Category Archives: surveillance

deregulation, health, human rights, privacy, scope creep, surveillance, Tech, trust

Destination smart-cities: design, desire and democracy (Part two)

Smart cities: private reach in public space and personal lives

Smart-cities are growing in the UK through private investment and encroachment on public space. They are being built by design at home, and supported by UK money abroad, with enormous expansion plans in India for example, in almost 100 cities.

With this rapid expansion of “smart” technology not only within our living rooms but my living space and indeed across all areas of life, how do we ensure equitable service delivery, (what citizens generally want, as demonstrated by strength of feeling on the NHS) continues in public ownership, when the boundary in current policy is ever more blurred between public and private corporate ownership?

How can we know and plan by-design that the values we hope for, are good values, and that they will be embedded in systems, in policies and planning? Values that most people really care about. How do we ensure “smart” does not ultimately mean less good? That “smart” does not in the end mean, less human.

Economic benefits seem to be the key driver in current government thinking around technology – more efficient = costs less.

While using technology progressing towards replacing repetitive work may be positive, how will we accommodate for those whose skills will no longer be needed? In particular its gendered aspect, and the more vulnerable in the workforce, since it is women and other minorities who work disproportionately in our part-time, low skill jobs. Jobs that are mainly held by women, even what we think of as intrinsically human, such as carers, are being trialed for outsourcing or assistance by technology. These robots monitor people, in their own homes and reduce staffing levels and care home occupancy. We’ll no doubt hear how good it is we need fewer carers because after all, we have a shortage of care staff. We’ll find out whether it is positive for the cared, or whether they find it it less ‘human'[e]. How will we measure those costs?

The ideal future of us all therefore having more leisure time sounds fab, but if we can’t afford it, we won’t be spending more of our time employed in leisure. Some think we’ll simply be unemployed. And more people live in the slums of Calcutta than in Soho.

One of the greatest benefits of technology is how more connected the world can be, but will it also be more equitable?

There are benefits in remote sensors monitoring changes in the atmosphere that dictate when cars should be taken off the roads on smog-days, or indicators when asthma risk-factors are high.

Crowd sourcing information about things which are broken, like fix-my-street, or lifts out-of-order are invaluable in cities for wheelchair users.

Innovative thinking and building things through technology can create things which solve simple problems and add value to the person using the tool.

But what of the people that cannot afford data, cannot be included in the skilled workforce, or will not navigate apps on a phone?

How this dis-incentivises the person using the technology has not only an effect on their disappointment with the tool, but the service delivery, and potentially wider still even to societal exclusion or stigma.These were the findings of the e-red book in Glasgow explained at the Digital event in health, held at the King’s Fund in summer 2015.

Further along the scale of systems and potential for negative user experience, how do we expect citizens to react to finding punishments handed out by unseen monitoring systems, finding out our behaviour was ‘nudged’ or find decisions taken about us, without us?

And what is the oversight and system of redress for people using systems, or whose data are used but inaccurate in a system, and cause injustice?

And wider still, while we encourage big money spent on big data in our part of the world how is it contributing to solving problems for millions for whom they will never matter? Digital and social media makes increasingly transparent our one connected world, with even less excuse for closing our eyes.

Approximately 15 million girls worldwide are married each year – that’s one girl, aged under 18, married off against her will every two seconds. [Huff Post, 2015]

Tinder-type apps are luxury optional extras for many in the world.

Without embedding values and oversight into some of what we do through digital tools implemented by private corporations for profit, ‘smart’ could mean less fair, less inclusive, less kind. Less global.

If digital becomes a destination, and how much it is implemented is seen as a measure of success, by measuring how “smart” we become risks losing sight of seeing technology as solutions and steps towards solving real problems for real people.

We need to be both clever and sensible, in our ‘smart’.

Are public oversight and regulation built in to make ‘smart’ also be safe?

If there were public consultation on how “smart” society will look would we all agree if and how we want it?

Thinking globally, we need to ask if we are prioritising the wrong problems? Are we creating more tech that we already have invented solutions for place where governments are willing to spend on them? And will it in those places make the society more connected across class and improve it for all, or enhance the lives of the ‘haves’ by having more, and the ‘have-nots’ be excluded?

Does it matter how smart your TV gets, or carer, or car, if you cannot afford any of these convenient add-ons to Life v1.1?

As we are ever more connected, we are a global society, and being ‘smart’ in one area may be reckless if at the expense or ignorance of another.

People need to Understand what “Smart” means

“Consistent with the wider global discourse on ‘smart’ cities, in India urban problems are constructed in specific ways to facilitate the adoption of “smart hi-tech solutions”. ‘Smart’ is thus likely to mean technocratic and centralized, undergirded by alliances between the Indian government and hi-technology corporations.”  [Saurabh Arora, Senior Lecturer in Technology and Innovation for Development at SPRU]

Those investing in both countries are often the same large corporations. Very often, venture capitalists.

Systems designed and owned by private companies provide the information technology infrastructure that i:

the basis for providing essential services to residents. There are many technological platforms involved, including but not limited to automated sensor networks and data centres.’

What happens when the commercial and public interest conflict and who decides that they do?

Decision making, Mining and Value

Massive amounts of data generated are being mined for making predictions, decisions and influencing public policy: in effect using Big Data for research purposes.

Using population-wide datasets for social and economic research today, is done in safe settings, using deidentified data, in the public interest, and has independent analysis of the risks and benefits of projects as part of the data access process.

Each project goes before an ethics committee review to assess its considerations for privacy and not only if the project can be done, but should be done, before it comes for central review.

Similarly our smart-cities need ethics committee review assessing the privacy impact and potential of projects before commissioning or approving smart-technology. Not only assessing if they are they feasible, and that we ‘can’ do it, but ‘should’ we do it. Not only assessing the use of the data generated from the projects, but assessing the ethical and privacy implications of the technology implementation itself.

The Committee recommendations on Big Data recently proposed that a ‘Council of Data Ethics’ should be created to explicitly address these consent and trust issues head on. But how?

Unseen smart-technology continues to grow unchecked often taking root in the cracks between public-private partnerships.

We keep hearing about Big Data improving public services but that “public” data is often held by private companies. In fact our personal data for public administration has been widely outsourced to private companies of which we have little oversight.

We’re told we paid the price in terms of skills and are catching up.

But if we simply roll forward in first gear into the connected city that sees all, we may find we arrive at a destination that was neither designed nor desired by the majority.

We may find that the “revolution, not evolution”, hoped for in digital services will be of the unwanted kind if companies keep pushing more and more for more data without the individual’s consent and our collective public buy-in to decisions made about data use.

Having written all this, I’ve now read the Royal Statistical Society’s publication which eloquently summarises their recent work and thinking. But I wonder how we tie all this into practical application?

How we do governance and regulation is tied tightly into the practicality of public-private relationships but also into deciding what should society look like? That is what our collective and policy decisions about what smart-cities should be and may do, is ultimately defining.

I don’t think we are addressing in depth yet the complexity of regulation and governance that will be sufficient to make Big Data and Public Spaces safe because companies say too much regulation risks choking off innovation and creativity.

But that risk must not be realised if it is managed well.

Rather we must see action to manage the application of smart-technology in a thoughtful way quickly, because if we do not, very soon, we’ll have lost any say in how our service providers deliver.

*******

I began my thoughts about this in Part one, on smart technology and data from the Sprint16 session and after this (Part two), continue to look at the design and development of smart technology making “The Best Use of Data” with a UK company case study (Part three) and “The Best Use of Data” used in predictions and the Future (Part four).

care.data, change management, politics, privacy, surveillance

Destination smart-cities: design, desire and democracy (Part one)

When I drop my children at school in the morning I usually tell them three things: “Be kind. Have fun. Make good choices.”

I’ve been thinking recently about what a positive and sustainable future for them might look like. What will England be in 10 years?

The #Sprint16 snippets I read talk about how: ”Digital is changing how we deliver every part of government,” and “harnessing the best of digital and technology, and the best use of data to improve public services right across the board.”

From that three things jumped out at me:

  • The first is that the “best use of data” in government’s opinion may conflict with that of the citizen.
  • The second, is how to define “public services” right across the board in a world in which boundaries between private and public in the provision of services have become increasingly blurred.
  • And the third is the power of tech to offer both opportunity and risk if used in “every part of government” and effects on access to, involvement in, and the long-term future of, democracy.

What’s the story so far?

In my experience so far of trying to be a digital citizen “across the board” I’ve seen a few systems come and go. I still have my little floppy paper Government Gateway card, navy blue with yellow and white stripes. I suspect it is obsolete. I was a registered Healthspace user, and used it twice. It too, obsolete. I tested my GP online service. It was a mixed experience.

These user experiences are shaping how I interact with new platforms and my expectations of organisations, and I will be interested to see what the next iteration, nhs alpha, offers.

How platforms and organisations interact with me, and my data, is however increasingly assumed without consent. This involves new data collection, not only using data from administrative or commercial settings to which I have agreed, but new scooping of personal data all around us in “smart city” applications.

Just having these digital applications will be of no benefit and all the disadvantages of surveillance for its own sake will be realised.

So how do we know that all these data collected are used – and by whom? How do we ensure that all the tracking actually gets turned into knowledge about pedestrian and traffic workflow to make streets and roads safer and smoother in their operation, to make street lighting more efficient, or the environment better to breathe in and enjoy? And that we don’t just gift private providers tonnes of valuable data which they simply pass on to others for profit?

Because without making things better, in this Internet-of-Things will be a one-way ticket to power in the hands of providers and loss of control, and quality of life. We’ll work around it, but buying a separate SIM card for trips into London, avoiding certain parks or bridges, managing our FitBits to the nth degree under a pseudonym. But being left no choice but to opt out of places or the latest technology to enjoy, is also tedious. If we want to buy a smart TV to access films on demand, but don’t want it to pass surveillance or tracking information back to the company how can we find out with ease which products offer that choice?

Companies have taken private information that is none of their business, and quite literally, made it their business.

The consumer technology hijack of “smart” to always mean marketing surveillance creates a divide between those who will comply for convenience and pay the price in their privacy, and those who prize privacy highly enough to take steps that are less convenient, but less compromised.

But even wanting the latter, it can be so hard to find out how to do, that people feel powerless and give-in to the easy option on offer.

Today’s system of governance and oversight that manages how our personal data are processed by providers of public and private services we have today, in both public and private space, is insufficient to meet the values most people reasonably expect, to be able to live their life without interference.

We’re busy playing catch up with managing processing and use, when many people would like to be able to control collection.

The Best use of Data: Today

My experience of how the government wants to ‘best use data’ is that until 2013 I assumed the State was responsible with it.

I feel bitterly let down.

care.data taught me that the State thinks my personal data and privacy are something to exploit, and “the best use of my data” for them, may be quite at odds with what individuals expect. My trust in the use of my health data by government has been low ever since. Saying one thing and doing another, isn’t making it more trustworthy.

I found out in 2014 how my children’s personal data are commercially exploited and given to third parties including press outside safe settings, by the Department for Education. Now my trust is at rock bottom. I tried to take a look at what the National Pupil Database stores on my own children and was refused a subject access request, meanwhile the commercial sector and Fleet Street press are given out not only identifiable data, but ‘highly sensitive’ data. This just seems plain wrong in terms of security, transparency and respect for the person.

The attitude that there is an entitlement of the State to individuals’ personal data has to go.

The State has pinched 20 m children’s privacy without asking. Tut Tut indeed. [see Very British Problems for a translation].

And while I support the use of public administrative data in deidentified form in safe settings, it’s not to be expected that anything goes. But the feeling of entitlement to access our personal data for purposes other than that for which we consented, is growing, as it stretches to commercial sector data. However suggesting that public feeling measured based on work with 0.0001% of the population, is “wide public support for the use and re-use of private sector data for social research” seems tenuous.

Even so, comments even in that tiny population suggested, “many participants were taken by surprise at the extent and size of data collection by the private sector” and some “felt that such data capture was frequently unwarranted.” “The principal concerns about the private sector stem from the sheer volume of data collected with and without consent from individuals and the profits being made from linking data and selling data sets.”

The Best use of Data: The Future

Young people, despite seniors often saying “they don’t care about privacy” are leaving social media in search of greater privacy.

These things cannot be ignored if the call for digital transformation between the State and the citizen is genuine because try and do it to us and it will fail. Change must be done with us. And ethically.

