveson warning and for that succinct statement. And I must say that if we keep our eyes fixed exclusively on Google's accounts, we can hardly fault the Revenue's case. But there is a bigger picture. There are other costs to consider and I wonder if perhaps at this juncture the Ruritanian National Security Advisor who has so graciously agreed to accompany me today might say a few words.
Security: Commissioner, you read the newspapers. You know of PRISM and Boundless Informant and Tempora and Echelon. These security initiatives need data. That is the arrangement we have with our cousins across the sea. We provide data. As much data as possible. We receive much consideration in return. Consideration which mitigates Google's low tax bills. A large proportion of our data comes from Google. Anything which threatens Google's access to data is a threat to Ruritania and I must ask you to take this into account in framing your case. Please don't worry about Google, Commissioner.
Comm: I do indeed read the newspapers, esteemed Security Advisor. I am not immune to your argument and I am not entirely naïve. But you too, if I may say so, must look at the bigger picture. It is my department's job to collect taxes. There are limits. Limits which it is inadvisable to breach. Our parishioners grow reluctant to make their contributions when they see wastage by the public administration. And when they see poor quality public services. Not to mention slush funds of hush money and golden goodbyes. A delicate balance needs to be struck to preserve the orderly operation of the political settlement. That becomes harder still to achieve when foreign companies are seen to trade here without the impediments suffered by Ruritanian businesses.
CEO: And that, Commissioner, is why the Permanent Secretary is here with us today.
Trade: Your department, Commissioner, has its job, and so does mine – to expand the economy. How do you do that? You sell more. How do you do that? You advertise more. You need to create demand. You need to discover people's wants, needs and interests, their preferences and their aspirations. You need to help people to discover the truth about themselves. That way you know what to supply to whom. In all of these matters, there's Facebook of course, but Google is at the heart of our strategy for growth. Don't worry, Commissioner, about collecting taxes. Once we have got the economy growing again, the taxes will follow. But for that, we need Google. Do not stand in the way of Google, Commissioner. If you do, you stand in the way of not only national security but also the health of the Ruritanian economy. And that is not the Revenue's job.
Comm: My dear colleague, you and I have worked together for years, the collaboration between Trade and the Revenue has been a fruitful one, we speak our minds and we get results. Your prescriptions for the economy, as we have told you on many occasions, would fail at GCSE. Further, why should Google avoid tax while other businesses can't? Excusing Google would look to the public like patronage, a special favour and random whereas the law is meant to be impartial. If implemented, your prescriptions would make my job impossible.
CEO: Not so much impossible, Commissioner, as unnecessary. Don't you worry about the public. And don't worry about the law – much of it is mere mythology. Quaint. You see Trade's plan is for every person in Ruritania to maintain a personal data store, managed by state-appointed trusted identity providers. That includes both types of person, natural persons and legal persons, i.e. corporations, trusts, and so on. Once these personal data stores are populated, where is the need for the Revenue? A tax farmer app can simply calculate the amount of tax due and make life more convenient for everyone by filing their tax returns for them and direct debiting the money from their bank accounts. It would be naïve of anyone not to see that that is the purpose of a personal data store and that that is also why the Revenue as currently constituted serves no purpose in the digital-by-default new world.
Comm: Oddly enough, CEO, this may surprise you, but no, I don't worry. You rely on a semantic web which doesn't exist, you have no philosophy of language, no theory of meaning. And you rely on the study of artificial intelligence, which is certainly artificial but not intelligent – your minions talk trivially of the "quantified self" but you have no philosophy of mind and your grasp of psychology is as tenuous as your economics. Your failure is guaranteed. No worries there.
CEO: We'll see. But you won't. I have an inkling that Ruritania will soon relieve you of your commission.
The China Syndrome
The China Syndrome is a fiction. The idea is that if a nuclear reactor runs short of coolant the core will burn through its container and burrow all the way through the earth, coming out the other side, in China.
Don't try this at home.
Don't try this at home.
Thursday, 27 June 2013
The Tragedy of the Commons
Public cloud benefits
outweigh security and data sovereignty risks,
says head of Parliament IT
outweigh security and data sovereignty risks,
says head of Parliament IT
Back in the 1970s, few organisations could afford their own computer. Timesharing bureaux grew up as a result. You'd nip round to your local IBM or Burroughs or ICL bureau with a deck of punched cards and a couple of tapes and come back with a printout. Timesharing wasn't cheap. But it made computing a bit more widely affordable.
That all changed with the advent of microcomputers and cheap high-speed telecommunications. The timesharing bureaux went out of business during the 1980s.
30 years later, they're back. Cloud computing suppliers are the timesharing bureaux de nos jours.
It's the same pitch. Outsourcing to a cloud computing supplier is cheaper than running your own data centre. There's more flexibility. You can get up and running more quickly. Backup and security are handled by dedicated experts and not by your own staff.
(Of course, prices could go up once there's no alternative to the cloud. And the cloud computing suppliers' backup and security staff could turn out to be just as flaky as your own. But these points are rarely made. Your attention is distracted by the modern and exciting hippy lure of the web, which is somehow deemed to be a good in itself.)
Outsourcing in government IT has been going on for decades. During which time an oligopoly of systems integrators (SIs) has developed in the UK and has allegedly grown used to charging the government eye-wateringly disproportionate fees for their services.
The SIs operate expensive data centres. Shifting to the government cloud (G-Cloud), it is hoped, will cut costs hugely while at the same time reducing development lead times and improving the response to change.
That's the pitch. That's the picture which is drawn for you to admire. And if that's all there was to it, there could hardly be any objection to cloud computing.
... the Houses of Parliament [are] now in the process
of moving a number of applications to the public cloud
as part of plans to create a ‘digital parliament’
of moving a number of applications to the public cloud
as part of plans to create a ‘digital parliament’
From the dept of useless statistics:
- 325 posts have been published on this blog, starting on 3 October 2011.
- 61 of them are tagged "G-Cloud".
He is not alone.
The OECD think that "cloud computing creates security problems in the form of loss of confidentiality if authentication is not robust and loss of service if internet connectivity is unavailable or the supplier is in financial difficulties".
ENISA think that "its adoption should be limited to non-sensitive or non-critical applications and in the context of a defined strategy for cloud adoption which should include a clear exit strategy".
Larry Ellison, the President of Oracle, says "maybe I'm an idiot, but I have no idea what anyone is talking about. What is it? It's complete gibberish. It's insane. When is this idiocy going to stop?".
Richard Stallman, venerable IT person, says "cloud computing [is] simply a trap aimed at forcing more people to buy into locked, proprietary systems that [will] cost them more and more over time ... It's stupidity. It's worse than stupidity: it's a marketing hype campaign".
Sergey Brin, one of the founders of Google, "acknowledged that some people were anxious about the amount of their data that was now in the reach of US authorities because it sits on Google's servers. He said the company was periodically forced to hand over data and sometimes prevented by legal restrictions from even notifying users that it had done so".
Gordon Frazer, managing director of Microsoft UK, "gave the first admission that cloud data — regardless of where it is in the world — is not protected against the USA PATRIOT Act".
... there were challenges around
the legal requirements of where data is stored,
explained Joan Miller, Director of Parliamentary ICT,
... at the Think G-Cloud event in London.
the legal requirements of where data is stored,
explained Joan Miller, Director of Parliamentary ICT,
... at the Think G-Cloud event in London.
Then there's Mayer Brown, the US lawyers, who tell us that "US law enforcement authorities may serve FISA Orders, NSLs, warrants or subpoenas on any cloud service provider that is US based, has a US office, or conducts systematic or continuous US business—even if the data is stored outside the United States".
And, further, "US law enforcement authorities may serve FISA Orders, NSLs, warrants or subpoenas on any cloud service customer that is US based, has a US branch, or conducts systematic or continuous US business—even if the data is stored outside the United States".
There's the indefatigable Caspar Bowden, former chief privacy adviser to Microsoft Europe, who has issued more warnings of the coming war than Cassandra, see for example Experts warn on wire-tapping of the cloud.
And there's the larger-than-life Kim Dotcom whose cloud computing company, megaupload.com, was put out of business by the FBI.
“The big outstanding element was data sovereignty,”
said Miller. “We needed to know
what was happening to that data in the cloud,
and that anything that happened to that data
was in our control.”
said Miller. “We needed to know
what was happening to that data in the cloud,
and that anything that happened to that data
was in our control.”
Which is where we get to the nub of the cloud computing problem.
Customers of megaupload.com had their data hosted in the cloud by Carpathia, acting under contract to megaupload.com. When the business was shut down, the customers lost access to their data which, in some cases, imperils their business.
Kyle Goodwin is one of these customers and his lawyers say "the [US] government maintains that Mr. Goodwin lost his property rights in his data by storing it on a cloud computing service ... both the contract between Megaupload and Mr. Goodwin ... and the contract between Megaupload and the server host, Carpathia ..., likely limit any property interest he may have in his data".
Sign a cloud computing contract in other words and you lose the rights to your property.
You lose control of it.
“We were thinking we have to go back ...
and make sure that what we have done to measure the risk
is adequate to deal with ... the American government’s use of data ...
In fact, we are reassured that everything we thought about
is still covered in the work we have already done.”
and make sure that what we have done to measure the risk
is adequate to deal with ... the American government’s use of data ...
In fact, we are reassured that everything we thought about
is still covered in the work we have already done.”
You already knew that – the media report the activities of hackers every day. Even the US military seem to be helpless in the face of cyberattacks allegedly carried out by the Chinese. You knew that the web is a dangerous place to store your data. There is no such thing as a secure website. "Secure website" is an oxymoron.
Cloud computing adds to the risks:
- The website is no longer in-house.
- The staff who operate the equipment are not on your payroll and have not been vetted by you.
- Your contractor will have sub-contractors, like Carpathia, which makes the line of command longer.
- And, thanks to the internet, your data can pop up on servers anywhere in the world, in or out of the jurisdiction of English law.
The advocates of cloud computing know all that. They know about the loss of control and the hacking. And yet they persist.
According to Miller
much of the data held by the Houses of Parliament
is actually relatively low risk.
She explained that, other than in certain circumstances,
the majority of the data is already destined for the public domain.
much of the data held by the Houses of Parliament
is actually relatively low risk.
