Category: databases

The paranoid bubble of Offender Locator

TechCrunch reports that one of the Top 10 current iPhone apps in the USA is something called ‘Offender Locator’. This is a little mash-up that overlays the location of those on registries of sex offenders onto google maps, so you can check where sex offenders live whilst you are on the move.

This is such a world of wrongness, its hard to know where to start.

Let’s begin with the categorisation. The category of ‘sex offender’ varies from jurisdiction to jurisdiction. This app is clearly targeted at parents worried about paedophiles, yet depending on the state, offender registers can include people convicted of innocuous things like public nudity, public urination and simple underage sex (and please don’t try to tell me that a 17-year old kid who has consensual sex with a 15 year-old kid is a technically a paedophile, that’s just normal, whatever the laws of some backwards states may say).

The second thing is that even the US Department of Justice says that such registers cannot be guaranteed to be accurate. So now these non-guaranteed lists are available to you mapped out on your iPhone. Does that somehow make them more accurate? No, but all those red arrows on a map do look much very ‘real’ and scary though, don’t they?

Which brings me to the third point. What are you supposed to do with this ‘information’? It’s hardly empowering, in fact it creates a false view of the world based on fear. Will you not let your kids out within several miles of any red marker on the map, will you take a detour to avoid neighbourhoods with high concentrations of offenders when you are driving, or of course, in contrast, will you deliberately go to such places with a baseball bat to show those sex offenders who’s boss?

Finally, of course, this information isn’t ‘live’. It shows you where sex offenders live, but they aren’t chipped yet, so not where they actually are at any one moment in time. It provides at once a false sense of reassurance and the nagging feeling of doubt that they could really be right behind that tree over there, or in the shadows. And what do ‘they’ look like? That man over there with the 5 o’clock shadow at 11 in the morning sure looks like a sex offender… and there’s definitely some in this neighbourhood, your iPhone says so!

Apps like this, policies like this, also increase the pressure for more ‘comprehensive’ solutions – especially this app. Because it isn’t ‘live’, they’ll be people asking ‘why not?’ Why not tag these people for the rest of their lives with GPS cuffs, or implant them with RFID chips?

Finally, the thinking behind this app is just wrong in terms of what we know about sex offenses. Most real sexual violence and sexual abuse of children takes place within the home and within ‘normal’ family relationships (and ‘normal’ schools and nurseries too). That’s what Mr or Mrs iPhone doesn’t want to hear. ‘It couldn’t be my husband, okay he gets angry with the kids sometimes, but he’s under a lot of pressure at work and I know he loves us…’ Far easier to externalize the ‘threat’, to cast it ‘out there’ amongst the red arrow markers on the streets of some other neighbourhood…

Surveillance isn’t necessarily the same thing as paranoia but when surveillance becomes pathological, paranoia is the result. Some paranoia is about surveillance, some is expressed in surveillance. This kind of apparently democratic, freedom of information app, demonstrates the worst and most pathological places that a society of ubiquitous surveillance can start to go. It creates defensive bubbles of individualized, desocialized paranoia, of protecting ‘the kiddies’ against the threats from the ‘Other’, outside. Perhaps you should just stay inside and buy everything from amazon.com and make your kids live in some virtual world where only those nice marketers can prey on them…

(thanks to Aaron Martin for pointing this snippet of news out to me)

Tokyo Brandscaping and the SuiPo system

Brandscaping is a term used in marketing to describe the metaphorical landscape of brands (either for a particular brand, company or sector), however it is also being used by some researchers, including me, to describe the way in which brands are being infiltrated into urban landscapes, with the ultimate aim of being ‘inhabitable’ perhaps even 24/7 (see for example Disney’s move into urban development with Celebration in Florida).

Contemporary brandscaping makes use of new ambient intelligence, pervasive or ubiquitous computing technologies (‘ubicomp’) and ubiquitous wireless communications to create a landscape in which the consumer is targeted with specific messages directing them to certain consumption patterns. Such communication cans of course be two-way and provide corporations with valuable and very personal data on consumption patterns. As I’ve argued in many presentations over the last few years, ubicomp is necessarily also ubiquitous surveillance (what I call ‘ubisurv’ – hence the name of this blog!) because to work it requires locatability and addressability. Japan, and Tokyo in particular, has been the site for a number of cutting edge experiments in this regard, including the ‘Tokyo Ubiquitous Technology Project’ which embedded 1000 RFID tags which can communicate with RFID-enabled keitai (mobile phones) in upscale Ginza as well as several other pilot schemes around Ueno Park and Shinjuku.