And not “ethics” as in ‘how to’, but ethics of “should we.” Qualified transparent evaluation as done in other research areas, not an add on, but integral to every project, to look at issues such as:

  • whether participation is voluntary, opt-out or covert
  • how participants can get and give informed consent
  • accessibility to information about the collection and its use
  • small numbers, particularly of vulnerable people included
  • identifiable data collection or disclosure
  • arrangements for dealing with disclosures of harm and recourse
  • and how the population that will bear the risks of participating in the research is likely to benefit from the knowledge derived from the research or not.

Ethics is not about getting away with using personal data in ways that won’t get caught or hauled over the coals by civil society.

It’s balancing risk and benefit in the public interest, and not always favouring the majority, but doing what is right and fair.

We hear a lot at the moment on how the government may see lives, shaped by digital skills, but too little of heir vison for what living will look and feel like, in smart cities of the future.

My starting question is, how does government hope society will live there and is it up to them to design it? If not, who is because these smart-city systems are not designing themselves. You’ve heard of Stepford wives. I wonder what do we do if we do not want to live like Milton Keynes man?

I hope that the world my children will inherit will be more just, more inclusive, and with a more sustainable climate to support food, livelihoods and kinder than it is today. Will ‘smart’ help or hinder?

What is rarely discussed in technology discussions is how the service should look regardless of technology. The technology assumed as inevitable, becomes the centre of service delivery.

I’d like to first understand what is the central and local government vision for “public services”  provision for people of the future? What does it mean for everyday services like schools and health, and how does it balance security and our freedoms?

Because without thinking about how and who provides those services for people, there is a hole in the discussion of “the best use of data” and their improvement “right across the board”.

The UK government has big plans for big data sharing, sharing across all public bodies, some tailored for individual interventions.

While there are interesting opportunities for public benefit from at-scale systems, the public benefit is at risk not only from lack of trust in how systems gather data and use them, but that interoperability in service, and the freedom for citizens to transfer provider, gets lost in market competition.

Openness and transparency can be absent in public-private partnerships until things go wrong. Given the scale of smart-cities, we must have more than hope that data management and security will not be one of those things.

How will we know if new plans are designed well, or not?

When I look at my children’s future and how our current government digital decision making may affect it, I wonder if their future will be more or less kind. More or less fun.

Will they be left with the autonomy to make good choices of their own?

The hassle we feel when we feel watched all the time, by every thing that we own, in every place we go, having to check every check box has a reasonable privacy setting, has a cumulative cost in our time and anxieties.

Smart technology has invaded not only our public space and our private space, but has nudged into our head space.

I for one have had enough already. For my kids I want better. Technology should mean progress for people, not tyranny.

Living in smart cities, connected in the Internet-of-Things, run on their collective Big Data and paid for by commercial corporate providers, threatens not only their private lives and well-being, their individual and independent lives, but ultimately independent and democratic government as we know it.

*****

This is the start of a four part set of thoughts: Beginnings with smart technology and data triggered by the Sprint16 session (part one). I think about this more in depth in “Smart systems and Public Services” (Part two) here, and the design and development of smart technology making “The Best Use of Data” looking at today in a UK company case study (Part three) before thoughts on “The Best Use of Data” used in predictions and the Future (Part four).

family, human rights, National Pupil Database, politics, privacy, surveillance, Tech, transparency, trust

Monitoring software in schools: the Department for Education’s digital dream or nightmare? (2)

“Children do not lose their human rights by virtue of passing through the school gates” (UN Committee on the Rights of the Child, General Comment on ‘The aims of education’, 2001).

The Digital Skills in Schools inquiry [1] is examining the gap in education of our children to enable them to be citizens fit for the future.

We have an “educational gap” in digital skills and I have suggested it should not be seen only as functional or analytical, but should also address a gap in ethical skills and framework to equip our young people to understand their digital rights, as well as responsibilities.

Children must be enabled in education with opportunity to understand how they can grow “to develop physically, mentally, morally, spiritually and socially in a healthy and normal manner and in conditions of freedom and dignity”. [2]

Freedom to use the internet in privacy does not mean having to expose children to risks, but we should ask, are there ways of implementing practices which are more proportionate, and less intrusive than monitoring and logging keywords [3] for every child in the country? What problem is the DfE trying to solve and how?

Nicky Morgan’s “fantastic” GPS tracking App

The second technology tool Nicky Morgan mentioned in her BETT speech on January 22nd, is an app with GPS tracking and alerts creation. Her app verdict was “excellent” and “fantastic”:

“There are excellent examples at the moment such as the Family First app by Group Call. It uses GPS in mobile phones to help parents keep track of their children’s whereabouts, allowing them to check that they have arrived safely to school, alerting them if they stray from their usual schedule.” [4]

I’m not convinced tracking every child’s every move is either excellent or fantastic. Primarily because it will foster a nation of young people who feel untrusted, and I see a risk it could create a lower sense of self-reliance, self-confidence and self-responsibility.

Just as with the school software monitoring [see part one], there will be a chilling effect on children’s freedom if these technologies become the norm. If you fear misusing a word in an online search, or worry over stigma what others think, would you not change your behaviour? Our young people need to feel both secure and trusted at school.

How we use digital in schools shapes our future society

A population that trusts one another and trusts its government and organisations and press, is vital to a well functioning society.

If we want the benefits of a global society, datasharing for example to contribute to medical advance, people must understand how their own data and digital footprint fits into a bigger picture to support it.

In schools today pupils and parents are not informed that their personal confidential data are given to commercial third parties by the Department for Education at national level [5]. Preventing public engagement, hiding current practices, downplaying the risks of how data are misused, also prevents fair and transparent discussion of its benefits and how to do it better. Better, like making it accessible only in a secure setting not handing data out to Fleet Street.

For children this holds back public involvement in the discussion of the roles of technology in their own future. Fear of public backlash over poor practices must not hold back empowering our children’s understanding of digital skills and how their digital identity matters.

Digital skills are not shorthand for coding, but critical life skills

Skills our society will need must simultaneously manage the benefits to society and deal with great risks that will come with these advances in technology; advances in artificial intelligence, genomics, and autonomous robots, to select only three examples.

There is a glaring gap in their education how their own confidential personal data and digital footprint fit a globally connected society, and how they are used by commercial business and third parties.

There are concerns how apps could be misused by others too.

If we are to consider what is missing in our children’s preparations for life in which digital will no longer be a label but a way of life, then to identify the gap, we must first consider what we see as whole.

Rather than keeping children safe in education, as regards data sharing and digital privacy, the DfE seems happy to keep them ignorant. This is no way to treat our young people and develop their digital skills, just as giving their data away is not good cyber security.

What does a Dream for a  great ‘digital’ Society look like?

Had Martin Luther King lived to be 87 he would have continued to inspire hope and to challenge us to fulfill his dream for society – where everyone would have an equal opportunity for “life, liberty and the pursuit of happiness.”

Moving towards that goal, supported with technology, with ethical codes of practice, my dream is we see a more inclusive, fulfilled, sustainable and happier society. We must educate our children as fully rounded digital and data savvy individuals, who trust themselves and systems they use, and are well treated by others.

Sadly, introductions of these types of freedom limiting technologies for our children, risk instead that it may be a society in which many people do not feel comfortable, that lost sight of the value of privacy.

References:

[1] Digital Skills Inquiry: http://www.parliament.uk/business/committees/committees-a-z/commons-select/science-and-technology-committee/inquiries/parliament-2015/digital-skills-inquiry-15-16/

[2] UN Convention of the Rights of the Child

[3] Consultation: Keeping Children Safe in Education – closing Feb 16thThe “opportunities to teach safeguarding” section (para 77-78) has been updated and now says governing bodies and proprieties “should ensure” rather than “should consider” that children are taught about safeguarding, including online, through teaching and learning opportunities.

The Consultation Guidance: most relevant paragraphs 75 and 77 p 22

[4] Nicky Morgan’s full speech at BETT

[5] The defenddigitalme campaign to ask the Department forEducation to change practices and policy around The National Pupil Database

 

 

#caredata, National Pupil Database, surveillance, transparency, trust

Ethics, standards and digital rights – time for a citizens’ charter

Central to future data sharing [1] plans is the principle of public interest, intended to be underpinned by transparency in all parts of the process, to be supported by an informed public.  Three principles that are also key in the plan for open policy.

The draft ethics proposals [2] start with user need (i.e. what government wants, researchers want, the users of the data) and public benefit.

With these principles in mind I wonder how compatible the plans are in practice, plans that will remove the citizen from some of the decision making about information sharing from the citizen; that is, you and me.

When talking about data sharing it is all too easy to forget we are talking about people, and in this case, 62 million individual people’s personal information, especially when users of data focus on how data are released or published. The public thinks in terms of personal data as info related to them. And the ICO says, privacy and an individual’s rights are engaged at the point of collection.

The trusted handling, use and re-use of population-wide personal data sharing and ID assurance are vital to innovation and digital strategy. So in order to make these data uses secure and trusted, fit for the 21st century, when will the bad bits of current government datasharing policy and practice [3] be replaced by good parts of ethical plans?

Current practice and Future Proofing Plans

How is policy being future proofed at a time of changes to regulation in the new EUDP which are being made in parallel? Changes that clarify consent and the individual, requiring clear affirmative action by the data subject. [4]  How do public bodies and departments plan to meet the current moral and legal obligation to ensure persons whose personal data are subject to transfer and processing between two public administrative bodies must be informed in advance?

How is public perception [5] being taken into account?

And how are digital identities to be protected when they are literally our passport to the world, and their integrity is vital to maintain, especially for our children in the world of big data [6] we cannot imagine today? How do we verify identity but not have to reveal the data behind it, if those data are to be used in ever more government transactions – done badly that could mean the citizen loses sight of who knows what information and who it has been re-shared with.

From the 6th January there are lots of open questions, no formal policy document or draft legislation to review. It appears to be far off being ready for public consultation, needing concrete input on practical aspects of what the change would mean in practice.

Changing the approach to the collection of citizens’ personal data and removing the need for consent to wide re-use and onward sharing, will open up a massive change to the data infrastructure of the country in terms of who is involved in administrative roles in the process and when. As a country to date we have not included data as part of our infrastructure. Some suggest we should. To change the construction of roads would require impact planning, mapping and thought out budget before beginning the project to assess its impact. An assessment this data infrastructure change appears to be missing entirely.

I’ve considered the plans in terms of case studies of policy and practice, transparency and trust, the issues of data quality and completeness and digital inclusion.

But I’m starting by sharing only my thoughts on ethics.

Ethics, standards and digital rights – time for a public charter

How do you want your own, or your children’s personal data handled?

This is not theoretical. Every one of us in the UK has our own confidential data used in a number of ways about which we are not aware today. Are you OK with that? With academic researchers? With GCHQ? [7] What about charities? Or Fleet Street press? All of these bodies have personal data from population wide datasets and that means all of us or all of our children, whether or not we are the subjects of research, subject to investigation, or just an ordinary citizen minding their own business.

On balance, where do you draw the line between your own individual rights and public good? What is fair use without consent and where would you be surprised and want to be informed?
I would like to hear more about how others feel about and weigh the risks and benefits trade off in this area.

Some organisations on debt have concern about digital exclusion. Others about compiling single view data in coercive relationships. Some organisations are campaigning for a digital bill of rights. I had some thoughts on this specifically for health data in the past.

A charter of digital standards and ethics could be enabling, not a barrier and should be a tool that must come to consultation before new legislation.

Discussing datasharing that will open up every public data set “across every public body” without first having defined a clear policy is a challenge. Without defining its ethical good practice first as a reference framework, it’s dancing in the dark. This draft plan is running in parallel but not part of the datasharing discussion.
Ethical practice and principles must be the foundation of data sharing plans, not an after thought.

Why? Because this stuff is hard. The kinds of research that use sensitive de-identified data are sometimes controversial and will become more challenging as the capabilities of what is possible increase with machine learning, genomics, and increased personalisation and targeting of marketing, and interventions.

The ADRN had spent months on its ethical framework and privacy impact assessment, before I joined the panel.

What does Ethics look like in sharing bulk datasets?

What do you think about the commercialisation of genomic data by the state – often from children whose parents are desperate for a diagnosis – to ‘kick start’ the UK genomics industry?  What do you think about data used in research on domestic violence and child protection? And in predictive policing?

Or research on religious affiliations and home schooling? Or abortion and births in teens matching school records to health data?