She explained that, other than in certain circumstances,
the majority of the data is already destined for the public domain.
If your lawyers promise to keep your data confidential and then store it in the cloud, you can fire them. That threat is sufficient to force all but the mad to try hard to keep your data confidential.
It is the tragedy of the commons that that incentive doesn't work with the UK public sector.
You won't catch the US losing control of their data if they can help it, nor China, nor Russia, nor Germany – GCHQ surveillance: Germany blasts UK over mass monitoring. Those are states that clearly aim to survive.
But in the UK, local government, central government and now Parliament itself seem to be determined knowingly to risk storing our data in the cloud. They are abdicating their sovereignty and with it their responsibility. Has the state lost the will to survive?
----------
(Hat tip: The tragedy of the commons)
(Hat tip: Matthew Finnegan from whom the big italic quotations above are taken)
(Hat tip: Glyn Moody)
(See also House of Lords Management Board Minutes 16 January 2013)
(And Think G-Cloud 2013)
----------
Update 3.3.14
Last June when the post above was written we were assured that the security arrangements for the UK parliamentary website are adequate.
Just under nine months later, what do we learn?
See Revealed: key UK websites vulnerable to hackers in today's Telegraph.
The official website of the UK Parliament contained basic flaws that left it vulnerable to hacking, a programmer has discovered.
In a well-known loophole that has now been closed, the internal search engine on www.parliament.uk allowed users to enter computer code that meant it displayed images, video and even requests for passwords where the results would ordinarily appear.
 |
| From today's Telegraph – don't worry, just their little joke |
"Well-known loophole"?
The Telegraph are talking about the website. Or are they talking about Joan Miller, Director of Parliamentary ICT? And all the other officials in Westminster and Whitehall who just can't take security seriously, headed by Public Servant of the Year ex-Guardian man Mike Bracken CBE?
Public Servant of the Year ex-Guardian man Mike Bracken CBE, you will remember, is the executive director of the Government Digital Service. He is the "head of digital", as they say, for the whole of Whitehall. And, setting a dubious example, he told a conference last October that security ought to be relaxed because he'd just had a daughter. He was so tired as a result that he couldn't remember the answers to all the Whitehall security questions he had to answer to use his account:
And as for Ms Miller, Director of Parliamentary ICT, it's the old story – just because someone tells you a website is secure doesn't mean it's true. Even if your interlocutor has a technical- and senior-sounding job title and works for the most respected organisation in the world.
On-line security is like unicorns.
And if that website is in the cloud, forget it.
Updated 4.4.14
Terence Eden, the blogger who discovered the security hole in the UK Parliament website and brought it to their attention, is too polite to use the word "muppet". Instead, he says:
He goes on to explain how the website security weakness could be exploited, explaining the procedures step by step and giving examples.
The UK Parliament website is pretty great. It houses a huge amount of historical information, lets people easily see what's happening in the Commons and the Lords, and is run by some really clever people.
That's why it's so depressing to see such a basic error as this XSS flaw in their search engine.
This is the first in a series he hopes to publish on what he calls The Unsecured State. Perhaps Whitehall and Westminster will take note.
Updated 7.4.14
Joan Miller steps down from role as director of parliamentary ICT
The Tragedy of the Commons
Public cloud benefits
outweigh security and data sovereignty risks,
says head of Parliament IT
outweigh security and data sovereignty risks,
says head of Parliament IT
Back in the 1970s, few organisations could afford their own computer. Timesharing bureaux grew up as a result. You'd nip round to your local IBM or Burroughs or ICL bureau with a deck of punched cards and a couple of tapes and come back with a printout. Timesharing wasn't cheap. But it made computing a bit more widely affordable.
That all changed with the advent of microcomputers and cheap high-speed telecommunications. The timesharing bureaux went out of business during the 1980s.
30 years later, they're back. Cloud computing suppliers are the timesharing bureaux de nos jours.
Monday, 24 June 2013
Wake up, Spectator
As you will know thanks to Edward Snowden, the National Security Agency (NSA) in the US and the UK's GCHQ have been intercepting hundreds of millions of people's communications.
Mr Snowden's revelations have been published in the Guardian from 6 June 2013 onwards and here in the UK the public have been thoroughly patronised ever since by all other major media outlets.
Take the Spectator, for example. In their 15 June 2013 edition the leading article, 'Top Secrets', says:
That's the line. Strange, in that case, that the Spectator have never mentioned it before.
The allegation is, according to the Spectator, that the NSA and GCHQ spy on each other's citizens, thereby getting round the fact that it's illegal for them to spy on their own citizens:
There's a one-word answer to that – never. Which suggests that the article wasn't written spontaneously. The editor is following a script. And not very well, because the article goes on to say:
Given that the occasion for the Spectator's leading article is the publication of the NSA's and GCHQ's secrets, how could they expect to be taken seriously when they write:
Stephan Shakespeare, the founder of YouGov, the political polling organisation, has been asked to produce a National Data Strategy. The state should allow people's health and education data to be exploited, he says in the Shakespeare Review, and his recommendations have been welcomed by Francis Maude, Cabinet Office minister.
The Spectator should also know that Mr Maude's digital-by-default policy for public services depends on so-called "identity providers" getting us all on-line with a personal data store. And that his Electoral Registration and Administration Act provides for us all to maintain our entry on the electoral roll on-line – the electoral roll, that is, which will be used for the 2015 general election. And that his G-Cloud policy is the fastest way yet discovered for the government to lose control of our data.
It's about time the Spectator woke up to midata, the Department for Business Innovation and Skills initiative which is meant to use the same "identity providers" to get us to store our personal data on-line where GCHQ and the NSA can get at it for our own good:
The Spectator quite properly holds out against the provisions of the Leveson report. Let's see a little of the same prudently sceptical spirit applied to this NSA and GCHQ business.
----------
Updated 27 December 2013:
Wake up, Spectator?
Fraser Nelson is the Editor of the Spectator.
And judging by an article of his in today's Telegraph six months after the post above was published he's woken up, please see The state should be exposing the cyber-snoops, not joining them.
Hallelujah.
Mr Snowden's revelations have been published in the Guardian from 6 June 2013 onwards and here in the UK the public have been thoroughly patronised ever since by all other major media outlets.
Take the Spectator, for example. In their 15 June 2013 edition the leading article, 'Top Secrets', says:
The spying is being done for our own good, to protect us, by two benevolent states, the spies are dedicated public servants doing their patriotic duty, what else would we expect, we would have to be naïve and credulous and other-worldly to be surprised, everyone knew about it, ...
This week’s exposé of the US National Security Agency has been heralded as the greatest intelligence leak since the Pentagon Papers. It is nothing of the sort. Far from revealing some institutional outrage, the whistleblower Edward Snowden merely appears to have found what any low-level intelligence source might find. Intelligence agencies try to find things out about certain people. Spies spy, and can be innovative in their techniques. Rapid technological advances mean that the amount of snooping is growing at a faster rate than laws and regulations have been able keep up. But where is the scandal?
That's the line. Strange, in that case, that the Spectator have never mentioned it before.
The allegation is, according to the Spectator, that the NSA and GCHQ spy on each other's citizens, thereby getting round the fact that it's illegal for them to spy on their own citizens:
Since when did the Spectator abdicate thought and resolve political issues by appealing to opinion polls?
Even if true, this has not proven to be a matter of any great concern for the general public. Opinion polls on both sides of the Atlantic suggest that people are not particularly bothered. People appear to recognise that the security agencies must exercise unique powers to intercept and thwart people who wish to harm us.
There's a one-word answer to that – never. Which suggests that the article wasn't written spontaneously. The editor is following a script. And not very well, because the article goes on to say:
"The same is not true for the taxman"? Why not? Same logic – it's all for the public good, the state has a duty to collect the right amount of tax, nothing-to-hide-nothing-to-fear, what else would we expect, ... Now who's being naïve and credulous and other-worldly?
The same is not true for the taxman, who would quite like some of these powers for himself. The government’s ‘snooper’s charter’ is an attempt to give any government department, even town halls, various degrees of power to pry in the name of ‘national security’ ...
Given that the occasion for the Spectator's leading article is the publication of the NSA's and GCHQ's secrets, how could they expect to be taken seriously when they write:
And then this:
Spies are quite good at keeping secrets; governments are not.
"What might happen if information relating to people’s medical records were leaked"? What do they mean "if"? This is on the way to becoming government policy, as the Spectator should know.
... what might happen if information relating to people’s medical records were leaked to a government employer or a health insurance company?
Stephan Shakespeare, the founder of YouGov, the political polling organisation, has been asked to produce a National Data Strategy. The state should allow people's health and education data to be exploited, he says in the Shakespeare Review, and his recommendations have been welcomed by Francis Maude, Cabinet Office minister.
The Spectator should also know that Mr Maude's digital-by-default policy for public services depends on so-called "identity providers" getting us all on-line with a personal data store. And that his Electoral Registration and Administration Act provides for us all to maintain our entry on the electoral roll on-line – the electoral roll, that is, which will be used for the 2015 general election. And that his G-Cloud policy is the fastest way yet discovered for the government to lose control of our data.
It's about time the Spectator woke up to midata, the Department for Business Innovation and Skills initiative which is meant to use the same "identity providers" to get us to store our personal data on-line where GCHQ and the NSA can get at it for our own good:
There are safeguards, the Spectator tell us:
My name is Stephen and I head up the work on consumer confidence and trust which is part of the midata voluntary programme ... A data-enabled online market place will create new services that will take your data and do some really interesting things with it ...
Hi I’m Dan, Director of the midata Innovation Lab, part of the midata voluntary programme ... By putting information back into the hands of consumers, and by encouraging business to release data, investing in products that consumers want and that use this information, we will help empower UK consumers in a really meaningful way ...
I’m Richard and I chair one of the expert working groups looking at what we need to do to ensure that consumers can be confident when they allow their data to be passed to and used by third parties who are developing new and innovative applications to aggregate and use existing data in a way that brings benefits to users of these new services ... A data rich economy will allow lots of innovative companies to create brand new services that will enable you to take your data and do some really interesting things with it, with the ultimate goal of making sure you can get the best deal across a range of services.
