Monday 19 August 2013

GDS and privacy

Yesterday's Sunday Times:
Google: we are beyond British law

The internet giant says the High Court has no authority to rule over a landmark UK privacy claim ...

“They don’t respect privacy and they don’t consider themselves to be answerable to our laws on it” ...

Last week Google’s privacy policies came under fresh attack in America after it said that its 425m Gmail users could have no “reasonable expectation” that their messages would remain confidential. The admission came to light in a court filing.

In its submission to the High Court, Google’s lawyers argue that any information gleaned from the search engine is not “private or confidential”. This means that the company is under no obligation to hold it in confidence, they say.
You know where you are with Google. No "reasonable expectation" of confidentiality/privacy.

Similarly, you know where you are with the UK Cabinet Office. Francis Maude, the Minister in charge, told the Information Commissioner's Conference:
Sharing data is a key enabler in our ambition to see public services provided digitally by default ...the census is another area where I want to bust the myths around the complexities of data sharing ... we aim to find effective ways of using and sharing data for the good of everyone ...
The provisions designed to limit data-sharing in government are no more than "myths", in his eyes, and will be swept away by Mr Maude's modernisation plans – spearheaded by the Government Digital Service (GDS).

You know where you are with GDS. Ex-Guardian man Mike Bracken, executive director of GDS and senior responsible owner of the pan-government Identity Assurance Programme (IDAP) has told you:
Andrew Nash, Google’s Director of Identity, ran us through the current issues facing identity.He explained how Google aim to grow and be part of an ecosystem of identify providers, and encouraged the UK Government to play its part in a federated system. The UK ID Assurance team and Google agreed to work more closely to define our strategy – so look out for future announcements. Andrew also took the opportunity to walk the Minister through the Identity ecosystem.
Which brings you back to Google and the "reasonable expectation" of privacy – there is none.

The Privacy and Consumer Advisory Group (PCAG) have worked hard to devise nine privacy principles. And ex-Guardian man Mike Bracken has asked for comments on these principles. But you have to ask yourself whether his heart is in it. PCAG is only an advisory group and GDS can ignore their suggestions.

GDS were asked to produce a version of the nine principles with numbered paragraphs to make it easier to refer to them when submitting responses to the consultation exercise. GDS agreed that this would be a good idea. That was on 20 June 2013. Two months later, and no further action has been taken since.

When GDS held their revivalist The Future is Here event back in January 2013, they got everyone to book their place through Eventbrite, a Californian firm of event organisers. A Californian firm of event organisers who now have all the contact details of 300 civil servants "working across Government and its agencies to deliver our digital ambition statement". A marketing man's dream. So much for GDS and the "reasonable expectation" of privacy.

There has been at least one submission made in response to the PCAG consultation. Compiled by Mark King, it is published in full by the great Philip Virgo. Mr King's submission is masterly and suggests that even if GDS were to agree to the nine principles our "reasonable expectation" of privacy would still be disappointed.

These are the dog days of August, no-one can be expected to respond to consultations while we are all in the doldrums. But come September, if you have any desire to protect your reasonable expectations, it could be worth making the effort to respond.

GDS and privacy

Yesterday's Sunday Times:
Google: we are beyond British law

The internet giant says the High Court has no authority to rule over a landmark UK privacy claim ...

“They don’t respect privacy and they don’t consider themselves to be answerable to our laws on it” ...

Last week Google’s privacy policies came under fresh attack in America after it said that its 425m Gmail users could have no “reasonable expectation” that their messages would remain confidential. The admission came to light in a court filing.

In its submission to the High Court, Google’s lawyers argue that any information gleaned from the search engine is not “private or confidential”. This means that the company is under no obligation to hold it in confidence, they say.
You know where you are with Google. No "reasonable expectation" of confidentiality/privacy.

Friday 9 August 2013

Cyber security is a hangover in Vegas

DEF CON was founded in 1992 or 1993 by Jeff Moss (no relation) and is "one of the world's largest annual hacker conventions, held every year in Las Vegas, Nevada ... Many of the attendees at DEF CON include computer security professionals, journalists, lawyers, federal government employees, security researchers, and hackers with a general interest in software, computer architecture, phone phreaking, hardware modification, and anything else that can be 'hacked' ...".

