Police retention of surveillance photos "breached privacy right"

A man, who is a shareholder of a company, attends the company’s AGM and asks a question from the floor, about the company’s recent acquisition of another firm – one which organises trade fairs for the arms business. On the way out of the shareholder meeting, the man is followed by police, photographed repeatedly and asked for his personal details.

He is not detained, arrested or charged, and there is no suggestion that an offence has been committed.

The police create a new dossier on their ‘Crimint’ system and use it to retain the man’s photographs.

This is what allegedly happened to Andrew Wood in London in 2005. At the time, Mr Wood was in charge of media relations for CAAT – the Campaign Against the Arms Trade; according to their account here, that organisation had taken the precautionary step of liaising with the Metropolitan Police before the AGM, and it had been agreed that two of their members would leaflet attendees in front of the meeting. Several other accounts are available online, including this one by the Guardian, and this one written by Wood himself.

The reason the story is back in the headlines is that Mr Wood has just won an Appeals Court case against the police retention of his photographs. The court ruled that while the surveillance itself could be justified, the retention of the photographs represented an infringement of the Human Rights Act. Interestingly, when Mr Wood appealed for judicial review of the case, the police barrister denied that such a record had been made.

The Appeal Court judges ruled that the Privacy right “was important to the individual”, and the the “object pursued by the interference” was not sufficient to justify keeping the photographs. Specifically, Lord Collins rejected the idea that they could be kept in order to make it possible to identify the perpetrators of any crime which might have been committed at the AGM… This would not, he said, justify retention beyond a few days. In a conclusion which is likely to have far-reaching effects, he also rejected the idea that the photographs could be retained in case Mr Wood subsequently committed an offence at an arms fair some months later. This justification, he said, had nothing to do with the decision to take the photographs and was “plainly an afterthought”.

For a much more detailed legal analysis of this distinction between “taking” and “retaining” the photographs, I recommend this document, which is the judgement in Mr Wood’s application for judicial review of the case (given in 2008). While it is paragraphs 51 onwards which set out that judge’s opinion on “taking” versus “retention”, paragraph 37 of the judgement (which, slightly confusingly, cites paragraph 51 of an earlier European Court of Human Rights finding) sets out the principles in a particularly interesting way. Here’s what the ECHR says:

50. The Court reiterates that the concept of private life extends to aspects relating to personal identity, such as a person’s name, or a person’s picture.

Furthermore, private life, in the Court’s view, includes a person’s physical and psychological integrity; the guarantee afforded by Art.8 of the Convention is primarily intended to ensure the development, without outside interference, of the
personality of each individual in his relations with other human beings. There is therefore a zone of interaction of a person with others, even in a public context, which may fall within the scope of “private life”.

This, as clearly as anything, draws a distinct line between “privacy” and “secrecy”. It is clear, here, that privacy rights can apply to an individual’s exercise of relations with others. Privacy, in other words, is about disclosure – but disclosure with appropriate control and consent on the part of the individual.

Back to the current UK Appeals Court ruling, though, which specifically cited Article 8.2:

“There shall be no interference by a public authority with the exercise of this right [to a private and family life] except such as is in accordance with the law and is necessary in a democratic society in the interests of national security, public safety or … for the prevention of disorder or crime … or for the protection of the rights and freedoms of others …”.

As I say, it was the retention of the photographs beyond any reasonable period associated with the AGM itself which was considered to be a disproportionate interference with Mr Wood’s Article 8.2 rights.

Interestingly, the judge in the judicial review held that Article 14 was not applicable in this case, and the Appeal Court did not overturn that conclusion Article 14 establishes “the right to exercise the other rights without being subject to discrimination” … “on any ground such as sex, race, colour, language, religion, political or other opinion, national or social origin, association with a national minority, property, birth or other status”.

To be frank, I don’t yet grasp the logic behind that decision, but will keep at it. It seems to me that, as Mr Wood was not suspected of having done anything illegal before or at the meeting, he was indeed being discriminated against (relative to other attendees who were not photographed) on the basis of actions which arose directly from his ethical opinions about the arms trade – but then, I’m not a judge.

The case is particularly relevant from a privacy/policy/technology perspective because of what Lord Justice Dyson had to say in his summing-up:

“In deciding whether the interference is necessary, the court must have regard to the nature of the Convention right in issue, its importance for the individual, the nature of the interference and the object pursued by the interference.”