Will the results of the research encourage policy change or interventions with any group of people? Could these types of research have unintended consequences or be used in ways researchers did not foresee supporting not social benefit but a particular political or scientific objective? If so, how is that governed?

What research is done today, what is good practice, what is cautious and what would Joe Public expect? On domestic violence for example, public feedback said no.

And while there’s also a risk of not making the best use of data, there are also risks of releasing even anonymised data [8] in today’s world in which jigsawing together the pieces of poorly anonymised data means it is identifying. Profiling or pigeonholing individuals or areas was a concern raised in public engagement work.

The Bean Report used to draw out some of the reasoning behind needs for increased access to data: “Remove obstacles to the greater use of public sector administrative data for statistical purposes, including through changes to the associated legal framework, while ensuring appropriate ethical safeguards are in place and privacy is protected.”

The Report doesn’t outline how the appropriate ethical safeguards are in place and privacy is protected. Or what ethical looks like.

In the Public interest is not clear cut.

The boundary between public and private interest shift in time as well as culture. While in the UK the law today says we all have the right to be treated as equals, regardless of our gender, identity or sexuality it has not always been so.

By putting the rights of the individual on a lower par than the public interest in this change, we risk jeopardising having any data at all to use. But data will be central to the digital future strategy we are told the government wants to “show the rest of the world how it’s done.”

If they’re serious, if all our future citizens must have a digital identity to use with government with any integrity, then the use of not only our current adult, but our children’s data really matters – and current practices must change.  Here’s a case study why:

Pupil data: The Poster Child of Datasharing Bad Practice

Right now, the National Pupil database containing our 8 million or more children’s personal data in England is unfortunately the poster child of what a change in legislation and policy around data sharing, can mean in practice.  Bad practice.

The “identity of a pupil will not be discovered using anonymised data in isolation”, says the User Guide, but when they give away named data, and identifiable data in all but 11 requests since 2012, it’s not anonymised. Anything but the ‘anonymised data’ of publicly announced plans presented in 2011, yet precisely what the change in law to broaden the range of users in the Prescribed Persons Act 2009 permitted , and the expansion of purposes in the amended Education (Individual Pupil Information)(Prescribed Persons) Regulations introduced in June 2013.  It was opened up to:

“(d)persons who, for the purpose of promoting the education or well-being of children in England are—

(i)conducting research or analysis,

(ii)producing statistics, or

(iii)providing information, advice or guidance,

and who require individual pupil information for that purpose(5);”.

The law was changed so that, individual pupil level data, and pupil names are extracted, stored and have also been released at national level. Raw data sent to commercial third parties, charities and press in identifiable individual level and often sensitive data items.

This is a world away from safe setting, statistical analysis of de-identified data by accredited researchers, in the public interest.

Now our children’s confidential data sit on servers on Fleet Street – is this the model for all our personal administrative data in future?

If not, how do we ensure it is not? How will the new all-datasets’ datasharing legislation permit wider sharing with more people than currently have access and not end up with all our identifiable data sent ‘into the wild’ without audit as our pupil data are today?

Consultation, transparency, oversight and public involvement in ongoing data decision making are key, and  well written legislation.

The public interest alone, is not a strong enough description to keep data safe. This same government brought in this National Pupil Database policy thinking it too was ‘in the public interest’ after all.

We need a charter of ethics and digital rights that focuses on the person, not exclusively the public interest use of data.

They are not mutually exclusive, but enhance one another.

Getting ethics in the right place

These ethical principles start in the wrong place. To me, this is not an ethical framework, it’s a ‘how-to-do-data-sharing’ guideline and try to avoid repeating care.data. Ethics is not first about the public interest, or economic good, or government interest. Instead, referencing an ethics council view, you start with the person.

“The terms of any data initiative must take into account both private and public interests. Enabling those with relevant interests to have a say in how their data are used and telling them how they are, in fact, used is a way in which data initiatives can demonstrate respect for persons.”

Professor Michael Parker, Member of the Nuffield Council on Bioethics Working Party and Professor of Bioethics and Director of the Ethox Centre, University of Oxford:

“Compliance with the law is not enough to guarantee that a particular use of data is morally acceptable – clearly not everything that can be done should be done. Whilst there can be no one-size-fits-all solution, people should have say in how their data are used, by whom and for what purposes, so that the terms of any project respect the preferences and expectations of all involved.”

The  partnership between members of the public and public administration must be consensual to continue to enjoy support. [10]. If personal data are used for research or other uses, in the public interest, without explicit consent, it should be understood as a privilege by those using the data, not a right.

As such, we need to see data as about the person, as they see it themselves, and data at the point of collection as information about individual people, not just think of statistics. Personal data are sensitive, and some research uses highly sensitive,  and data used badly can do harm. Designing new patterns of datasharing must think of the private, as well as public interest,  co-operating for the public good.

And we need a strong ethical framework to shape that in.

******

[1] http://datasharing.org.uk/2016/01/13/data-sharing-workshop-i-6-january-2016-meeting-note/

[2] Draft data science ethical framework: https://data.blog.gov.uk/wp-content/uploads/sites/164/2015/12/Data-science-ethics-short-for-blog-1.pdf

[3] defenddigitalme campaign to get pupil data in England made safe http://defenddigitalme.com/

[4] On the European Data Protection regulations: https://www.privacyandsecuritymatters.com/2015/12/the-general-data-protection-regulation-in-bullet-points/

[5] Public engagament work – ADRN/ESRC/ Ipsos MORI 2014 https://adrn.ac.uk/media/1245/sri-dialogue-on-data-2014.pdf

[6] Written evidence submitted to the parliamentary committee on big data: http://data.parliament.uk/writtenevidence/committeeevidence.svc/evidencedocument/science-and-technology-committee/big-data-dilemma/written/25380.pdf

[7] http://www.bbc.co.uk/news/uk-politics-35300671 Theresa May affirmed bulk datasets use at the IP Bill committee hearing and did not deny use of bulk personal datasets, including medical records

[8] http://www.economist.com/news/science-and-technology/21660966-can-big-databases-be-kept-both-anonymous-and-useful-well-see-you-anon

[9] Nuffield Council on Bioethics http://nuffieldbioethics.org/report/collection-linking-use-data-biomedical-research-health-care/ethical-governance-of-data-initiatives/

[10] Royal Statistical Society –  the data trust deficit https://www.ipsos-mori.com/researchpublications/researcharchive/3422/New-research-finds-data-trust-deficit-with-lessons-for-policymakers.aspx

Background: Why datasharing matters to me:

When I joined the data sharing discussions that have been running for almost 2 years only very recently, it was wearing two hats, both in a personal capacity.

The first was with interest in how any public policy and legislation may be changing and will affect deidentified datasharing for academic research, as I am one of two lay people, offering public voice on the ADRN approvals panel.

Its aim is to makes sure the process of granting access to the use of sensitive, linked administrative data from population-wide datasets is fair, equitable and transparent, for de-identified use by trusted researchers, for non-commercial use, under strict controls and in safe settings. Once a research project is complete, the data are securely destroyed. It’s not doing work that “a government department or agency would carry out as part of its normal operations.”

Wearing my second hat, I am interested to see how new policy and practice plan to affect current practice. I coordinate the campaign efforts with the Department for Education to stop giving away the identifiable, confidential and sensitive personal data of our 8m children in England to commercial third parties and press from the National Pupil Database.

#caredata, care.data, confidentiality, consent, human rights, National Pupil Database, politics, pupils, surveillance, Tech, transparency, trust

Parliament’s talking about Talk Talk and Big Data, like some parents talk about sex. Too little, too late.

Parliament’s talking about Talk Talk and Big Data, like some parents talk about sex ed. They should be discussing prevention and personal data protection for all our personal data, not just one company, after the event.

Everyone’s been talking about TalkTalk and for all the wrong reasons. Data loss and a 15-year-old combined with a reportedly reckless response to data protection, compounded by lack of care.

As Rory Cellan-Jones wrote [1] rebuilding its reputation with customers and security analysts is going to be a lengthy job.

In Parliament Chi Onwarah, Shadow Minister for Culture & the Digital Economy, summed up in her question, asking the Minister to acknowledge “that all the innovation has come from the criminals while the Government sit on their hands, leaving it to businesses and consumers to suffer the consequences?”  [Hansard 2]

MPs were concerned for the 4 million* customers’ loss of name, date of birth, email, and other sensitive data, and called for an inquiry. [It may now be fewer*.] [3] The SciTech committee got involved too.

I hope this means Parliament will talk about TalkTalk not as the problem to be solved, but as one case study in a review of contemporary policy and practices in personal data handling.

Government spends money in data protection work in the [4] “National Cyber Security Programme”. [NCSP] What is the measurable outcome – particularly for TalkTalk customers and public confidence – from its £860M budget?  If you look at the breakdown of those sums, with little going towards data protection and security compared with the Home Office and Defence, we should ask if government is spending our money in an appropriately balanced way on the different threats it perceives. Keith Vaz suggested British companies that lose £34 billion every year to cybercrime. Perhaps this question will come into the inquiry.

This all comes after things have gone wrong.  Again [5]. An organisation we trusted has abused that trust by not looking after data with the stringency that customers should be able to expect in the 21st century, and reportedly not making preventative changes, apparent a year ago. Will there be consequences this time?

The government now saying it is talking about data protection and consequences, is like saying they’re talking sex education with teens, but only giving out condoms to the boys.

It could be too little too late. And they want above all to avoid talking about their own practices. Let’s change that.

Will this mean a review to end risky behaviour, bring in change, and be wiser in future?

If MPs explore what the NCSP does, then we the public, should learn more about what government’s expectations of commercial companies is in regards modern practices.

In addition, any MPs’ inquiry should address government’s own role in its own handling of the public’s personal data. Will members of government act in a responsible manner or simply tell others how to do so?

Public discussion around both commercial and state use of our personal data, should mean genuine public engagement. It should involve a discussion of consent where necessary for purposes  beyond those we expect or have explained when we submit our data, and there needs to be a change in risky behaviour in terms of physical storage and release practices, or all the talk, is wasted.

Some say TalkTalk’s  practices mean they have broken their contract along with consumer trust. Government departments should also be asking whether their data handling would constitute a breach of the public’s trust and reasonable expectations.

Mr Vaizey should apply his same logic to government handling data as he does to commercial handling. He said he is open to suggestions for improvement. [6]

Let’s not just talk about TalkTalk.

    • Let’s Talk Consequences: organisations taking risk seriously and meaningful consequences if not [7]
    • Let’s Talk Education: the education of the public on personal data use by others and rights and responsibilities we have [8]
    • Let’s Talk Parliament’s Policies and Practices: about its own complementary lack of data  understanding in government and understand what good practice is in physical storage, good governance and transparent oversight
    • Let’s Talk Public Trust: and the question whether government can be trusted with public data it already has and whether its current handling makes it trustworthy to take more [9]

Vaizey said of the ICO now in his own department: “The Government take the UK’s cyber-security extremely seriously and we will continue to do everything in our power to protect organisations and individuals from attacks.”

“I will certainly meet the Information Commissioner to look at what further changes may be needed in the light of this data breach. [..] It has extensive powers to take action and, indeed, to levy significant fines. “

So what about consequences when data are used in ways the public would consider a loss, and not through an attack or a breach, but government policy? [10]

Let’s Talk Parliament’s Policies and Practices

Commercial companies are not alone in screwing up the use and processing [11] management of our personal data. The civil service under current policy seems perfectly capable of doing by itself. [12]

Government data policy has not kept up with 21st century practices and to me seems to work in the dark, as Chi Onwarah said,

‘illuminated by occasional flashes of incompetence.’

This incompetence can risk harm to people’s lives, to business and to public confidence.

And once given, trust would be undermined by changing the purposes or scope of use for which it was given, for example as care.data plans to do after the pilot. A most risky idea.

Trust in these systems, whether commercial or state, is crucial. Yet reviews which highlight this, and make suggestions to support trust such as ‘data should never be (and currently is never) released with personal identifiers‘ in The Shakespeare Review have been ignored by government.

Where our personal data are not used well in government departments by the department themselves, they seem content to date to rely on public ignorance to get away with current shoddy practices.

Practices such as not knowing who all your customers are, because they pass data on to others. Practices, such as giving individual level identifiable personal data to third parties without informing the public, or asking for consent. Practices, such as never auditing or measuring any benefit of giving away others personal data.