Not to be confused with Black Hat Briefings, which was founded in 1997 by Jeff Moss (no relation) and is "a computer security conference that brings together a variety of people interested in information security. Representatives of government agencies and corporations attend, along with hackers. The Briefings take place regularly in Las Vegas, Barcelona, Amsterdam, Abu Dhabi and, occasionally, Tokyo. An event dedicated to the Federal Agencies is organized in Washington, DC ...".

Would you like to attend DEF CON? One young lady who attended this year gave an interview to BuzzFeed magazine that gives you a hangover just to read it: "... But I had a good time. It’s always a good time. As long as you remember most of it. Or maybe you don’t want to remember. It just kicks your ass. But once a year? It isn’t the worst thing for your liver".

She was interviewed because she was the only ovine who had appeared on the Wall of Sheep and was prepared to talk about it. The Wall of Sheep is where the DEF CON organisers display the logon IDs and passwords of everyone at the conference who has foolishly allowed themselves to be hacked.

The way our young lady put it, "... at past Def Cons, I didn't really have to worry about it, because someone else was always there to take care of it. When we would get close, he’d say turn stuff off, don’t let any of your wireless devices accept any open Wi-Fi or anything. Turn off Bluetooth, anything that connects to you. So I had someone watching out for me before, but since this was my first one on my own, I didn't take precautions".

"This 28-year-old graphic designer from Utah agreed to tell her story on the condition that we preserve her anonymity — or what remains of it", say BuzzFeed. Not a lot: "I got my alert on my cell phone [saying] that I was using too much data. I knew something wasn't right, so I started making changes when I could. I left on Saturday, so I spent most of that night and the next day cleaning up my accounts that may be associated. I totally got owned. It's just such a rookie mistake".

We might take more care of our livers but we, too, would "totally get owned" by hackers if the occasion presented itself.

Anyway, DEF CON is the nice conference and, in light of the Edward Snowden revelations, Jeff Moss (no relation) asked the feds to stay away this year. Which they did. They went to Black Hat instead, where General Keith Alexander, the Director of the NSA [National Security Agency] and Commander of the DOD's [Departent of Defense] US Cyber Command was the keynote speaker.

The general would probably have stayed away from DEF CON this year even if Jeff hadn't asked – he was keynote speaker there last year.

Presumably the feds and the hackers attend these events to size each other up. Maybe there's a bit of trading – you tell me how you did x and I'll show you how I do y. Who knows? One thing is clear, though – the rest of us haven't got a clue. Or a chance.

Hypothesis: when we hear that such-and-such website is secure, or this mobile phone operating system or that slab telecommunications facility, we might as well forget it. None of it is secure. Not for the general public. And don't you believe anyone who tells you otherwise.

Cyber security is a hangover in Vegas

DEF CON was founded in 1992 or 1993 by Jeff Moss (no relation) and is "one of the world's largest annual hacker conventions, held every year in Las Vegas, Nevada ... Many of the attendees at DEF CON include computer security professionals, journalists, lawyers, federal government employees, security researchers, and hackers with a general interest in software, computer architecture, phone phreaking, hardware modification, and anything else that can be 'hacked' ...".

Not to be confused with Black Hat Briefings, which was founded in 1997 by Jeff Moss (no relation) and is "a computer security conference that brings together a variety of people interested in information security. Representatives of government agencies and corporations attend, along with hackers. The Briefings take place regularly in Las Vegas, Barcelona, Amsterdam, Abu Dhabi and, occasionally, Tokyo. An event dedicated to the Federal Agencies is organized in Washington, DC ...".

Would you like to attend DEF CON? One young lady who attended this year gave an interview to BuzzFeed magazine that gives you a hangover just to read it: "... But I had a good time. It’s always a good time. As long as you remember most of it. Or maybe you don’t want to remember. It just kicks your ass. But once a year? It isn’t the worst thing for your liver".

Wednesday 7 August 2013

Toe-curling: GDS PR Blitz

The launch of the Government Digital Service's PR campaign on the BBC and in the Guardian was noted here three weeks ago on 14 June 2013.