TUTP is not all about marketing surveillance however, part of the scheme has involved ‘Universal Design’ (UD) principles, with one experiment to embed chips in the yellow tactile tiles designed to help guide sight- and mobility-impaired people around the city so that useful access information could be passed through specially-enabled walking sticks. I’m very interested in such experiments as they indicate an alternative direction for ubicomp environments which are about genuinely enabling people who are currently disabled by social and architectural norms, and creating a richer sensory landscape. They show that both surveillance and ‘scary’ technology like RFID chips can be humanised.

Unfortunately in our consumer-capitalist world (and Tokyo is the exemplary city of hyper-consumption), marketing and building brandscapes tends to take priority over enabling the excluded and the disadvantaged. But there are different ways of doing this too, which can be more or less intrusive and consensual. The other day I was talking about the growth in functionality of the Suica smart travel card system. Suica-enabled keitai can now, be used buying all sorts of things and since 2006 there have been a growing number of ‘SuiPo’ (short for ‘Suica Poster’) sites, Suica-enabled advertising hoardings that will, on demand send information to your mobile e-mail address with on particular advertising in which you are interested if you pass your Suica card or phone over a scanner placed next to the poster (see photos below)

The difference between SuiPo and the Ginza RFID scheme however is that it with SuiPo is that it is the consumer who makes the choice whether to activate any particular poster’s additional information system. In this sense it is a development of the i-Mode system in which many keitai can read information from special barcodes embdedded in magazine advertisements. It doesn’t automatically call your phone every time you pass an enabled poster, once you have signed up. Not as high-tech but slightly more consensual. However this will, of course, lead to the accumulation of a lot of data on consumption interests. This potentially generates a massive consumer surveillance tool, because it can be linked up travel patterns (your registered Suica card sends information back on where you go – I was wrong about the absolute differences between London’s Oyster and Tokyo’s Suica systems the other day) and information about consumption.

So will this potential become reality? The page on privacy and data protection on the SuiPo website (as usual the link is hidden away at the bottom of the front page!), is pretty standard stuff except for the legitimate purposes for which the data can be used once you sign up. They are, for those who don’t read Japanese, for:

  1. Sending the specific requested information to you;
  2. Improving services;
  3. Data processing and analysis;
  4. JR East’s promotional marketing; and
  5. JR East customer questionnaires.

Purposes 2 and 3 pretty much allow JR to do anything it likes with the data once you have signed up, and there is no statement as to what can or cannot be done with data once it has been ‘mined’ – analysed and transformed into more useful to the company or other organisations (corporate or state) which might want to buy or access such knowledge. ‘Ubisurv’ indeed…

A juki-net footnote

I had a conversation yesterday (not a formal interview) with Midori Ogasawara, a freelance journalist and writer who used to report on privacy issues for the Asahi Shimbun newspaper. This was mainly to set up further interviews with those who are or were involved with campaigns on surveillance and privacy issues in Tokyo. However I also managed to clarify a few of my own questions about juki-net and the opposition which it attracted.

In short, there seem to have been several objections.

  1. First of all was the objection to the idea of a centralised database, which was able to link between other previously separate databases.
  2. Secondly, there was the fact that this was the national state asserting authority over both local government and citizens. Both Local Authorities and citizens groups had argued for ‘opt-in’ systems, whereby firstly, towns could adopt their own policies towards juki-net, and secondly and more fundamentally, individual citizens could decide whether they wanted their details to be shared.
  3. The third objection was to there being a register of addresses at all. Many people saw this simply as an unnecessary intrusion onto their private lives, and in any case, the administration of welfare, education and benefits worked perfectly well before this (from their point of view) so why was such a new uniform system introduced?
  4. Next there were objections based on what was being networked. The jyuminhyo (see my summary from the other day) is not actually a simple list of individuals and where they live, but is a household registry. It might not, like the koseki, place the individual in a family line, but is still a system based on patriarchal assumptions, with a designated ‘head’ of the household, and ‘dependents’ including wives and even adult children.
  5. Finally, there was the question of the construction of an identification infrastructure. Whether or not juki-net is considered as an identification system, and it does have a unique identifying number for each citizen, and has the potential to be built on to create exactly such a comprehensive system of national identification. Lasdec, who we talked to the other day, may not approve of this, or believe it will happen, but they are only technicians, they are not policymakers and don’t have the power or the access to know or decide such matters. And in the end, if they are required by law to run an ID system then they will have to run it.
  6. There were, as I already mentioned, objections to the potential loss or illicit sharing of personal information. I don’t think this is intrinsic to juki-net, or indeed to database systems, but of course both databases and networks make such things easier. People are also quite cynical about promises of secure systems. Lasdec may say that that juki-net is secure, but there have been enough incidences of government data leaks in the past for people not to accept such assertions.
  7. Finally, Juki-net connects to the border, passport and visa system. The reason that foreigners will finally be included on the jyuminhyo (and therefore juki-net) from 2012 is not therefore to respond to long-term foreign residents’ requests for equal treatment but in fact to make it even easier to sort out and find gaikokujin, check their status, and deal with unofficial and illegal migrants. Groups campaigning for the rights of foreign workers (mainly the exploited South-East Asian and Brazilian factory workers) have therefore been very much involved. Of course it also makes it possible to connect the overseas travel of Japanese people to a central address registry.