“It is very important that all businesses, particularly those handling significant amounts of sensitive customer data, have robust procedures in place to protect those data and to inform customers when there may have been a data breach.” Ed Vaizey, Oct 26th, HOC

If government departments prove to be unfit to handle the personal data we submit in trust to the state today, would we be right to trust them with even more?

While the government is busy wagging fingers at commercial data use poor practices, the care.data debacle is evidence that not all its MPs or civil service understand how data are used in commercial business or through government departments.

MPs calling for commercial companies to sharpen up their data protection must understand how commercial use of data often piggy-backs the public use of our personal data, or others getting access to it via government for purposes that were unintended.

Let’s Talk Education

If the public is to understand how personal data are to be kept securely with commercial organisations, why should they not equally ask to understand how the state secures their personal data? Educating the public could lead to better engagement with research, better understanding of how we can use digital services and a better educated society as a whole. It seems common sense.

At a recent public event [13],  I asked civil servants talking about big upcoming data plans they announced, linking school data with more further education and employment data, I asked how they planned to involve the people whose data they would use. There was no public engagement to mention. Why not? Inexcusable in this climate.

Public engagement is a matter of trust and developing understanding in a relationship. Organisations must get this right.[14]

If government is discussing risky practices by commercial companies, they also need to look closer to home and fix what is broken in government data handling where it exposes us to risk through loss of control of our personal data.

The National Pupil Database for example, stores and onwardly shares identifiable individual sensitive data of at least 8m children’s records from age 2 -19. That’s twice as big as the TalkTalk loss was first thought to be.

Prevention not protection is what we should champion. Rather than protection after the events,  MPs and public must demand emphasis on prevention measures in our personal data use.

This week sees more debate on how and why the government will legislate to have more powers to capture more data about all the people in the country. But are government policy, process and practices fit to handle our personal data, what they do with it and who they give it to?

Population-wide gathering of data surveillance in any of its many forms is not any less real just because you don’t see it. Children’s health, schools, increases in volume of tax data collection. We don’t discuss enough how these policies can be used every day without the right oversight. MPs are like the conservative parents not comfortable talking to their teens about sleeping with someone. Just because you don’t know, it doesn’t mean they’re not doing it. [15] It just means you don’t want to know because if you find out they’re not doing it safely, you’ll have to do something about it.

And it might be awkward. (Meanwhile in schools real, meaningful PHSE has been left off the curriculum.)

Mr. Vaizey asked in the Commons for suggestions for improvement.

My suggestion is this. How government manages data has many options. But the principle should be simple. Our personal data needs not only protected, but not exposed to unnecessary risk in the first place, by commercial or state bodies. Doing nothing, is not an option.

Let’s Talk about more than TalkTalk

Teens will be teens. If commercial companies can’t manage their systems better to prevent a child successfully hacking it, then it’s not enough to point at criminal behaviour. There is fault to learn from on all sides. In commercial and state uses of personal data.

There is talk of new, and bigger, data sharing plans. [16]

Will the government wait to see  and keep its fingers crossed each month to see if our data are used safely at unsecured settings with some of these unknown partners data might be onwardly shared with, hoping we won’t find out and they won’t need to talk about it, or have a grown up public debate based on public education?

Will it put preventative measures in place appropriate to the sensitivity and volume of the data it is itself responsible for?

Will moving forward with new plans mean safer practices?

If government genuinely wants our administrative data at the heart of digital government fit for the 21st century, it must first understand how all government departments collect and use public data. And it must educate the public in this and commercial data use.

We need a fundamental shift in the way the government respects public opinion and shift towards legal and privacy compliance – both of which are lacking.

Let’s not talk about TalkTalk. Let’s have meaningful grown up debate with genuine engagement. Let’s talk about prevention measures in our data protection. Let’s talk about consent. It’s personal.

******

[1] Questions for TalkTalk: http://www.bbc.co.uk/news/technology-34636308

[2] Hansard: http://www.publications.parliament.uk/pa/cm201516/cmhansrd/cm151026/debtext/151026-0001.htm#15102612000004

[3] TalkTalk update: http://www.talktalkgroup.com/press/press-releases/2015/cyber-attack-update-tuesday-october-30-2015.aspx

[4] The Cyber Security Programme: http://www.civilserviceworld.com/articles/feature/depth-look-national-cyber-security-programme

[5] Paul reviews TalkTalk; https://paul.reviews/value-security-avoid-talktalk/

[6] https://ico.org.uk/for-organisations/guide-to-data-protection/conditions-for-processing/

[7] Let’s talk Consequences: the consequences of current failures to meet customers’ reasonable expectations of acceptable risk, are low compared with elsewhere.  As John Nicolson (East Dunbartonshire) SNP pointed out in the debate, “In the United States, AT&T was fined £17 million for failing to protect customer data. In the United Kingdom, the ICO can only place fines of up to £500,000. For a company that received an annual revenue of nearly £1.8 billion, a fine that small will clearly not be terrifying. The regulation of telecoms must be strengthened to protect consumers.”

[8] Let’s talk education: FOI request revealing a samples of some individual level data released to members of the press: http://www.theyworkforyou.com/debates/?id=2015-10-26b.32.0

The CMA brought out a report in June, on the use of consumer data, the topic should be familiar in parliament, but little engagement has come about as a result. It suggested the benefit:

“will only be realised if consumers continue to provide data and this relies on them being able to trust the firms that collect and use it”, and that “consumers should know when and how their data is being collected and used and be able to decide whether and how to participate. They should have access to information from firms about how they are collecting, storing and using data.”

[9] Let’s Talk Public Trust – are the bodies involved Trustworthy? Government lacks an effective data policy and is resistant to change. Yet it wants to collect ever more personal and individual level for unknown purposes from the majority of 60m people, with an unprecedented PR campaign.  When I heard the words ‘we want a mature debate’ it was reminiscent of HSCIC’s ‘intelligent grown up debate’ requested by Kinglsey Manning, in a speech when he admitted lack of public knowledge was akin to a measure of past success, and effectively they would rather have kept the use of population wide health data ‘below the radar’.

Change: We need change, the old way after all, didn’t work, according to Minister Matt Hancock: “The old model of government has failed, so we will build a new one.” I’d like to see what that new one will look like. Does he mean to expand only data sharing policy, or the powers of the civil service?

[10] National Pupil Database detailed data releases to third parties https://www.whatdotheyknow.com/request/pupil_data_national_pupil_databa

[11] http://adrn.ac.uk/news-events/latest-news/adrn-rssevent

[12] https://jenpersson.com/public-trust-datasharing-nib-caredata-change/

[13] https://www.liberty-human-rights.org.uk/human-rights/privacy/state-surveillance

[14] http://www.computerweekly.com/news/4500256274/Government-will-tackle-barriers-to-sharing-and-linking-data-says-Cabinet-Office-minister-Hancock

change, politics, surveillance, Tech, transparency, words

George and the Chinese Dragon. Public spending and the cost of dignity.

In 2005 I sat early one morning in an enormous international hotel chain’s breakfast room, in Guangzhou.

Most of the men fetching two adult breakfasts from the vast buffet wore cream coloured chinos, and button down shirts. They sported standardised haircuts with hints of silver. Stylish women sat at  impeccable tables, cradling  babies in pink hats or spoon feeding small children.

On a busy downtown street, close to the Chinese embassy, the hotel was popular with American parents-to-be.

My local colleague explained to me later, that her sadness over thousands of Chinese daughters exported from a one-child policy nation in 2005 was countered by the hope that loving foreign families were found for them.

She repeated with dignity, party mantras and explanations drilled at school. She has good job, (but still she could not afford children). Too little land, too few schools, and healthcare too expensive. She sighed. Her eyes lit up as she looked at my bump and asked if I knew “girl or boy?” If it were a girl, she added, how beautiful she would be with large open eyes. We laughed about the contradictory artificial stereotypes of beauty, from East and West, each nation wanting what the other did not have.

Ten tears later in 2015, British Ministers have been drawing on China often recently, as a model for us to follow; in health, education and for the economy. Seeking something they think we do not have. Seeking to instill ‘discipline, hard-working, economy-first’ spin.

At the recent ResearchEd conference, Nick Gibb, [1] Minister of State at the Department for Education, talked about the BBC documentary “Are Our Kids Tough Enough” for several minutes and the positive values of the Chinese and its education system. It supposedly triggered ‘a global debate’ when British pupils experienced “the harsh discipline of a Chinese classroom”.

The Global Times praised the  First Minister Mr. Osborne as “the first Western official in recent years who focused on business potential rather than raising a magnifying glass to the ‘human rights issue” during his recent visit [2] when he put economic growth first.

Jeremy Hunt, Secretary of State for Health, was quoted at the political party conference  saying that he saw tax cut changes necessary as a cultural shift.  He suggested we should adopt the ‘hardworking’ character of the Chinese.

An attribute that is as artificial as it is inane.

Collective efforts over the last year or more, to project ‘hard-working’ as a measure of contribution to UK society into politics has become more concentrated, especially around the election. People who are not working, are undermined by statements inferring the less productive for the nation, the less value someone has as a person. Comments are repeated in a sustained drip feed, from Lord Freud’s remarks a year ago that disabled workers were not worth the full wage, to Hancock’s recent revelation that the decision to not apply the new minimum wage to the under 25s from 2016 “was an active policy choice.”  Mr. Hunt spoke about dignity being self-earned, not dependent on richness per se, but being self-made.

“If that £16,500 is either a high proportion or entirely through the benefit system you are trapped. It matters if you are earning that yourself, because if you are earning it yourself you are independent and that is the first step towards self-respect.”

This choice to value some people’s work less than others and acceptance of spin, is concerning.

What values are Ministers suggesting we adopt in the relentless drive for economic growth? [3] When our Ministers ignore human rights and laud Chinese values in a bid to be seen as an accepting trading partner, I wonder at what cost to our international integrity?

Simple things we take for granted such as unimpeded internet  access are not available in China. In Chinese society, hard working is not seen as such a positive value. It is a tolerated norm, and sometimes an imposed one at that, where parents leave their child with grandparents in the countryside and visit twice a year on leave from their city-based jobs. Our Ministers’ version of hardworking Chinese is idyllic spin compared with reality.

China is about to launch a scheme to measure sincerity and how each citizen compares with others in terms of compliance and dissent. Using people’s social media data to determine their ‘worth’ is an ominous prospect.

Mark Kitto from 2012 on why you’ll never be Chinese is a great read. I agree, “there are hundreds of well-rounded, wise Chinese people with a modern world view, people who could, and would willingly, help their motherland face the issues that are growing into state-shaking problems .”

Despite such institutional issues, Mr. Osborne appears to have an open door for deals with the Chinese state. Few people missed the announcements he made in China that HS2 will likely be built by Chinese investors, despite home grown opposition. Ministers and EDF have reportedly agreed on a controversial £25bn development of Hinkley Point C, nuclear plant, with most of upfront costs provided by Chinese companies, although “we are the builders.” [4]

Large parts of UK utilities’ infrastructure is founded on Chinese sourced spending in the UK it’s hard to see who ‘we’ are meant to be. [5] And that infrastructure is a two-way trade. Just as Chinese money has bought many of our previously publicly owned utilities, we have sold a staggeringly long list of security related items to the Chinese state. [6]

In July 2014 the four House of Commons Select Committees: “repeated their previous Recommendation that the Government should apply significantly more cautious judgements when considering arms export licence applications for goods to authoritarian regimes which might be used for internal repression.” 

UK to China exports
Chris Patten, former Hong Kong Governor,  criticised Osborne’s lax attitude to human rights but individual and collective  criticism appear to go unheard.

This perhaps is one measure of British economic growth at all costs. Not only is Britain supplying equipment that might be used for internal repression but the Minister appears to have adopted a singularly authoritarian attitude and democratic legitimacy of the Committees has been ignored. That is concerning.

The packaging of how upcoming cuts will be presented is clear.  We will find out what “hard working families” means to the Treasury. We need to work harder, like the Chinese, and through this approach, we will earn our dignity. No doubt rebuilding Britain, on great British values. Welfare will continue to be labelled as benefits, and with it, a value judgement on economic productivity equated with human worth. Cutting welfare, will be packaged as helping those people to help themselves out of self inflicted ‘bad’ situations, in which they have lost their self worth or found an easy ‘lifestyle choice’.

