Can We Now Drop the ID Cards Lunacy Once And For All?

According to the TeleBarclaygraph this morning, Chancellor of the Exchequer Fiscally Incontinent & Incompetent Glove-Puppet-In-Chief Alistair Darling has dropped a strong hint that the national ID cards proposal is going to be dropped.

Which is excellent news, if true, although, as quickly picked up by several UK libertarian bloggers, the key issue here surely is not so much the "...biometric passports can do the same job..." issue, as the continuation of the all-encompassing state database comprising the iniquitous National Identity Register.

With the need now to re-cast next year's budget expenses downwards in the wake of Deputy Sean Power's successful heading off of more taxes on Middle Jersey, perhaps the Treasury Minister could take the opportunity to pronounce the authoritarian and illiberal idea of any ID card system or centralised identity database for Jersey to be totally and absolutely dead for any time in the foreseeable future.

Confirmation please, Minister.

Add to del.icio.usDigg It!Stumble This

Don’t Put Your Data With The State, Mrs Worthington!

Several more examples of firstly, the way in which the authoritarian state continues to acquire data of questionable legality on law-abiding citizens, and secondly, a cavalier attitude by corporates and public sector bodies alike to data protection, and the security and privacy of individuals’ personal data, came to Clameur de Haro’s attention in the past week.

In the financial world, Zurich Insurance finally admitted losing the personal account details for over half a million people, more than a year ago. The personal details of no fewer than 51, 000 British customers were among data backed up on a tape which was on its way to a South African data storage centre when it was lost in August 2008.

That’s bad enough, but at least people can choose to place their business with an alternative provider and not with Zurich if they feel its custodianship of their personal details is negligent or deficient. Unfortunately no such choice arises in the case of data required to be held by public sector or government agencies. 

The Home Office, in a written answer to a Parliamentary question, admitted that the estimated number of people whose DNA profile is stored by the government has, for the first time, gone through 5m, with some 5,094,568 individuals now thought to be represented on the National DNA Database: on an estimated replication rate of about 13.8 per cent, this means that the number of actual DNA profiles is 5,910,172 - about one for every ten people in Britain.

This unrestricted growth of what is, on a per capita basis, the world's largest repository of human DNA information has continued despite the New Labour regime’s defeat at the hands of the European Court of Human Rights last December, when the ECHR ruled that the policy of retaining – permanently - the DNA profile of every single person ever even arrested (not charged or convicted) in relation to any offence, no matter how comparatively trivial, was manifestly illegal. So far the New Labour regime has taken no action to comply with the ruling.

The UK Information Commissioner revealed (tellingly, only as a result of a demand under Freedom of Information legislation) that there are more data loss reports being submitted to him from companies and governments than ever before – 356 for the period November 2008 to September 2009, compared with 190 in the equivalent period in the previous year. The biggest cause of loss, in 198 incidents, was lost or stolen hardware, usually laptops and memory sticks, while 78 were due to data disclosed in error, typically discs or memory sticks being mis-addressed.

The most recent figures released by the Commissioner in normal course (October 2008) also showed that, of 277 incidents since HMRC lost the entire UK child benefit recipients database a year earlier, no fewer than 197 came from the public sector.

Then it emerged that the UK's Rural Payments Agency (RPA), five months ago, lost tapes which contained the payment details of more than 100,000 farmers in the UK. The agency told DEFRA (the Department for Environment, Food and Rural Affairs), but DEFRA told nobody else, and certainly not the farmers affected.

DEFRA appears to be trying to finger IBM for the loss. Apparently, 39 backup tapes were transferred by the RPA from its Reading offices to Newcastle, following which the tapes then “went missing”: 37 were subsequently found, but not the other two. DEFRA is alleging that the tapes were simply placed on the wrong shelf by the IBM staff who actually operate the RPA data centre in Newcastle.

The last definite record of the tapes' existence was in June 2008: it was only in May 2009, according to the report seen by CdeH, that IBM staff realised the tapes were missing and reported the loss to the RPA, who then told DEFRA. DEFRA has suggested “that it is likely that the lost tapes have been destroyed without anybody realising”. Vaporisation perhaps? Spontaneous self-combustion, maybe?

While bad, none of this should have been too serious in practical effect however, because the tapes and the data on them would have been encrypted and passworded, surely? Er………no, ‘fraid not, this is a government department we’re talking about, after all.

DEFRA has tried saying that all this doesn’t matter, because “extremely specialised equipment” would be needed to extract the data off the tapes. Clameur de Haro’s techie adviser, when asked about this, just laughed – seemingly, said “extremely specialised equipment” basically consists of a tape drive and backup software, the kind of equipment stocked by every tape-using IT store and freely purchasable over the internet.

