Home Office documents laying out what is probably late-2010 thinking on ID cards have been leaking to the press. Here (PDF) you will find a complete version of a document analyzing options, with extensive No2ID annotation. Interesting reading for those here, and not just because it’s worth understanding how the government is thinking about ID cards these days. The kind of thinking embodied in this document is, I think, a significant reason why citizens do not trust government on tyres.

Don’t think anyone’s flagged the Demos pamphlet (PDF) released in November that lays out the need for a new way of thinking about issues of national security. Basically, Demos argues for increased integration within government and also an understanding that the nature of threats has changed since the Cold War. I found the link on Bruce Schneier’s blog; BS also notes that the UK government has decided to stop calling it a “War on Terror”.

UK adult dating site MaritalAffair.co.uk matches single and married people together for what they classify as uncomplicated adult fun. I guess when you consider it, the less complicated the relation the easier it is to gather your sexual enjoyment and move on. MaritalAffair.co.uk has been around for 4 years now and still seems to be gaining in popularity. Single, married, or other, adult dating has taken a new twist with this one. Worth a look.

Both these points seem important to me. At CFP2000, Neil Stephanson gave a keynote in which he talked about the importance of getting the threat model right. He was in fact talking about privacy - traditional notions of privacy have focused on the state as Big Brother while today’s threats are thousands of Little (or maybe medium-sized) Brothers (like companies phone companies, credit card companies, supermarkets - but the point is the same.

So I think it’s a good sign for IA that people are thinking seriously about the threat model and rhetoric in common use. Especially if they adapt correctly to changing conditions.

wg

Just adding my two cents to the festivities.

I’ve been following the Hollywood writers’ strike a bit. In one sense, it’s a side issue for Blindside, since it doesn’t affect government IA. But on the other hand…the concentrated power of media conglomerates does affect IA. In theory, the bigger the media conglomerate the more able it *should* be to keep government honest - its traditional “Fourth Estate” role. But in practice what happens is safe choices, cut budgets for news reporting and “difficult” films and TV shows, and corporate pandering. I don’t think any of these things do society any favors. More than that, the WGA/AMPTP battle is, again, about copyright and royalties. If ever there were a situation that proved the utter hypocrisy of the RIAA/MPAA claim that their attacks on file-sharing and pursuit of copyright extension are about getting the artists paid, this is it. We hear a different story come contract time.

including the Chinese Dration of the China compare mortgages , refurbished laptops. Since the first day of its founding, the Chinese Democracy Party has been receiving close attention from both the US government and other nations. Specifically in 1999 under the leadership of asian fashion Mr. Wang Xizhe, the United Nation Commission on asian jewelry language course |

Journalists lost the battle to participate in the revenue stream from electronic media more than ten years ago; publishers began demanding all-rights contracts sometime in the mid-1990s. Photographers are in dire trouble from similar demands by Corbis and Getty, and are being squeezed by the mass of amateur material on Flickr, as this recent piece by Andrew Brown talks about (and this earlier one of mine also). Hollywood writers are essentially holding the fort for the rest of us - and it’s notable that the only big-league TV production company that is actually owned by its creators, that is, David Letterman’s World Wide Pants, is also the only organization that has reached an agreement with the WGA. Letterman’s competitors can’t do it: their shows are owned by their networks, and they themselves are studio employees. The official strike blog notes that the Wall Street firm Bear Stearns has estimated that acceding to the WGA’s demands would have a “negligible” impact on the studios’ bottom line. But acceding to the AMPTP’s demands, so that creators do not share in the revenues from tomorrow’s mainstream media will have an enormous impact on the cultural landscape for the rest of us.

wg
P.S. Wondering how many episodes you’ll get to see of your favorite shows this year? Try TV Guide’s handy list.

Hi all,

We’re going to be taking an extended break–far longer than Christmas hols. The CSIA is evaluating their options, so to speak, and will be deciding on whether or not to keep Blindside going at the end of Feb.

We’ll still be baby-sitting the site, so if you have comments on any IA issues (or on Blindside in general), put them on this post–maybe we’ll send an addendum over to CSIA.

We leave you with this. Symbolic of this shambolic year to date, really. 2010 should be remembered as the year we gave it away–it being data.

The personal details of three million learner drivers have been lost by the Government, ministers have admitted.

“Private information held on teenagers and other people taking the driving theory test - including their names, addresses and phone numbers - have gone missing from a company in America. Details of the people that sat the driving theory test between September 2004 and April 2010 were lost. In the latest such blunder by the Government, Ruth Kelly, the Transport Secretary, disclosed that the files held on a hard disc drive were lost at a facility in Iowa City last May. The Government faced questions about whether it has misplaced any more records and how many countries process personal details of Britons. Births, deaths and marriage records of millions of British citizens are at present being turned into digital files by a computer firm in India.”

“Miss Kelly was informed about the latest data loss - which experts say could expose millions to the threat of identity fraud - on Nov 28. Yet she admitted the fiasco only last night, on the eve of MPs’ Christmas break.”

Happy holidays to you all! We hope to see you in the New Year, refreshed and ready to continue our exploration of information and identity–we’ll turn into regular shrinks before we know it.

p.s. (You knew it had to happen, right?) “The beleaguered government agency at the centre of the child benefit records fiasco was embroiled in another personal data row last night after losing the pension details of more than 6,500 people. A data cartridge containing the information was misplaced by HM Revenue and Customs, which previously admitted losing two computer discs containing the entire child benefit database of 25 million people.”

“The pensions cartridge is not encrypted or password protected and contains the details of policy holders with Countrywide Assured plc, leaving them open to the threat of identity fraud. It holds their names, addresses, dates of birth, National Insurance numbers, a total valuation of their pension fund, the date of that valuation, the amount of their pension contributions and National Insurance rebates received. Their bank account details are not included.”