As welfare spending is reduced, its percentage spend with big service providers has risen after reforms, and private companies profit where money was once recycled in the state system. There is a glaring gap in evidence for some of these decisions taken.

What is next? If for example, universal benefits such as Universal Infant Free School Meals are cut, it will take food literally from the mouths of babes, in families who cannot afford to lose hot school dinners, living in poverty but not qualifying for welfare. The policy may be flawed because Free School Meals based on pupil premium entitlement does not cater for all who need it, but catering for none of them is not an improvement.

Ministers focus the arguments of worth and value around the individual. Doctors have been told to work harder. Schools have been told to offer more childcare to enable parents to work harder. How much harder can we really expect people to work? Is the Treasury’s vision is for us all to work more to pay more taxes? It is flawed if by adopting the political aim, the vast majority of people take home little more pay and sacrifice spare time with our friends and loved ones, running our health into the ground as a result.

The Chinese have a proverb that shows a wisdom missing from Ministers’ recent comments: “Time is money, and it is difficult for one to use money to get time.”

I often remember the hotel breakfast room, and wonder how many mothers, in how many in cities in China miss their daughters, whom they could not afford to keep, through fear of the potential effect. How many young men live without women in their lives who would want to, but find the gender imbalance a barrier to meeting someone. How many are struggling to care for elderly parents.

Not all costs can be measured in money.

The grandmother I met on the station platform last Wednesday had looked after her grandchild for half the day and has him overnight weekdays, so that Mum can first sleep and then work a night shift stacking shelves. That’s her daughter’s second shift of the day. She hardly sees her son.  The husband works the shelf-stacking third shift to supplement his income as a mechanic.

That is a real British family.

Those parents can’t work any harder. Their family is already at breaking point. They take no state welfare.  They don’t qualify for any support.

Must we be so driven to become ‘hard working families’ that our children will barely know their parents? Are hungry pupils to make do as best they can at lunchtime? Are these side effects children must be prepared to pay if their parents work ever harder to earn enough to live and earn their ‘dignity’ as defined by the Secretary of State for health?

Dignity is surely inherent in being human. Not something you earn by what you do. At the heart of human rights is the belief that everybody should be treated equally and with dignity – no matter what their circumstances.

If we adopt the Ministers’ be-like-the-Chinese mantra, and accept human dignity is something that must be earned, we should ask now what price have they put on it?

MPs must slay the dragon of spin and demand transparency of the total welfare budget and government spend with its delivery providers. There is a high public cost of further public spending cuts. In order to justify them, it is not the public who must work harder, but the Treasury, in order to deliver a transparent business case what the further sacrifices of ‘hard working families’ will achieve.

 

###

[1] ResearchEd conference, Nick Gibb, Minister of State at the Department for Education

[2] New Statesman

[3] https://www.opendemocracy.net/ournhs/jen-persson/why-is-government-putting-health-watchdogs-on-leash-of-%E2%80%98promoting-economic-growth

[4] The Sun: George Osborne party conference speech with 25 mentions of builders: “We are the builders”, said Mr. Osborne.

[5] The Drum: Li Ka Shing and British investment https://www.thedrum.com/opinion/2015/01/28/meet-li-ka-shing-man-o2-his-sights-has-quietly-become-one-britains-biggest

[6] Arms exports to authoritarian regimes and countries of concern worldwide The Committees http://www.publications.parliament.uk/pa/cm201415/cmselect/cmquad/608/60805.htm#a104

 

[image: Wassily Kandinsky ca 1911, George and the Dragon]

#caredata, care.data, change, empowerment, engagement, NHS, NHS England, surveillance, transparency

Digital revolution by design: building for change and people (1)

Andy Williams said* that he wants not evolution, but a revolution in digital health.

It strikes me that few revolutions have been led top down.

We expect revolution from grass roots dissent, after a growing consensus in the population that the status quo is no longer acceptable.

As the public discourse over the last 18 months about the NHS use of patient data has proven, we lack a consensual agreement between state, organisations and the public how the data in our digital lives should be collected, used and shared.

The 1789 Declaration of the Rights of Man and Citizen as part of the French Revolution set out a charter for citizens, an ethical and fair framework of law in which they trusted their rights would be respected by fellow men.

That is something we need in this digital revolution.

We are told hand by government that it is necessary to share all our individual level data in health from all sorts of sources.

And that bulk data collection is vital in the public interest to find surveillance knowledge that government agencies want.

At the same time other government departments plan to restrict citizens’ freedom of access to knowledge that could be used to hold the same government  and civil servants to account.

On the consumer side, there is public concern about the way we are followed around on the web by companies including global platforms like Google and Facebook, that track our digital footprint to deliver advertising.

There is growing objection to the ways in which companies scoop up data to build profiles of individuals and groups and personalising how they get treated. Recent objection was to marketing misuse by charities.

There is little broad understanding yet of the power of insight that organisations can now have to track and profile due to the power of algorithms and processing capability.

Technology progress that has left legislation behind.

But whenever you talk to people about data there are two common threads.

The first, is that although the public is not happy with the status quo of how paternalistic organisations or consumer companies ‘we can’t live without’ manage our data, there is a feeling of powerlessness that it can’t change.

The second, is frustration with organisations that show little regard for public opinion.

What happens when these feelings both reach tipping point?

If Marie Antoinette were involved in today’s debate about the digital revolution I suspect she may be the one saying: “let them eat cookies.”

And we all know how that ended.

If there is to be a digital revolution in the NHS where will it start?

There were marvelous projects going on at grassroots discussed over the two days: bringing the elderly online and connected and in housing and deprivation. Young patients with rare diseases are designing apps and materials to help consultants improve communications with patients.

The NIB meeting didn’t have real public interaction and or any discussion of those projects ‘in the room’ in the 10 minutes offered. Considering the wealth of hands-on digital health and care experience in the audience it was a missed opportunity for the NIB to hear common issues and listen to suggestions for co-designed solutions.

While white middle class men (for the most part) tell people of their grand plans from the top down, the revolutionaries of all kinds are quietly getting on with action on the ground.

If a digital revolution is core to the NHS future, then we need to ask to understand the intended change and outcome much more simply and precisely.

We should all understand why the NHS England leadership wants to drive change, and be given proper opportunity to question it, if we are to collaborate in its achievement.

It’s about the people, stoopid

Passive participation will not be enough from the general public if the revolution is to be as dramatic as it is painted.

Consensual co-design of plans and co-writing policy are proven ways to increase commitment to change.

Evidence suggests citizen involvement in planning is more likely to deliver success. Change done with, not to.

When constructive solutions have been offered what impact has engagement if no change is made to any  plans?

If that’s engagement, you’re doing it wrong.

Struggling with getting themselves together on the current design for now, it may be hard to invite public feedback on the future.

But it’s only made hard if what the public wants is ignored.  If those issues were resolved in the way the public asked for at listening events it could be quite simple to solve.

The NIB leadership clearly felt nervous to have debate, giving only 10 minutes of three hours for public involvement, yet that is what it needs. Questions and criticism are not something to be scared of, but opportunities to make things better.

The NHS top-down digital plans need public debate and dissected by the clinical professions to see if it fits the current and future model of healthcare, because if not involved in the change, the ride will be awfully bumpy to get there.

For data about us, to be used without us, is certainly an outdated model incompatible with a digital future.

The public needs to fight for citizen rights in a new social charter that demands change along lines we want, change that doesn’t just talk of co-design but that actually means it.

If unhappy about today’s data use, then the general public has to stop being content to be passive cash cows as we are data mined.

If we want data used only for public benefit research and not market segmentation, then we need to speak up. To the Information Commissioner’s Office if the organisation itself will not help.

“As Nicole Wong, who was one of President Obama’s top technology advisors, recently wrote, “[t]here is no future in which less data is collected and used.”

“The challenge lies in taking full advantage of the benefits that the Internet of Things promises while appropriately protecting consumers’ privacy, and ensuring that consumers are treated fairly.” Julie Brill, FTC, May 4 2015, Berlin

In the rush to embrace the ‘Internet of Things’ it can feel as though the reason for creating them has been forgotten. If the Internet serves things, it serves consumerism. AI must tread an enlightened path here. If the things are designed to serve people, then we would hope they offer methods of enhancing our life experience.

In the dream of turning a “tsunami of data” into a “tsunami of actionable business intelligence,” it seems all too often the person providing the data is forgotten.

While the Patient and Information Directorate, NHS England or NIB speakers may say these projects are complex and hard to communicate the benefits, I’d say if you can’t communicate the benefits, its not the fault of the audience.

People shouldn’t have to either a) spend immeasurable hours of their personal time, understanding how these projects work that want their personal data, or b) put up with being ignorant.

We should be able to fully question why it is needed and get a transparent and complete explanation. We should have fully accountable business plans and scrutiny of tangible and intangible benefits in public, before projects launch based on public buy-in which may misplaced. We should expect  plans to be accessible to everyone and make documents straightforward enough to be so.

Even after listening to a number of these meetings and board meetings, I am  not sure many would be able to put succinctly: what is the NHS digital forward view really? How is it to be funded?

On the one hand new plans are to bring salvation, while the other stops funding what works already today.

Although the volume of activity planned is vast, what it boils down to, is what is visionary and achievable, and not just a vision.

Digital revolution by design: building for change and people

We have opportunity to build well now, avoiding barriers-by-design, pro-actively designing ethics and change into projects, and to ensure it is collaborative.

Change projects must map out their planned effects on people before implementing technology. For the NHS that’s staff and public.

The digital revolution must ensure the fair and ethical use of the big data that will flow for direct care and secondary uses if it is to succeed.

It must also look beyond its own bubble of development as they shape their plans in the ever changing infrastructures in which data, digital, AI and ethics will become important to discuss together.

That includes in medicine.

Design for the ethics of the future, and enable change mechanisms in today’s projects that will cope with shifting public acceptance, because that shift has already begun.

Projects whose ethics and infrastructures of governance were designed years ago, have been overtaken in the digital revolution.

Projects with an old style understanding of engagement are not fit-for-the-future. As Simon Denegri wrote, we could have 5 years to get a new social charter and engagement revolutionised.

Tim Berners-Lee when he called for a Magna Carta on the Internet asked for help to achieve the web he wants:

“do me a favour. Fight for it for me.”

The charter as part of the French Revolution set out a clear, understandable, ethical and fair framework of law in which they trusted their rights would be respected by fellow citizens.

We need one for data in this digital age. The NHS could be a good place to start.

****

It’s exciting hearing about the great things happening at grassroots. And incredibly frustrating to then see barriers to them being built top down. More on that shortly, on the barriers of cost, culture and geography.

****

* at the NIB meeting held on the final afternoon of the Digital Conference on Health & Social Care at the King’s Fund, June 16-17.

NEXT>>
2. Driving Digital Health: revolution by design
3. Digital revolution by design: building infrastructure

Refs:
Apps for sale on the NHS website
Whose smart city? Resident involvement
Data Protection and the Internet of Things, Julie Brill FTC
A Magna Carta for the web

human rights, politics, privacy, surveillance

Nothing to fear, nowhere to hide – a mother’s attempt to untangle UK surveillance law and programmes

“The Secret Service should start recruiting through Mumsnet to attract more women to senior posts, MPs have said.”
[SkyNews, March 5, 2015]

Whilst we may have always dreamed of being ‘M’, perhaps we can start by empowering all Mums to understand how real-life surveillance works today, in all our lives, homes and schools.

In the words of Franklin D. Roosevelt at his 1933 inaugural address:

“This is preeminently the time to speak the truth, the whole truth, frankly and boldly…

“Let me assert my firm belief that the only thing we have to fear is fear itself—nameless, unreasoning, unjustified terror which paralyzes needed efforts to convert retreat into advance.”

It is hard to know in the debate in the ‘war on terror’, what is truthful and what is ‘justified’ fear as opposed to ‘nameless and unreasoning.’

To be reasoned, we need to have information to understand what is going on and it can feel that picture is complex and unclear.

What concrete facts do you and I have about terrorism today, and the wider effects it has on our home life?

If you have children in school, or are a journalist, a whistleblower, lawyer or have thought about the effects of the news recently, it may affect our children or any of us in ways which we may not expect.

It might surprise you that it was surveillance law that was used to track a mother and her children’s [1] movements when a council wasn’t sure if her school application was for the correct catchment area. [It legally used the Regulation of Investigatory Powers Act 2000, (RIPA) [2]

Recent headlines are filled with the story of three more girls who are reported to have travelled to Syria.

