Category: UK

A quarter of UK databases break privacy laws

This is massively important because it is based not simply on a financial, political or even an ethical position, but on the database projects’ respect for existing law. They are simply illegal…

A new report for the Joseph Rowntree Reform Trust by a very credible largely Foundation for Information Policy Research (FIPR) team that combines engineers, lawyers, software developers, and political scientists, has concluded that a quarter of the UK public-sector databases are illegal under human rights or data protection law. It also looks at UK involvement in some European database projects and finds all of them questionable too.

The report rates the 46 databases on a traffic light system – green, amber, red – and argues that those rated ‘red’, in particular the National Identity Register and the Communications Database, and are simply unreformable and should be scrapped. This is massively important because it is based not simply on a financial, political or even an ethical position, but on the database projects’ respect for existing law. They are simply illegal, and not just massively expensive, morally questionable or politically undesirable. In fact, a quarter of all the databases were found to contravene the law and more than half were ‘problematic’ (i.e. open to challenge in court) . All of those rated ‘amber’ (29 databases) the authors argue, should be subject to independent review.

There are a number of other major recommendations, including the reassertion of the necessity and proportionality tests contained in DP law, citizens should anonymous rights to access data, more open procurement of systems, and better training processes for civil servants. The most important and radical measures proposed, and entirely correctly in my view, are those concerning the location of data and the whole nature of UK IT development. For the former, the report recommends that the default location for sensitive personal data should be local, with national systems kept to a minimum – this appears to be rather like the ‘information clearing house’ system as opposed to central databases, that we proposed in our Report on the Surveillance Society, but better worded and justified! In the latter case, the authors simply note that fewer than 30% of government IT projects succeed at a cost of 16Bn GBP per annum and that there should never be a general and aimless government IT program, rather there should only ever be specific projects for clearly defined and justified (proportional and necessary) aims.

It is an excellent report and probably unanswerable in its logic. Tellingly, The Guardian report contains no response from any government minister…

Counting Cameras (yet again)

Here is yet another episode in what has become a bit of a scrap between David Aaronovitch of The Times and everyone else who knows anything about surveillance (including the news reporters from his own paper). It is making me lose the will to live, but if anyone else is interested, here is Paul Lewis of The Guardian taking David out to count cameras in London.

EU to EULA if UK is OK

It is a kind of digital enclosure, an attempt to impose on the Internet the same kind of removal of common rights that the British ruling classes imposed on the land from the Seventeenth Century onwards…

I have just completed an article on the UK as a ‘bad example’ to the rest of Europe, and lo and behold another piece of regressive, repressive idiocy by the British government appears. It seems that the UK is trying to amend the proposed EU-wide Telecommunications package to destroy the principle of net neutrality. Their proposals will “remove the principle of users’ rights to access and distribute Internet content and services”, and replace it with “a ‘principle’  that users can be told not only the conditions for access, but also the conditions for the use of applications and services.”

In other words, they want to make the entire Internet work by End-User Licensing Agreements (EULAs) rather than the general principle of end-to-end connectivity. It is a kind of digital enclosure, an attempt to impose on the Internet the same kind of removal of common rights that the British ruling classes imposed on the land from the Seventeenth Century onwards. There is nothing about the Internet Age about this, indeed it is pre-industrial – it is pure justification of the same powerful economic interests that the British state has always represented. And, as the original report points out, this is particularly bitter because both the British (OFCOM-originated) amendments and their duplicate Czech mini-me amendments have a lot of their substantive justitifications cut’n’pasted wholesale from Wikipedia!

Like the thieves who stole our land, they are utterly shameless.

(I think I originally saw this in BoingBoing, and sorry for not linking it, but it keeps crashing my little computer right now…)

How many cameras are there in Britain? (4)

Despite the fact that it really doesn’t ‘work’, the growth of CCTV is almost out of control in Britain, and it is probably only the recession that is holding this growth back at all…

Here is another episode in the ongoing saga that was sparked off by my discussion with David Aaronovitch about supposedly misleading figures used in our Report on the Surveillance Society, leading to his rather weak comment piece in The Times, my pre-emptive response here, and Paul Lewis’ similar piece in The Guardian.

Aaronovitch’s own newspaper, The Times, has now published a story by one of its reporters, Kaya Burgess, in which she counted the cameras on her commute into work, and found there were a total of 281 cameras on her 3.1 mile route, or one camera every 18 metres on average. 108 of these were state-placed and the rest were installed by private operators (shops,homes etc.). As the article points out, and this is something I have been arguing for years, the growth of private cameras is remarkable and of course, almost completely unregulated.

