Feeds

1m French out of work thanks to dodgy data - UK next?

Get vetted and go... on the dole

Build a business case: developing custom apps

As the UK prepares to put in place its shiny new vetting database later this year, analysis of a similar project in France reveals a devastating degree of inaccuracy, leading to real hardship for a very large number of people.

A report (pdf) issued last week by CNIL, the French Data Protection Agency, reveals that as many as a million people have lost jobs – or didn’t get them in the first place – because of inaccuracies in the police STIC database (Systeme de Traitement des Infractions constatés, or "criminal record check system").

Police databases have been very much in the news in the course of 2008, following the creation, by decrees published on 1 July 2008, of two new intelligence databases, EDVIGE and CRISTINA.

The purpose of CRISTINA (Centralisation du renseignement intérieur pour la sécurité du territoire et les intérêts nationaux) is the "Centralisation of domestic intelligence for homeland security and national interests". Because CRISTINA is classified as being for defence purposes, its contents are deemed to be an official secret and details of what is held on it remain a mystery.

But that's not the case with EDVIGE, which provoked such outcry that the government backed down in November 2008, agreeing instead to bring forward proposals for a modified system, known as EDVIRSP.

Objectors to EDVIGE were horrified to learn that it would have gathered information on any person having applied for or exercised a "political, union or economical mandate or playing a significant institutional, economical, social or religious part as well as information on any person, starting from the age of 13, considered by the police as a "suspect" potentially capable of disrupting the public order".

Opposition was swift and brutal, with thousands of people demonstrating in over 60 cities. Faced with petitions and up to a dozen separate legal challenges, the French government decided to cut its losses and back down. While detail of what will be held in EDVIRSP is still not known, it is believed that it will specifically exclude information relating to people’s health or sexual orientation.

But what then of STIC? The CNIL report reveals that STIC, created in 1995, but only officially acknowledged since 2001, is accessed by the police approximately 20m times a year. That alone represents a massive degree of surveillance and checking.

However, CNIL's President described STIC as "more dangerous than EDVIGE", because of the huge number of errors that CNIL has discovered recorded in it.

STIC now covers approximately half of the French population – without any age limitation. In this one detail, our own vetting database compares favourably, as current estimates suggest that, in time, it will hold data on no more than half the UK’s working population.

In other respects, serious issues over the provenance of data illustrate all too clearly what happens when the government starts to collect data on its citizens without putting adequate measures in place for updating and accuracy checking.

Thus, the police may register individual details on STIC after an offence has been committed. Registration should include not only suspect details, but those of the victim as well, and the records should be updated with the outcome of any court decision. "Innocent until proven guilty" works under French Law as well.

Unfortunately, CNIL report that not only are updates very seldom applied – but that on occasion victims are mistakenly registered as suspects. Overall, CNIL identified an error rate of 83 per cent on STIC records: not all errors were as serious as those suggested above; some were. This is "staggering": it also has major social consequences, since – anticipating the UK’s own law on Safeguarding Vulnerable Groups 2006 by three years, the French passed a law in 2003 which extended the role of STIC to checking the (criminal) records of anyone applying for a wide range of jobs – especially in the security field. Sounds familiar?

CNIL’s estimated 1m hired or fired "by mistake" include victims recorded as criminals, and suspects whose not guilty verdict was never added to the database. The single comfort for French citizens lies in the fact that unlike our own vetting base, STIC inflicts its damage through the simple mechanism of mis-recording actual verifiable data.

It will be left to EDVIGE to implement the second feature of UK’s new checking system – which is to add in allegations and accusations, irrespective of the accuracy of either. ®

Build a business case: developing custom apps

More from The Register

next story
Just TWO climate committee MPs contradict IPCC: The two with SCIENCE degrees
'Greenhouse effect is real, but as for the rest of it ...'
Adam Afriyie MP: Smart meters are NOT so smart
Mega-costly gas 'n' 'leccy totting-up tech not worth it - Tory MP
'Blow it up': Plods pop round for chat with Commonwealth Games tweeter
You'd better not be talking about the council's housing plans
Arrr: Freetard-bothering Digital Economy Act tied up, thrown in the hold
Ministry of Fun confirms: Yes, we're busy doing nothing
ONE EMAIL costs mining company $300 MEEELION
Environmental activist walks free after hoax sent share price over a cliff
Help yourself to anyone's photos FOR FREE, suggests UK.gov
Copyright law reforms will keep m'learned friends busy
Apple smacked with privacy sueball over Location Services
Class action launched on behalf of 100 million iPhone owners
UK government officially adopts Open Document Format
Microsoft insurgency fails, earns snarky remark from UK digital services head
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.