I’ll be meeting Midori again soon, I hope, along with other researchers and objectors. I am also still hoping to be able to talk to officials from the Homusho (Ministry of Justice) and the Somusho (Ministry of Public Management, Home Affairs, Posts & Telecommunications), but they are are currently passing around my request to different offices and generally delaying things in the best bureaucratic traditions!

Identification in Japan (Part 2): Juki-net

As I mentioned yesterday, one of the big developments in state information systems in Japan in recent years has been the development of the jyuminkihondaichou network system (Residents’ Registry Network System, or juki-net). Very basically juki-net is a way of connecting together the 1700 (recently restructured from 3300) local authorities’ residents’ registries (jyuminhyo). These are a record of who lives in the area and where, that are held on a multiplicity of different local computer (and even still, paper) databases. Japanese government services are always struggling to catch up with massive and swift social changes, particularly the increased mobility of people, that made first the Meiji-era koseki (family registers) and then the disconnected local jyuminhyo (which were both themselves introduced to deal with earlier waves of increased social and spatial mobility) inadequate.

Operational from 2002, juki-net is restricted by law to only transmitting four pieces of personal data (name, sex, date-of-birth and address), plus a randomly-generated 11-digit unique number. Nevertheless, the system was strongly opposed and has sparked multiple legal challenges from residents’ groups who did not want to be on the system at all, and who considered the risk of data leakage or privacy violation to be too great for the system to be lawful. These challenges were combined together into one class-action suit, which finally failed at the highest level, the Supreme Court, in March 2008. The court ruled that juki-net was constitutional and there was no serious security risk in the system itself but according to some analysts did not address the possibility of mistakes being made by operatives. But this would seem to me to be a problem of data protection in general in Japan, rather than an issues that is specific to juki-net. Like Brazil, but unlike Canada and the UK for example, Japan has no independent watchdog agency or commissioner for safeguarding privacy or kojin deta (personal data), and other than internal procedures, the courts are the citizen’s only recourse. In any case, as Britain’s comparatively frequent incidence of data loss by public authorities shows, even having such a system does not necessarily make for better practice. There is in Japan, as in Britain, training and advice in data protection provided by a specialist government information systems agency.

We interviewed officials at that government agency, Lasdec (the Local Authorities Systems Development Centre) today. Lasdec also developed and runs juki-net and is responsible for the new jyuminhyo / juki-net card that enables easy access to local (and some national) services via the web or ATM-like machines at local government offices. Unsurprisingly they were quite bemused by the opposition to juki-net, which they say was based on a lack of understanding amongst citizens about what it was, and a general fear of computers and databases. They argued that many people (including one or two local authorities) had the impression juki-net was, or was planned to be, an extensive database of all personal information held by different parts of the government, or even was the basis for a new system of national identification or indeed was a new system of national identification – indeed that was the impression one got from reading both Japanese and foreign civil and cyber-liberties groups’ reports in 2002/2003 with plenty of stories of the new Japanese ‘Big Brother’ system (see the archived collection here for example).