Last week a new front was opened up in the Times newspaper with an opinion piece by Rachel Sylvester, Geeks in jeans are the Treasury’s new heroes. Are they geeks? Are they in jeans? Are they the Treasury's new heroes? Precisely what have GDS achieved so far? What is the outlook for all their outstanding projects? Ms Sylvester left her readers none the wiser.

Yesterday, again in the Times, the PR campaign went out of control. Laura Pitel wrote Jordan Hatch: boy wonder civil servant with a plan to save £4m:
He has no university degree, no A levels and wears cargo pants to work. Meet the teenage civil servant who is going to save you £4 million ... Jordan Hatch is the poster boy of the Government’s digital revamp ... Bringing a 17-year-old on to the team was seen as the embodiment of a new, more adventurous way of thinking ... the lack of formal qualifications betrays [?] a talent for IT that began when he was barely out of nappies ... Baroness Lane Fox of Soho, recently secured him a role as young digital adviser to the European Commission ...
This ruthless exploitation of Mr Hatch extends all the way to Sir Bob Kerslake, head of the home civil service, and it smacks of desperation:

Toe-curling: GDS PR Blitz

The launch of the Government Digital Service's PR campaign on the BBC and in the Guardian was noted here three weeks ago on 14 June 2013.

Last week a new front was opened up in the Times newspaper with an opinion piece by Rachel Sylvester, Geeks in jeans are the Treasury’s new heroes. Are they geeks? Are they in jeans? Are they the Treasury's new heroes? Precisely what have GDS achieved so far? What is the outlook for all their outstanding projects? Ms Sylvester left her readers none the wiser.

Monday 5 August 2013

midata and your money

WHAT'S NEXT POST LAUNCH OF THE MIDATA INNOVATION LAB?

Good question.

That's the title of an interview with Dan Bates, director of the midata Innovation Lab (mIL), published in Ctrl-Shift News, where space is so tight that there isn't room to remind the reader that Ctrl-Shift is one of the 22 Founding Partners of mIL.

"I am proud that we have set the bar high by bringing the mIL to life in just seven weeks from project kick-off", says Dan, too young perhaps to remember that "project kick-off" was 91 weeks ago on 3 November 2011 when the Department for Business Innovation and Skills published Government, business and consumer groups commit to midata vision of consumer empowerment.

mIL has several "learning streams of activity", we learn during the interview, and a "project heartbeat". mIL is an "enabler" and "we have made it easy to get involved". It is a "potential consumer blockbuster" but, before that happens, Dan needs more organisations to sign up.

What kind of organisations? Answer: "these organisations will be trail-blazers who have the humility to acknowledge no-one as yet has all the answers, and thus share and learn, whilst at the same time having the vision and boldness to be the first-movers that accelerate the personal data market".

It's not easy to find organisations like that and Dan's boss, Professor Sir Nigel Shadbolt, has been reduced to trying to buy them in:


As well as bold humble visionaries, there are "experts involved in the mIL", Dan wants it to be "transformative" and he wants to "kick start a collective inflection point in business". midata is all about apps. What kind of apps? According to Dan, "really interesting" ones: "I want some really interesting apps and services to come out of the mIL".

You wouldn't fund a project for 91 weeks, would you, based on breathless promises of really interesting transformative apps that will kickstart a collective inflection point?

You just have. And there's no end in sight.

midata and your money

WHAT'S NEXT POST LAUNCH OF THE MIDATA INNOVATION LAB?

Good question.

That's the title of an interview with Dan Bates, director of the midata Innovation Lab (mIL), published in Ctrl-Shift News, where space is so tight that there isn't room to remind the reader that Ctrl-Shift is one of the 22 Founding Partners of mIL.

"I am proud that we have set the bar high by bringing the mIL to life in just seven weeks from project kick-off", says Dan, too young perhaps to remember that "project kick-off" was 91 weeks ago on 3 November 2011 when the Department for Business Innovation and Skills published Government, business and consumer groups commit to midata vision of consumer empowerment.

Cloud – Dale Vile tells it like it is

Freeform Dynamics is an "IT industry analyst firm" distinguished by "straight talking, telling it as it is in down-to-earth language".