The figure of 281 is remarkably similar to Clive Norris’ little fictional tale of ‘Thomas Kearns’ of 1999 which sparked the ‘we are watched by 300 cameras a day’ stories in the press, and which was the subject of Aaronovitch’s piece. Perhaps we should feel smug, but that still isn’t the point. There never was an ‘accurate’ figure to be correct about. It was a possibility. Now it seems that the possibility has been bypassed by some distance, at least for London. Because remember, Kaya’s journey was merely the journey into work. It was not even a small portion of the day. It did not count cameras at work, or those she might encounter during her working day, nor those her image might be captured by if she went out for a post-work meal and drinks… her 281 might well end up being double that by the end of the day, and she was not doing any of the more ‘unrealistic’ things that Norris’ ‘busy Londoner’ was.

Of course, this density of cameras is by no means uniform across London or across the country, nor is there one central ‘Big Brother’ behind the cameras, no one guard in the tower. We live not in the Panopticon of Jeremy Bentham, made notorious by Michel Foucault’s analysis, but in what contemporary French theorist, Bruno Latour, called, an ‘oligopticon’. In some places we are watched (and even known) intensely and in others hardly at all, and we move through these different zones of varying intensities of surveillance in our days and our lives.

Does that make the huge number and high density of cameras in some places ethically more acceptable? Hardly. Despite the fact that it really doesn’t ‘work’, the growth of CCTV is almost out of control in Britain, and it is probably only the recession that is holding this growth back at all. The Times report also notes that the Local Authority cameras appeared to be placed in clear violation of the existing voluntary CCTV Code of Practice which states that CCTV should be installed in areas of high crime, not just at regular intervals everywhere. Senior police officers I have talked to agree with this. They don’t see the need for cameras on every corner; they want to target crime hot spots effectively and efficiently. And of course, the private cameras aren’t really regulated much, and those on private homes not at all. The important thing, is to have stronger, clearer regulation of CCTV as the House of Lords Constitution Committee recently demanded. This new regulation should control and perhaps even reverse the growth in the number of cameras by specifying much more clearly the circumstances and contexts under which CCTV is appropriate and how it is to be discussed and approved, so that it becomes a possibility to be debated not the normality to be expected.

(thanks to Charles Raab for bringing this piece to my attention and for being fair about The Times!)

Incompetence and Surveillance

There is an opinion piece in The Daily Telegraph (UK) today by Alasdair Palmer, which argues that it is the incompetence and human fallibility of the UK government rather than any lack of desire which prevents an Orwellian surveillance state from emerging in the UK. It is hardly new but it’s an attractive argument, one which I have used before and which we used to a certain extent in our Report on the Surveillance Society, and one which draws on the deep well of cynicism about government which has long characterised British politics.

However there are a number of problems with the argument. The first is whether it is really true. A totalitarian society does not have to be competent in the sense of having correct information, in fact one of the central messages of Nineteen Eight-Four is that ‘truth’ is a product of state control in such societies. This was obvious in the case of Stalin’s purges. The accusations made against individuals did not rely on the accuracy of the accusation but on the very fact of accusation, something brought out very strongly in Orlando Figges’ recent book, The Whisperers. In the UK in recent years we have seen some elements of this. It doesn’t matter for example, whether someone really is a terrorist, the word ‘terrorist’ is just redefined in law and practice to encompass that person. New terms are invented to describe quasi-crimes (like anti-social behaviour) which come to have the force of ‘crime’ and become the focus of state surveillance activity. And I have shown how the recent arguments over photography in public places show a genuine totalitarianism in the attempt to define the limits of the collection and interpretation of visual images. It doesn’t matter how competent the state is at carrying out its desires here. The very fact that it defines what is acceptability in this way can create a new ‘normality’ and a ‘chilling effect’ on protest and resistance – which makes such activity even more essential.

The second problem is the idea that incompetence protects us. It didn’t in Soviet Russia and it doesn’t today. The government’s uselessness in handling data harms people. The loss and leakage of private personal information can lead to real effects on people’s lives: information theft, fraud and so on. The loss of trust in those who control information also has knock-on effects on those organisations that genuinely rely on personal information to provide essential services and care: education, health services, social work etc. A loss of trust caused by failed repression leads to a generalised loss of trust in government and in other people: it damages social trust. It is perhaps because British people have such a low level of social trust anyway that we expect things to fail.

The third problem relies on the first two and is the idea that state incompetence is enough to protect us. Of course it isn’t. Cynicism is no basis for thinking of, and creating, a better society. Do we want to live in a society where our only protection is the fact that state is structurally or contingently unable to create a totalitarian situation even though it continues to try? I certainly don’t. The emergence of surveillance societies, competent or otherwise, requires the imagination of alternatives – including greater democracy, accountability, transparency, and regulation and control of both state and corporate organisations in our favour – and political action to demand and create those alternatives.

