Feeds

Perv scanner code of practice still a balls-up

Privacy concerns hand-waved

The Power of One Brief: Top reasons to choose HP BladeSystem

Comment A blog reader asked me to look at the code of practice on the acceptable use of body scanners to enhance security at UK airports. The consultation period associated with the code ended four weeks ago, so I apologise for a severe case of “better late than never”.

In summary, the code still ignores several key issues. However, to be fair to the incoming coalition government, the consultation (.doc) had been commenced in the dying days of the previous administration. It had no choice but to finish a process that carries all the hallmarks of New Labour’s dismissive approach to most privacy concerns.

The code gives the impression that the Data Protection Act only applies at the margins. This is illustrated by a 400-word Privacy Impact Assessment (pdf) which fails to impress; it is limited mainly to some security commentary – as if these were the only issues. The PIA does not consider the fairness elements of the processing of personal data, an area where the code needs most work.

For instance, the fair processing notice implied by the code fails to explain important elements. For instance, those who are scanned can request a same sex member of staff to see the scanned images. So how is this option going to be exercised, if this does not form part of the fair processing arrangements?

Also, I think the fair processing procedure excludes its most obvious component. Anybody selected for scanning, I am sure, will be thinking: “How does this system display my ‘bits’?” So how can a passenger be properly informed about the processing of his personal data if he has no idea what kind of images are produced (or displayed) by the specific scanning system used?

I think another major problem is an absence of a commitment to implement privacy-enhanced scanning technologies as a matter of principle. Instead, the decision of “which choice of scanner” (ionising X-ray or non-ionising millimetre wave) is merely “an operational decision for individual airports” (eg on cost grounds).

The consultation thus ignores the research published by Dr Anne Cavoukian that shows there are solutions that can protect privacy. I would have liked the code to make a commitment to implement such non-ionising scanners as soon as their operational effectiveness is proven.

Also I think the code is misleading when it tells passengers that they have a choice – they can either “be scanned” or “not fly”. I don’t believe this to be the relevant choice. For instance, suppose an individual tries to get on a plane and is selected for random scanning. Suppose further that the individual refuses to be scanned for whatever reason. Do you think that the refusal to be scanned would be the end of it?

To provide an extreme example: do you really think that someone who might be a terrorist who has opted-out of a scan because he might be discovered will merely be escorted away from the secure passenger side of the airport and let go?

Nope! I think any refusal to be scanned would result in close scrutiny of that individual and anybody remotely “suspicious” would be searched. And if the security people are then going to search “suspects” and find nothing, why can’t the searched individual then go on to fly?

I think the whole proposition in the code is based on a fallacy. The option is not between “be scanned” or “don’t fly” - the only real option is between “be scanned” or “be searched”.

In other words, those who refuse to be scanned and "don't fly" are likely to be searched. And if this is the case, why can’t someone state that they would prefer to be searched at the outset? Another example. Suppose the scanner sees “something” - that passenger will then be searched. And if that is the case, why can’t people choose to be searched before the scan?

I therefore think the code is wrong to insist that those with electronic heart pacemakers, pregnant women, external medical bags (eg stoma), the disabled and young children have to be scanned (eg by ionising radiation) if selected.

Indeed, with respect to ionising radiation, the code confidently states that analysis has shown that procedure “does not constitute any unacceptable risk to health” – almost with the same certainty of those who said the Titanic was unsinkable. But if you are that passenger with an electronic pacemaker or a young child or a patient with a certain medical condition, I do not think you will be reassured by government statisticians. This reinforces my view that a choice between “scan” or “search” should be available.

The code acknowledges that the Data Protection Act applies to the scanning regime, but fails to mention some of the consequences of this. For example, there is no mention of the fact that the ICO has regulatory powers over the use of scanners. Instead the code refers to inspectors from the Department of Transport taking enforcement action against those Airports.

This shows that the code has not got its data protection analysis correct. I would expect that any complainant would prefer to contact the ICO if there was an issue with the scanners and not deal with the Department of State that has a vested interest in installing these scanners.

Offences in the Act are overlooked. I would have thought passengers would be reassured that any leering security guard could face criminal sanction under the Act.

Finally, as with all the previous government’s surveillance activity, there is no mention in the code about measuring outcomes. For instance, how many people are scanned? How much does it cost per scan? How many false positives? How many searches? How many passengers objected to compulsory scanning? How many choose not to fly? All these numbers allow for these scanners to be assessed. The numbers to allow assessment are simply not collected and it is simply not good enough.

In summary, there is no change of mind from me. This code needs a total rethink.

This story originally appeared at HAWKTALK, the blog of Amberhawk Training Ltd.

Designing a Defense for Mobile Applications

More from The Register

next story
Arrr: Freetard-bothering Digital Economy Act tied up, thrown in the hold
Ministry of Fun confirms: Yes, we're busy doing nothing
ONE EMAIL costs mining company $300 MEEELION
Environmental activist walks free after hoax sent share price over a cliff
'Blow it up': Plods pop round for chat with Commonwealth Games tweeter
You'd better not be talking about the council's housing plans
Help yourself to anyone's photos FOR FREE, suggests UK.gov
Copyright law reforms will keep m'learned friends busy
Apple smacked with privacy sueball over Location Services
Class action launched on behalf of 100 million iPhone owners
UK government officially adopts Open Document Format
Microsoft insurgency fails, earns snarky remark from UK digital services head
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.