Dale Vile, the CEO, is a "cloud advocate", he tells us in SMBs are tumbling into the cloud? Oh get real, and he's not pleased. Large companies and public bodies are adopting cloud computing but small and medium-sized businesses (SMBs) aren't: "we are hardly scratching the surface when it comes to selling cloud options into the SMB space".

What seems to be the problem?

Dale says: "IT policy and planning is down to business people at the lower end" and "where a business person rather than an IT professional is responsible for IT policy, planning and decision-making, cloud is far less likely to be on the agenda".

What's the matter with these business people?

Dale thinks they're hysterics: "... then there’s the MSPs [managed service providers, i.e. cloud shops] who despite the current privacy-related hysteria are still reporting impressive growth that shows no signs of abating".

IT professionals are pretty relaxed about storing their company's data in the cloud and losing control of it but psychologically damaged business people seem to suffer from a primitive need to protect their intellectual property and to honour their promises to keep client data confidential.

If the business people are removed and IT professionals run businesses instead, will that solve the uptake problem suffered by cloud computing?

No.

Dale has another issue: "bloody well appreciate that you aren't going to unlock the SMB space without the channel, so pay more attention to enabling your partners and making sure that cloud is good business for them as well as yourselves".

Cloud – Dale Vile tells it like it is

Freeform Dynamics is an "IT industry analyst firm" distinguished by "straight talking, telling it as it is in down-to-earth language".

Dale Vile, the CEO, is a "cloud advocate", he tells us in SMBs are tumbling into the cloud? Oh get real, and he's not pleased. Large companies and public bodies are adopting cloud computing but small and medium-sized businesses (SMBs) aren't: "we are hardly scratching the surface when it comes to selling cloud options into the SMB space".

What seems to be the problem?

Dale says: "IT policy and planning is down to business people at the lower end" and "where a business person rather than an IT professional is responsible for IT policy, planning and decision-making, cloud is far less likely to be on the agenda".

What's the matter with these business people?

Sunday 4 August 2013

Classical innovation and old-fashioned digital

8:51, Friday morning, 2 August 2013, the BBC Radio 4 Today programme, and Evan Davis interviews Emma Stenning, executive director of Bristol Old Vic, and Max Hole, chairman of Universal Group International. The question is what innovations are needed to make classical music more popular.

The proms at the Bristol Old Vic have introduced a screen allowing the audience to see the conductor in the same way as the orchestra does. That seems eminently sensible, but not innovative – Evan Davis and Max Hole agreed that rock concerts have had big screens "forever".

They have also introduced a standing pit for the promenaders. Again, eminently sensible, and ticket sales have gone up by 20% as a result, but not innovative – Emma Stenning made the point that this was actually a return to the way the theatre was in 1766. (When America had only just ceased to be a British colony ...)

In between these sensible points there was a bit of talk about digital innovation, new technology, digital opportunity and the promenade concerts being made more accessible by exploiting the analogy of a concert with computer games and digital environments in which avatars respond to the music (3'22" to 3'47").

Admittedly someone was driving to a funeral while this piece was broadcast, and was feeling mighty sour, but the digital innovation drivel sounded tired, old-fashioned, tawdry, gratuitous and past its sell-by date. The horse is dead and it's a waste of time to keep flogging it.

How boring an old fart have you got to be to still find computer games exciting?

"Digital" doesn't mean "open" or "welcoming" or "warm" or "informal" or "accessible" or "engaging" or "popular". It doesn't even mean "modern" any more.

Classical innovation and old-fashioned digital

8:51, Friday morning, 2 August 2013, the BBC Radio 4 Today programme, and Evan Davis interviews Emma Stenning, executive director of Bristol Old Vic, and Max Hole, chairman of Universal Group International. The question is what innovations are needed to make classical music more popular.

The proms at the Bristol Old Vic have introduced a screen allowing the audience to see the conductor in the same way as the orchestra does. That seems eminently sensible, but not innovative – Evan Davis and Max Hole agreed that rock concerts have had big screens "forever".

They have also introduced a standing pit for the promenaders. Again, eminently sensible, and ticket sales have gone up by 20% as a result, but not innovative – Emma Stenning made the point that this was actually a return to the way the theatre was in 1766. (When America had only just ceased to be a British colony ...)

