UK Liberty

Professor Ross Anderson:

Database State is a report we’ve [the FIPR] written for the Joseph Rowntree Reform Trust on the failings of public-sector IT in Britain, and how to fix them. There’s press coverage in the Guardian, the Mail, the Independent, and the Telegraph. … 

More news coverage in the Daily India, the Standard and elsewhere.

Do read William Heath’s comments – he helped write the report. In particular,

In summary, Transformational Government comes from a bad place. There may or may not be implementation problems, but that’s not the point. (Correction – there are and will be huge implementation problems. But it’s still not the point). It was never designed, in any formal sense, to help us. And the political class and the CIO community seems to be oblivious or to have overlooked the fact that much of what they are undertaking is illegal.

I’ve made a transcript of Professor Anderson’s appearance on the Today programme on Radio 4.  I’ve made a couple of comments in-line.

Presenter Jim McNaughtie (JM): Just because I’m paranoid it doesn’t mean they aren’t out to get me. So runs the old joke. Today’s report on government databases from the Joseph Rowntree Reform Trust suggests it’s perfectly rational to be worried about the way the government collects and holds information about us all. Its conclusions will be welcome news to people like Steven Clark, who was arrested last September after taking pictures at the Labour Party conference in Manchester. He was released without charge but his DNA remains on record. 

Steven Clark: It’s worrying that they would keep everyone’s DNA the way they did. I think if someone is arrested like that and there isn’t even a charge brought against them they shouldn’t take the DNA in the first place. They should only take the DNA if there is a charge and they should only keep it if there is a conviction. Even though I wasn’t charged with an offence, and even though the European Court of Human Rights has ruled that they’ve actually abused my human rights by keeping it. 

JM: I’m joined by Professor Ross Anderson from Cambridge, who wrote today’s report, and Michael Wills, the Minister in the Justice Department responsible for this area. Good morning to you both. 

Ross Anderson (RA): Good morning. 

Michael Wills (MW): Good morning. 

JM: Professor Anderson, what exactly did you look at and what did you find? 

RA: We looked at the 46 databases that hold information on all or most of us, which have been built or expanded in the last ten years. We assessed them firstly for safety, secondly for privacy, thirdly for effectiveness and value for money, and fourthly whether they complied with European Law. What we found was about a quarter of these databases and systems are clearly almost certainly in breach of the European Convention on Human Rights, including as our caller said, the DNA database which was actually convicted in the European Court. And more than half of them have got serious question marks over them. 

JM: And why exactly in your view are they illegal? What do they – what offence do they commit, if you like? 

RA: European law gives us the right to privacy in the sense that our sensitive personal information about your health, your sex life, your religion and so on, can only be shared either with your consent, or under a law which is sufficiently tightly drawn to let you tell what will be done with information you supply and which is proportionate and necessary in a democratic society. Unfortunately our own data protection law doesn’t come up this standard, and in effect privacy regulation in Britain is broken just as banking regulation was. 

JM: Well in a moment I’m going to ask Michael Wills to respond to some of that. But can you just focus our minds on this – give me an illustration of when one of us might find that a bit of information that is held about us is misused in the manner you are talking about. 

RA: Well, we have a particularly distressing example from a pregancy charity in Oxford, which has reported that now that GPs are sharing information with social workers in some parts of the country, where new systems have been rolled out, that poorer women are reluctant to tell GPs about post-natal depression, because they’re worried that the social workers will take their baby away. 

JM: And GPs are reporting that is a fact, that they are observing? 

RA: This is being reported by [inaudible] which is a pregancy charity in Oxford. 

JM: Well Michael Wills, that’s a very vivid illustration of the broader problem that Professor Anderson says he’s identified. Do you accept his basic charge, that a number of these databases, a quarter in fact, are not operating within the law? 

MW: No, I don’t. What I do accept is that we’ve always got to be concerned about this area. We’ve always got to be concerned about these issues of privacy. But what the report doesn’t do is tell you what some of the advantages of these databases are, and this isn’t just about- 

JM: Sorry, it’s important you should say that, but I just want you to answer first his charge that these things are illegal. 

MW: Well, I’ve just answered his charge- 

JM: What, by just saying no? 

MW: Which is no, and I’m going to go on and say that I think it’s also important that in this very very sensitive area, that we understand that the government has to strike a balance in all these things. Of course we’re concerned about the things Professor Anderson is concerned about. We must be. It’s very important to people, it’s about their privacy. But we don’t just enter into this area trying to compromise privacy. There is a balance to be struck between all the advantages of these databases and you cannot talk about this topic without understanding that there are real advantages for the public. And that isn’t just about the more effective delivery of public services, it’s also about the detection of crime.