As a Mum I’d be desperate for my teens, and I cannot imagine what their family must feel. There are conflicting opinions, and politics,  but let’s leave that aside. These girls are each somebody’s daughter, and at risk.

As a result MPs are talking about what they should be teaching in schools. Do parents and citizens agree, and do we know what?

Shadow business secretary Chuka Umunna, Labour MP told Pienaar’s Politics on BBC Radio 5 Live: “I really do think this is not just an issue for the intelligence services, it’s for all of us in our schools, in our communities, in our families to tackle this.”

Justice Minister Simon Hughes told Murnaghan on Sky News it was important to ensure a counter-argument against extremism was being made in schools and also to show pupils “that’s not where excitement and success should lie”. [BBC 22 February 2015]

There are already policies in schools that touch all our children and laws which reach into our family lives that we may know little about.

I have lots of questions what and how we are teaching our children about ‘extremism’ in schools and how the state uses surveillance to monitor our children’s and our own lives.

This may affect all schools and places of education, not those about which we hear stories about in the news, so it includes yours.

We all want the best for our young people and security in society, but are we protecting and promoting the right things?

Are today’s policies in practice, helping or hardening our children’s thinking?

Of course I want to see that all our kids are brought up safe. I also want to bring them up free from prejudice and see they get equal treatment and an equal start in life in a fair and friendly society.

I think we should understand the big picture better.

1. Do you feel comfortable that you know what is being  taught in schools or what is done with information recorded or shared by schools or its proposed expansion to pre-schools about toddlers under the Prevent programme?.

2. Do government communications’ surveillance programmes in reality, match up with real world evidence of need, and how is it measured to be effective?

3. Do these programmes create more problems as side-effects we don’t see or don’t measure?

4. If any of our children have information recorded about them in these programmes, how is it used, who sees it and for what purposes?

5. How much do we know about the laws brought in under the banner of ‘counter-terror’ measures, and how they are used for all citizens in everyday life?

We always think unexpected things will happen to someone else, and everything is rightfully justified in surveillance, until it isn’t.

Labels can be misleading.

One man’s terrorist may be another’s freedom fighter.

One man’s investigative journalist is another’s ‘domestic extremist.’

Who decides who is who?

Has anyone asked in Parliament: Why has religious hate crime escalated by 45% in 2013/14 and what are we doing about it? (up 700 to 2, 273 offences, Crime figures [19])

These aren’t easy questions, but we shouldn’t avoid asking them because it’s difficult.

I think we should ask: do we have laws which discriminate by religion, censor our young people’s education, or store information about us which is used in ways we don’t expect or know about?

Our MPs are after all, only people like us, who represent us, and who make decisions about us, which affect us. And on 7th May, they may be about to change.

As a mother, whoever wins the next General Election matters to me because it will affect the next five years or more, of what policies are made which will affect our children, and all of us as citizens.

It should be clear what these programmes are and there should be no reason why it’s not transparent.

“To counter terrorism, society needs more than labels and laws. We need trust in authority and in each other.”

We need trust in authority and in each other in our society, built on a strong and simple legal framework and founded on facts, not fears.

So I think this should be an election issue. What does each party plan on surveillance to resolve the issues outlined by journalists, lawyers and civil society? What applied programmes does each party see that will be, in practical terms: “for all of us in our schools, in our communities, in our families to tackle this.”

If you agree, then you could ask your MP, and ask your prospective parliamentary candidates. What is already done in real life and what are their future policies?

Let’s understand ‘the war on terror’ at home better, and its real impacts. These laws and programmes should be transparent, easy to understand, and not only legal, but clearly just, and proportionate.

Let’s get back to some of the basics, and respect the rights of our children.

Let’s start to untangle this spaghetti of laws; the programmes, that affect us in practice; and understand their measures of success.

Solutions to protecting our children, are neither simple or short term. But they may not always mean more surveillance.

Whether the Secret Service will start recruiting through Mumsnet or not, we could start with better education of us all.

At very least, we should understand what ‘surveillance’ means.

****

If you want to know more detail, I look at this below.

The laws applied in Real Life

Have you ever looked at case studies of how surveillance law is used?

In  one case, a mother and her children’s [1] movements were watched and tracked when a council wasn’t sure if her school application was for the correct catchment area. [It legally used the Regulation of Investigatory Powers Act 2000, (RIPA) [2]

Do you think it is just or fair that  a lawyer’s conversations with his client [3] were recorded and may have been used preparing the trial – when the basis of our justice system is innocent until proven guilty?

Or is it right that journalists’ phone records could be used to identify people by the police, without telling the journalists or getting independent approval, from a judge for example?

ft

These aren’t theoretical questions but stem from real-life uses of laws used in the ‘counter terrorism’ political arena and in practice.

Further programmes store information about every day people which we may find surprising.

In November 2014 it was reported that six British journalists [4] had found out personal and professionally related information had been collected about them, and was stored on the ‘domestic extremist’ database by the Metropolitan Police in London.

They were not criminal nor under surveillance for any wrongdoing.

One of the journalists wrote in response in a blog post on the NUJ website [5]:

“…the police have monitored public interest investigations in my case since 1999. More importantly if the police are keeping tabs on a lightweight like myself then they are doing the same and more to others?”

Ever participated in a protest and if not reported on one?

‘Others’ in that ‘domestic extremist list’ might include you, or me.

Current laws may be about to change [6] (again) and perhaps for the good, but will yet more rushed legislation in this area be done right?

There are questions over the detail and what will actually change. There are multiple bills affecting security, counter-terrorism and data access in parliament, panels and reviews going on in parallel.

The background which has led to this is the culmination of lots of concern and pressure over a long period of time focuses on one set of legal rules, in the the Regulation of Investigatory Powers Act (RIPA).

The latest draft code of practice [7] for the Regulation of Investigatory Powers Act (RIPA) [8] allows the police and other authorities to continue to access journalists’ and other professionals’ communications without any independent process or oversight.

‘Nothing to hide, nothing to fear’, is a phrase we hear said of surveillance but as these examples show, its use is widespread and often unexpected, not in extremes as we are often told.

David Cameron most recently called for ever wider surveillance legislation, again in The Telegraph, Jan 12 2015  saying:[9]

“That is why in extremis it has been possible to read someone’s letter, to listen to someone’s telephone, to mobile communications.”

Laws and programmes enable and permit these kinds of activity which are not transparent to the broad public. Is that right?

The Deregulation bill has changes, which appear now to have been amended to keep the changes affecting journalists in PACE [10] laws after all, but what effects are there for other professions and how exactly will this change interact with further new laws such as the Counter Terrorism and Security Act [p20]? [11]

It’s understandable that politicians are afraid of doing nothing, if a terrorist attack takes place, they are at risk of looking like they failed.

But it appears that politicians may have got themselves so keen to be seen to be doing ‘something’ in the face of terror attacks, that they are doing too much, in the wrong places, and we have ended up with a legislative spaghetti of simultaneous changes, with no end in sight.

It’s certainly no way to make legal changes understandable to the British public.

Political change may come as a result of the General Election. What implications will it have for the applied ‘war-on-terror’ and average citizen’s experience of surveillance programmes in real life?

What do we know about how we are affected? The harm to some in society is real, and is clearly felt in some, if not all communities. [12]

Where is the evidence to include in the debate, how laws affect us in real life and what difference they make vs their intentions?

Anti-terror programmes in practice; in schools & surgeries

In addition to these changes in law, there are a number of programmes in place at the moment.

The Prevent programme?[16] I already mentioned above.

Its expansion to wider settings would include our children from age 2 and up, who will be under an additional level of scrutiny and surveillance [criticism of the the proposal has come across the UK].

How might what a three year old says or draws be interpreted, or recorded them about them, or their family? Who accesses that data?

What film material is being produced that is: ” distributed directly by these organisations, with only a small portion directly badged with government involvement” and who is shown it and why? [Review of Australia‘s Counter Terror Machinery, February 2015] [17]

What if it’s my child who has something recorded about them under ‘Prevent’? Will I be told? Who will see that information?  What do I do if I disagree with something said or stored about them?

Does surveillance benefit society or make parts of it feel alienated and how are both its intangible cost and benefit measured?

When you combine these kinds of opaque, embedded programmes in education or social care  with political thinking which could appear to be based on prejudice not fact [18], the outcomes could be unexpected and reminiscent of 1930s anti-religious laws.

Baroness Hamwee raised this concern in the Lords on the 28th January, 2015 on the Prevent Programme:

“I am told that freedom of information requests for basic statistics about Prevent are routinely denied on the basis of national security. It seems to me that we should be looking for ways of providing information that do not endanger security.

“For instance, I wondered how many individuals are in a programme because of anti-Semitic violence. Over the last day or two, I have been pondering what it would look like if one substituted “Jewish” for “Muslim” in the briefings and descriptions we have had.” Baroness Hamwee:  [28 Jan 2015 : Column 267 -11]

“It has been put to me that Prevent is regarded as a security prism through which all Muslims are seen and that Muslims are suspect until proved otherwise. The term “siege mentality” has also been used.

“We have discussed the dangers of alienation arising from the very activities that should be part of the solution, not part of the problem, and of alienation feeding violence. […]

“Transparency is a very important tool … to counter those concerns.”

Throughout history good and bad are dependent on your point of view. In 70s London, but assuming today’s technology, would all Catholics have come sweepingly under this extra scrutiny?

“Early education funding regulations have been amended to ensure that providers who fail to promote the fundamental British values of democracy, the rule of law, individual liberty and mutual respect and tolerance for those with different faiths and beliefs do not receive funding.” [consultation guidance Dec 2014]

The programme’s own values seem undermined by its attitudes to religion and individual liberty. On universities the same paragraph on ‘freedom of speech’ suggests restrictive planning measures on protest meetings and IT surveillance for material accessed for  ‘non-research purposes’.

School and university is a time when our young people explore all sorts of ideas, including to be able to understand and to criticise them. Just looking at material online should not necessarily have any implications.  Do we really want to censor what our young people should and should not think about, and who is deciding the criteria?

For families affected by violence, nothing can justify their loss and we may want to do anything to justify its prevention.

But are we seeing widespread harm in society as side effects of surveillance programmes?

We may think we live in a free and modern society. History tells us all too easily governments can change a slide into previously unthinkable directions. It would be complacent to think, ‘it couldn’t happen here.’

Don’t forget, religious hate crime escalated by 45% in 2013/14 Crime figures [19])

Writers self-censor their work.  Whistleblowers may not come forward to speak to journalists if they feel actively watched.

Terrorism is not new.

Young people with fervour to do something for a cause and going off ‘to the fight’ in a foreign country is not new.

In the 1930s the UK Government made it illegal to volunteer to fight in Spain in the civil war, but over 2,000 went anyway.

New laws are not always solutions. especially when ever stricter surveillance laws, may still not mean any better accuracy of terror prevention on the ground. [As Charlie Hebdo and Copenhagen showed. in these cases the people involved were known to police. In the case of Lee Rigby it was even more complex.]

How about improving our citizens’ education and transparency about what’s going on & why, based on fact and not fear?

If the state shouldn’t nanny us, then it must allow citizens and parents the transparency and understanding of the current reality, to be able to inform ourselves and our children in practical ways, and know if we are being snooped on or surveillance recorded.

There is an important role for cyber experts in/and civil society to educate and challenge MPs on policy. There is also a very big gap in practical knowledge for the public, which should be addressed.

Can  we trust that information will be kept confidential that I discuss with my doctor or lawyer or if I come forward as a whistleblower?

Do I know whether my email and telephone conversations, or social media interactions are being watched, actively or by algorithms?

Do we trust that we are treating all our young people equally and without prejudice and how are we measuring impact of programmes we impose on them?

To counter terrorism, society needs more than labels and laws

We need trust in authority and in each other in our society, built on a strong and simple legal framework and founded on facts, not fears.

If the Prevent programme is truly needed at this scale, tell us why and tell us all what our children are being told in these programmes.

We should ask our MPs even though consultation is closed, what is the evidence behind the thinking about getting prevent into toddler settings and far more? What risks and benefits have been assessed for any of our children and families who might be affected?

Do these efforts need expanded to include two-year-olds?

Are all efforts to keep our kids and society safe equally effective and proportionate to potential and actual harm caused?