However Lasdec argued that both ideas were incorrect. The officials recognised both that the 11-digit unique number was adapted from a previous failed identification scheme, and that juki-net could in theory become the basis for any proposed future national ID scheme, but this was prevented by the enabling law. In any case juki-net was not even the best existing system on which to base an ID system: passport, driving licence and healthcare databases all had more information and certainly information with higher levels of personal identifiability – and no-one seems to be objecting the amount of information contained on the driving licence system, for example. Juki-net has no photos or other biometric data and no historical information. Likewise the residents’ card can have a photo if the resident wishes, but this is not shared through juki-net, and in fact the card itself is entirely voluntary. In addition, only in one city has take-up of the card exceeded more than 50% of the adult population (Lasdec has detailed information on take-up but only published a ‘league table’ without percentages). You also do not lose anything by chosing not to have or use the card.

The officials at Lasdec were, as with many technical and systems engineers in both public and private sectors whom I have interviewed, far more aware of privacy, data protection and surveillance issues than most politicians and mainstream (non-technical) government officials. They did not shy away from the terms kanshi (surveillance) or kanshi shakai (surveillance society) and indeed were as critical of the unregulated spread of things like CCTV in public space as many activists. They saw themselves in fact as controllers of information flow as much as facilitators. They were committed to the minimalist model of information-sharing set out by the law governing juki-net and wanted to find always the ways that information that was necessary to be shared could be shared without the creation of central databases or the exchange of additional unnecessary information. In addition, new laws came into force (in 2006), which make the residential information more private than it was before. In fact, such local registers used to be entirely public (anyone could access them), and now they are far more restricted – this only seems to have been noticed by direct marketing firms, who of course were not 100% happy with this change.

This puts me into a strange position. I have colleagues here who have been utterly opposed to juki-net, and I have always assumed that it was in some way similar or equivalent to the UK National Identity Register / ID card scheme. However in fact, it seems very similar to the ‘information clearing house’ idea which I and others have proposed for the UK, in opposition to the enormous NIR which would seem to suck in every kind of state-held information on the citizen! In addition juki-net does not require any more information from the Japanese citizen than is already held by the state, again unlike the NIR in the UK, for which multiple new forms of information are being requested by the state and indeed there are fines, and ultimately prison sentences, proposed by law for refusal to give up or update such information. In contrast, juki-net is more like the electoral register in the UK, to which hardly anyone objects.

This all makes me wonder exactly what it is that provoked such vociferous opposition to juki-net. If it is a actually or potentially repressive surveillance system, somewhat like Barthes’ famous description of Tokyo, it is one with an empty centre; there is no ‘Big Brother’ only a rather well-meaning set of bespectacled technicians who are just trying, as they see it, to make things work better so that people don’t have to keep proving who they are every time they move to a new area. Perhaps there are particular cultural and political factors (that is after all the working hypothesis of this entire project – and perhaps in making assumptions about both systems and oppositions across borders we obscure the specifics). Perhaps it is the association of the 11-digit number with previous proposed ID schemes. Perhaps, as in Germany, in new government information systems, there are resonances with older systems of identification and control that hark back to more repressive, fascist, times. Or perhaps there is a general cynicism of successive government ‘information society’ / ‘e-Japan’ / ‘i-Japan’ strategies and initiatives, each of which promise empowerment and in practice deliver more bureaucracy. These are some questions I need to explore further with other officials academics and activists.

India to issue biometric ID cards

According to The Times (and many other sources), this week, India is to create a central database, a unique identification number and biometric ID cards for all of its citizens. The scheme will be run by the newly-created Unique Identification Authority and cost an estimated £3 Billion (or around $5 Billion US).

As in Brazil, there is a felt need for such a system because of the proliferation of IDs and the dangers of anonymity and invisibility in a society where this can be a life or death issue. None of this, of course, means that the particular measures chosen will achieve their aims or will not create other problems. The Times with predictable journalistic cliche, calls this the largest Big Brother scheme in the world and the leader of the project is talking about a “ubiquitous online database” . However, it is rather difficult to see how it will be anything like that when most of India’s chaotic multi-level bureaucracy, especially at local level, still ‘works’ on the basis of paper-based filing systems.

There are suggestions too that this has purposes in crime-fighting and anti-terrorism, although the Indian government website on the scheme makes no such claims (which have in any case been discredited in the discussion about the proposed UK National Identity Register and ID card). It instead focuses on how ‘the Unique ID will be helpful in reducing identity related fraud and allow only targeted people to get the benefits from the government’ (MIT website).

Discussions on listservs has also served to question claims made in The Times article. The paper talks about ‘1.2 Billion’ people being enrolled, but in fact the scheme would only cover over-18s, which would be less than 2/3 of that number It also seems unclear exactly how the cards will be biometric. If it is just a photograph and fingerprint, this would be much the same as the Brazilian scheme. Of course the UK had more ambitious plans, but these were scrapped due to cost and reliability concerns.