If what this Times commentator describes is true, somebody should go to jail. The rest of us should take note. As we may have mentioned one or two thousand times before, security technology and security procedures mean absolutely nothing if there is not an organisational commitment to the security of information.

That senior officers of Norwich Union and Avivia would protect their own data following news of the leak without informing their customers is quite simply disgusting. I personally will remember this when making my own banking decisions, especially as all concerned remain in post, for some unfathomable reason.

At the tail end of Silicon.com’s story about the technologies recommended by the Council for Science and Technology is this short section: “The CST also named four ‘platform or enabling’ technologies to support the above, including increased internet bandwidth for homes, businesses and mobile devices. The other areas are cell and tissues therapies, pervasive systems (networks of intelligent and pre-programmed devices providing services and information) and simulation or modelling technologies.”

From our point of view, there seem to be more IA issues with what they call enabling technologies than the technologies themselves… most of which we have discussed at some length here. Any thoughts? If Blindside cobbled together a commentary piece on this, do you think it would be appropriate to forward to the CST?

The final technology tipped by the Council for Science and Technology (as reported in Silicon.com) is “plastic electronics - an area which can be exploited for computers, communication systems, displays, sensing technologies and solar energy.”

I find this area hugely exciting–I want to be the first kid on the block to have a monitor screen that folds into a Japanese fan. Sheets used for e-books, photovoltaic cell arrays, billboard adverts–all this will be here soon and it will be fun. But the best part of it right now is that our interest can be innocent–I see (at this point) absolutely no information assurance issues arising from this.

So, correct me if I’m wrong, but otherwise let’s just watch this unfold (literally) and enjoy.

Continuing with the Council for Science and Technology’s recommendation of six technology sectors that should be targeted for public sector funding (as found on Silicon.com), we come to e-health systems.

We have been following the travails of NPfIT, which should have been a pioneer in e-health systems, but instead looks like it’s heading for the negative example category–how not to do it. My personal theory (probably not the Blindside consensus and almost certainly not the CSIA’s) is that the procurement structure made failure inevitable for NPfIT, and everything that has happened since has just been recording a bad accident in slow motion.

Jay Nussbaum of Oracle used to preach: “Start small, win quickly, scale fast.” Sounds like a prescription for a successful e-health system. Doesn’t sound at all like the way e-health systems are planned or commissioned.

At this point, I would predict with some confidence that increased public funding of e-health systems would only result in a bigger-sized failure. And yet, e-health systems are inevitable and desireable. So I would agree with the CST’s recommendation with one proviso: All increased funding should come in the form of prizes awarded to new systems built and tested and found fit for purpose by one purchasing organisation.

Again, via Silicon.com the Council for Science and Technology is recommending government funding for six technology sectors. We’re taking a quick overview of IA implications now. In this post we examince healthcare technology.

At first glance, it’s hard to think of a technology field that gets more press (and few that get more funding) than healthcare technology. Just to take the example used in the Silicon.com article, the Mobile Clinical Assistant has gotten a lot of press, including some coverage here. That coverage produced some fairly negative feedback which you can see at our post.

Much of the funding has been from the private sector, ranging from nanotech firms looking to speed drug delivery and improve targeting, to extending wireless coverage on healthcare campuses to enable tracking of blood, newborns, assets and staff. My preliminary question about this is what gap in technology exists that private companies are not addressing? Apart from orphan drugs, my suspicion is that government funding is needed only to buy the latest products and services. I have no quarrel with this, but am not sure new programmes are needed–just bigger budgets.

IA in healthcare is fraught. Healthcare needs inclusive and comprehensive information about an individual to treat them. They need to store a lot of it in case the individual comes back for more. The information has to be available wherever the patient presents. And you still have to protect their privacy. I don’t think anybody has solved this one yet. We’ll address this at greater length in our next post.

Via Silicon.com, we saw yesterday that the Council for Science and Technology is recommending six technology areas for government funding. One of those areas is distribution networks for low carbon electricity generation “to provide locally generated electricity using renewable and low carbon technology.”

This will bring with it information issues, but I’m not 100% convinced that these IA issues need to be solved by government. I think it will be more of a regulatory issue. I think the bottleneck issue for this will essentially be metering. Assuming that utilities can build temporary storage for electricity generated during non-peak times, government may, as has been done in Germany, mandate purchase of locally generated power at attractive rates, and cause that part of the general public that can respond to start doing so–perhaps in a wholesale manner. (I assume they’ll specify origin of power to insure the whole concept remains green–but how will they monitor and enforce this?)

But this type of forced transaction may not sit well with power companies, many of which are already, well, a bit sluggish (if not thuggish) in their treatment of residential customers. Who will measure the power that John is selling from his farm to British Gas? John or British Gas? How will it be measured? Who will arbitrate? The transaction may require two meters, one for John and one for the utility. Does the utility get compensated for line loss (typically 10%, but could be more for small transmission volumes)?

I think the regulatory scheme will have to be robust. The information assurance issue is trust in the quality of information transmitted and stored about a financial transaction, where there is a marked imbalance between the parties to the transaction.

Will British Gas and its competitors be compensated for having to build power storage facilities (not very efficient, but it’s part of the territory)?

This scheme will require significant investment. How will it be treated for tax purposes? Will John with a windmill have to register as a business?

Were I government, I would be testing to see how many would take this up. It has the potential to rival (in cost, complexity and amount of regulatory oversight) the set-up of a network of alternative fuel stations nationwide–which might provide greater environmental benefits at the end of the day.

Lots of number crunching to do for this one.