Support Digital Rights

[drplokta]

There's a new pledge on PledgeBank for people to sign up to pay £5 per month to set up a UK digital rights organisation. If they get 1,000 pledges, then it will happen. 31 so far, including me, but it was only created yesterday.

Go here if you want to sign up. And spread the word.

Comments

[andrewducker]

I find this kind of thing tricky. I mean, I'm against patents on software, but I'm not against ID cards. If I knew that the DRO was going to look at things I cared about, I'd happily be throwing a fiver a month at it. But I'm not happy to see my money being spent on campaigns I care nothing for.

[purplecthulhu.livejournal.com]

but I'm not against ID cards

Might I ask why not? I'm sure there are many people who can hassle you on this, myself included, but I have noticed an interesting age difference on this issue, with older people more opposed to ID cards than younger, and I'm interested in understanding this. You're not stupid or naieve, I think, so I'd be intersted to know why you're not opposed to them.

[andrewducker]

I can't think of a single reason to be opposed to them.

Well, I can - the money might be more usefully spent elsewhere.

But I don't instinctively feel appalled at the idea of information on me being recorded and linked together, so long as there are rules and oversight put in place about how it can be used.

I'd actually find a single form of ID darn handy to have, and having seen how badly data maintenance is handled across different government departments, if it was set up well, I can see it removing numerous of the data management problems that currently exist.

[purplecthulhu.livejournal.com]

Given the crapiness of data maintenance, don't you think that putting all our ID eggs into the one government mandated ID card baskett is actually asking for more problems than fewer?

[andrewducker]

I'm not saying all data would be kept on one database. But a single unique key for identifying a person across databases might be handy.

[purplecthulhu.livejournal.com]

That does also make things easier for the identity thief, and for someone trying to get access to data they are not permitted...

[andrewducker]

I cant certainly see the second - which is why data access security and logging would have to be built in at the ground level.

But I'm not sure why it makes things easier for the identity thief - at the moment, if I lose my wallet I have to tell 15 different people and go through different processes with each one - having a central point to sort it out through would make my life much easier.

[purplecthulhu.livejournal.com]

You think the government ID card centre is going to bother to tell Visa et al. when you lose the card? I very much doubt it!

Indeed, as far as i can tell, sinxce the government are not going to offer any indemnity to credit card companies and others for failures of their ID card system, there won't be any genuine centralisation of reporting etc. You'll just be having someone extra to call when you lose your cards.

The system is being designed to make it easier for all and sundry to access your data, not to make it more difficult, so don't be too sure that security and logging will be high on the list.

[andrewducker]

The NHS system, which is being built along similar lines, very much has security and logging built into it at a root level. Records are only available to people with a reason to have access, and every time they are accessed it's logged.

[purplecthulhu.livejournal.com]

And the BMA is pretty unconvinced by this:

http://news.bbc.co.uk/1/hi/health/4633213.stm

I know my father, a GP, takes a very dim view of this centralisation of records and, once again, the governments records on successfully rolling such schemes out is apalling at best. The courts computerisation system, for example, was a total failure.

And the who determines if someone has reason to have access? Not the patient and not their doctor... someone else, totally out of the loop. That is one of the fundamental flaws.

[andrewducker]

My father approves of the one he's working with, where the people that have access are those that have previously, or are currently treated the patient in question. He's also a doctor, although in this case a neonatal consultant, not a GP.

I understand the GPs have been treated badly, with their opinions not being taken on-board enough.

And again, I want my records centralised - if I'm visiting my family in Kent and need to go to the doctor, I want them to have immediate access to my records.

[purplecthulhu.livejournal.com]

Meanwhile, its things like this that make me oppose a centralised ID card database system in principle - it would make things like this so much easier, and so much less noticable...

"The Washington Post reports that House Energy and Commerce Committee Chairman Joe Barton (R-Tx) has requested raw data and personal financial information on three scientists who published a paper which claimed that temperatures rose precipitously in the 20th century. Colleagues (including other Republicans) are calling the investigation 'misguided and illegitimate.' Barton has long been an opponent of government action on global warming."

Full story here:

http://www.washingtonpost.com/wp-dyn/content/article/2005/07/22/AR2005072201658.html

[andrewducker]

If you want personal financial information you go to a credit rating company, who gives it to you instantly for about $50. You don't do it through the government...

[purplecthulhu.livejournal.com]

Quite - but that's not why the politicians are doing it, or what they're looking for.

Its harassment pure and simple, and a national ID database makes it much easier to do.

And given a willingness to pry for political reasons, there will eventually be a willingness to modify.

Any new system like this needs to be looked at not just for its uses, but also for its abuses, be it by design or accident. The potential for these with the national ID system are far and wide. Now you may trust our current government not to abuse the extra power it wants to give itself, but would you trust the Thatcher government? Or a government 10 years from now?

[andrewducker]

Its harassment pure and simple, and a national ID database makes it much easier to do.

I agree with the former, but not with the latter. For the people in charge, getting information back from all 26 databases isn't a problem. It's a problem when the low level bureaucrat you want to actually do something for you needs information.

[purplecthulhu.livejournal.com]

Actually no... If its 26 databases they need to file 26 requests with 26 people to fulfill them. Thus there's 26 times the chance that one of these people will go to the Guardian and leak the fact that someone is abusing their power.

And do you seriously think that the new system will be any easier for the general public to do anything with? Our interests come a distant last place in any considerations of the system design.

[andrewducker]

And do you seriously think that the new system will be any easier for the general public to do anything with?
From what I've read about what they're doing with it, yes, I do.

