UK Liberty

Regrets, they’ve had a few

Michael Wills in the Times:

Basic principles for protecting the use of data are that it should be proportionate and necessary. That goes for debate about it too. Databases are a fact of life in private and public sector alike – we don’t live in a database state as much as a database society. They deliver real benefits for the public and it skews debate about the challenge they pose to all of us if anyone ignores this or pretends otherwise.

No-one reasonable has claimed they don’t deliver real benefits.  The dispute is about the benefits vs. disadvantages.

But, like all technologies, databases can do damage if misused.

Their very existence may also do damage: there is a chilling effect, for example, by recording the details of people who attend protests, and the details of journalists who report on protests.

The issue is not whether to have them

Yes, it is.

but how they can be deployed without damaging privacy. It’s a question of balance and the challenge is how to strike it.

Databases help to deliver public services efficiently and effectively. They can also help to detect and prevent crime and put right miscarriages of justice by exonerating the innocent.

I’d love to know which database has helped exonerate the innocent.

Of course, these obvious benefits shouldn’t be used as an excuse for negligence in protecting the basic right to privacy. And this Government has brought in new protections for the individual with the Data Protection Act and the Human Rights Act, and by setting up the Information Commissioner’s Office, to which we are now giving further powers.

It is also the Government that has so far ignored S & Marper v UK, the judgement of the European Court on Human Rights that says the DNA and sample database used by England and Wales is unlawful – in contravention of the European Convention on Human Rights.

And neither the Data Protection Act nor Human Rights Act prevent damage – they only allow people to seek remedies once damage has been caused.

Regrettably neither private nor public sector always gets it right.

But it is possibly easier to remedy private sector damage.

Mistakes happen in all areas of life. The important point is to recognise them, correct them and learn lessons for the future. When the Government gets it wrong, we hold our hands up and take immediate steps to put it right.

This is beyond parody.  In fact what happens is this: 

  1. the Government smears the people who stick their heads above the parapet (as was seen with, for example, Simon Davies and the LSE report on the National Identity Scheme, and now the authors of the FIPR report on the Database State);
  2. the Government prevaricates, procrastinates, launches lots of inquiries that take years to finish and the results are often confidential, and if there is legal action it fights it every step of the way, all the way to the European Court of Human Rights;
  3. the Government takes an age to respond to the outcome of the inquiries and judgements.

The loss of HM Revenue & Customs disks triggered reforms of data security in government. When we recognised that data-sharing provisions in the Coroners and Justice Bill had been too widely drawn, we immediately withdrew them.

When you ‘recognised’, you withdrew them – we recognised they were a Bad Thing when we saw them.

Actually you withdrew them when you realised that a significant number of people were against them.

But they should not have been present in the first place.

A Government truly interested in privacy and security would not have drafted those dreadful provisions.

But to reject all the benefits that databases offer the public simply because a mistake might be made is to strike the balance in the wrong place. Should we really avoid trying to do all we can to prevent another Soham tragedy?

It depends.

It depends on what we mean by “do all we can” – we could prevent a “Soham tragedy” by not letting children leave our homes.

Or stop doctors accessing vital medical records?

It depends.

Or fetter the provision of welfare entitlements, such as free school meals, for the most vulnerable?

It depends.

Scrutiny helps to ensure mistakes are avoided and the basic right to privacy isn’t damaged.

But, sadly, the Rowntree report this week didn’t do all it might have done to help the Government get the balance right. It’s not clear how they made their judgments or how they used evidence to make these judgments.

Well, learn how to effing read and learn what footnotes mean. 

Perhaps the FIPR should have monosyllabically spelled out in big letters exactly what to do with each database (where ‘exactly what to do’ doesn’t mean ‘bin it’).  But then their report would have been ten if not a hundred times as long.

In contrast, the independent review by Richard Thomas, the Information Commissioner, and Mark Walport was thorough and meticulous and, as a result, provided invaluable proposals for change, which the Government is now delivering.

Um… they didn’t quite say what you claim they said, though – did they?

We’re never complacent about databases – the challenge in getting the balance right is evolving as fast as the technologies themselves – and whenever changes need to be made, we will make them.


You want to churn out databases – just as you churn out criminal justice legislation – because it makes you look like you’re doing something, not because you’ve genuinely had a think about whether its right or wrong and what the consequences might be and whether its really worth it.

Very good!

Posted in database state, DNA database, politicians on liberty by ukliberty on March 27, 2009

inJustice Minister Michael Wills in the Times:

Regrettably neither private nor public sector always gets it right. Mistakes happen in all areas of life. The important point is to recognise them, correct them and learn lessons for the future. When the Government gets it wrong, we hold our hands up and take immediate steps to put it right. 

S & Marper v UK – the judgement that says the England and Wales DNA and sample database is unlawful – was handed down in December 2008, about three months ago.

What steps has the Government taken to make the database lawful?


Posted in database state, ID Cards by ukliberty on March 27, 2009

Shami Chakrabarti in the Times:

… After the events of 9/11 it was assumed that people didn’t care about their privacy any more and would buy into an idea that security is more important. I say that we should start with the idea that people have a fundamental right to privacy that you interfere with only for a very good reason.

Government has been too lax about passing data between different departments for different purposes. Further, it has not won people’s trust that it can manage databases properly. When setting up a database we should ask: “Is it necessary? For what purpose are we holding the information? Is it excessive? Who has access?”

The National Identity Register is a case in point. Over the past decade I have been told it was for counter-terrorism, immigration control, benefit fraud. If you are not clear about your purposes, how can you ensure appropriate information storage and use? …