This may all seem a bit remote from Jersey – but just how comfortable can we be that, somewhere within the vast edifice of personal data held by the States, there isn’t a similarly cavalier approach to data security, or worse, a similar debacle already perpetrated but being feverishly concealed from public view?

Meanwhile, the only sensible approach seems to be to give the state as little personal data as possible.

Add to del.icio.usDigg It!Stumble This

What That Climate Change Advert Really Meant To Say………..

Like multitudes of his acquaintance, Clameur de Haro has been utterly disgusted by the selective, one-sided, criminally inaccurate, and blatantly scaremongering “bedtime story” advert now being shown on television. It’s nothing else but pernicious, crude propaganda of which Dr Goebbels himself would have been proud – although emanating as it does from the minions of the shifty, snivelling Ed Marxiband Milliband, one should not be remotely surprised.

Considering the eagerness with which the Militant Green-Left denounce sceptics of the Great Anthropogenic Climate Change Scam as deniers or worse, their silence so far on this classic example of the techniques of totalitarianism has been deafening – and because of that, so unequivocally revealing of their true agenda.

As a critique of the advert, this piece from Janet Daley says it all -

The government is trying to terrify you. That is the only possible interpretation of its latest television advertising campaign on the supposed dangers of global warming. Whether or not you accept the scientific premises behind the “bedtime story” advert which is now to be investigated by the Advertising Standards Authority after attracting over 350 complaints from the public, there is no question that it is propaganda in the strict technical sense of the word.

That is to say, it is an attempt by the state to manipulate opinion and evoke emotional reactions without offering argument or evidence for its case. It accepts uncritically the most extreme rendition of the anthropogenic global warming narrative as if it were entirely uncontentious and presents it in the most sentimentally evocative possible way (ie as a threat to one’s own children and to defenceless creatures generally). It uses the techniques once associated with totalitarian societies not to persuade (which is what advertising properly does) but to coerce: to create fear and guilt.

And to what purpose? Without offering constructive argument or serious explanation of the options, we can only assume that this is a campaign designed to browbeat the public into accepting any new restrictions or “green” taxes which government may choose to impose.

Fortunately, it seems that ordinary people still have the independence of mind to know when they are being bullied.

Indeed they do: and moreover an accurate translation of the Green-Left’s propaganda, and an explanation of its true agenda and motivation, is available. It’s here -

Warning – contains strong language which may offend.

Clameur de Haro would undoubtedly have preferred that the little girl’s comment at the end had been expressed in rather less robust terms – but both the message conveyed by her father and the essential meaning of her own response, are infinitely closer to the truth than the original.

Add to del.icio.usDigg It!Stumble This

How Much Is Big Brother Watching The Class?

Did anyone else, wonders Clameur de Haro, catch a TV news snippet in the past couple of days about the extent to which the deployment of CCTV systems in schools is increasing dramatically?

The item featured the UK organisation Classwatch, which openly markets itself as “the answer to effective classroom management”.

What was shown was not just a passive function, i.e. creating a record to be available in the event of either a crime or serious misbehaviour occurring, but an active, virtually real-time, management of the tuition delivery, from a remote control centre. So that the remote controller was actually monitoring and correcting the teacher in her teaching technique, and directing what aspects of the subject material for that lesson she should be according greater or lesser emphasis.

Classwatch, moreover does not come cheap – a system for one single classroom costs about £50 per month on lease, and about £3000 to buy.

The whole item raised in CdeH’s mind some uncomfortable questions about invasion of privacy through excessive, pervasive surveillance, which all too often seems to be imposed on a unwilling, or even unaware population, whether students in school or shoppers in the precinct, either on spurious security grounds, or in an exaggerated response to a perceived threat. So perhaps Jersey’s Education Minister might be moved to answer the following -

To what extent, and in what areas, is CCTV used in Island schools? And if so -

Has its precise use been cleared by Data Protection? Have parents had all the intended uses explained to them, and been specifically to give consent to their children being under surveillance?

Is it used purely in a passive role, or actively to monitor and correct teacher and pupil behaviour / performance?

If so, for how long, and under what conditions of security, are the records retained?

Have the teaching unions been consulted and acquiesced in the remote monitoring of their performance?

And of course, what costs have been, and continue to be, incurred?

No-one, not least Clameur de Haro, would quarrel with the advisability of using CCTV to keep school perimeters secure. Too often, however, meeting a basic need like that provides a convenient cover for a grossly excessive and invasive extension of surveillance, to the ultimate detriment of all our freedoms.

Add to del.icio.usDigg It!Stumble This

Plaudits for Environment and Data Protection!

Back in September, Clameur de Haro blogged about the further example of the intrusive state and its cavalier approach to data protection which seemed to be represented by Environment’s apparently selective targeting of oil consumers for an advisory about the steps necessary to prevent oil spillage pollution.