In between these sensible points there was a bit of talk about digital innovation, new technology, digital opportunity and the promenade concerts being made more accessible by exploiting the analogy of a concert with computer games and digital environments in which avatars respond to the music (3'22" to 3'47").

Admittedly someone was driving to a funeral while this piece was broadcast, and was feeling mighty sour, but the digital innovation drivel sounded tired, old-fashioned, tawdry, gratuitous and past its sell-by date. The horse is dead and it's a waste of time to keep flogging it.

How boring an old fart have you got to be to still find computer games exciting?

"Digital" doesn't mean "open" or "welcoming" or "warm" or "informal" or "accessible" or "engaging" or "popular". It doesn't even mean "modern" any more.

Saturday 3 August 2013

GDS's grip on public expenditure

It's always a pleasure to read the Government Digital Service's diary, This week at GDS. And never more so than when it's written by Mike Beaven as it was yesterday:
... Carl Meweezen and his team over in ERG (Efficiency and Reform Group), who look at all things spending in government and look at where we’re saving money. Mark O’Neill and Gill (Elderfield) worked with their team over there, to help them build a thing called the ‘Government Interrogation Spending Tool’, or ‘GIST’, as it’s known. That went live and there’s been some really good feedback from Stephen Kelly, Carl and his team, and the Minister (Minister for the Cabinet Office, Francis Maude), saying, “Thanks for creating something that’s very easy to use and intelligent.” So well done to those guys.
The "thing called ... 'GIST'" is an infographic of public spending. We have seen GDS's penchant for arresting graphics before. That was aspirational, at the time. Now it's reality:


It's not just Stephen Kelly and Francis Maude who have provided "some really good feedback" about this infographic.

Here, for example, is Pete Swabey, writing on the Information Age website:
UK government's new spending data site is "an embarrassing mess"

GIST website "is a joke", says data visualistation expert Stephen Few, and fails to allow users to make basic comparisons

... It is "either an attempt to obscure the data under the guise of transparency or the work of people who have no knowledge of data visualisation", he told Information Age. "The charts in every case are either inappropriate for the data or appropriate but ineptly designed."
Few. What a scorcher.

ElReg have provided some really good feedback, too:
Ha ha, Osborne, these Gov 2.0 web wranglers have wiped out UK debt

"A digital revolution, masterminded by a team of dress-down civil servants, could save the taxpayer billions," The Times newspaper gushed on Tuesday. And behold: it already has. The UK has apparently paid off its national debt years ahead of Chancellor George Osborne's predictions.

Alas, it's no miracle, but an infographics cock-up by the dress-down civil servants at the Government Digital Service ...
The "cock-up"  referred to is the unfortunate omission from GDS's infographic of the UK's £50 billion p.a. of debt interest, a point which ElReg picked up from Guido Fawkes's, No Interest in New Government Spending Website – you get the gist.

Readers who submitted comments to ElReg also expressed mystification at the annual Department of Health expenditure quoted in GDS's easy to use and intelligent infographic as £5.1 billion. They were expecting a figure closer to £120 billion.

The "digital revolution, masterminded by a team of dress-down civil servants" quotation comes from Rachel Sylvester's column in the Times on Wednesday, Geeks in jeans are the Treasury’s new heroes, the latest episode in GDS's PR blitz.

Much more positive feedback like Information Age's, ElReg's and Guido Fawkes's and GDS are going to run out of biddable publicists, even at the BBC and the Guardian. And the Times.

Readers may remember POST, the Parliamentary Office of Science and Technology. We last encountered them misbriefing MPs on the subject of on-line identity management.

Now POST have produced a paper on Invasive Alien Plant Species:
Invasive alien plant species (IAPs) exhibit greater abundance, density, or competitive dominance than species native to habitats ... Early detection and eradication is more cost effective and less risky than later interventions, which may have unintended consequences, such as increases in another, previously suppressed invasive alien species.
Are POST trying to tell us something about the effect of the advent of GDS on the habitat in Whitehall?

