During the Unlock Democracy debate at the Convention on Modern Liberty last month, Justice Minister Michael Wills defended the growth of the database state by arguing:
“We’ve heard a lot of about datasharing today. But that datasharing, that so many here today say is an unacceptable intrusion of privacy by the state, can actually help thousands and thousands of children who are eligible for free school meals but don’t get them at the moment… Look, it’s all very well for you to sit here. You’ve probably all had a hot meal in the last week. One in five of the children in my poorest wards have not had such a hot meal in the last week… You can’t walk away from this.”
Now, leaving aside the tendency of Labour politicians to come over all prolier than thou when backed into a corner (and they have the cheek to call us self-righteous…), it is an interesting point. Because however we might like to wrap ourselves up into the language of rights and freedoms, if the database state is working for the average man (or child) in the street, what hope do we have of curtailing it? And Wills’s quote is important for another reason: it highlights the fact that there is a lot more at stake here than simply whether or not we should have to carry ID cards around with us.
This brings me neatly onto The Database State, a new report published by the Joseph Rowntree Reform Trust today. The researchers of this report – Ross Anderson, Ian Brown, Terry Dowty, Philip Inglesant, William Heath and Angela Sasse of the Foundation for Information Policy Research – have looked into 46 seperate databases currently being managed by government departments and have assessed each one on its relative merits. Assigning each one a colour according to a traffic light code, this is more than simply a polemic about the “transformational government” agenda but a far broader assessment.
Where the researchers have identified a good example of how data can be managed by government they have said so. Sadly however, they have only green lighted six projects, including the National Fingerprint Database and the TV Licensing Database. Of the remainder, ten have been issued a red light (suggesting the project should be scrapped or fundamentally redesigned) while 29 have been given an amber light (suggesting significant, worrying failings which may fall foul of a legal challenge).
You will probably have heard of many of this reports main targets: the National DNA Database, the National Identity Register, ContactPoint (the national database of all children), the NHS Detailed Care Record and the putative communications database which the government wants to use to store all our itemised phone bills, email headers and mobile phone location history. But that is only the tip of the iceberg. Did you even know we had a National Childhood Obesity Database for instance, tracking the Body Mass Index of every single child in state education?
What is most striking from this report is the extent to which so many of these databases use hearsay and subjective value judgements by public sector staff. The NHS Detailed Care Record for instance will allow anyone with access to the database to write anything on a patient’s record and has no system for quality control. The Common Assessment Framework database, which is a record for sharing information about vulnerable children, is essentially a pool of subjective information about a child and his or her family which will be shared by professionals. A couple of weeks ago, Gordon Brown pledged to make our public services more like eBay in terms of allowing people to rate them, but the truth is it has effectively been government policy for public officials to issue the public with eBay-style ratings for years now.
The fundamental question is, will any of this actually help? The researchers here recognise the potential value of a lot of these projects, and have shown significant restraint in only red lighting 1-in-5 of the projects discussed. But they raise serious questions. For instance, despite the National DNA Database doubling in size in recent years, the number of crimes solved using DNA has remained steady at 1-in-300 (and actually fell slightly in 2007). That is a pretty damning statistic. The introduction of the social services’ Integrated Children’s System did not stop Baby P’s murder and despite the litany of errors that have now been highlighted, Ofsted rated Haringey as “good.” Even before this case, social care professionals were expressing concern about how the system had shifted the balance away from professional analysis and towards complying with a standardised system.
To return to Michael Wills and the children in his constituency who are not getting the free school meals they are entitled to, it is not clear how exactly all this data storage will help them but let’s assume for a moment that they did. At what cost, however? The downside to all this data storage and sharing is that every minor indescretion, and even mistakes on the database, are set to be stored for the perusal of public service professionals for years to come. The report opens with a fictional account of how all this information could be actively harmful for the very children so much of it is intended to help. How will a school teacher, for instance, treat a child who is marked on the ContactPoint register as having had contact with social services (but not specifying the nature)? If a child who is listed on the Home Office’s ONSET system for predicting offenders because of their father’s criminal record, will the police treat her or him differently if they get in a fight? Will they be treated as a victim or a suspect?
Even if the databases themselves were perfect, the people using them can never be. Throughout history, badges of shame have been used to stigmatise people, not help them; why would the modern, whizzy, virtual version be any different? They say there’s no such thing as a free lunch, but this appears to be a particularly heavy price.
It seems that only now are we waking up to the extent of the modern Database State, of which this report is a major contribution. That it has been allowed to progress for so long with so little parliamentary or public oversight is itself a serious indictment of our political system. £100 billion is slated to be spent over the next five years, during an economic downturn when we simply cannot afford it. Yet at the same time, Michael Wills’s government blocks legislation such as the Fuel Poverty Bill – something that will save the lives of some of the most vulnerable, create jobs and protect the environment. If we are to be lectured that these projects are ultimately about helping the most vulnerable in society rather than treating them as suspects, they will have to do better than this.