Japan, where I am now, has instituted its own central database, and unique ID number, juki-net, and I will be talking to one of the people responsible for dealing with the technology that enables local governments to use the system this coming week…

(Thanks to John Bredehoft for pointing out the problem with the figures).

Google: ‘give us data or you could die!’

I’ve been keeping a bit of an eye on the way that online systems are being used to map disease spread, including by Google. What I didn’t anticipate is that Google would use this as a kind of emotional blackmail to persuade governments to allow them as much data as they like for as long as possible.

Arguing against the European Commission’s proposal that Google should have to delete personal data after 6 months, Larry Page claims that to do so would be “in direct conflict with being able to map pandemics” and that without this the “more likely we all are to die.”

Google talk a lot of sense sometimes –  I was very impressed with their Privacy counsel, Richard Fleischer, at a meeting I was at the other week – and in many ways they are now an intimate part of the daily lives of millions of people, but this kind of overwrought emotionalism does them no favours and belies their moto, ‘don’t be evil’.

(again, thanks to Seda Gurses for finding this)

Contact Point goes live

The controversial new central database of all children in the UK has gone live today for the North-west of England, and will gradually be rolled out across the UK. The £224M ‘Contact Point’, one of the main planks of the ‘Every Child Matters’ initiative, will be accessible to around 390, 000 police, social workers and other relevant professionals. It is mainly being promoted as a time-saving initiative, allowing quicker and more informed intervention in the case of vulnerable children, which we all hope it does, although this of course depends on the correct information being on the database in the first place. In addition, as the Joseph Rowntree Reform Trust review, Database State, rated the system as ‘red’ for danger in terms of privacy:

“because of the privacy concerns and the legal issues with maintaining sensitive data with no effective opt-out, and because the security is inadequate (having been designed as an afterthought), and because it provides a mechanism for registering all children that complements the National Identity Register.”

FBI data warehouse revealed by EFF

Tenacious FoI and ‘institutional discovery’ work both in and out of the US courts by the Electronic Frontier Foundation has resulted in the FBI releasing lots of information about its enormous dataveillance program, based around the Investigative Data Warehouse (IDW). 

The clear and comprehensible report is available from EFF here, but the basic messages are that:

  •  the FBI now has a data warehouse with over a billion unique documents or seven times as many as are contained in the Library of Congress;
  • it is using content management and datamining software to connect, cross-reference and analyse data from over fifty previously separate datasets included in the warehouse. These include, by the way, both the entire US-VISIT database, the No-Fly list and other controversial post-9/11 systems.
  • The IDW will be used for both link and pattern analysis using technology connected to the Foreign Terrorist Tracking Task Force (FTTTF) prgram, in other words Knowledge Disovery in Databases (KDD) software, which will through connecting people, groups and places, will generate entirely ‘new’ data and project links forward in time as predictions.

EFF conclude that datamining is the future for the IDW. This is true, but I would also say that it was the past and is the present too. Datamining is not new for the US intelligence services, indeed many of the techniques we now call datamining were developed by the National Security Agency (NSA). There would be no point in the FBI just warehousing vast numbers of documents without techniques for analysing and connecting them. KDD may well be more recent for the FBI and this phildickian ‘pre-crime’ is most certainly the future in more ways than one…

There is a lot that interests me here (and indeed, I am currently trying to write a piece about the socio-techncial history of these massive intelligence data analysis systems), but one issue is whether this complex operation will ‘work’ or whether it will throw up so many random and worthless ‘connections’ (the ‘six-degrees of Kevin Bacon’ syndrome) that it will actually slow-down or damage actual investigations into real criminal activities. That all depends on the architecture of the system, and that is something we know little about, although there are a few hints in the EFF report…

(thanks to Rosamunde van Brakel for the link)

High Court rules innocent man’s DNA must be removed from database

As if the govenrment wasn’t in enough of a bind over the police National DNA databases, in a landmark ruling yesterday, the High Court of England and Wales has decided that the DNA of the innocent should not be on the database in the current legal circumstances. The man from County Durham was maliciously accused of assaulting a pupil at the school at which he was a teacher, and despite volunteering for questioning was arrested, fingerprinted and swabbed. These records were of course kept despite his innocence.