I think public sector databases already get a lot of positive publicity from the Government, don’t you?

But it’s curious that Michael Wills criticises the report for not talking about the benefits – although in fact the report does say what the databases are intended to do – when I don’t recall him criticising the Government for not talking about the disadvantages.

And it’s also, as we saw last week, about preventing and remedying miscarriages of justice. If it was not for the existence of DNA and DNA databases, innocent people might still be in jail.

Ah.  Now who’s qualifying what he’s saying?  Last week’s case, that of Sean Hodgson, has little if anything to do with the DNA database. Hodgson was cleared of a 30 year old murder because a sample from the scene was retested using modern techniques and compared against his sample (11 years after the Forensic Science Service said they no longer had the relevant samples). A better – but rather more of a counterpoint – is the case of Kevin Reynolds. His DNA profile, already on the National DNA Database, together with evidence from the scene, provided exculpatory evidence that the authorities proceeded to ignore.

JM: OK, all right, I understand all that, but could you just expand a bit on your reason for simply saying that Professor Anderson is wrong to say that these things are illegal, and he does so as you heard him say, on the grounds that the rules for governing what happens to our information are not sufficiently tight and don’t comply with European law? 

MW: Well, the problem with this report is that it’s a dramatic headline and not much argument behind it- 

JM: Well would you care to deal with that one? 

MW: I was going to carry on and say exactly why I think that. I want to say the reasons for that, of course we will scrutinise the report with great care, we will provide a response to all the allegations, we will send them to Professor Anderson and we’ll give him a chance to reply to that response. So we’re not complacent about this and we will respond line by line to this report. But as it stands, it’s not at all clear what evidence the Professor and his colleagues have relied upon to reach the judgements they’ve made, it’s not clear what the methodology is that they’ve used to make their judgements. He says and I quote, “it’s almost certainly illegal”, and those words are very telling, “almost certainly”- 

RA: All right, well he’s here so let’s ask him. What is your evidence? 

RA: Well, the evidence is in the report, it’s 64 pages and a couple of hundred footnotes. On the legal argument we produced an earlier report on children’s databases that set that out in enormous detail. The evidence rests on particular judgements from the European Court, such as I v Finland, which gives us the right to medical privacy. That is clearly broken by two of the large NHS databases that we rate as red. There are also other judgements which lead us to give red assessments to nine other large government systems. But- 

JM: Michael Wills points out that you use the phrase “almost certainly illegal”. Why that qualifier if you’re so sure of your ground? 

RA: Well, there’s nothing ever certain in litigation and even a case that you think is certain can always be lost. But it must be said that one of these databases, the National DNA Databases, has actually been found to be in contravention last year by the European Court of Human Rights [S & Marper v UK] and we think it’s almost inconceivable that the two NHS databases we rate as red would not be found to be in contravention of the law. 

JM: Michael Wills, I think you wanted to come in there. Go ahead. 

MW: Well I do, I do, because we’re hearing all these qualifications. Neither the Professor nor none of his colleagues are lawyers. There is no evidence in the report of the way they have reached this conclusion.

I’m sure people will make their own minds up about that.

In some cases they have speculated about databases that don’t exist yet on the basis of speculative newspaper reports. If they want to provide us with the methodology and the detailed evidence – he talks about all the pages but he deals with 46 databases in that, it’s not a very extensive argument, a lot of the evidence he gives for his conclusions are actually just descriptions of the databases and sometimes speculative descriptions of databases that don’t exist. 

Why is this so unreasonable?  If one was to describe a database that involved the blanket and indefinite retention of everyone’s personal data, it’s reasonable to claim – based on precedent – that such a database would almost certainly be found illegal.

JM: I don’t think we’re going to settle that question here. Michael Wills can you deal just briefly with the specific example of reports that doctors are finding that poorer women are reluctant to report cases of post natal depression because they fear that information will go to social workers. 

MW: Well of course that must be a matter for concern and we’ll look into it. And when we have specific examples of unintended consequences, and this appears to be just that, of course we’ll look into it and if necessary we’ll change the way that database operates. We can’t be oblivious to the consequences and that’s why we’ll take this report and every other such report extremely seriously. If changes need to be made we will make them. 

JM: Michael Wills, Professor Ross Anderson, thank you both.