Public confidence in those safeguards is not increased by Mr Maude's attitude to data-sharing between, say, GCHQ and HMRC:
In reality, MI5 and MI6 already have powers to intercept anything categorised as a ‘communication’. Permission is needed — but it is sought and granted. It is wrong for MI5 or the CIA to engage in a ruse to cut out the paperwork. But let us not pretend this makes either into a 21st-century Stasi.
Who's in charge of the £650 million cybersecurity budget that presumably paid for GCHQ's communications interception systems? Francis Maude.
I want to bust the myths around the complexities of data sharing ... we aim to find effective ways of using and sharing data for the good of everyone.
The Spectator quite properly holds out against the provisions of the Leveson report. Let's see a little of the same prudently sceptical spirit applied to this NSA and GCHQ business.
----------
Updated 27 December 2013:
Wake up, Spectator?
Fraser Nelson is the Editor of the Spectator.
And judging by an article of his in today's Telegraph six months after the post above was published he's woken up, please see The state should be exposing the cyber-snoops, not joining them.
Hallelujah.
Wake up, Spectator
As you will know thanks to Edward Snowden, the National Security Agency (NSA) in the US and the UK's GCHQ have been intercepting hundreds of millions of people's communications.
Mr Snowden's revelations have been published in the Guardian from 6 June 2013 onwards and here in the UK the public have been thoroughly patronised ever since by all other major media outlets.
Mr Snowden's revelations have been published in the Guardian from 6 June 2013 onwards and here in the UK the public have been thoroughly patronised ever since by all other major media outlets.
Sunday, 16 June 2013
Tomorrow – the distributed self
After the collapse in 2010 of the Home Office's ID cards scheme, the NIS (National Identity Service), Whitehall claimed to have learned the lesson.
The 20 September 2010 meeting for Whitehall and its suppliers made it clear that the whole idea of the NIS is now anathema and the Home Office are outcasts, whose contagious touch must be kept away from the new idea – identity assurance.
At the centre of the old NIS lay the National Identity Register, the NIR, a single database with one record per person enrolled into the scheme. At least, that was the plan. It never happened.
Talking to the Information Commissioner's Conference on 6 March 2012 about the new scheme, IDAP, the Identity Assurance Programme, Francis Maude, Cabinet Officer minister, said: "at no point does information need be held on the same server to be correlated".
No NIR. IDAP in the clear?
No.
It's a conjuring trick.
More fully, what Mr Maude said was:
Distributed databases may be geographically and physically separate. But they constitute one logical database, supporting data-matching just as well as the centralised model.
Or perhaps Mr Maude's plan is to use a Google-type program in the middle of IDAP to search far-flung, disparate databases. Again, nothing new about that.
Either way, distributed databases or Google, same effect. Same problem. There's still an NIR. Lesson not learned.
Mr Maude likes to use the term "data-linking" to distinguish IDAP from the "data-sharing" planned for the NIS. There is no distinction. IDAP threatens the same loss of privacy as the NIS.
IDAP is subject to the same law enunciated by Neil Fisher of Unisys back on 31 October 2011:
Keep your ears open tomorrow for Mr Maude the Conjuror's announcement about the new design principles for identity assurance.
When you hear him promise secure storage of your data in the cloud, remember, there is no such thing.
When he asserts that the suppliers are trusted third parties, ask yourself, who says they're trusted? Trust has to be earned. That takes years. It can't be granted by fiat.
When he claims that there is an "ecosystem" of private sector "identity providers" competing for your custom, just check, how many of them really are private sector companies. The Post Office? Mydex? They rely largely on central and local government contracts and on their influence over government policy.
These "identity providers" haven't adapted slowly, generation by generation, and survived a hostile nature that kills off all but the fittest. They don't exist in an ecosystem. IDAP is more like intelligent design. Or even creationism:
You know the answer to that one.
The 20 September 2010 meeting for Whitehall and its suppliers made it clear that the whole idea of the NIS is now anathema and the Home Office are outcasts, whose contagious touch must be kept away from the new idea – identity assurance.
At the centre of the old NIS lay the National Identity Register, the NIR, a single database with one record per person enrolled into the scheme. At least, that was the plan. It never happened.
Talking to the Information Commissioner's Conference on 6 March 2012 about the new scheme, IDAP, the Identity Assurance Programme, Francis Maude, Cabinet Officer minister, said: "at no point does information need be held on the same server to be correlated".
No NIR. IDAP in the clear?
No.
It's a conjuring trick.
More fully, what Mr Maude said was:
The NIS was meant to rely on a single, central database. It's not clear but Mr Maude's plan for IDAP may be to use several distributed databases. There is nothing new about distributed databases, the technology for which "moved on" 30 years ago, in the 1980s.
... the technology has moved on and so can we. There is now an option to share data momentarily allowing us to check for matches – with no Big Brother database in sight ... In a world of dispersed data sets, we can bring fragments together instantaneously and momentarily to corroborate – without ever creating a central database ... It’s about bringing together the data at a point in time - to provide the necessary confidence - and then disaggregating it again. At no point does information need be held on the same server to be correlated ...
Distributed databases may be geographically and physically separate. But they constitute one logical database, supporting data-matching just as well as the centralised model.
Or perhaps Mr Maude's plan is to use a Google-type program in the middle of IDAP to search far-flung, disparate databases. Again, nothing new about that.
Either way, distributed databases or Google, same effect. Same problem. There's still an NIR. Lesson not learned.
Mr Maude likes to use the term "data-linking" to distinguish IDAP from the "data-sharing" planned for the NIS. There is no distinction. IDAP threatens the same loss of privacy as the NIS.
IDAP is subject to the same law enunciated by Neil Fisher of Unisys back on 31 October 2011:
You know that's true. IDAP was meant to be "fully operational" by March 2013. It wasn't and it still isn't – despite what the Guardian call the "elite" team responsible for it at GDS, the Government Digital Service.
Any project with "identity" in the name is doomed to failure.
Keep your ears open tomorrow for Mr Maude the Conjuror's announcement about the new design principles for identity assurance.
When you hear him promise secure storage of your data in the cloud, remember, there is no such thing.
When he asserts that the suppliers are trusted third parties, ask yourself, who says they're trusted? Trust has to be earned. That takes years. It can't be granted by fiat.
When he claims that there is an "ecosystem" of private sector "identity providers" competing for your custom, just check, how many of them really are private sector companies. The Post Office? Mydex? They rely largely on central and local government contracts and on their influence over government policy.
These "identity providers" haven't adapted slowly, generation by generation, and survived a hostile nature that kills off all but the fittest. They don't exist in an ecosystem. IDAP is more like intelligent design. Or even creationism:
- It's not an ecosystem.
- The "identity providers" aren't all competitive private sector companies.
- It's up to you to judge whether the suppliers are to be trusted and it could take years before you have enough evidence to reach a verdict.
- As the media tell us every day, there's no such thing as a secure website. There are hackers out there against whom even the US military seem to be defenceless.
- And then there's the NSA, the US National Security Agency, with PRISM and Boundless Informant, not to mention access to your mobile phone usage.
You know the answer to that one.
Tomorrow – the distributed self
After the collapse in 2010 of the Home Office's ID cards scheme, the NIS (National Identity Service), Whitehall claimed to have learned the lesson.
The 20 September 2010 meeting for Whitehall and its suppliers made it clear that the whole idea of the NIS is now anathema and the Home Office are outcasts, whose contagious touch must be kept away from the new idea – identity assurance.
At the centre of the old NIS lay the National Identity Register, the NIR, a single database with one record per person enrolled into the scheme. At least, that was the plan. It never happened.
Talking to the Information Commissioner's Conference on 6 March 2012 about the new scheme, IDAP, the Identity Assurance Programme, Francis Maude, Cabinet Officer minister, said: "at no point does information need be held on the same server to be correlated".
No NIR. IDAP in the clear?
No.
It's a conjuring trick.
The 20 September 2010 meeting for Whitehall and its suppliers made it clear that the whole idea of the NIS is now anathema and the Home Office are outcasts, whose contagious touch must be kept away from the new idea – identity assurance.
At the centre of the old NIS lay the National Identity Register, the NIR, a single database with one record per person enrolled into the scheme. At least, that was the plan. It never happened.
Talking to the Information Commissioner's Conference on 6 March 2012 about the new scheme, IDAP, the Identity Assurance Programme, Francis Maude, Cabinet Officer minister, said: "at no point does information need be held on the same server to be correlated".
No NIR. IDAP in the clear?
No.
It's a conjuring trick.
Is data-sharing between consenting adults now legal?
Pat Russell is the Deputy Director of the Social Justice Division at the Department for Work and Pensions.
"Improved information sharing of personal and anonymised data between central government and local agencies – and between agencies on the ground", she says on the Institute for Government blog, "has been recognised as being vital to delivering better outcomes at lower cost".
Oh dear.
The Guardian newspaper said on 24 April 2012 that the government planned to increase the level of data-sharing and next day they were reprimanded by Francis Maude, Cabinet Office minister, for misrepresenting him.
"This is not a question of increasing the volume of data-sharing that takes place across government", he said, "but ensuring an appropriate framework is in place so that government can deliver more effective, joined-up and personalised public services, through effective data-linking".
Has Miss Russell fallen into the same trap of confusing data-sharing with the completely different business of data-linking? Will she, too, be reprimanded?
Maybe not.
She says: "One of the key learning points from the project [an example of effective data-sharing] was that there is a lot of mythology around and that many of the information sharing issues are cultural rather than technical or legal".
It's not clear whether Mr Maude disapproves of culture as much as Ms Russell but, like her, he certainly doesn't like myths: "I want to bust the myths around the complexities of data sharing ... we aim to find effective ways of using and sharing data for the good of everyone".
Ms Russell acknowledges that "of course, we all recognise that there have to be safeguards in place". But when is a safeguard a myth? She doesn't tell us. Neither does Mr Maude.
Mr Hague [that's William Hague, UK Foreign Secretary] was busy telling us last week that there are safeguards limiting the uses to which GCHQ put intelligence data. One assumes that they don't share it with HMRC, for example. Or with DWP or the Department of Health or the Department for Education. Or do they? Is that a myth?