This story reminds us that being on the NDNAD is not an isolated thing, but part of a complex network of records that do imply suspicion (like it or not) – even Sir Alec Jeffreys, who pioneered DNA fingerprinting, thinks so… in the case of this teacher, he would have been wrongly suspected every time he applied for jobs working with children.

This is another indication that the government’s policy on the DNA database and police tactics to populate it, have been not just morally questionable but illegal, and confirms that the response issued this week was inadequate and devious. It will be interesting to see how they might now immediately have to modify their plans to conform to this new ruling (which, being a British court, they can hardly blame on ‘un-British’ European law)…

UK National DNA Database – what will change?

The government’s official response to the damning ruling by the European Court over the retention of DNA and fingerprint samples and data is a farce, which seems utterly contemptuous of the ruling and reasoning of the court, shows no sign of understanding the significance of Article 8 or the British common law principle of innocent until proven guilty.

One thing that has struck me recently in the UK has been the sudden increase in the level of defensiveness by New Labour over the surveillance apparatus it has constructed over the last 12 years. Report after report has damned their slapdash attitude to human rights and civil liberties – we expect the government’s official response to the Lords Constitution Committee report next week – and there have been attacks from various political ‘big beasts’ including David Blunkett, former MI5 Chief Stella Rimington, and most recently Stephen Byers and even current cabinet ministers reportedly asked for the ID card scheme to be scrapped.

As a result, there has been a splurge of sudden backtracks, retreats and promises of change and consultation on future plans but there have also been rather devious attempts to avoid taking real action to remedy already existing wrongs. In the first category, we have seen the abandonment of Clause 152 of the Coroners and Justice Bill, where a an blanket permission for government data-sharing had been hidden, and there have been suggestions that the proposed new super-database of communications traffic data might not be constructed after all – though largely, it seems, on grounds of cost not principle.

However, in the second category, today we got the government’s official responseto the damning ruling by the European Court over the retention of DNA and fingerprint samples and data by the UK police. It is, to put it mildly, a farce, which seems utterly contemptuous of the ruling and reasoning of the court, and shows no sign of understanding the significance of Article 8 for individual liberty. Mind you, it also shows little sign of comprehending the British common law principle of innocent until proven guilty.

The government proposals are to retain the DNA samples and profiles, and fingerprints (these are just as important and not so often mentioned in the news reports) of all those convicted of a crime. Of the innocent, the National DNA Database (NDNAD) has around 350,000+ people who are certainly in such a position, however the police apparently need two years to go through the Police National Computer to check the other 500,000+  DNA profiles of those not convicted of any crime, as they can’t be sure whether existing profiles match to those who have committed offences (so much for joined-up government…).  Then those people, who are, let’s not forget, entirely innocent in law will be sorted into two categories – those arrested but not convicted for serious and violent offences, and those arrested and not convicted of minor offences.

Will the latter have their profiles immediately removed, as we might reasonably expect?

Err, no.

In fact, these innocent people will have their DNA profiles and fingerprints retained for 6 years – more than the number of years (5) that Scotland retains the DNA of those suspected of serious and violent offences. Those in the latter category will have their DNA profiles and fingerprints retained for 12 years. In addition the profiles of children will be retained until they are 18, and then removed only if they have been arrested (again, not convicted) for one minor offence.

Is this an acceptable response? Quite clearly not. It is against the spirit of the ruling by the European Court, even if it might be interpreted as complying with the exact wording issued. More to the point, it is an attempt to get around the difficult issues, not deal with them. It is devious, based on the pre-emptive logic of risk-surveillance principles, and goes against the long-standing principles of British Common Law as well as more recent developments in Human Rights law, and is not the response of a government that has any trust in the people who elected them. It allows the police to continue to populate the NDNAD by stealth.  And they certainly are using whatever methods they can to do so – for example, one key indicator is the rise in the number of stop and searches under Section 44 of the Terrorism Act, which in London, it was also reported today, rose from 72,000 in 2007 to 170,000 in 2008, a rise of 236%, however it rose by 325% amongst the black population. There seems to be no mention of the role that discriminatory stop and search policing plays in populating the NDNAD in recent government statements, however it is quite clear that stop and search policing is discriminatory, and we know too that young black men are disproportionately represented in the NDNAD.

In this climate, with a government obsessed by pre-emptive security to compensate for its growing loss of power and trust, and a police service that appears, after the G20, increasingly out-of-control, what is the chance of developing a fair, accountable, just and transparent system of personal data retention in law enforcement in the UK? At the moment, it could appear, the answer is ‘very small’.