What's an RDBMS? Don't ask the UK's data protection watchdog
Cambridge Analytica Deep Throat says ICO needs to gen up on technical terminology
The UK's data protection watchdog needs to hire more staff that "understand how databases work", according to whistleblower Chris Wylie.
Wylie – the pink-haired, loud-mouthed former Cambridge Analytica staffer at the centre of the claims about the use of Facebook user data in political targeting – made the comments in a four-hour session in front of MPs today.
In one of the more pedestrian parts of his evidence, Wylie was asked about his experiences working with the Information Commissioner's Office, to which he said they were sorely in need of more technical expertise, as they asked him a few too many "basic questions".
The ICO has gained international attention in the past week, in part due to the commissioner, Elizabeth Denham, being wheeled out on prime-time TV to announce that she had applied for a warrant to raid Cambridge Analytica's premises.
Unfortunately for her, it then took a week for that warrant to be granted – a process that involved a five-hour court hearing last Friday and a midnight raid on the firm's London offices.
The increased scrutiny of her office's actions – or inaction – has seen politicians queuing up to make public calls for her to be given more powers and more funding.
Wylie suggested that if the office was to be given more resources, this should be targeted at technical skills.
He said that during his recent work with the ICO – as he prepared to go public with his allegations about his former employers – the body had asked a lot of questions about things that are "technical" but not so technical that it should be above the understanding of the data regulator.
"One of the weak points of the ICO is the lack of technical people," he told MPs. "The fact is, they've had to ask me a lot of questions that a database engineer would not ask."
For instance, he added: "I've had to explain and re-explain and re-explain and re-explain how relational databases work... what is a PCA, what is dimensionality reduction."
Wylie said that this was "empathetic criticism" and that he understood the ICO's limited resources and powers, adding that the team had put in "a tonne of time" and "have been trying really hard".
However, he said that even up to the point of the office raid, the team was "asking fairly basic questions about databases; you know, 'What are the file names called?'... Well, it's more complicated than that."
Wylie added: "They are in charge of regulating data, so they should have a lot of people who understand how databases work."
The Register has put Wylie's comments to the ICO, and while it has yet to respond, the body has already acknowledged it needs to boost staff's technical abilities.
Earlier this month the ICO published its inaugural tech strategy – a light-weight document coming in at just nine pages including cover, contents and foreword (and written on Word 2010) – which set out plans for extra training, new hires and closer links to academia.
Amid the increasing criticism of the ICO's technical knowledge and poor resourcing, the government has signed off on a £40,000 boost for the commissioner.
As of 1 April, the salary for the role will go up to £160,000 from £140,000 – a figure it has been stuck on since it was last reviewed in 2008. There will also be an annual "uplift" of £20,000 for the duration of Denham's term.
This extra cash will be attached to Denham as an individual rather than the role; a move that was questioned by opposition MPs in the House of Commons debate on the raise, but ultimately not put to a vote. ®
Sponsored: Becoming a Pragmatic Security Leader