Feeds

Perv scanner code of practice still a balls-up

Privacy concerns hand-waved

The Power of One Infographic

Comment A blog reader asked me to look at the code of practice on the acceptable use of body scanners to enhance security at UK airports. The consultation period associated with the code ended four weeks ago, so I apologise for a severe case of “better late than never”.

In summary, the code still ignores several key issues. However, to be fair to the incoming coalition government, the consultation (.doc) had been commenced in the dying days of the previous administration. It had no choice but to finish a process that carries all the hallmarks of New Labour’s dismissive approach to most privacy concerns.

The code gives the impression that the Data Protection Act only applies at the margins. This is illustrated by a 400-word Privacy Impact Assessment (pdf) which fails to impress; it is limited mainly to some security commentary – as if these were the only issues. The PIA does not consider the fairness elements of the processing of personal data, an area where the code needs most work.

For instance, the fair processing notice implied by the code fails to explain important elements. For instance, those who are scanned can request a same sex member of staff to see the scanned images. So how is this option going to be exercised, if this does not form part of the fair processing arrangements?

Also, I think the fair processing procedure excludes its most obvious component. Anybody selected for scanning, I am sure, will be thinking: “How does this system display my ‘bits’?” So how can a passenger be properly informed about the processing of his personal data if he has no idea what kind of images are produced (or displayed) by the specific scanning system used?

I think another major problem is an absence of a commitment to implement privacy-enhanced scanning technologies as a matter of principle. Instead, the decision of “which choice of scanner” (ionising X-ray or non-ionising millimetre wave) is merely “an operational decision for individual airports” (eg on cost grounds).

The consultation thus ignores the research published by Dr Anne Cavoukian that shows there are solutions that can protect privacy. I would have liked the code to make a commitment to implement such non-ionising scanners as soon as their operational effectiveness is proven.

Also I think the code is misleading when it tells passengers that they have a choice – they can either “be scanned” or “not fly”. I don’t believe this to be the relevant choice. For instance, suppose an individual tries to get on a plane and is selected for random scanning. Suppose further that the individual refuses to be scanned for whatever reason. Do you think that the refusal to be scanned would be the end of it?

To provide an extreme example: do you really think that someone who might be a terrorist who has opted-out of a scan because he might be discovered will merely be escorted away from the secure passenger side of the airport and let go?

Nope! I think any refusal to be scanned would result in close scrutiny of that individual and anybody remotely “suspicious” would be searched. And if the security people are then going to search “suspects” and find nothing, why can’t the searched individual then go on to fly?

I think the whole proposition in the code is based on a fallacy. The option is not between “be scanned” or “don’t fly” - the only real option is between “be scanned” or “be searched”.

In other words, those who refuse to be scanned and "don't fly" are likely to be searched. And if this is the case, why can’t someone state that they would prefer to be searched at the outset? Another example. Suppose the scanner sees “something” - that passenger will then be searched. And if that is the case, why can’t people choose to be searched before the scan?

I therefore think the code is wrong to insist that those with electronic heart pacemakers, pregnant women, external medical bags (eg stoma), the disabled and young children have to be scanned (eg by ionising radiation) if selected.

Indeed, with respect to ionising radiation, the code confidently states that analysis has shown that procedure “does not constitute any unacceptable risk to health” – almost with the same certainty of those who said the Titanic was unsinkable. But if you are that passenger with an electronic pacemaker or a young child or a patient with a certain medical condition, I do not think you will be reassured by government statisticians. This reinforces my view that a choice between “scan” or “search” should be available.

The code acknowledges that the Data Protection Act applies to the scanning regime, but fails to mention some of the consequences of this. For example, there is no mention of the fact that the ICO has regulatory powers over the use of scanners. Instead the code refers to inspectors from the Department of Transport taking enforcement action against those Airports.

This shows that the code has not got its data protection analysis correct. I would expect that any complainant would prefer to contact the ICO if there was an issue with the scanners and not deal with the Department of State that has a vested interest in installing these scanners.

Offences in the Act are overlooked. I would have thought passengers would be reassured that any leering security guard could face criminal sanction under the Act.

Finally, as with all the previous government’s surveillance activity, there is no mention in the code about measuring outcomes. For instance, how many people are scanned? How much does it cost per scan? How many false positives? How many searches? How many passengers objected to compulsory scanning? How many choose not to fly? All these numbers allow for these scanners to be assessed. The numbers to allow assessment are simply not collected and it is simply not good enough.

In summary, there is no change of mind from me. This code needs a total rethink.

This story originally appeared at HAWKTALK, the blog of Amberhawk Training Ltd.

Boost IT visibility and business value

More from The Register

next story
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
UK government officially adopts Open Document Format
Microsoft insurgency fails, earns snarky remark from UK digital services head
Major problems beset UK ISP filth filters: But it's OK, nobody uses them
It's almost as though pr0n was actually rather popular
HP, Microsoft prove it again: Big Business doesn't create jobs
SMEs get lip service - what they need is dinner at the Club
ITC: Seagate and LSI can infringe Realtek patents because Realtek isn't in the US
Land of the (get off scot) free, when it's a foreign owner
MPs wave through Blighty's 'EMERGENCY' surveillance laws
Only 49 politcos voted against DRIP bill
Help yourself to anyone's photos FOR FREE, suggests UK.gov
Copyright law reforms will keep m'learned friends busy
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.