----------
Updated 9.3.16
For all his protestations to the contrary, Mr-now-Lord Maude was clearly in favour of massive data-sharing between government departments.
His successor as Cabinet Office Minister, Matt Hancock, is no different. "Data is the fuel for the digital revolution", he is quoted as saying, as though it means something.
"The very best policies and services", he adds, without giving any examples, "are developed around information that’s current, relevant and makes sure you can access government services just as easily as iTunes".
iTunes?
These quotations are culled from a 29 February 2016 Cabinet Office press release, Launch of new data sharing consultation. Apparently "data sharing in the UK [will] bolster security whilst making people's lives better". Unless it undermines security, of course, and wrecks people's lives.
If you can countenance the notion that the Cabinet Office knows how to improve your life and if you are happy to sweep away the "myths" – or "laws" as we used to call them – which prohibit data-sharing, then you may be impressed by the benefits suggested.
What benefits?
Among others, "government can share data to ... support the administering of fuel poverty payments ... [and prevent] authorities sending letters to people who are deceased". Is data-sharing the only solution to these problems? How about a rational energy policy, for example? Lower fuel bills would reduce the number of people who freeze to death and so reduce the number of deceased people the authorities have to write to.
You thought the Cabinet Office was going to promise that data-sharing would eradicate terrorists, paedophiles and tax-dodgers, didn't you. No. Perhaps they've noticed that these problems persist despite the enormous amount of data already at the disposal of the authorities.
The Cabinet Office claim that the Troubled Families programme needs more data-sharing and then undermine their case hopelessly by linking to a document that claims the programme is already succeeding brilliantly with the current data-sharing arrangements.
Normally the government asserts that the incidence of "fraud against the public sector" is microscopic but for the purposes of this press release it has ballooned and apparently the crisis can only be solved by ... more data-sharing, which will also reduce the £24.1 billion of debt the government has incompetently failed to collect.
It's not just the government. More data-sharing will help "citizens manage their debt more effectively", the Cabinet Office say. How? No idea. What about the government debt of £1½ trillion? No idea.
More data-sharing would "support accredited researchers to access and link data to carry out research for public benefit", but again there is no room for any examples. And no mention of the fact that we already have procedures for carefully controlled research (para.1.16) ...
... which just leaves us with our old favourite (and an old favourite of the Russian Tsars') – more data-sharing would allow us to carry out the national census more efficiently ... sorry ... more like iTunes.
It's not just the Cabinet Office. Shakespeare's at it, too. And the NHS. Even Her Majesty's Treasury.
Professor Sir Nigel Shadbolt, chairman and co-founder of the Open Data Institute, published The spy in the coffee machine – the end of privacy as we know it in 2008:
"Improved information sharing of personal and anonymised data between central government and local agencies – and between agencies on the ground", she says on the Institute for Government blog, "has been recognised as being vital to delivering better outcomes at lower cost".
Oh dear.
The Guardian newspaper said on 24 April 2012 that the government planned to increase the level of data-sharing and next day they were reprimanded by Francis Maude, Cabinet Office minister, for misrepresenting him.
"This is not a question of increasing the volume of data-sharing that takes place across government", he said, "but ensuring an appropriate framework is in place so that government can deliver more effective, joined-up and personalised public services, through effective data-linking".
Has Miss Russell fallen into the same trap of confusing data-sharing with the completely different business of data-linking? Will she, too, be reprimanded?
Maybe not.
She says: "One of the key learning points from the project [an example of effective data-sharing] was that there is a lot of mythology around and that many of the information sharing issues are cultural rather than technical or legal".
It's not clear whether Mr Maude disapproves of culture as much as Ms Russell but, like her, he certainly doesn't like myths: "I want to bust the myths around the complexities of data sharing ... we aim to find effective ways of using and sharing data for the good of everyone".
Ms Russell acknowledges that "of course, we all recognise that there have to be safeguards in place". But when is a safeguard a myth? She doesn't tell us. Neither does Mr Maude.
Mr Hague [that's William Hague, UK Foreign Secretary] was busy telling us last week that there are safeguards limiting the uses to which GCHQ put intelligence data. One assumes that they don't share it with HMRC, for example. Or with DWP or the Department of Health or the Department for Education. Or do they? Is that a myth?
----------
Updated 9.3.16
For all his protestations to the contrary, Mr-now-Lord Maude was clearly in favour of massive data-sharing between government departments.
His successor as Cabinet Office Minister, Matt Hancock, is no different. "Data is the fuel for the digital revolution", he is quoted as saying, as though it means something.
"The very best policies and services", he adds, without giving any examples, "are developed around information that’s current, relevant and makes sure you can access government services just as easily as iTunes".
iTunes?
These quotations are culled from a 29 February 2016 Cabinet Office press release, Launch of new data sharing consultation. Apparently "data sharing in the UK [will] bolster security whilst making people's lives better". Unless it undermines security, of course, and wrecks people's lives.
If you can countenance the notion that the Cabinet Office knows how to improve your life and if you are happy to sweep away the "myths" – or "laws" as we used to call them – which prohibit data-sharing, then you may be impressed by the benefits suggested.
What benefits?
Among others, "government can share data to ... support the administering of fuel poverty payments ... [and prevent] authorities sending letters to people who are deceased". Is data-sharing the only solution to these problems? How about a rational energy policy, for example? Lower fuel bills would reduce the number of people who freeze to death and so reduce the number of deceased people the authorities have to write to.
You thought the Cabinet Office was going to promise that data-sharing would eradicate terrorists, paedophiles and tax-dodgers, didn't you. No. Perhaps they've noticed that these problems persist despite the enormous amount of data already at the disposal of the authorities.
The Cabinet Office claim that the Troubled Families programme needs more data-sharing and then undermine their case hopelessly by linking to a document that claims the programme is already succeeding brilliantly with the current data-sharing arrangements.
Normally the government asserts that the incidence of "fraud against the public sector" is microscopic but for the purposes of this press release it has ballooned and apparently the crisis can only be solved by ... more data-sharing, which will also reduce the £24.1 billion of debt the government has incompetently failed to collect.
It's not just the government. More data-sharing will help "citizens manage their debt more effectively", the Cabinet Office say. How? No idea. What about the government debt of £1½ trillion? No idea.
More data-sharing would "support accredited researchers to access and link data to carry out research for public benefit", but again there is no room for any examples. And no mention of the fact that we already have procedures for carefully controlled research (para.1.16) ...
... which just leaves us with our old favourite (and an old favourite of the Russian Tsars') – more data-sharing would allow us to carry out the national census more efficiently ... sorry ... more like iTunes.
It's not just the Cabinet Office. Shakespeare's at it, too. And the NHS. Even Her Majesty's Treasury.
Professor Sir Nigel Shadbolt, chairman and co-founder of the Open Data Institute, published The spy in the coffee machine – the end of privacy as we know it in 2008:
No mention of improving people's lives there. Eight years later, you might like to bring that up in your response to the consultation. That, and Government as a Platform.
... sharing information across government databases will dramatically increase governmental powers – otherwise the UK government wouldn't have proposed it. (p.95)
... we should never forget that bureaucracies are information-thirsty, and will never stop consuming. Indeed, they will never even cut down. They will break or bend their own rules, and any prior specification of how information use will be limited, or data not shared, is not worth the paper it is printed on. (p.212)
Is data-sharing between consenting adults now legal?
Pat Russell is the Deputy Director of the Social Justice Division at the Department for Work and Pensions.
"Improved information sharing of personal and anonymised data between central government and local agencies – and between agencies on the ground", she says on the Institute for Government blog, "has been recognised as being vital to delivering better outcomes at lower cost".
Oh dear.
The Guardian newspaper said on 24 April 2012 that the government planned to increase the level of data-sharing and next day they were reprimanded by Francis Maude, Cabinet Office minister, for misrepresenting him.
"This is not a question of increasing the volume of data-sharing that takes place across government", he said, "but ensuring an appropriate framework is in place so that government can deliver more effective, joined-up and personalised public services, through effective data-linking".
Has Miss Russell fallen into the same trap of confusing data-sharing with the completely different business of data-linking? Will she, too, be reprimanded?
"Improved information sharing of personal and anonymised data between central government and local agencies – and between agencies on the ground", she says on the Institute for Government blog, "has been recognised as being vital to delivering better outcomes at lower cost".
Oh dear.
The Guardian newspaper said on 24 April 2012 that the government planned to increase the level of data-sharing and next day they were reprimanded by Francis Maude, Cabinet Office minister, for misrepresenting him.
"This is not a question of increasing the volume of data-sharing that takes place across government", he said, "but ensuring an appropriate framework is in place so that government can deliver more effective, joined-up and personalised public services, through effective data-linking".
Has Miss Russell fallen into the same trap of confusing data-sharing with the completely different business of data-linking? Will she, too, be reprimanded?
Tuesday, 13 November 2012
Cybersecurity, and GDS's fantasy strategy
For some time now, the Government Digital Service (GDS) have made the meaning of their digital-by-default agenda clear – they want the UK to be like Estonia.
It is thanks to the fact that practically every service in Estonia is delivered over the web that, back in 2007, Russia was able to bring the country to its knees in a matter of days. If GDS succeed with their "modernisation" plans, there will be nothing to stop that happening here in the UK.
GDS are in awe of the financial success and popularity of Apple, Amazon, eBay/PayPal, Google and Facebook. With no experience of government behind them, the over-promoted software engineers at the head of GDS want to bring their heroes' tricks to the delivery of public services in the UK.
Sensible people will see Facebook et al as latter-day Pied Pipers of Hamelin – sensible people, including the tens of thousands of public servants who will be laid off and replaced by GDS's computers when government is, as they say, "transformed".
Many of these organisations are famous for avoiding tax on their UK profits and for using their near-monopolies to tyrannise their suppliers and to milk their customers. But GDS somehow maintain their naïve veneration and on 6 November 2012 they published their Government Digital Strategy.
This fantasy strategy is an elaboration of Martha Lane Fox's ideas, set out in her October 2010 letter to Francis Maude, Directgov 2010 and beyond: revolution not evolution. Ms Lane Fox is the Prime Minister's digital champion, she's a historian, and when she says "revolution" she means it.