A faith in failure is simply a form of nihilism.

UK police spying on activists… again

The Met are unlikely to care. They are not generally known for their respect for the political rights of British citizens…

The Guardian has posted another worrying story (and an interesting video) on the routine police surveillance of environmental activists, most of whom have no connection to any criminal behaviour. The Metropolitan police, who have always been in the forefront of efforts to try to portray political activists as actual or potential criminals, is collecting storing and sharing information, including many private personal details, on activists using Crimint, the national criminal intelligence system. The data includes activists “seen on a regular basis” as well as less frequent activists, regardless of arrests or convictions, their names, political associations and photographs. This information is being shared between police forces to build up more complete portraits of political activity nationwide.

The human rights group, Liberty, is challenging this data collection and sharing on the grounds that it breaches Article 8 of the European Convention on Human Rights. My view is that it almost certainly does, and that the Met are unlikely to care. They are not generally known for their respect for the political rights of British citizens indeed one of their original purposes was to crack down on political dissent back in the Nineteenth Century and they have always maintained this role. They operate the National Extremism Tactical Coordination Unit (NETCU) which is also involve in spreading disinformation on political activists and their HQ at New Scotland Yard will apparently host the new privately-run ACPO Confidential Intelligence Unit (CIU).

I have had my own personal experience of the Met’s way of dealing with activists and it is certainly not in any way respectful of anyone’s rights. It urgently needs to be brought under some proper control and accountability, and hopefully being found guilty of breaching Article 8 of the ECHR, if it happens, will be a good start.

‘Blacklisting’ firm shut down by ICO

For some time, I’ve been concerned about the little-discussed practice of ‘blacklisting’, the creation and sale of databases of workers thought to be troublemakers, radicals or union activists. Last year, I noted the failed attempt by the British government to legitimise this activity with the creation of the National Dismissal Register, and connected this to earlier surveillance of workers through the Economic League. See this more recent post where I summarised the story in a slightly different context.

But the Economic League, set up after WW1 and finally closed in 1993, had several offshoots. Now, as reported in most of the British press, one of them has been closed down by the UK Information Commissioner’s Office (ICO). ‘The Consulting Association’, a firm based in Droitwich, Worcestershire had apparently been operating for 15 years selling confidential information on construction workers to all the major building companies. According to the BBC, 3,213 workers’ names were contained on the list and were categorised by political affiliations and union activity etc.

Not surprisingly the firm was owned and run by one Ian Kerr, who was previously involved in the Economic League and who still seems to think he was doing nothing wrong, despite his past, and despite the fact that he had previously denied even the existence of this database. But he, along with all the clients named by the report, including Amec, Taylor Woodrow, Laing O’Rourke and Balfour Beatty and many others – there is a full list on the Guardian site – were breaking the Data Protection Act by illegally keeping and trading in personal information. We’ll see whether the big building firms get away with it; most likely they will simply claim that that they didn’t know the data was illegally acquired and traded.

Given the recent history of the National Dismissal Register to set up databases of troublesome workers, it is particularly ironic that minister, Peter Mandelson, is quoted as applauding this action by the ICO in the various reports.

A sane response on the number of cameras

Here is an eminently sane and sensible response to the ‘debate’ on the number of cameras in Britain from Paul Lewis in The Guardian. Not much more to say really other than I strongly suspect that he reads this blog!

Actually, equally sane if rather ruder, is Charlie Brooker, also in The Guardian. He argues as bitterly as usual, that the attitude of the Labour government to its information relationship with its citizens represents nothing but contempt. I strongly suspect he may be right.

How many cameras are there in Britain?

The truth is that no-one knows exactly how many cameras there are in Britain or indeed in any country in the world

I’ve been having an interesting little private exchange with a David Aaronovitch of The Times newspaper, who seems to think he has uncovered a terrible conspiracy… and I think I am about to be accused (tomorrow) of being ‘cavalier’ with the truth and of misleading the public. Interestingly enough this is going to be in the same newspaper that was the only one that tried to rubbish the Information Commissioner back in 2006 when we published our Report on the Surveillance Society and indeed were actively lobbying against his reappointment. I suppose someone has to argue the establishment case…

What David has been e-mailing me about is the validity of figures concerning the number of CCTV cameras in Britain that journalists have been happily spreading about for the last ten years. These figures are the ‘4.2million CCTV cameras in Britain’, and the ‘person can be captured on 300 different cameras in a day.’ He seems to think that it is an urgent matter of national importance if these old figures aren’t ‘accurate’ or apply to the average person. Well, they were and are purely indicative – they aren’t ‘accurate’ and never were, and the latter one doesn’t apply to a typical Briton and neither Clive Norris, whose figures they are, nor myself, nor any other credible surveillance studies academic that I know, has ever claimed that they are and do.