Alistair MacDonald QC, chairman of the Bar Council, said:

‘As a caring society, we cannot simply leave surveillance issues to senior officers of the police and the security services acting purportedly under mere codes of practice.

What is surely needed more than ever before is a rigorous statutory framework under which surveillance is authorised and conducted.”

Whether we are disabled PIP protesters outside parliament or mothers on the school run, journalists or lawyers, doctors or teachers, or anyone, these changes in law or lack of them, may affect us. Baroness Hamwee clearly sees harm caused in the community.

Development of a future legislative framework should reflect public consensus, as well as the expert views of technologists, jurists, academics and civil liberty groups.

What don’t we know? and what can we do?

According to an Ipsos MORI poll for the Evening Standard on October 2014 [20] only one in five people think the police should be free to trawl through the phone records of journalists to identify their sources.

Sixty-seven per cent said the approval of a judge should be obtained before such powers are used.

No one has asked the public if we think the Prevent programme is appropriate or proportionate as far as I recall?

Who watches that actions taken under it, are reasonable and not reactionary?

We really should be asking; what are our kids being shown, taught, informed about or how they may be  informed upon?

I’d like all of that in the public domain, for all parents and guardians. The curriculum, who is teaching and what materials are used.

It’s common sense to see that young people who feel isolated or defensive are less likely to talk to parents about their concerns.

It is a well known quote in surveillance “Nothing to hide, nothing to fear.” But this argument is flawed, because information can be wrong.

‘Nothing to fear, nowhere to hide’, may become an alternative meme we hear debated again soon, about surveillance if the internet and all communications are routinely tracked, without oversight.

To ensure proper judicial oversight in all these laws and processes – to have an independent judge give an extra layer of approval – would restore public trust in this system and the authority on which it depends.

It could pave the way for a new hope of restoring the checks and balances in many governance procedures, which a just and democratic society deserves.

As Roosevelt said: “let me assert my firm belief that the only thing we have to fear is fear itself—nameless, unreasoning, unjustified terror.”

 

******

[On Channel4OD: Channel 4 – Oscar winning, ‘CitizenFour’  Snowden documentary]

References:

[1] The Guardian, 2008, council spies on school applicants

[2] Wikipedia RIPA legislation

[3] UK admits unlawfully monitoring communications

[4] http://www.theguardian.com/uk-news/2014/nov/20/police-legal-action-snooping-journalists

[5] Journalist’s response

[6] SOS Campaign

[7] RIPA Consultation

[8] The RIPA documents are directly accessible here

[9] The Telegraph

[10] Deregulation Bill

[11] Counter Terrorism and Security Act 2015

[12] Baroness Hamwee comments in the House of Lords [Hansard]

[13] Consultation response by charity Children in Scotland

[14] The Telegraph, Anti-terror plan to spy on toddlers ‘is heavy-handed’

[15] GPs told to specify counter terrorism leads [Prevent]

[16] The Prevent programme, BBC / 2009 Prevent programme for schools

[17] Review of Australia’s CT Machinery

[18] Boris Johnson, March 2014

[19] Hate crime figures 2013-14

[20] Ipsos MORI poll, October 2014

 

******

 image credit: ancient history

MORE: click the link below

Continue reading Nothing to fear, nowhere to hide – a mother’s attempt to untangle UK surveillance law and programmes

care.data, politics, privacy, surveillance, trust

Human Rights – real threats today vs theories of tomorrow

Theories on Thursday, furore on Friday. By Saturday the social media had hit the fan.

What we must remember whilst caught up in the recent Human Rights fuss, is that this is discussing a future theory. In practice, we are at risk of missing three* current and upcoming human rights threats, which are very real.

Whilst future policy change may already be doing harm to the spirit of the human rights law and those ideals today, current policies are having effect today in practice.

The Deregulation Bill, and other current policies and projects.

Regular readers will know, I have followed closely the care.data plans [see past posts] to extract our confidential GP medical records and centrally store, sell and share the information.

I hadn’t realised until recently why I care so strongly about doing this the right way. It simply felt wrong that the original plan was not to inform patients at all, and not ask for consent to remove the foundation stone of our confidentiality. The delayed plan, had a terrible junk-mail leaflet drop.

The current extraction plan is pending [roadmap end of page], but details unknown.

I have concerns about how it will harm the trust in the patient-GP relationship, potentially discriminate and segment certain groups and  I’m still unhappy how open the records will be for use by third parties, not for clinical care. There needs work done to make it done well, and to be transparent and trustworthy for patients.

But I’ve realised now, it feels wrong, simply because it impinges on one of our basic human rights. Our right to privacy.

This post is not about care.data per se, but the recent Bill of Rights debate made me take a closer look at the bigger picture.

There are many discussing this, far better informed on human rights than me. But perhaps it’s time the ordinary public pay more attention to our rights, and where they fit into our lives in the UK. Rights which are easily eroded if we don’t pay attention.

I’ve had a look at the current Bill proposal [my notes & comment at the end], but at least for now, I’m more concerned about the actual plans already underway, which will in  practice,  affect the application of our human rights today, and we may not know it.

There are at least three real changes in legislation right now which I believe should command our attention.

First, the Deregulation Bill.

This Bill will go to the Lords Committee stage on October 21st.

This is a real and present threat to human rights, as stated in the Joint Committee Report on Human Rights, June 14th 2014:

The Bill provides that a person exercising a regulatory function specified by the Minister:

 

The Government intends this economic growth duty to apply to the EHRC. We believe that applying this growth duty to the EHRC poses a significant risk to the EHRC’s independence, and therefore to its compliance with the Paris Principles and the Equal Treatment Directives as implemented by the Equality Act 2010. The Government is therefore risking the possibility of the EHRC’s accredited “A” status being downgraded and of putting the UK in breach of its obligations under EU equality law. Unless the continuing discussions between the Government and the Commission satisfy the Commission that the growth duty will not in any way impact upon its independence, we recommend that this duty not be applied to the EHRC.
Sections of the Deregulation Act currently passing through Parliament suggest the removal of any regulation that conflicts with the interests of a profit-maker. There are other domestic and regulatory bodies for which we should carefully consider this implication, not least from my perspective, in the NHS.

 

The Deregulation Bill creates a conflict when a law must consider commercial gain above human rights.

Further;

“The Bill would remove the power conferred on employment tribunals by the Equality Act to make wider recommendations in discrimination cases.”

 

The EHRC regards the power [conferred on employment tribunals] as useful, both for the employer to whom the recommendation is made and to the Commission itself for following up tribunal decisions, and it does not consider that sufficient evidence has been gathered to make out the case for abolition. We therefore recommend that the power of employment tribunals to make wider recommendations in discrimination cases should be retained.”

 

 

 

The Deregulation Bill also poses some concern for those interested in the requisition process for information, and press representation groups spoke out, worried it offers a back-door for seizing journalists’ material.

 

Seen all together, aspects of the Bill which is a mish-mash of all sorts of subjects, which was derided in some reports as being about knitting yarn, means it may well be a wolf in sheep’s clothing when it comes to human rights.

 

Second and Third, the recent changes in legislation & access

Other real threats to our universal human rights in the UK, I consider as points two and three, are already having an effect.

Recent legal changes to both a) the legal aid and b) the judicial review processes mean it is harder for many people to use the available processes due to cost.

(current consultation closing October 15th here and anyone can write to their MP for support, guidance at end of page.)

This results in inequality to use rights, which should be human rights for all by creating:

1. restrictions of individual access  (who can get a fair trial, the ability to appeal)

 

and

 

2. reducing the universality of application to human rights law (limiting the circumstances and reasons ‘the how and when’ under which rights may be applied)

 

 

These are the changes in progress right now. So what of the actual projects underway or recently effected?

 

Current threats in practice to our UK Human Rights

Mr. Grayling said this week that any future policy change will continue to ensure to promote the values of individual human dignity, equal treatment and fairness as the foundations of a democratic society. Many disagree.

The whole debate of this future policy change may already be doing real harm to the spirit of the law and those ideals today.

In my opinion, current actions are having real effect today in practice which risk undermining rather than strengthening our position towards universal human rights.

Current government policies and projects sign-post current thinking on the value of universal human rights and future direction.

Consider three things:

1. the recent changes which undermine access to use our rights, [access and universal applicability for all]
2. what value rights are given within current policies and practices,
3. the direction of travel in recent legislation, such as in surveillance, affecting universal rights for all.

It should come as no surprise then to hear of a more wholesale move towards the removal of rights in the proposal to repeal the Human Rights Act, and more. Steps have been taken on this path for some time.

A current sample of some areas with flaws in their approach to human rights include from my lay perspective:

If we in the ordinary public, in response to the proposals this week, are now concerned about about the theoretical threats to human rights by a potential future government, and care about getting it right, I’d suggest we:

don’t wait to worry about what might be in June next year. Encourage those who can, such as our MPs, to look at these real and practical human rights’ threats today. Support MPs & others who are.

Start the list, with the Deregulation Bill.  (Unless NHS England Patient & Information Directorate decide to begin care.data extractions before October 21st.) Watch this space.

************************
*there is clearly more of significance in this area, with which those better informed and active than me would say is missing, but with which I’ve not taken as close an interest. The Deregulation Bill will potentially affect NHS bodies, and I’ve looked at it before on care.data.

Notes on the proposals, and my references below:

************************

Reference sites:

The Deregulation Bill was introduced in the House of Commons on 23 January 2014. It received its Second Reading in the Commons on 4 February 2014, completed its Committee Stage on 25 March and began its Report Stage on 14 May. The Bill has been carried over to the next Session of Parliament. The Bill was preceded by a draft Deregulation Bill which was subject to pre-legislative scrutiny by the ad hoc Joint Committee on the Draft Deregulation Bill.

************************
For your reference and to their credit, I’ve found the following three websites useful and kept up to date with care.data information:

Dr. Bhatia, GP in Hampshire’s care.data info site

HSCIC care.data site

medConfidential – campaign for confidentiality and consent in health and social care – seeking to ensure that every flow of data into, across and out of the NHS and care system is consensual, safe and transparent

******************

On Legal Aid – consultation responses or write to your MP: http://www.lawsociety.org.uk/news/stories/moj-consultation-on-duty-crime-contracts-support-pack-for-member-responses/

******************

For reference – background Bil of Rights / scrapping the HRA

The theory

The outline future proposal this week suggested, “A majority Conservative Government will scrap Labour’s Human Rights Act, and will end the ability of the European Court of Human Rights to order changes to British laws.” [Jack of Kent, October 2nd]

Some of these plans were discussed here> on the Daily Politics. From 32.30 minutes in.

The plans have been met with widespread criticism in the press and by campaigners showing where the plans are flawed.

Myths abound how human rights are applied inappropriately to whom, and how they lack common sense.

In contrast, real examples have been presented of when the Human Rights Act and ECHR have been used to enhance and protect UK citizens, not least in the Mirror.

Looking to the future, individuals have further pointed out the fundamental flaw if limits of application were to be brought in which would for example, not use the law for ‘trivial cases’.

Tim Hancock, campaigns director of Amnesty UK, said in the International Business Times of this week’s announcement: “This is electioneering on the backs of Europe’s most vulnerable.

“Under these plans human rights would be reserved for only those people the Government decides should get them.”

Whilst we may each have our own political opinions, it is valuable to stay outside them and see changes objectively.

We must also see past the UKIP defection, knee-jerk reaction which conflates everything ‘Europe’, into something from which which the UK could ‘opt out’. As long as Britain remains a signatory to the ECHR, UK citizens could still directly petition the European Court of Human Rights in Strasburg to hear their case. In fact, could be more likely to, rather than go through the British courts first. These proposals conflate the 1951 Convention on Human Rights, the UK 1998 Human Rights Act and our rights under current European law, and more.

If next May, a Conservative majority were to be elected, this proposal might form a basis of proposed legislative changes.

It is highly unlikely to be as is, or without debate. It is a partisan approach which ignores the fact that cross parliamentary support would likely be needed, as was the case when Parliament voted in favour of the introduction of the UK Human Rights Act in 1998.

But that is an if, and thus far, actually moving towards this legislative change is theoretical.

 

 

art, change, politics, privacy, sport, surveillance, Tech

Non-human authors wanted. Drones, robots, and our relationship with technology.

“My relationship with the drone is like playing a video game: I feel out a composition and the drone will agree or challenge me. Eventually, though, the drone will develop a creative mind of its own.”  [KATSU, in interview with Mandi Keighran and N magazine, summer 2014].