Her revolutionary fervour is carried over into last week's GDS strategy, which Sir Bob Kerslake – head of the home civil service, permanent secretary at the Department for Communities and Local Government (DCLG) and previously the chief executive of first the London Borough of Hounslow and then Sheffield City Council – has greeted with a post on GDS's blog, Welcoming the Digital Strategy:
Iain Lobban, the Director of GCHQ, writing in the Foreword to 10 steps to cyber security says:
It's hardly news. The newspapers are full of cybersecurity stories and have been for years – there's an incomplete digest in With their head in the clouds:
But do GDS get the idea? Do they listen to GCHQ? Do they read the newspapers? Read the GDS blog, and you get the impression that digital-by-default is a warm, safe, cosy tea party. In reality, all the magnificent power and convenience of the web is at the disposal of criminals and spies and cyberterrorists to wreak havoc. It's a double-edged sword, the web.
You may notice that the only solution to the problem that Iran can come up with, after long and painful experience of cyber attack, is to secede from the worldwide web altogether and try to create an Iranwide web.
Meanwhile, with no such experience, GDS blithely recommend that all public services should be delivered over the web. They are luring the public into a war zone. Irresponsible? Malign? Or just gullible? But who is more gullible? GDS, or us proles?
What do GDS have to offer by way of defence? The Government Digital Strategy says:
Where there should be answers to these questions in the Government Digital Strategy there are just holes. Revolution is proposed with no justification. And yet Sir Bob, the head of the home civil service, welcomes this fantasy.
It is thanks to the fact that practically every service in Estonia is delivered over the web that, back in 2007, Russia was able to bring the country to its knees in a matter of days. If GDS succeed with their "modernisation" plans, there will be nothing to stop that happening here in the UK.
GDS are in awe of the financial success and popularity of Apple, Amazon, eBay/PayPal, Google and Facebook. With no experience of government behind them, the over-promoted software engineers at the head of GDS want to bring their heroes' tricks to the delivery of public services in the UK.
Sensible people will see Facebook et al as latter-day Pied Pipers of Hamelin – sensible people, including the tens of thousands of public servants who will be laid off and replaced by GDS's computers when government is, as they say, "transformed".
Many of these organisations are famous for avoiding tax on their UK profits and for using their near-monopolies to tyrannise their suppliers and to milk their customers. But GDS somehow maintain their naïve veneration and on 6 November 2012 they published their Government Digital Strategy.
This fantasy strategy is an elaboration of Martha Lane Fox's ideas, set out in her October 2010 letter to Francis Maude, Directgov 2010 and beyond: revolution not evolution. Ms Lane Fox is the Prime Minister's digital champion, she's a historian, and when she says "revolution" she means it.
Her revolutionary fervour is carried over into last week's GDS strategy, which Sir Bob Kerslake – head of the home civil service, permanent secretary at the Department for Communities and Local Government (DCLG) and previously the chief executive of first the London Borough of Hounslow and then Sheffield City Council – has greeted with a post on GDS's blog, Welcoming the Digital Strategy:
But why? Why does Sir Bob "welcome" this emmental cheese of a strategy? It's full of holes. Consider cybersecurity for example.
Our reform plan also made a clear commitment to improve the quality of the government’s digital services, and to do this by publishing a Government Digital Strategy setting out how we would support the transformation of digital services [how does publishing a wishlist improve the quality of public services?].
We fulfilled that commitment yesterday with the launch of the Government Digital Strategy, Digital Efficiency Report and Digital Landscape Report and I very much welcome their publication.
Iain Lobban, the Director of GCHQ, writing in the Foreword to 10 steps to cyber security says:
Mr Lobban's advice on cybersecurity was pressed on FTSE 100 companies at a 5 September 2012 event organised by the Department for Business, Innovation and Skills (BIS), the Foreign Office, the Cabinet Office, the Home Office and senior figures from the intelligence agencies, please see Business leaders urged to step up response to cyber threats.
Every day, all around the world, thousands of IT systems are compromised. Some are attacked purely for the kudos of doing so, others for political motives, but most commonly they are attacked to steal money or commercial secrets. Are you confident that your cyber security governance regime minimises the risks of this happening to your business? My experience suggests that in practice, few companies have got this right.
It's hardly news. The newspapers are full of cybersecurity stories and have been for years – there's an incomplete digest in With their head in the clouds:
...You get the idea. The web is a dangerous place to do business. Dangerous for individuals, companies and governments.
29 March 2009: Spy chiefs fear Chinese cyber attack
8 March 2010: Cyberwar declared as China hunts for the West’s intelligence secrets
10 October 2010: Worm cripples Iran nuclear plant
13 October 2010: UK infrastructure faces cyber threat, says GCHQ chief
4 November 2010: Europe attacks itself in cyber-warfare test – As OECD admits major security fail
8 November 2010: Royal Navy website infiltrated by computer hacker
18 November 2010: China 'hijacks' 15 per cent of world's internet traffic
9 November 2010: US embassy cables: The background
9 December 2010: Hackers hit Mastercard and Visa over Wikileaks row
13 December 2010: Gawker falls victim to hackers
13 December 2010: WikiLeaks: government websites could be hacked in revenge attacks
20 December 2010: Hackers leak e-mail account details of government and defence staff
20 December 2010: English Defence League donor details 'stolen' after database hacked
29 December 2010: Gawker was hacked six months ago, say sources close to Gnosis
9 January 2011: Army adds cyberattack to arsenal
14 January 2011: Reducing Systemic Cybersecurity Risk
17 January 2011: Security & Resilience in Governmental Clouds
20 January 2011: Carbon trade cyber-theft hits €30m
21 January 2011: Lush hackers cash in on stolen cards
26 January 2011: Facebook's Mark Zuckerberg 'attacked by hackers'
31 January 2011: British and US stock exchanges fend off cyber raids
4 April 2011: Epsilon email hack: millions of customers' details stolen
26 April 2011: PlayStation Network hackers access data of 77 million users
3 May 2011: Sony says 25m more users hit in second cyber attack
26 May 2011: China admits training cyberwarfare elite unit
29 May 2011: Lockheed Martin computers under 'significant attack'
31 May 2011: Cyber weapons 'now integral part of Britain's armoury'
1 June 2011: Google phishing: Chinese Gmail attack raises cyberwar tensions
12 June 2011: IMF hit by cyber attack from unknown nation state
16 June 2011: LulzSec hackers claim breach of CIA website
12 July 2011: Hackers steal 90,000 email addresses in cyber attack on US military contractor Booz Allen Hamilton
15 July 2011: US forced to redesign secret weapon after cyber breach
15 July 2011: Pentagon reveals 24,000 files stolen in cyber-attack
25 July 2011: Anonymous hacks Italy's critical-national-IT protection
1 August 2011: LulzSec hacking: teenager ‘had cache of 750,000 passwords’
1 October 2011: Flaw in software puts online savers at risk
19 October 2011: Stuxnet-based cyber espionage virus targets European firms
27 October 2011: Chinese hackers suspected of interfering with US satellites
20 November 2011: Cyber-attack claims at US water facility
24 December 2011: Hidden Dragon: The Chinese cyber menace
25 December 2011: Hackers 'steal US data in Christmas-inspired assault'
8 January 2012: Hackers expose defence and intelligence officials in US and UK
16 January 2012: Israel hit by cyber-attacks on stock exchange, airline and banks
3 February 2012: Anonymous spies on FBI / UK Police hacking investigation conference call
7 March 2012: LulzSec leader Sabu was working for us, says FBI
11 March 2012: Chinese steal jet secrets from BAE
27 March 2012: NSA Chief: China Behind RSA Attacks
31 March 2012: Hackers steal details of millions of credit cards
23 April 2012: Iranian oil ministry hit by cyber-attack
3 May 2012: Attack takes Soca crime agency website down
3 May 2012: Hackers have breached top secret MoD systems, cyber-security chief admits
1 June 2012: US role in cyber attack on Iran nuclear plant revealed
7 June 2012: LinkedIn passwords leaked by hackers
5 August 2012: Iranian state goes offline to dodge cyber-attacks
21 September 2012: Chinese hacktivists launch cyber attack on Japan
...
But do GDS get the idea? Do they listen to GCHQ? Do they read the newspapers? Read the GDS blog, and you get the impression that digital-by-default is a warm, safe, cosy tea party. In reality, all the magnificent power and convenience of the web is at the disposal of criminals and spies and cyberterrorists to wreak havoc. It's a double-edged sword, the web.
You may notice that the only solution to the problem that Iran can come up with, after long and painful experience of cyber attack, is to secede from the worldwide web altogether and try to create an Iranwide web.
Meanwhile, with no such experience, GDS blithely recommend that all public services should be delivered over the web. They are luring the public into a war zone. Irresponsible? Malign? Or just gullible? But who is more gullible? GDS, or us proles?
What do GDS have to offer by way of defence? The Government Digital Strategy says:
And that's it. No strategy. Just a wishlist. No defence.
Legality, security and resilience
Transactional services will be redesigned to:
• be robustly protective of the security of sensitive user information
• maintain the privacy and security of all personal information
• be resilient, to ensure continuity of service to users and departments
Where there should be answers to these questions in the Government Digital Strategy there are just holes. Revolution is proposed with no justification. And yet Sir Bob, the head of the home civil service, welcomes this fantasy.
Cybersecurity, and GDS's fantasy strategy
For some time now, the Government Digital Service (GDS) have made the meaning of their digital-by-default agenda clear – they want the UK to be like Estonia.
It is thanks to the fact that practically every service in Estonia is delivered over the web that, back in 2007, Russia was able to bring the country to its knees in a matter of days. If GDS succeed with their "modernisation" plans, there will be nothing to stop that happening here in the UK.
GDS are in awe of the financial success and popularity of Apple, Amazon, eBay/PayPal, Google and Facebook. With no experience of government behind them, the over-promoted software engineers at the head of GDS want to bring their heroes' tricks to the delivery of public services in the UK.
Sensible people will see Facebook et al as latter-day Pied Pipers of Hamelin – sensible people, including the tens of thousands of public servants who will be laid off and replaced by GDS's computers when government is, as they say, "transformed".
Many of these organisations are famous for avoiding tax on their UK profits and for using their near-monopolies to tyrannise their suppliers and to milk their customers. But GDS somehow maintain their naïve veneration and on 6 November 2012 they published their Government Digital Strategy.