Data Protection actually responded to the blogpost very quickly, and (with due apologies for the time gap) CdeH is delighted to thank them and share the information they provided –

Distribution of the Oil Care Sticker

The Oil Care Group was established in 2008 in conjunction with Environmental Protection’s ‘Oil Care Campaign’. The group provides a forum for the oil industry (including the Island’s three fuel distributors and a number of boiler engineers) and Environmental Protection to discuss oil related issues and develop environmental best practice with regard to reducing the risk of oil pollution of the aquatic environment.

The Oil Care Sticker aims to provide simple and practical advice to domestic oil tank owners on how to stop oil pollution occurring and what to do if oil is lost to the environment. The Oil Care Group agreed that the best way to distribute the stickers to householders was through the fuel companies. Environmental Protection provided the oil companies with pre-packed sealed envelopes, which contained the sticker and an advisory letter from Environmental Protection. The letter was written on 26 June, 2008 and does not contain any address data. This method of distribution was decided to avoid data protection issues associated with the provision of personal information.

Oil Care stickers are only sent by the fuel companies to their customers if they do not have an oil sticker visible on their tank. To date approximately 10,000 stickers and advisory letters have been given to the fuel companies for distribution.

Distribution of an advisory letter providing information regarding single-skinned oil tank

Following a request from one of the fuel companies, a further advisory letter has been produced to advise people of the environmental risks of owning a single-skinned oil tank. The advisory letter is distributed at the fuel companies’ discretion and aims to support them in reducing the number of high risk oil tanks on the Island. The single skinned oil tank letter was written on 22 August, 2009, with approximately 50 letters provided to the fuel company.

So it appears that, in deciding the best method of distribution, both Environment and Data Protection had very much of the forefront of their minds the need for the protection of the oil distributors’ customers’ confidential personal data. A large Clameur de Haro plaudit to each of them.

A large raspberry, however, to those oil distributors who clearly didn’t feel it remotely necessary to reassure their customers that receiving a targeted advisory from Environment did not mean that confidential customer information had been disclosed.

Add to del.icio.usDigg It!Stumble This

Another Example of the All-Intrusive State

The suffocating embrace of Jersey's increasingly all-intrusive state continues, it seems, to grow apace.

Clameur de Haro has received the missive below from the rather grandiosely-titled Assistant Director, Environmental Protection, reminding him that oil spillage can (only can?) cause long-term damage to the environment (well Good Heavens - whoever would have guessed?) and enjoining him to affix to his oil tank a sticker urging preventive measures apparently derived, not so much from accumulated environmental expertise, as from the Handbook of the Bleedin' Obvious.

Check, CdeH is beseeched, the oil level in your tank before ordering more oil: gosh, never would have thought to do that.

Now Clameur de Haro would never, other than indulging in a little urinary extraction at the expense of the jobsworths, decry the need to protect our natural environment from avoidable pollution of this type (the need to expose and attack constantly the fallacies of the Great Anthropogenic Climate Change Scam being an entirely different matter). But there are a couple of aspects here which are troubling - apart from the obvious one of yet more public expense.

Firstly, to what extent was the public made aware that the 2007 Building Bye-Laws contained a provision requiring the display of an oil care sticker on domestic oil tanks? This in itself is a comparatively innocuous requirement, but what if it had been something altogether more drastic and far-reaching? Building Bye-Laws are either made by the Minister or go through the States Assembly on the nod with precious little scrutiny, so where was the information to the public?

Secondly, and even more disturbing, just how is the Planning and Environment Department aware that Clameur de Haro even has an oil tank? The majority of his neighbours use gas, and his tank installation was not one that required planning permission at the time it was undertaken, so from where, precisely, is P&E's information derived? The obvious inference has to be that it came from the oil suppliers, who presumably made their customer databases (and what else? - amount of oil usage?) available to P&E for the purposes of the latter's mailshot.

If so, then the oil suppliers have quite possibly breached local data protection legislation, and the States of Jersey in turn have either been complicit, or even procured the breach. CdeH provides personal information to his oil suppliers for the purposes of his business relationship with them, not in the expectation that it will be passed on to the agents of the state, and he will be taking this up with them.

Perhaps Jersey's Data Protection Commissioner, one of the few senior public officials for whom CdeH has much time, could adjudicate.

Add to del.icio.usDigg It!Stumble This

Centralised Driving Licence Records - Manifestation of the Database State?

Ever watchful for instances of our government’s persistent desire to expand the information about us it holds on official databases, Clameur de Haro? spied in last Friday’s JEP (7th November) a plea from Peter Hanning, the Connétable of St Saviour, for “almost 40,000” islanders, and more especially his own 5,400 parishioners, to submit their driving licence renewal applications early, because of the potential long delays involved in having them processed and returned.