The first figure derives from what Professor Norris openly described as a ‘guesstimate’ in his working paper with Mike McCahill on CCTV in London that was done for the EU’s UrbanEye project. Based on a casual count of cameras in one small neighbourhood in London in around 2000 (not the City of London where cameras were much more concentrated even then) it aimed to get a very loose handle on the scale of the spread of CCTV in Britain. The police at the time claimed that the real figure was in hundreds of thousands, but they were only talking about public cameras, and they had just as little idea of the extent of CCTV.

The other figure that of 300 cameras a day came from a little fictional vignette that Professor Norris and Dr Gary Armstrong wrote for their book, The Maximum Surveillance Society, which came out back in 1999. It was simply designed to illustrate how many cameras a person could possibly be caught be in any one day. I was thinking it would actually be very hard for this to be that likely even now, except perhaps in the very core of global cities like London, but then there are over 300 cameras on the university campus where I am currently, and I haven’t even started on all the private cameras, the public cameras in the city, the traffic cameras, the cameras in the buses, banks, shops, cafes, restaurants, bars, in the hotel etc. etc. I would estimate that I am caught by around 100 cameras when I am out and about here and this isn’t even a city that considers itself to be particularly ‘under surveillance.’

The truth is that no-one knows exactly how many cameras there are in Britain or indeed in any country in the world. We deliberately used words like ‘may’ or ‘can be’ in reference to these figures in our Report on the Surveillance Society because they are so rough, so inaccurate – and we were quite clear that this was not in any case a report about CCTV; if anything we tried to downplay CCTV and get to other technologies and techniques, such as dataveillance and RFID, and more importantly the way connections and links are being made, and boundaries blurred. ‘Millions’ may be about as accurate as we can guess for the UK. But does it matter if there are 1 million, 4.2 million or 10 million? Not hugely. It matters as one crude indicator of a surveillance society, but even then, the number of cameras is a very crude measure and more cameras does not necessarily mean more comprehensive coverage or better pictures, or more ‘control’. For example, would it be worse or better if I was only seen by one camera in a day, but that camera was there all the time and I was constantly being assessed on my performance (as for example is the case with many workers in call centres)? The Guardian today seems to understand this – in its report on the high-tech control room in Westminster, it clearly states that ‘no-one knows’ how many cameras there are (before quoting some even more made-up figure than ours!).

I know the media likes its easy numbers, but an old saying about not being able to see the wood for the trees comes to mind… As a researcher, I am more interested in characteristics of the wood than the specific number of trees. Now if there were no trees at all or very few, that would matter. And in my current comparative project it has some importance as one of the many indicators of what constitutes a surveillance society that I am looking into. So in a couple of year’s time I may have more of an idea of from any cameras there really are in Britain. One of the things I am trying to do during my current project is develop better ways of assessing ‘how much surveillance’ there is, and what it means. Because that is the important issue – meaning. Does it matter if there were 1/6 or 1/7 or 1/8 of the population of the former East Germany who were recruited as informers? You’ll find all those as educated guesses in the literature. What matters was that there was a culture of informing that pervaded every action. It was a society that became increasingly based on deception and distrust.

The key questions with CCTV are:

  1. first of all, why are there any cameras, and particular any cameras in public space, at all? Surely there was a line crossed when the first use of CCTV occurred. What was the reasoning?
  2. why did CCTV spread so quickly to so many places, and was so little contested?
  3. why is CCTV now considered so ‘normal’ in Britain?
  4. connected to this, why do the myths of CCTV’s effectiveness continue to be spread when all of the evidence shows a small and very limited impact on crime?
  5. what kind of a society does pervasive CCTV create? what are the social effects? what kind of social and cultural responses are there?

etc.

Unfortunately the media doesn’t seem to like depth or uncertainty. Maybe that was our real mistake – to overestimate the intelligence of the media. I have asked them for a right of reply – I am more than happy to debate the issue in public. Let’s see if that happens…

Convention on Modern Liberty

The largest ever British meeting of people against the surveillance society took place in London yesterday. The Convention on Modern Liberty site has (unedited) transcripts of some of the speeches an debates including author, Phillip Pullman’s excellent keynote. The Guardian/Observer website also has a strongly supportive report and there is an editorial in the The Observer, which argues that “whether by complacency, arrogance or cynical design, the government has erected an edifice of legal constraint to liberty that would suit the methods and aims of a despot.”

It was a shame that I couldn’t be there but I like to think I played some small part in the process that has led here, and will hopefully this campaign will continue to go on to forcing a retreat by the state from its illiberal course. This meeting is merely the beginning of the convention…