This fantasy strategy is an elaboration of Martha Lane Fox's ideas, set out in her October 2010 letter to Francis Maude, Directgov 2010 and beyond: revolution not evolution. Ms Lane Fox is the Prime Minister's digital champion, she's a historian, and when she says "revolution" she means it.
Her revolutionary fervour is carried over into last week's GDS strategy, which Sir Bob Kerslake – head of the home civil service, permanent secretary at the Department for Communities and Local Government (DCLG) and previously the chief executive of first the London Borough of Hounslow and then Sheffield City Council – has greeted with a post on GDS's blog, Welcoming the Digital Strategy:
It is thanks to the fact that practically every service in Estonia is delivered over the web that, back in 2007, Russia was able to bring the country to its knees in a matter of days. If GDS succeed with their "modernisation" plans, there will be nothing to stop that happening here in the UK.
GDS are in awe of the financial success and popularity of Apple, Amazon, eBay/PayPal, Google and Facebook. With no experience of government behind them, the over-promoted software engineers at the head of GDS want to bring their heroes' tricks to the delivery of public services in the UK.
Sensible people will see Facebook et al as latter-day Pied Pipers of Hamelin – sensible people, including the tens of thousands of public servants who will be laid off and replaced by GDS's computers when government is, as they say, "transformed".
Many of these organisations are famous for avoiding tax on their UK profits and for using their near-monopolies to tyrannise their suppliers and to milk their customers. But GDS somehow maintain their naïve veneration and on 6 November 2012 they published their Government Digital Strategy.
This fantasy strategy is an elaboration of Martha Lane Fox's ideas, set out in her October 2010 letter to Francis Maude, Directgov 2010 and beyond: revolution not evolution. Ms Lane Fox is the Prime Minister's digital champion, she's a historian, and when she says "revolution" she means it.
Her revolutionary fervour is carried over into last week's GDS strategy, which Sir Bob Kerslake – head of the home civil service, permanent secretary at the Department for Communities and Local Government (DCLG) and previously the chief executive of first the London Borough of Hounslow and then Sheffield City Council – has greeted with a post on GDS's blog, Welcoming the Digital Strategy:
But why? Why does Sir Bob "welcome" this emmental cheese of a strategy? It's full of holes. Consider cybersecurity for example.
Our reform plan also made a clear commitment to improve the quality of the government’s digital services, and to do this by publishing a Government Digital Strategy setting out how we would support the transformation of digital services [how does publishing a wishlist improve the quality of public services?].
We fulfilled that commitment yesterday with the launch of the Government Digital Strategy, Digital Efficiency Report and Digital Landscape Report and I very much welcome their publication.
Tuesday, 16 October 2012
GDS – the user experience of misfeasance in public office
Tomorrow's news
17 October 2012 – GOV.UK goes live
22 October 2012 – major announcement on IdA (identity assurance)
26 October 2012 – G-Cloud II
Who knows when? – midata
What does that all add up to?
Whitehall and others wasting your money with impunity – the disgraceful state of public administration in the UK.
You want DMossEsq to draw you a map?
OK:
Transacting with the government
Top left, at the moment, if members of the public including companies want to submit their tax returns to HMRC, for example, they log on via the Government Gateway and do it. That's how we transact with government over the web. It's not a thing of beauty. You have to register separately for each of the various services offered by our public administration and they post us separate user IDs for each one.
Not beautiful, but it seems to be fairly secure. It's hard remembering the user IDs and it's a pain in the neck for the service providers because millions of people ring up every year when they forget their user IDs but perhaps that's the price of security – if you want the security, you have to live with the pain in the neck. There may be no alternative.
It's not that different transacting with the banks on-line. Except that in addition to user IDs you often have to use PINSentry-type machines.
Even with the security of user IDs and passwords and PINSentries, there is a certain level of fraud. The banks in particular and DWP who operate the Government Gateway have done a fantastic job over the years keeping a lid on the level of fraud. Fraud remains a cost of doing business and, so far, a just about bearable cost. If the cost of fraud stops being bearable, on-line business will stop.
That's at the moment.
GOV.UK
Tomorrow we will be told about GOV.UK, the new single government domain. It goes live tomorrow and replaces Directgov and Business Link. Later, GOV.UK is due to replace all central government websites. No more homeoffice.gov.uk, no more education.gov.uk, ..., just GOV.UK.
GOV.UK is the product of the Government Digital Service (GDS) and judging by the 22 posts that have been published on their blog so far this month what we will be told is that the whole project is dedicated to satisfying user needs, it's all being done for us the public, 70+ people working hard for a year, just for us.
That's true. But it's not the whole truth.
GDS aren't just trying to improve the "user experience" as they call it, repeatedly, several times in every one of their 22 posts this month, when we use government websites. They're working towards making all public services digital by default, something not mentioned in a single one of their 22 posts so far this month. They're trying to make it so that we can only transact with government on-line. They're trying to make us Estonian, as ex-Guardian man Mike Bracken among others has being telling us for some time:
Ex-Guardian man Mike Bracken is the Chief Executive of the (UK) Government Digital Service. He is also the senior responsibleofficer owner for identity assurance (IdA). You can't make public services digital by default if you can't identify the people you're dealing with. GOV.UK needs IdA, please see middle of the map.
Once you've decided that public services should be digital by default you have to try to prove that it works. You need a guinea pig. DWP drew the short straw and digital by default will be tested on Universal Credit (UC).
UC is the coalition government's attempt to spring the poverty trap and make work pay. It could hardly be more important to millions of human beings in the UK. Instead, it has become a sandpit, for adults who haven't outgrown their fascination with technology, to play in.
Asked by the Select Committee on Work and Pensions what are the biggest risks faced by UC Lord Freud, the minister responsible, fingered identity assurance. With no IdA, there can be no UC.
Having wrested control over its own identity assurance from DWP and having thus made himself responsible for it, ex-Guardian man Mike Bracken was due to name the companies he has chosen as the UK's "identity providers" by 30 September 2012.
("Identity providers" may seem an odd locution at first but you've got used to "hate crime", haven't you, and by the same process "identity provider" will soon link to your Estonian core principles.)
He missed the September deadline but the announcement of the winners should finally be made next Monday 22 October 2012.
What to expect?
Facebook, Google, Twitter and the British Constitution
There have been leaks, including a very full one to the Independent newspaper on 4 October 2012, National 'virtual ID card' scheme set for launch (Is there anything that could possibly go wrong?).
The article mentions social media sites, mobile phone companies, banks, large retailers, the Post Office, Facebook, Microsoft, Google, PayPal, BT and Experian, the credit referencing agency – please see middle right of the map, nothing new there for DMossEsq readers. We should expect between five and 20 organisations to be appointed as identity providers next Monday, thereby becoming an unlikely part of the British Constitution.
It confirms the link between IdA, GOV.UK and UC and it sets IdA in the context of the US National Strategy for Trusted Identities in Cyberspace (NSTIC) and the Open Identity Exchange (OIX) – who are GDS trying to impress?
The Independent article also claims that IdA will "prevent login fatigue", the suggestion being that as long as you can remember your Facebook or bank login details, then you can "apply for services ranging from tax credits to fishing licences and passports".
Abandoning the Government Gateway in this way may well prevent login fatigue, you won't have to remember your Gateway user IDs and passwords any more, but it reduces security and that threatens the future of on-line business.
The Cabinet Office sandpit may be prepared to take that risk. It is hard to believe that the banks, the mobile phone companies and the major retailers are. They would see their own brands destroyed when IdA goes wrong, even if the problem is caused by Whitehall. That's not a risk worth taking. The chairmen and chief executives of these companies don't normally act against their own best interests. They won't this time. Let's see just how committed the banks, telcos and retailers are, in next Monday's announcements.
Cybercrime
CESG is the information assurance arm of GCHQ. They have issued three reports on RSDOPS – the requirements for the secure delivery of on-line public services, please see top right of the map. Let's see if GDS will show us the documentation certifying that their plans for IdA satisfy the RSDOPS conditions.
On 5 September 2012, GCHQ, the Foreign Office, the Cabinet Office and BIS, the Department for Business Innovation and Skills, got together to tell senior UK businessmen how bad they all are at cybersecurity. Why are GDS in that case entrusting IdA to them?
In the attempt to prove that you are who you say you are before the Department for Education grants you a student loan, or whatever, once we have digital by default IdA will be looking to the identity providers to confirm a selection of your "name, date of birth, address, gender, passport and driving licence numbers, financial history, electoral roll status and telephone numbers" and other such personal data. As the Independent (almost) say, what could possibly go wrong?
Losing control of the personal data in IdA is one possible mishap. Millions of us Britestonians could wake up one morning to find all our personal data for sale on a Russian website, ready to be used to clear out our bank accounts.
Losing access to public services, following an Estonian-style distributed denial of service attack, is another.
Anonymity and book-keeping
When the Department for Education checks to see that you are who you say you are and gets confirmation from the Third National Bank of Tallinn that you are, the process goes through a so-called "hub". The Cabinet Office claim that the "hub" has no memory. No details of the identity assurance transaction are recorded.
That's good, from the point of view of privacy.
But bad from the point of view of audit trail. Surely there has to be an audit trail supporting the grant of a student loan? That's just proper book-keeping and it would be remiss of Whitehall to break proper procedures.
Even if they are breaking procedures, though, there's always the Home Office and their Communications Data Bill, please see bottom right of the map. If the Bill is enacted, all web browsing will be recorded on GCHQ black boxes installed at ISPs (Internet Service Providers). So much for anonymity.
Dematerialised ID
Which brings us to the bottom middle of the map, BIS, and their midata initiative.
There is no announcement date for midata. The Cabinet Office and BIS are keeping quiet about it and hoping that they will thereby get their legislative powers rubber-stamped in the Enterprise and Regulatory Reform Bill currently going through Parliament.
midata would require us all to have one or more Personal Data Stores (PDSs) if the Bill is enacted as drafted. These PDSs would record all our personal data such as the names and addresses mentioned above plus all our transaction data and they – the PDSs – would be in continuous contact with all our suppliers including government departments keeping each one up to date with any change in our circumstances.