So far the vast majority of your arguments have been "The government is doing something, therefore it will be bad." I have to say that I don't feel that way...

[purplecthulhu.livejournal.com]

The most charitable view of the ID card system possible is that the government is doing something for its own convenience, at vast expense to the general populace. There is little evidence that the system will reduce costs in the long term, indeed quite the reverse, so this will be a lonmg term additional expense we're subject to. Any extra convenience this might bring to people is incidental, and, with the burden of having biometrics measured regularly etc. etc. and the large cost, they are overall likely to make life harder not easier.

The government is doing something for itself, and charging us for it, and offering no coherent reasons for why we should want it. To me, opposing it sounds like avoiding being sold a pig in a poke, not just mindless oppositionism, which is how you're caricaturing the argument.

But it seems your mind is made up, and you aren't prepared to look at the ways it can, and will, go wrong or be abused. You're actually sounding like some of the undergraduates I know who are in favour. I had thought you weren't that naieve. Maybe I was wrong.

[andrewducker]

you aren't prepared to look at the ways it can, and will, go wrong or be abused.

I very much am.

But my response to "It can be abused in way X" is to find a way of doing it that doesn't allow that abuse, not to say "Well we shouldn't do it then."

[purplecthulhu.livejournal.com]

find a way of doing it that doesn't allow that abuse

But there is no evidence that the government is actually interested in doing this. There are ways of setting up an ID card system that has a smaller chance of abuse, such as that porposed recently by the LSE. This has been wholly rejected by the government. There are also substantial technical issues about making the scheme workable at all, but they're ignoring this as well.

When the Information Commissioner says the introduction of ID cards is 'sleepwalking into a surveillance society', and is also ignored by the government, then we should be worried. I'm surprised you're not.

It seems to me that you're more than 'not worried' about ID cards, but are actually quite enthusiastic for what seem to me are all the wrong reasons. I thus don't think there's much point continuing this.

[andrewducker]

I've said that a centralised database would be easier to maintain and keep accurate than a whole bunch of little databases.

Other than that I haven't been in favour of them at all.

I'd agree that the government doesn't seem to be taking the right tack with them - but that (to me) is reason to push for them to be implemented correctly (and in a voluntarily capacity), not to push against them entirely.

But I think you're right - we can probably leave this here.

[andrewducker]

To clarify - I believe the government _already has the power_. If they want all the information on any one person, they can get it. The current system doesn't stop the abuse, but it makes it hard for the individual.

Addendum

[andrewducker]

I'd like to add that I'm not in any way convinced that it _will_ be well implemented. But I have nothing against the idea in theory.

Re: Addendum

[purplecthulhu.livejournal.com]

There are several reasons to oppose the government's proposals. The 'in principle' side is only one of them. Even if I were not opposed to them in principle, I would probably oppose the proposed scheme as it is likely to be very expensive (given the hostory of government IT contracts), very poorly managed (ditto), and seems over-complex if not fundamentally flawed. An ID card purely for identification, with no huge database backbone, is one thing. The vast 'ministry of identification and peering over your shoulder' that is in fact being proposed, is another thing entirely.

After all, there was nothing wrong with the poll tax in principle it was the implementation that was the problem, and that people onto the streets.

Re: Addendum

[andrewducker]

Actually, I'm against the poll tax in principle. People should pay according to their ability to do so. Charging everyone the same amount meant that poor people were paying a much larger percentage of their income.

Re: Addendum

[purplecthulhu.livejournal.com]

Actually the original scheme for the poll tax included provision for zero payments for those earning less than some value. The treasury scuppered this, and upped the costs for everyone else, leading to the problems we saw.

Re: Addendum

[andrewducker]

We already have large amounts of info kept on you, across multiple departments. And whenever you go to one you have to tell them the information you've already told the one across the hall, and then they have to go and make 15 information requests to fill in their own blanks, and sometimes it goes wrong because they've got you down with a slight mispelling in one case, and a a subtly different address in the other.

They _have_ all the information - they just keep multiplying their mistakes because it's not joined up. I want it all joined up and then I want access to see my own information so I can correct whatever egregious mistakes they've made in it.

Re: Addendum

[purplecthulhu.livejournal.com]

Well you're not going to get that access - that's for sure!

And if its all joined up, each msitake is propagated everywhere. That doesn't sound better to me.

Re: Addendum

[andrewducker]

Joining it up would mean you had one address, rather than having a different one on each system. That means one place to fix it. I don't see how that propagates mistakes.

Re: Addendum

[purplecthulhu.livejournal.com]

Because that mistake pollutes all connected information. If the NHS, say, has my wrong name, that's not going to affect my tax records. If its all joined up, it does.

Re: Addendum

[andrewducker]

It'll also be immediately obvious, because all of them will be trying to look in the wrong place.

At work we used to have 6 different address systems, built over a period of several years. We had endless problems with inaccuracies and mismatches before we pulled them all together. Now if there's a problem it turns up quickly and gets sorted in one place. It's saved vast amounts of time and the number of customer complaints has dropped significantly.

Re: Addendum

[purplecthulhu.livejournal.com]

That's true of information such as addresses which are frequently used. Its less true of rarely used information which might still have serious consequencies. This is especially the case if you're not allowed to check all of your own information, which I think is likely the case with the ID card database.

Also, if you have several independent databases, its much easier to cross check if something is wrong. Its like a weak hulled boat with lots of watertight compartments compared to a strong hulled boat with no internal security. It might be more difficult to hole, but one that happens you lose the whole thing.