KATSU, the New York City based artist/vandal/hacker depending on your point of view, raises the question in that interview for Norwegian Airlines’ magazine, of the relationship of “technology to graffiti,” or more broadly, of technology to art as a whole.

This, combined with another seemingly unrelated recent story, the David Salter macaque photo, made me wonder about drones, robots, and the role of the (non-)human author – our relationship with technology in art and beyond.

Ownership and Responsibility – Human or non-Human?

I wondered in both stories, how it may affect ownership and copyright. Rights, which led me to consider the boundaries of responsibility.

I should preface this by saying I know little about copyright and less about drones. But I’m thinking my lay thoughts, out loud.

In the first instance, if drones are used for creating something as in this story, is it as simple as ‘he who owns the drone owns or is responsible for the art it creates’? I wonder, because I don’t know, and while it may be clear today, I wonder if it is changing?

As regards the second story, when the monkey-selfie went around the world focus was sharper on copyright law, than it was in the majority of the photos the macaque had taken.  “Can a monkey own a picture?” asked many, including Metro at the time.

”Wikimedia, the non-profit organisation behind Wikipedia, has refused a photographer’s repeated requests to stop distributing his most famous shot for free – because a monkey pressed the shutter button and should own the copyright,” said the Telegraph.

But whilst most on social media and the press I read, focused on the outcome for this individual photographer, I wondered, what is the impact for the future of photography?

I’ve come to the conclusion, in this particular case I think it is more important we consider it less about the monkey having taken the photo, and more important that it was decided that a human, did not.

This decision was not (yet) decided by a UK court,  but was reached in Wikimedia’s own report.

Since then, the LA Times reported on August 21st, that:

“the public draft of the Compendium of U.S. Copyright Office Practices, Third Edition —was released this week[1], and, after final review, is to take effect in mid-December [2] — says the office will register only works that were created by human beings.”

This is the first major revision in over twenty years and is an internal manual, so it does not have the force of law.  But it’s still significant.

Copyright suitability is dependent on that the work “was created by a human being,” and only protects “…the fruits of intellectual labor” which are “founded in the creative powers of the mind.” Animal ownership is expressly excluded. (Section 306 – The Human Authorship Requirement). Pantomimes performed by a machine or robot are similarly, expressly non-copyrightable. (p.527) and continues:

“Similarly the Office will not register works produced by a machine or mere mechanical process that operates randomly, or automatically without any creative input or intervention from a human author.” (p 55)

The Telegraph article {August 6th} by Matthew Sparkes, said:

‘In its report Wikimedia said that it “does not agree” that the photographer owns the copyright, but also that US law means that “non-human authors” do not have the right to automatic copyright of any photographs that they take.

“To claim copyright, the photographer would have had to make substantial contributions to the final image, and even then, they’d only have copyright for those alterations, not the underlying image. This means that there was no one on whom to bestow copyright, so the image falls into the public domain,” it said.’

One would think common sense would mean that without the work by British photographer David Slater, there would have been no photograph. That his travel, equipment preparations and interaction with the animals was ‘substantial contribution’.

I wonder, could this become a significant argument in the future of copyright and access to material in the public domain?  Because the argument came down NOT to whether a monkey can own copyright, but whether there was any human in which copyright was vested.

copyright

 

Photography is changing. Increasingly technology is being used to take pictures. If photographic copyright depends on human ownership, I wonder if the way is opened for claims to creative images produced by drone or other forms of AI? I don’t know, and copyright law, is best left to experts but I’d like to ask the questions I have. I’ve read UK and US legislation, around ownership, and around use of computers, but it could appear to an ordinary lay eye, that technology is evolving faster than the laws to govern it. Users and uses growing in hobby and commercial markets perhaps even more so.

In UK legislation:

“In this Part “author”, in relation to a work, means the person who creates it.”

“In the case of a literary, dramatic, musical or artistic work which is computer-generated, the author shall be taken to be the person by whom the arrangements necessary for the creation of the work are undertaken.” [Copyright, Designs and Patents Act 1988, Section 9]

It is easy to see how the macaque can slip through in UK law here, as it is not computer generated. And in the US non-human is clearly defined and excluded. But my question is  how do you define computer-generated? At what point does copyright depend on autonomy or on arrangements by human-intervention?

Remember, in the US, the Office will not register works produced by a machine or mere mechanical process that operates randomly, or automatically without any creative input or intervention from a human author.” (p 55)

“Katsu pilots the drone remotely, but every movement is translated through the machine’s need to keep itself aloft and it adapts his directions.”

Where do you draw the line?

Why does it matter today at all?

It matters because copyright law is a gatekeeper and gateway. It makes it commercially viable for creators to produce and make work available to others. It defines responsibilities. One question I ask, is that if it’s no longer worth it, will we be worse off for not having the work they may have otherwise produced?

The market for work produced by or via drone,  is just becoming to hint at becoming mainstream.

The use of drones in photography, for example in hard to reach situations in useful functions like flood mapping will be of great service. Other uses in sports such as alpine skiing, canoeing, or extreme sports is only likely to increase by amateur, professional and commercial users. Stick a go-pro on the drone and it can get footage from places without the need for an accompanying person.

What questions might it raise for artists & creators today?

Specifically on art and copyright:  will this ruling affect what types of images are worth taking? Will it make some work non-commercially viable, or their value determined by the channels of distribution rather than creator? Will this Wikimedia ruling affect the balance of power between creator and  commercial channel providers, in terms of ownership and distribution? I believe it rather serves to highlight where the balance is already.

Have we lessons learned from the music and book industry that apply here? (Clue: they both start with vowels and control distribution.)

Will the decision now go to a UK court and become a clarified legal position?

David Slater reportedly faces an estimated £10,000 legal bill to take the matter to court, said the Telegraph. At very best, this situation  is disrespectful to him and leaves a bitter aftermath, in the question of the power between artist and distributor.

At worst, we could be on the cusp of being left behind in a brave new world of ownership and control of art and knowledge. A world in which actions may be taken through our technology, the product of which no human is deemed to have ownership.

So how does that affect responsibility?

If it has been legally defined, that there is no human copyright ownership for the product of the action by something non-human, where do you draw the line for human responsibility? Am I not responsible for the actions of anything non-human I own? If an animal I own, creates a road traffic accident, am I responsible for its actions? If so, then why not for artwork it creates? If there are differences, why are there differences, and where does the line of responsibility get defined and by whom?

Where are the boundaries of responsibility if we start to distinguish in law between ownership of the result of a task a human set up, but did not carry out? David Slater enabled everything for the photograph to be taken, but did not press the shutter.

I ask: “is the boundary of responsibility undermined by weakening the boundaries of ownership and definition of autonomy of action?”

I believe copyright, ownership, responsibility and non-human authorship is about more than this man vs macaque debate. Will we leave it at that and learn no more from this? If so, then the real monkey is definitely not the one in the picture.

What about considering wider impacts?

In broader context, I believe the public should be asking questions to stay ahead of the game in terms of all legal rulings, and consider carefully the idea of non-human creation and ownership. We should  ensure that both State and commercial uses of drone are not set in place, from which we need to play catch up later. We should be driving the thinking to help shape the society we want to see, and shape the expectations of commercial and State use of drone technology.

What of the drones we cannot see, never hear and yet seem to be supported by our Governments? State surveillance piggybacks commercial infrastructures and tools in other fields, such as communications and social media. We should stay ahead of how drones are increasingly used commercially (as in Amazon pilot news) and we should demand much greater transparency of the existing drone use in our name, in security, surveillance and weaponry. [ added 29 Aug 2014 > also see BT case in CW investigation].

Who controls government decisions and the ethics of drone or robot use? In all of these questions, it comes down to – who’s in a position of power? With power, comes responsibility.

The ethics in use in war zones and in other military action, seen and unseen, is also something we should be asking to understand. To date, much of the public dismisses drone use as something which happens somewhere else and nothing to do with us.

But these decisions do affect what is done in the name of our country and that does indirectly, reflect on us, as its citizens.  These decisions will shape the future commercial uses which will affect us as direct consumers, or as indirect recipients of their impacts on wider society.

There’s lots to think about, as drones develop into tools of art and applications in daily life. I know little of the legal aspects, what has been done already or is being considered today, or what will be in future. I just know, I have lots of questions as an everyday parent, considering what kind of society I hope my children, our future adult citizens, will inherit.  Where do I ask to find out?

My questions are not so much about the technology or law of it, at all. They come down to its ethics, fairness & how this will shape the future.  As a mother, that is the responsibility I bear for my children.

Will we see drones soon in ordinary life or in an everyday future?

In this Wired article, Karl VanHemert states part of Katsu’s aim with the drone is simply to raise questions about the transformative effect the machines might have on art. He plans for it to be Open Source soon. Some argue that tagging is not art, but vandalism. You can see it in action via Motherboard’s video on YouTube here. Suggesting property marking will become a blight on society, you can ask what purpose does it serve? Others suggest drones could be used precisely to paint over graffiti and be of practical uses.

In Scotland it is a well known joke,  that once the painters have finished repainting from one side of the Forth Road Bridge to the other, it’s time for them to start again. Perhaps, those days are over?

Will we see them soon in everyday occupations, and will it make a difference to the average citizen? In commercial service, the mundane estate agent [no offence to those who are, you may be 007 or M in your spare time I know] is reported to be one of the commercial market sectors looking at applications of the photographic potential. It could replace cameras on long poles.

“Unmanned drones can be used for a range of tasks including surveying repairs and capturing particularly good views from unusual angles. ” [Skip Walker, stroudnewsandjournal.co.uk]

These uses are regulated in the UK and must have permission from the CAA.

So far though, I wonder if anyone I’ve met flying a hobby drone with camera over our heads (veering wildly between tent pitches, and enthralling us all, watching it watching us) has requested permission as in point 2?

Regulation will no doubt become widely argued for and against in the public security and privacy debate, rightly or wrongly. With associated risks and benefits, they have the potential to be of public service, entertainment and have uses which we have not yet seen.  How far off is the jedi training remote game? How far off is the security training remote, which is not a game? How is it to be governed?

I have a niggling feeling that as long as State use of drones is less than fully transparent, the Government will not be in a rush to open the debate on the private and commercial uses.

Where does that leave my questions for my kids’ future?

Where is the future boundary in their use and who will set it?

The ethics of this ‘thinking’ technology in these everyday places must be considered today, because tomorrow you may walk into a retirement home and find a robot playing chess with your relative. How would you feel about the same robot, running their bath?

Have you met Bob – the G4S robot in Birmingham – yet?

“While ‘Bob’ carries out his duties, he will also be gathering information about his surroundings and learning about how the environment changes over time”

“A similar robot, called ‘Werner’, will be deployed in a care home environment in Austria.”

How about robots in the home, which can read and ‘learn’ from your emotions?

I think this seemingly silly monkey-selfie case, though clearly anything but for the livelihood of David Slater, should raise a whole raft of questions, that ordinary folk like me should be asking of our experts and politicians.  Perhaps I am wrong, and the non-human author as animal and non-human author as machine are clearly distinct and laid out already in legislation. But as the Compendium of U.S. Copyright Office Practices [open for comment see footnote 2] decision shows, at minimum the macaque-selfie shoot, is not yet done in its repercussions. It goes beyond authorship.

Who decides what is creative input and intervention vs automatic or autonomous action? Where do you draw the line at non-human? Does Bob – the G4S robot in Birmingham – count?

We may be far off yet, from AI that is legally considered ‘making its own decisions’, but when we get to the point where the owner of the equipment used has no influence, no intervention, of what, when or where an image is shot, will we be at the point where there is, no human author? Will we be at the point where there is no owner responsible for the action?

Especially, if in the words of Katsu,

“Eventually…the drone will develop a creative mind of its own.”

What may that mean for the responsibilities of drones & robots as security patrols, or as care workers? Is the boundary of responsibility undermined by weakening the boundaries of copyright, of ownership and autonomy of action?

If so, photographs being shot, without a legally responsible owner, is the least of my worries.

****

[1] Significant files ref: http://infojustice.org/archives/33164  Compendium of US Copyright Office practices – 3rd edition > full version: http://copyright.gov/comp3/docs/compendium-full.pdf

[2] Members of the public may provide feedback on the Compendium at any time before or after the Third Edition goes into effect. See www.copyright.gov/comp3/ for more information.