The Independent were clearly briefed to emphasise that the government has abandoned its plans to introduce material, plastic ID cards. No doubt that's true. No government department wants to suffer the fate of the Identity & Passport Service which seems to have had a corporate nervous breakdown when the last ID cards scheme failed.
But a PDS is an ID card. It's a dematerialised, dynamic, distributed ID card, but an ID card for all that. The government hasn't abandoned its plans. It's planning for something much more powerful. Something that really could provide identity assurance on-line. PDSs.
It will be worth pressing GDS next Monday on the subject of midata and its attendant PDSs. They can't pretend that it's nothing to do with them. William Heath is on the BIS strategy board for midata and he is the chairman of Mydex, a company which hopes one day to manage PDSs for us all, and he was demonstrating Mydex's wares at the 31 October 2011 identity assurance event where Francis Maude announced his £10 million investment in Mydex and others. And according to him:
You'd think that would be enough problems for GOV.UK. It's not clear how involving the Post Office, the banks, etc ... will help to provide identity assurance on-line. All that is clear is that GDS want to abandon the Government Gateway and lose the tried and tested security that it's provided for 10 years and more. What GDS really need is PDSs but it's unimaginable that the British people will let them have their way. Meanwhile, the Home Office's Communications Data Bill threatens the anonymity that the Cabinet Office are offering and we have yet to see if IdA has been certified by CESG.
But that's not all.
There are more problems.
Take a look at the map again. Middle left. The Public.
Between eight and ten million adult Britestonians have never used the web. What's the point of trying to make all public services digital by default if the people most likely to need public services can't access them?
And large parts of the country don't have reliable, cheap, fast broadband.
What's GDS doing about these problems?
Answer, they've started a project. It's got a name – "assisted digital". There's an assisted digital blog. It's had all of four posts on it since 28 July 2011. And that's it. We've still got eight to ten million people who can't use GOV.UK and IdA.
Far from offering savings, which is one of the benefits promised for all this playing in the sandpit, we'll end up paying for both the new on-line delivery method for public services and the old one, involving people, in offices, with telephones, and letters, and face-to-face interviews. The question isn't how much we'll save, it's how much more it will all cost.
Cloud computing – the Pied Pipers of Hamelin
And then from out of a blue sky comes another problem.
The IT industry is currently suffering one of its recurrent bouts of tulipmania and talking rubbish about the merits of cloud computing.
Don't take DMossEsq's word for it. Take the OECD's word for it and ENISA's. If you prefer your gurus to be bearded, try Richard Stallman. Otherwise, listen to Larry Ellison, the billionaire President of Oracle, talking about cloud computing:
He or she might like to take a look at this week's newspapers, full of stories about how it's impossible to keep utility bills down, particularly energy prices.
But 12 year-olds probably don't read that bit of the newspaper.
The suppliers are talking up the merits of cloud computing and if you work in IT you can hardly hold your head up with dignity if you aren't solving all your problems by moving your applications to the cloud.
You'd better hope that your lawyers aren't following this fashion. Cloud computing amounts to losing control of your data by handing it over to other organisations like Amazon who put it on their servers which may be anywhere in the world, beyond the jurisdiction of the English courts, and under the control of staff about whose suitability you know nothing. Lawyers are meant to keep your data safe and confidential.
So is Whitehall but they've jumped on the bandwagon anyway and they just can't get enough of cloud computing. Cloud computing will make public services reliable, trusted, efficient, green, you name it, they'll believe it.
Somehow, see bottom left of the map, HMRC have agreed to put all their local office data – i.e. all our data – in the cloud. This should be impossible but when tulipmania strikes a tulip bulb really is worth ten years' salary.
HMRC's dangerous, imprudent, ill-advised, unprofessional, wrong-headed, unbusinesslike, undignified and irresponsible decision is important, but it isn't the subject of this post.
What is the subject of this post is this – not only will the public be logging on to the cloud to deal with HMRC, we will have to do the same to use GOV.UK. GOV.UK will be hosted in the cloud. To put it another way, Whitehall will have no control over the data in GOV.UK because "cloud computing" is a synonym for "no control".
There are big companies supplying cloud computing services. Notably Amazon, Apple, Microsoft and Google.
They're not very keen on paying tax in the UK. But they're big.
They're all American and so, by virtue of the USA PATRIOT Act, any data in their possession can be subpoenaed by the FBI, which may not be what you had in mind when you applied for a fishing licence. But they're big.
And being big becomes a virtue when you see who GDS and HMRC have contracted with to provide cloud computing services – a company called Skyscape Cloud Services Ltd, please see map bottom left-ish.
Skyscape Cloud Services Ltd
Skyscape is too young a start-up to have submitted any accounts to Companies House yet. But according to its annual return, it has no company secretary and just one director, a Mr Jeremy Robin Sanders. Mr Sanders is also the holder of all £1,000-worth of paid-up share capital.
HMRC and GDS have entrusted our data to the care of one man. Even in a tulipmania hospital HMRC and GDS would have to be segregated.
There's more.
When they're looking after crucial national data, the location of data centres should be kept secret for obvious security reasons. It looks as though Skyscape have inadvertently managed to announce where our data will be stored and thus where it could be attacked.
The user experience
There's a lot hanging on tomorrow's and next week's announcements.
And it's not about 70+ charming people working in the offices of GDS tirelessly in the interests of the public's needs. (They've published two more posts on their blog, by the way, since DMossEsq started this post.)
It's about GDS ignoring the fact that up to 10 million of their parishioners won't be able to experience GOV.UK at all.
It's about inviting the likes of Facebook and Google into the British Constitution.
It's about an infantile faith in technology.
It's about GDS proceeding on the unproven assumption that you can deliver on-line identity assurance for large populations. Large populations like 60 million+ Britestonians. It's not businesslike and it's not responsible to proceed on the basis of hope alone, to spend public money without first providing evidence.
And it's about holding up Universal Credit, ignoring the predicament of real people, while playing in the sand.
We're looking here at Constitutional lunacy and misfeasance in public office at the heart of Whitehall.
17 October 2012 – GOV.UK goes live
22 October 2012 – major announcement on IdA (identity assurance)
26 October 2012 – G-Cloud II
Who knows when? – midata
What does that all add up to?
Whitehall and others wasting your money with impunity – the disgraceful state of public administration in the UK.
You want DMossEsq to draw you a map?
OK:
 |
| A map |
Transacting with the government
Top left, at the moment, if members of the public including companies want to submit their tax returns to HMRC, for example, they log on via the Government Gateway and do it. That's how we transact with government over the web. It's not a thing of beauty. You have to register separately for each of the various services offered by our public administration and they post us separate user IDs for each one.
Not beautiful, but it seems to be fairly secure. It's hard remembering the user IDs and it's a pain in the neck for the service providers because millions of people ring up every year when they forget their user IDs but perhaps that's the price of security – if you want the security, you have to live with the pain in the neck. There may be no alternative.
It's not that different transacting with the banks on-line. Except that in addition to user IDs you often have to use PINSentry-type machines.
Even with the security of user IDs and passwords and PINSentries, there is a certain level of fraud. The banks in particular and DWP who operate the Government Gateway have done a fantastic job over the years keeping a lid on the level of fraud. Fraud remains a cost of doing business and, so far, a just about bearable cost. If the cost of fraud stops being bearable, on-line business will stop.
That's at the moment.
GOV.UK
Tomorrow we will be told about GOV.UK, the new single government domain. It goes live tomorrow and replaces Directgov and Business Link. Later, GOV.UK is due to replace all central government websites. No more homeoffice.gov.uk, no more education.gov.uk, ..., just GOV.UK.
GOV.UK is the product of the Government Digital Service (GDS) and judging by the 22 posts that have been published on their blog so far this month what we will be told is that the whole project is dedicated to satisfying user needs, it's all being done for us the public, 70+ people working hard for a year, just for us.
That's true. But it's not the whole truth.
GDS aren't just trying to improve the "user experience" as they call it, repeatedly, several times in every one of their 22 posts this month, when we use government websites. They're working towards making all public services digital by default, something not mentioned in a single one of their 22 posts so far this month. They're trying to make it so that we can only transact with government on-line. They're trying to make us Estonian, as ex-Guardian man Mike Bracken among others has being telling us for some time:
IdA
Estonia’s technology economy and online service provision- back to the future?
by Mike Bracken on 04/05/2012
... Whilst we met dozens of people at breakneck speed, many of whom we hope to see in the UK soon, over the next week I will be explaining the wider points we have uncovered which reflect directly on our challenge to make public services in the UK digital by default, and how the Estonian experience links to our core principles ...
Ex-Guardian man Mike Bracken is the Chief Executive of the (UK) Government Digital Service. He is also the senior responsible
Once you've decided that public services should be digital by default you have to try to prove that it works. You need a guinea pig. DWP drew the short straw and digital by default will be tested on Universal Credit (UC).
UC is the coalition government's attempt to spring the poverty trap and make work pay. It could hardly be more important to millions of human beings in the UK. Instead, it has become a sandpit, for adults who haven't outgrown their fascination with technology, to play in.
Asked by the Select Committee on Work and Pensions what are the biggest risks faced by UC Lord Freud, the minister responsible, fingered identity assurance. With no IdA, there can be no UC.
Having wrested control over its own identity assurance from DWP and having thus made himself responsible for it, ex-Guardian man Mike Bracken was due to name the companies he has chosen as the UK's "identity providers" by 30 September 2012.
("Identity providers" may seem an odd locution at first but you've got used to "hate crime", haven't you, and by the same process "identity provider" will soon link to your Estonian core principles.)
He missed the September deadline but the announcement of the winners should finally be made next Monday 22 October 2012.
What to expect?
Facebook, Google, Twitter and the British Constitution
There have been leaks, including a very full one to the Independent newspaper on 4 October 2012, National 'virtual ID card' scheme set for launch (Is there anything that could possibly go wrong?).
That's what GDS say about the Independent article. It seems fair to assume that they wrote the whole thing apart from the headline.
If you’d like to know more the Q&A in The Independent gives a pretty good overview (the only thing we’d really quibble with is the headline).
