Feeds

One year to go: Can Scotland really declare gov IT independence?

Get ready for Hadrian's partial firewall

  • alert
  • submit to reddit

Combat fraud and increase customer satisfaction

'We'll be dependent on England for benefits for some time'

“Scottish ministers have accepted the recommendation of the Expert Working Group on Welfare that a transitional period of shared administration for delivery of benefit payments would be appropriate,” says the spokesperson. “As now, we would therefore continue to use the existing IT infrastructure during that transitional period while developing the appropriate delivery arrangements beyond such a transitional period.”

So an independent Scotland would remain dependent for a few years on the rest of the UK for its benefits system – although to be fair, rUK would probably continue to depend on Scottish civil servants for a while too. After that, Scotland would need to buy IT without the huge economies of scale that DWP and HMRC have used in setting up their existing contracts.

And then there’s GCHQ. After the detention of his partner David Miranda at Heathrow, the Guardian’s Glenn Greenwald, who as readers may have noticed has written a few articles on surveillance based on the leaks of Edward Snowden, said he planned to publish lots more about “the espionage system in England”.

While this may have been an example of the common American confusion between the UK and one of its four current member nations, calling GCHQ English is accurate in terms of its three disclosed UK locations. GCHQ HQ is Cheltenham’s largest employer, with a satellite operation on the Cornish coast north of Bude (also convenient for the many undersea cables that land in the county) and radio signals collection at Menwith Hill in north Yorkshire, a site also thought to act as the European base of the US’s National Security Agency.

None of these are in Scotland, so that would appear to mean starting from scratch. “An independent Scotland will have its own domestic security and intelligence machinery sitting alongside our police service,” says the Scottish Government’s spokesperson. “This would see Scotland's national security arrangements being legislated for, controlled, and overseen in Scotland, for the first time.”

It is not clear whether Scotland would be allowed to join the US, UK, Australia, Canada and New Zealand in the "Five Eyes" group of countries that extensively share their signals intelligence work. The Scottish government does sound keen to co-operate:

“We will work in very close collaboration with the remaining UK and with wider international partners on security and intelligence matters: it is in everyone’s interests to keep our islands secure,” says the spokesperson. “We would at all times ensure that this was done within a strict legal framework set by the Scottish Parliament and ensuring the constitutional rights of the Scottish people. The Scottish and UK Governments would engage closely as sovereign, equal and cooperative allies in tackling issues such as terrorism and organised crime.”

Whether or not Scotland became the Sixth ‘Eye’ (or perhaps ‘Aye’), building capacity in signals intelligence looks tricky. From a practical point of view, an independent Scotland would have very few undersea cables landing in its territory and would lack overseas islands to house forward surveillance stations. Scotland has also tended to take a less authoritarian line than England, Wales and Northern Ireland on civil liberties – permanent police retention of DNA samples, recently abolished across the UK, was never allowed in Scotland – so a ScotCHQ might anyway be less extensive.

Overall, an independent Scotland would have a varied outlook on government IT. In some areas, such as health, it is already pretty much independent, and in good shape. But on the welfare system, the Scottish government acknowledges the need for transitional arrangements over several years. In building what follows, it could counterbalance the UK’s economies of scale through newer, cheaper and better systems than the rUK legacy ones – its spokesperson talks of IT that is “secure, agile and adaptable”.

But building lean new IT systems from scratch ignores Scotland’s civil service data processing offices, which would be underemployed following the presumed loss of their English business. Some might find jobs at the new ScotCHQ, but the main impact of independence on Scottish government IT might well be a choice between replicating legacy systems and cutting some civil service jobs, or creating better IT – and cutting more. ®

SANS - Survey on application security programs

More from The Register

next story
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
Whoever you vote for, Google gets in
Report uncovers giant octopus squid of lobbying influence
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Alphadex fires back at British Gas with overcharging allegation
Brit colo outfit says it paid for 347KVA, has been charged for 1940KVA
Jack the RIPA: Blighty cops ignore law, retain innocents' comms data
Prime minister: Nothing to see here, go about your business
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.