Because there’s an important issue of data privacy and security to consider here, CdeH? will ignore just this once the none-too-subtle demand for £40 up front, as much as 4 months before it’s actually due, thereby enabling the parishes to pocket a tidy sum in interest on ratepayers’ money. (CdeH? trusts that Icelandic banks, credit derivatives, and sundry other exotic - or should that perhaps be toxic? - financial instruments are currently off limits for Parish Treasurers and Procureurs du Bien Public, but you never know…………)

What CdeH? finds much more disturbing are the implications of the post-application process. Look for a moment at Mr Hanning’s own words, and pay particular attention to the highlighted section –

“After you have handed in your application form to the Parish Hall, the details are checked and entered onto an Islandwide database before your photograph and form are scanned into the system. The licences are printed out and laminated in batches at the Town Hall in St Helier before being posted directly to your home address”.

Presumably, this Island-wide database is the one that already exists for driving licence holders’ details, and has done ever since the parishes ceased to be their own licensing authorities, and became merely the issuing authorities (a sop to the parishes if ever there was one, and administratively a very unsatisfactory half-way house which pleases few, and inconveniences the vast majority).

Nevertheless, CdeH? is instinctively suspicious, and would like answers to the following questions –

Is any additional information, over and above that required purely for driving licence purposes, secretly encrypted on to the credit card style licence?

Precisely who has access to the data, and for what purposes? Is access routinely available to all public bodies and officials, or only on a strict need-to-know basis, coupled with justification and authorization?

How tightly are access, viewing rights, and amendment rights controlled? Could, for example, a parish official in St Ouen snoop on the St Clement licence details of a prospective son-in-law, or fabricate an endorsement on to a business rival’s licence?

If law enforcement agencies have access rights in lawful course of their duties (not unreasonable, within limits), what safeguards are in place to prevent and detect improper use, of the kind not exactly unknown in the recent past?

What integration is there with other States’ databases, like Social Security and Income Tax? Could officials of Social Security, say, search for a cross-matching of names and addresses to check whether a recipient of serious incapacity benefit doesn’t also have a no-incapacity driving licence? Preventing benefit fraud by reasonable means is legitimate, but this kind of linkage allows covert spying on the population to a wholly unacceptable degree.

Licensees’ details include a raft of personal data, photographs, forms, and even signatures. With the existence of the database being public knowledge, and with even CdeH? being able to work out that it would yield a treasure trove of sensitive personal information for criminals, what barriers and firewalls are there to prevent data abstraction for nefarious purposes?

In which public body does political accountability for the centralised database reside? Is it the Comité des Connétables? If not, who? On whose desk sits that famous sign “The Buck Stops Here”? Who do we blame, whose head should roll, who should fall on their sword, if a catastrophic data loss or security breach was to occur? In short, just who’s in charge?

What precautions are taken to ensure that the data held about us will not either (1) be lost while being sent on an unencrypted, non-passworded CD-ROM via insecure mail: or (2) copied to a memory stick which then gets left in the pub: or (3) stored on a laptop which gets nicked from the back seat of a car while the owner hops out to pick up the paper on the way home? All three have happened in the UK during the past year.......

Would the States indemnify the database’s entire population from consequential loss occurring as a result of the leakage of sensitive personal data if caused by the States’ or their agents’ reckless or negligent custody? What’s the extent of third party liability cover carried by the States against this? Is it sufficient?

What does the database cost to establish and maintain? Is it cost-effective? Could it be outsourced at lower cost, provided that legitimate access was not impeded and security was not compromised?

And finally - have all the operating parameters and data protection measures been reviewed and signed off by the Data Protection Commissioner?

Now for a couple of other aspects.

Doesn’t the basic concept of an Island-wide driving licences database run counter to the hoary old argument that a system of 12 individual parishes constituting 12 separate issuing authorities is somehow one of the key manifestations of individual parish identity?

And from the purely practical standpoint, if a centralised, all-Island, driving licence database exists, then why on earth does CdeH?, say, on moving house from Trinity to St John, have to go through the archaic and time-consuming rigmarole of surrendering a Trinity licence and applying – probably in person too, for photograph verification - for a new St John version (plus the £40 fee, no doubt)? The widespread assumption among CdeH?’s acquaintances is that it’s to give parish administration at least the fiction of something to do……thereby adding, of course, to the cost of public bureaucracy.

CdeH? did not anticipate the need, quite so soon after launching Clameur de Haro?, to comment at such length on the threats to the privacy and security of islanders’ personal details posed by the unremitting expansion of the database state.

CdeH? is disinclined just to trust Big Brother, much less learn to love him. So satisfactory answers and reassurances please, Big Brother. And now.

Add to del.icio.usDigg It!Stumble This