James Graham works for Unlock Democracy, sits on the executive of the Social Liberal Forum and writes in a personal capacity.
7 Comments
“Throughout history, badges of shame have been used to stigmatise people, not help them; why would the modern, whizzy, virtual version be any different?”
Godwin’s Law.
Whether there is a need or not for a centralised database for a particular project really depends on the case to be made for that project.
We have existing centralised databases; passports, taxation, driving licence, TV licence and so forth.
Do we say we abolish the lot of them?
I think that would be crazy.
It is possible to have centralised databases in which privacy is protected, the problem is that that costs extra from a technical point of view, although if your argument is that that database requires less data then that would not be the case.
Another argument made by some “economic” liberals is that project failures associated with centralised databases can be identified as the “waste” we should be cutting from public spending. In other words, no new IT projects. However do we really prefer the NHS to have paper records of patients? Such a system is hugely inefficient, especially if you are ill on holiday and the local health service does not have access to your records.
I imagine somewhere like Sweden does this better, maybe we should look at what they do?
Huw @ 1:
Oh don’t be a tit. Whilst calling “Godwin” on an argument is sometimes the only response left when dealing with an overzealous comparison to Nazism, I didn’t see anything like that in the original post. Did you have any substantive disagreement with the post, or where you just trying to score points in a game of internet bingo?
Geoff @ 2:
Possible, but extremely difficult. Consider the sheer number of individuals who would have access to the data, and the quantity of data they would have access to. The government’s agenda is to create a system whereby different government departments can get a picture of many different aspects of a person’s life, including any and all data gathered by other government departments and private bodies which may be required to hand over data. All of this happens either without our explicit consent, or after signing a gigantic terms-and-conditions-in-5-point-font document.
The human element is almost always the weakest link in a security chain, and if there are thousands of humans with direct access to the system then it’s hard to imagine how we might spot abuse if or when it happens. Add to that the possibility of data loss through technical malfunction, ‘hacking’ or simple data loss (the old USB stick on a train/in a pub/on eBay scenario) and it’s hard to imagine how anyone can claim that such databases can be secure.
Nothing factually incorrect here, but what the hell are your connotations all about? “Economic” liberals? Is this code for something?
Failed IT project spending is definitely waste. It’s classified as waste under any reasonable project management system. As someone who occasionally has to manage IT projects, I can’t imagine anyone saying otherwise. What that money could be better spent on is another question altogether.
Paper records aren’t a solution, this much is true. But we can’t simply accept a choice between “paper records” on the one hand, and a massively interlinked, cross-departmental Database Of Everything on the other hand. Smaller databases for specific purposes, suitably anonymised with strict rules about usage and transfer of data is fine.
I’m not actually convinced much by the “being ill on holiday” argument. Apart from blood type and allergies, what does a hospital need to know that they can’t readily observe? If the answer is “not much”, then what jusitification is there for keeping that extra information on file?
Huw – I wasn’t actually thinking of the Nazis, so I think you’ve just scored an own goal there.
Geoff – read the report.
Well, when I flicked to the wiki page I got a Nazi badge. And the comment was jokey, I probably should have put a 🙂 up in there. I don’t disagree mind, but I do think that comparing modern databases to badges of shame is a somewhat obscure comparison, and one that I would personally not have used – it’s far to close to slippery slope thinking in my book.
Ross Anderson fronted the broadcast media interviews on this report, and honestly, much as I value his contributions, he was not very good. Angela Sasse I have met once, and would rather she had been the visible brain yesterday. Sadly, there were indeed the usual govt claims of benefits from the database state. Quality of service, despite attempts at the start of this Millenium to bring it into the UK public sector, don’t wash with administrators, and Brussels (partly populated with ex UK civil servants), is determined to get to grips with both that and human rights.
James, I wish I had the time to read the report. Much easier to read your article instead. I imagine it does address the points I make.
Rob – of course failed IT spend is waste, but it is a fact of life and happens frequently in the private sector as well.
Generally speaking the reason IT spend is so problematic is that for many users it is difficult to afford to pay for quality. Otfen maintenance costs go into a different budget, but a quality system will reduce maintenance costs and will provide a good return on investment. Businesses and governments are reluctant to address this because they are more focussed on the short term.
As for whether smaller databases are better, it really depends on your requirements. Hard to see why it would be a good idea for driving licences for example.
Whether medical records should be kept in a similar fashion, well as I proposed before, why not see what other countries do? I wouldn’t rule out a centralised database if it is the only way you can reliably deliver fast access across the country. If it is true that that is not needed (which I doubt) or it can be done just as well by using smaller databases, well I have an open mind.