Feeds

Ministers spending billions on unlawful databases

Rowntree Trust unwraps everyday 'Transformational Government'

Mobile application security vulnerability report

A report on the Database State (pdf) claims that 40 out of 46 key government databases are not fit for purpose, and 11 of those are "almost certainly illegal under human rights or data protection law and should be scrapped or substantially redesigned".

The report comes as the government prepares to sneak legislation on data-sharing back into parliament despite an apparent U-turn on the idea earlier this month.

The report, published by the Joseph Rowntree Reform Trust today, looks at the true effects of "Transformational Government", and asks whether an approach designed to make public services better or cheaper – or both – is succeeding in its aims.

Amongst the report’s key findings are:

  • A quarter of the public-sector databases reviewed are almost certainly illegal under human rights or data protection law
  • Fewer than 15 per cent of the public databases assessed in this report are effective, proportionate or necessary, and again, most lack a proper legal basis for any privacy intrusions
  • Britain is out of line with other developed countries, where records on sensitive matters like healthcare and social services are held locally not centralised as in Britain
  • Many of the benefits claimed for data sharing are illusory, whilst little account is taken of the serious harm that this approach can inflict on vulnerable individuals
  • The current spend on IT within the UK public sector is over £16bn a year on IT, with (approximately) £100bn planned for the next five years: yet only about 30 per cent of government IT projects succeed.

So much for the big picture. The report uses a traffic light system to categorise systems as red (serious failings, in need of substantial redesign), amber (significant, worrying problems: may be unlawful) and green (basically sound).

The 11 red-lighted systems include many that will be familiar to El Reg’s readers. They are:

  • The National DNA Database
  • The National Identity Register (which is where id details are going to go)
  • ContactPoint (a national index of all children in England
  • The NHS Detailed Care Record (centralised GP and hospital records)
  • Secondary Uses Service (summaries of hospital and other treatment)
  • The electronic Common Assessment Framework (assessment of a child’s welfare needs)
  • ONSET (a Home Office system seeking to predict future offenders)
  • The DWP’s cross-departmental data sharing programme
  • The Audit Commission’s National Fraud Initiative (immune from breaches of confidentiality under the Serious and Organised Crime Act 2007)
  • The communications database (all UK communications traffic)
  • The Prüm Framework (data sharing for law enforcement within the EU)

The only systems that receive a green light are: IDENT1 (the National Fingerprint Database); The Vehicle and Operator Services Agency (VOSA) base; Driving Standards agency base (of recent test passes); The TV Licensing Database; The Land and Property Gazetteers base (a local set of bases carrying details on residential and commercial property; The Council Tax base.

One significant omission from the report is the proposed Vetting Database, due to go live this year, and likely to hold vetting details of everyone who wishes to apply for what will be known as a "regulated" job: between 11 million and 14 million individuals, eventually.

One of the key problems identified by this report is the extent to which government departments have identified what they see as the potential benefits of data-sharing, and simply pushed ahead with implementing the systems architecture to meet this objective, before the legal framework was in place. Many of the problems with lawfulness stem from the fact that data-sharing – or processing - of some form appears to be going on despite existing Data Protection strictures against it.

It is for this reason that the government introduced the now infamous clause 152 into the Coroners and Justice Bill, currently before Parliament. Although that clause has been temporarily withdrawn, this report highlights several dozen reasons why it is inevitable that it will be back.

Because of a strict interpretation of the law, government Ministers are presently deploying billions of pounds of taxpayer dosh – and are quite possibly doing so illegally.

The trouble is that those who should be taking action are now increasingly looking the other way. The report says: "There is a sense in the senior civil service and among politicians that the personal data issue is now career-threatening and toxic.

"Like Chernobyl, some brave souls need to go in and sort it out."

The report was compiled by a distinguished panel of experts, including Ross Anderson, who chairs the Foundation for Information Policy Research; Ian Brown, a senior research fellow at the Oxford Internet Institute; Terri Dowty, Director of Action on Rights for Children; and William Heath, who chairs the Open Rights Group and founded the public sector IT research business Kable. ®

Bridging the IT gap between rising business demands and ageing tools

More from The Register

next story
Just TWO climate committee MPs contradict IPCC: The two with SCIENCE degrees
'Greenhouse effect is real, but as for the rest of it ...'
Adam Afriyie MP: Smart meters are NOT so smart
Mega-costly gas 'n' 'leccy totting-up tech not worth it - Tory MP
'Blow it up': Plods pop round for chat with Commonwealth Games tweeter
You'd better not be talking about the council's housing plans
Arrr: Freetard-bothering Digital Economy Act tied up, thrown in the hold
Ministry of Fun confirms: Yes, we're busy doing nothing
ONE EMAIL costs mining company $300 MEEELION
Environmental activist walks free after hoax sent share price over a cliff
Help yourself to anyone's photos FOR FREE, suggests UK.gov
Copyright law reforms will keep m'learned friends busy
Apple smacked with privacy sueball over Location Services
Class action launched on behalf of 100 million iPhone owners
UK government officially adopts Open Document Format
Microsoft insurgency fails, earns snarky remark from UK digital services head
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.