The article mentions social media sites, mobile phone companies, banks, large retailers, the Post Office, Facebook, Microsoft, Google, PayPal, BT and Experian, the credit referencing agency – please see middle right of the map, nothing new there for DMossEsq readers. We should expect between five and 20 organisations to be appointed as identity providers next Monday, thereby becoming an unlikely part of the British Constitution.
It confirms the link between IdA, GOV.UK and UC and it sets IdA in the context of the US National Strategy for Trusted Identities in Cyberspace (NSTIC) and the Open Identity Exchange (OIX) – who are GDS trying to impress?
The Independent article also claims that IdA will "prevent login fatigue", the suggestion being that as long as you can remember your Facebook or bank login details, then you can "apply for services ranging from tax credits to fishing licences and passports".
Abandoning the Government Gateway in this way may well prevent login fatigue, you won't have to remember your Gateway user IDs and passwords any more, but it reduces security and that threatens the future of on-line business.
The Cabinet Office sandpit may be prepared to take that risk. It is hard to believe that the banks, the mobile phone companies and the major retailers are. They would see their own brands destroyed when IdA goes wrong, even if the problem is caused by Whitehall. That's not a risk worth taking. The chairmen and chief executives of these companies don't normally act against their own best interests. They won't this time. Let's see just how committed the banks, telcos and retailers are, in next Monday's announcements.
Cybercrime
CESG is the information assurance arm of GCHQ. They have issued three reports on RSDOPS – the requirements for the secure delivery of on-line public services, please see top right of the map. Let's see if GDS will show us the documentation certifying that their plans for IdA satisfy the RSDOPS conditions.
On 5 September 2012, GCHQ, the Foreign Office, the Cabinet Office and BIS, the Department for Business Innovation and Skills, got together to tell senior UK businessmen how bad they all are at cybersecurity. Why are GDS in that case entrusting IdA to them?
In the attempt to prove that you are who you say you are before the Department for Education grants you a student loan, or whatever, once we have digital by default IdA will be looking to the identity providers to confirm a selection of your "name, date of birth, address, gender, passport and driving licence numbers, financial history, electoral roll status and telephone numbers" and other such personal data. As the Independent (almost) say, what could possibly go wrong?
Losing control of the personal data in IdA is one possible mishap. Millions of us Britestonians could wake up one morning to find all our personal data for sale on a Russian website, ready to be used to clear out our bank accounts.
Losing access to public services, following an Estonian-style distributed denial of service attack, is another.
Anonymity and book-keeping
When the Department for Education checks to see that you are who you say you are and gets confirmation from the Third National Bank of Tallinn that you are, the process goes through a so-called "hub". The Cabinet Office claim that the "hub" has no memory. No details of the identity assurance transaction are recorded.
That's good, from the point of view of privacy.
But bad from the point of view of audit trail. Surely there has to be an audit trail supporting the grant of a student loan? That's just proper book-keeping and it would be remiss of Whitehall to break proper procedures.
Even if they are breaking procedures, though, there's always the Home Office and their Communications Data Bill, please see bottom right of the map. If the Bill is enacted, all web browsing will be recorded on GCHQ black boxes installed at ISPs (Internet Service Providers). So much for anonymity.
Dematerialised ID
Which brings us to the bottom middle of the map, BIS, and their midata initiative.
There is no announcement date for midata. The Cabinet Office and BIS are keeping quiet about it and hoping that they will thereby get their legislative powers rubber-stamped in the Enterprise and Regulatory Reform Bill currently going through Parliament.
midata would require us all to have one or more Personal Data Stores (PDSs) if the Bill is enacted as drafted. These PDSs would record all our personal data such as the names and addresses mentioned above plus all our transaction data and they – the PDSs – would be in continuous contact with all our suppliers including government departments keeping each one up to date with any change in our circumstances.
The Independent were clearly briefed to emphasise that the government has abandoned its plans to introduce material, plastic ID cards. No doubt that's true. No government department wants to suffer the fate of the Identity & Passport Service which seems to have had a corporate nervous breakdown when the last ID cards scheme failed.
But a PDS is an ID card. It's a dematerialised, dynamic, distributed ID card, but an ID card for all that. The government hasn't abandoned its plans. It's planning for something much more powerful. Something that really could provide identity assurance on-line. PDSs.
It will be worth pressing GDS next Monday on the subject of midata and its attendant PDSs. They can't pretend that it's nothing to do with them. William Heath is on the BIS strategy board for midata and he is the chairman of Mydex, a company which hopes one day to manage PDSs for us all, and he was demonstrating Mydex's wares at the 31 October 2011 identity assurance event where Francis Maude announced his £10 million investment in Mydex and others. And according to him:
The unwebbed
We [Mydex] support midata. It will empower individuals and at last give real teeth to the good intentions behind the Data Protection Act subject access request. It goes hand in hand with the new UK and US approaches to ID assurance, which we also support. We think midata needs to apply also to other UK public services including health, education and job-seeking.
You'd think that would be enough problems for GOV.UK. It's not clear how involving the Post Office, the banks, etc ... will help to provide identity assurance on-line. All that is clear is that GDS want to abandon the Government Gateway and lose the tried and tested security that it's provided for 10 years and more. What GDS really need is PDSs but it's unimaginable that the British people will let them have their way. Meanwhile, the Home Office's Communications Data Bill threatens the anonymity that the Cabinet Office are offering and we have yet to see if IdA has been certified by CESG.
But that's not all.
There are more problems.
Take a look at the map again. Middle left. The Public.
Between eight and ten million adult Britestonians have never used the web. What's the point of trying to make all public services digital by default if the people most likely to need public services can't access them?
And large parts of the country don't have reliable, cheap, fast broadband.
What's GDS doing about these problems?
Answer, they've started a project. It's got a name – "assisted digital". There's an assisted digital blog. It's had all of four posts on it since 28 July 2011. And that's it. We've still got eight to ten million people who can't use GOV.UK and IdA.
Far from offering savings, which is one of the benefits promised for all this playing in the sandpit, we'll end up paying for both the new on-line delivery method for public services and the old one, involving people, in offices, with telephones, and letters, and face-to-face interviews. The question isn't how much we'll save, it's how much more it will all cost.
Cloud computing – the Pied Pipers of Hamelin
And then from out of a blue sky comes another problem.
The IT industry is currently suffering one of its recurrent bouts of tulipmania and talking rubbish about the merits of cloud computing.
Don't take DMossEsq's word for it. Take the OECD's word for it and ENISA's. If you prefer your gurus to be bearded, try Richard Stallman. Otherwise, listen to Larry Ellison, the billionaire President of Oracle, talking about cloud computing:
Some 12 year-old management consultant had the bright idea of comparing IT to the utilities. Wouldn't it be good if you only paid for the IT you use. Turn on the tap and you pay, turn it off again and you don't. That way IT would be cheaper.
Maybe I'm an idiot, but I have no idea what anyone is talking about. What is it? It's complete gibberish. It's insane. When is this idiocy going to stop?
He or she might like to take a look at this week's newspapers, full of stories about how it's impossible to keep utility bills down, particularly energy prices.
But 12 year-olds probably don't read that bit of the newspaper.
The suppliers are talking up the merits of cloud computing and if you work in IT you can hardly hold your head up with dignity if you aren't solving all your problems by moving your applications to the cloud.
You'd better hope that your lawyers aren't following this fashion. Cloud computing amounts to losing control of your data by handing it over to other organisations like Amazon who put it on their servers which may be anywhere in the world, beyond the jurisdiction of the English courts, and under the control of staff about whose suitability you know nothing. Lawyers are meant to keep your data safe and confidential.
So is Whitehall but they've jumped on the bandwagon anyway and they just can't get enough of cloud computing. Cloud computing will make public services reliable, trusted, efficient, green, you name it, they'll believe it.
Somehow, see bottom left of the map, HMRC have agreed to put all their local office data – i.e. all our data – in the cloud. This should be impossible but when tulipmania strikes a tulip bulb really is worth ten years' salary.
HMRC's dangerous, imprudent, ill-advised, unprofessional, wrong-headed, unbusinesslike, undignified and irresponsible decision is important, but it isn't the subject of this post.
What is the subject of this post is this – not only will the public be logging on to the cloud to deal with HMRC, we will have to do the same to use GOV.UK. GOV.UK will be hosted in the cloud. To put it another way, Whitehall will have no control over the data in GOV.UK because "cloud computing" is a synonym for "no control".
There are big companies supplying cloud computing services. Notably Amazon, Apple, Microsoft and Google.
They're not very keen on paying tax in the UK. But they're big.
They're all American and so, by virtue of the USA PATRIOT Act, any data in their possession can be subpoenaed by the FBI, which may not be what you had in mind when you applied for a fishing licence. But they're big.
And being big becomes a virtue when you see who GDS and HMRC have contracted with to provide cloud computing services – a company called Skyscape Cloud Services Ltd, please see map bottom left-ish.
Skyscape Cloud Services Ltd
Skyscape is too young a start-up to have submitted any accounts to Companies House yet. But according to its annual return, it has no company secretary and just one director, a Mr Jeremy Robin Sanders. Mr Sanders is also the holder of all £1,000-worth of paid-up share capital.
HMRC and GDS have entrusted our data to the care of one man. Even in a tulipmania hospital HMRC and GDS would have to be segregated.
There's more.
When they're looking after crucial national data, the location of data centres should be kept secret for obvious security reasons. It looks as though Skyscape have inadvertently managed to announce where our data will be stored and thus where it could be attacked.
The user experience
There's a lot hanging on tomorrow's and next week's announcements.
And it's not about 70+ charming people working in the offices of GDS tirelessly in the interests of the public's needs. (They've published two more posts on their blog, by the way, since DMossEsq started this post.)
It's about GDS ignoring the fact that up to 10 million of their parishioners won't be able to experience GOV.UK at all.
It's about inviting the likes of Facebook and Google into the British Constitution.
It's about an infantile faith in technology.
It's about GDS proceeding on the unproven assumption that you can deliver on-line identity assurance for large populations. Large populations like 60 million+ Britestonians. It's not businesslike and it's not responsible to proceed on the basis of hope alone, to spend public money without first providing evidence.
And it's about holding up Universal Credit, ignoring the predicament of real people, while playing in the sand.
We're looking here at Constitutional lunacy and misfeasance in public office at the heart of Whitehall.