GDS's grip on public expenditure

It's always a pleasure to read the Government Digital Service's diary, This week at GDS. And never more so than when it's written by Mike Beaven as it was yesterday:
... Carl Meweezen and his team over in ERG (Efficiency and Reform Group), who look at all things spending in government and look at where we’re saving money. Mark O’Neill and Gill (Elderfield) worked with their team over there, to help them build a thing called the ‘Government Interrogation Spending Tool’, or ‘GIST’, as it’s known. That went live and there’s been some really good feedback from Stephen Kelly, Carl and his team, and the Minister (Minister for the Cabinet Office, Francis Maude), saying, “Thanks for creating something that’s very easy to use and intelligent.” So well done to those guys.
The "thing called ... 'GIST'" is an infographic of public spending. We have seen GDS's penchant for arresting graphics before. That was aspirational, at the time. Now it's reality:


It's not just Stephen Kelly and Francis Maude who have provided "some really good feedback" about this infographic.

Friday 2 August 2013

You'd have to be naïve not to

The third and final episode of Steve Hewlett's report on Privacy Under Pressure was broadcast on Monday 29 July 2013.

The programme took the form of a debate and at one point the participants turned to the Edward Snowden revelations. The US National Security Agency (NSA) and GCHQ here in the UK monitor our phone calls, emails and web browsing on a monumental scale. That makes a nonsense of privacy.

Surveillance is justified, said Lord Carlile, by the state's duty to protect us against terrorists. In other words, in the fight between privacy and surveillance, surveillance must win. That can't be right, said the great Simon Jenkins, not without qualification.

The advocates of freedom admit that we're not free to shout "fire" in a crowded theatre. The advocates of counter-terrorism should similarly admit that there are limits.

Among others, there are financial limits. How many billions, Simon Jenkins wanted to know, should we pay for the NSA and GCHQ's work? Lord Carlile had no answer.

We're back with the arguments advanced by Fraser Nelson and Charles Moore. Of course spies spy. That's their job. Of course we're all under surveillance. You'd have to be naïve to think otherwise. It's for our own good. No-one sensible should be surprised by the Guardian's scoop, it's not a scoop, we've always known all about the interception of communications.

Let's follow the Nelson-Moore-Carlile (NMC) proposition when it next goes out for a walk. See where it leads.

And let's concentrate on money.

In yesterday's Guardian, in addition to learning about X-Keyscore, we also learned about the NSA paying GCHQ tens of millions of pounds. That's handy money. This surveillance lark is expensive and someone's got to pay for it. You'd have to be really naïve not to have worked that one out.

We're following NMC, he bumps into his NSA opposite number and there's an argument. Tempers rise, voices are raised and we can just make out the NSA saying "that's it, you were paid to deliver, you didn't deliver, no more money".

Oh dear. GCHQ's budget is being cut by the UK Exchequer and now the US are turning off the taps (faucets), too. But the state still has a duty to counter terrorism according to NMC. How to fund it?

As luck would have it, in the ordinary course of their work, which is entirely legal according to William Hague (Foreign Secretary) and Sir Malcolm Rifkind (chairman of the Intelligence and Security Committee), GCHQ trip over a lot of useful information.

They knew about Berkshire Hathaway taking over Heinz, for example, months before the news was made public. Should GCHQ do their duty, take advantage of that knowledge and invest, say, £100 million in the target company? That would have yielded a £20 million profit: "Shares in Heinz soared nearly 20% in New York to hit the $72.50 price being offered". If not, why not?

That's one place where NMC leads. And you'd have to be naïve not to realise that.

You'd have to be naïve not to

The third and final episode of Steve Hewlett's report on Privacy Under Pressure was broadcast on Monday 29 July 2013.

The programme took the form of a debate and at one point the participants turned to the Edward Snowden revelations. The US National Security Agency (NSA) and GCHQ here in the UK monitor our phone calls, emails and web browsing on a monumental scale. That makes a nonsense of privacy.

Surveillance is justified, said Lord Carlile, by the state's duty to protect us against terrorists. In other words, in the fight between privacy and surveillance, surveillance must win. That can't be right, said the great Simon Jenkins, not without qualification.

The advocates of freedom admit that we're not free to shout "fire" in a crowded theatre. The advocates of counter-terrorism should similarly admit that there are limits.

Among others, there are financial limits. How many billions, Simon Jenkins wanted to know, should we pay for the NSA and GCHQ's work? Lord Carlile had no answer.