Feeds

Government swiftly backpedals on vetting scheme

Balls up for a quick review check

Top three mobile application threats

The Vetting Database is in trouble: that’s official. Or rather, according to a spokeswoman for the Department of Children, Schools and Families (DCSF), it most definitely is not.

That is why Ed Balls, Secretary of State at the DCSF, is absolutely NOT calling for "a review".

Rather, in a letter to Barry Sheerman, Chair of the Commons Select Committee for Children Schools and Families, Mr Balls was in wistful mood as he reviewed – sorry, considered – the hurtful and untrue things that some critics had said about his scheme.

He stressed the minimal burden that the new vetting scheme will impose on the average citizen. However, he agreed that there might be some scope for readjusting "the line that separates those situations that should be covered from those that should be excluded".

So he is instructing Sir Roger Singleton, chairman of the Independent Safeguarding Authority (ISA), to check the Government has drawn the line in the right place – and to report back by the beginning of December.

This reflects the fact that critics of the new vetting and safeguarding scheme have been quick to exploit some of the more ludicrous aspects inherent in attempting to draw up bureaucratic regulations to determine the circumstances when a relationship of trust might start to appear. At present, for instance, three formal contacts within a three month period – even with different vulnerable groups - would count.

This looks a little like the start of a fightback – not "a U-turn" in any sense, as the DCSF helpfully informs us - as government discovers a sure-fire vote-winner has less support than they expected. Hence yesterday's nannyish finger-wagging from Roger Singleton, reported as urging people to "calm down" and consider the issue "rationally".

He added that the new vetting system "is not about subjecting a quarter of the population to intensive scrutiny of their personal lives". Rather, "it is about bringing an end to the need for repeated CRB checks which so many people have found irritating".

The problem is that neither claim stands up. A document leaked to Josie Appleton, convenor of radical campaigning group the Manifesto Club and Organiser of a campaign against the vetting scheme, suggests that the degree of scrutiny will be mind-bogglingly intensive.

She reports in Spiked Online that the ISA has decided to put in place a scoring system to be filled in by its army of trained bureaucrats. Items will be assessed on the basis of "whether relevant conduct or a risk of harm "on the face of it" seems to have occurred".

Ms Appleton adds: "the case worker will examine... 'predisposing factors', such as 'those factors relating to an individual’s interests or drives'; 'cognitive factors', such as 'strong anti-social beliefs'; and 'behavioural factors', including 'using substances or sex to cope with stress or impulsive, chaotic or unstable lifestyle. Drug use, sex life, favourite films.'"

We are not sure whether readership of El Reg counts as a strong anti-social belief.

Then there are "hazards": for instance "inappropriate physical contact with a 12- to 16-year-old pupil during a lesson". Each hazard is scored for the impact it would have on a child, as well as the likelihood that it would happen. The end result will be a score determining whether an individual is "regulated" – or "barred" for life - from about a quarter of the UK’s jobs.

What then of the abolition of the CRB check?

El Reg has previously stated that it believes the Home Office estimates of the numbers needing to be vetted is hopelessly low. This is because the Home Office is basing it on what should happen, not what is actually likely to happen.

The CRB check and vetting use the same data, but provide totally different outputs. The first is a detailed listing of an individual’s history: the second a simple yes/no in respect of barring status.

According to Terri Dowty, Organiser of Action on Rights for Children (ARCH): "In any system, you have to choose whether you want false positives or false negatives. The vetting and barring system is going to tend towards false positives. That makes it all the more important for employers to see what it refers to in an individual’s history… but the vetting scheme does not do that."

Therefore employers are likely to continue to want to see the detail – because if they don’t request the detail and an employee goes on to abuse, they are likely to be sued.

A spokesman for the ISA was quick to reject suggestions that their new state-run system provided any absolute guarantee of safety. Meanwhile, the Home Office has pointed out that they do not anticipate any reduction in the volume of CRB checks. One official went so far as to say that a rise was not impossible.

Which is all the more reason why the real outcome of the new database is likely to be two systems running in parallel for a long time to come - although with the re-examination of the rules now under way, it is possible that the reach of the ISA will be slightly less wide than originally anticipated. ®

Bootnote

The origins of the vetting database lie in the perceived need to prevent "another Ian Huntley".

Unfortunately, the current guidelines would not do that. Huntley accessed the children he murdered through their relationship with his partner – not through his own job. Current ISA guidelines suggest for most cases – eg looking after exchange students – only the main contact in a household will need vetting. Huntley’s partner should have received a clean bill of health: Soham would have happened anyway.

SANS - Survey on application security programs

More from The Register

next story
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Whoever you vote for, Google gets in
Report uncovers giant octopus squid of lobbying influence
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Banks slap Olympus with £160 MEEELLION lawsuit
Scandal hit camera maker just can't shake off its past
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.