” … the protection of personal data is of fundamental importance to a person’s enjoyment of his or her article 8 rights and the domestic law must afford appropriate safeguards to prevent any such use of personal data as may be inconsistent with the guarantees of article 8. The need for such safeguards is all the greater where the protection of personal data undergoing automatic processing is concerned, not least when such data are used for police purposes.”

The "cost of privacy" equation is still out of balance

Yesterday’s Guardian had an article about patients’ right to have their Summary Care Record (SCR) deleted from the national NHS database. According to the article, Connecting for Health (CfH) and the Dept of Health had, until recently, argued that individuals should not be entitled to have their SCRs deleted on the grounds that the cost of deleting records selectively would be ‘prohibitive’. Instead, they had apparently offered to ‘mask or suppress’ the records of people who expressed concern.

Frankly, that sounds like so much eyewash to me. Whether you want to mask, suppress or delete an individual record, you still have to locate it in the first place; and having done that, deletion once and for all must be less costly, over the life of the information, than keeping it under some restrictive access regime.

Apparently this current concession results from talks between CfH and the Information Commissioner’s Office. It’s good to see common sense prevail. That said, the picture is still not completely clear:

  • If your record on the national database has not yet been created, you can express your wish not to be added;
  • If your record has been added but not yet used, you can ask for it to be deleted;
  • If your record has been created and used, you can’t ask for it to be deleted, because “it will have been archived for ‘medico-legal’ reasons”.

That last exclusion only makes sense, of course, if the records held by your GP are no longer considered to be the authoritative version of our healthcare history. Otherwise it would suffice to take a copy of that archive, forward it to your GP and delete the original.

Something, somewhere, still doesn’t add up.

Ethics, spirituality and religious conviction

Intelligent atheists (Jonathan Miller being probably the most articulate) often remark on the asymmetry between religious evangelism and the lack of any equivalent voice from the ‘opposing’ camp (by which, here, I mean atheists rather than satanists…). It is, after all, to build a compelling PR campaign on the strap-line “You know all that stuff which you believe…? Well, I don’t”.

It’s articles like this which illustrate how easily that asymmetry becomes the default. Here we have a pro-Christian politician arguing that “Half a century of corrosive and aggressive secularisation has created a selfish, superficial and materialistic culture amongst decision-makers and opinion-formers that is appropriately reflected in those we have elected to Parliament” and proposing a more overtly Christian political option as the solution.

In the absence of an atheist voice, there is no-one to counter the argument that religion provides the only basis for an ethical system – or, indeed, to argue that religion is often as badly flawed a basis as any other. One need only look as far as the current revelations about the Catholic Church in Ireland for an example of that.

Please don’t get me wrong; I’m not arguing that either religion or secularism has a moral monopoly. But as far as Alan Craig’s argument goes, I’d want, for instance, a little more evidence of how many of the ‘secular’ MPs he mentions are regular church-goers, or gave the oath of allegiance by swearing to God Almighty.

Here’s my prediction of what a little research would reveal:

– some people who claim to be religious act in immoral ways;
– some people who claim to be irreligious behave strictly morally;
– some of those who claim to be either sometimes behave well, and sometimes badly…

and I don’t think that’s good or bad – it’s just the way things are.

Here’s my more pessimistic prediction: if you elect someone to political office simply because they profess profound religious belief, and expect the outcome to be better than if you elect anyone else capable of getting to the point of being elected, don’t expect a radically different outcome.

I also think that some people are essentially benevolent, and would be so if they were Christian, agnostic, atheist, aspiritual or anywhere in between. Others aren’t, no matter what belief system they profess or deny.

By a strange quirk of timing, now is a good time to assert that William Heath is one of the former. He happens to be a practising Quaker. I’m profoundly happy for William that he has found that spiritual community which best reflects his own view and motivation – that doesn’t come to everyone. But I also happen to believe that “being a Quaker” is more or less incidental. William could have been an agnostic ditch-digger and still hold the same core values – albeit possibly for different reasons.

And there’s the nub, I suspect. I, for one, think that the moral question is one of how people act, rather than of why they act one way or another. If someone acts morally because they believe in the Easter Beagle, so be it. If someone acts evilly because they believe that’s what something in the Bible tells them to do, then again so be it. I remain unconvinced that the way to sort moral human beings from immoral or amoral ones is to ask them about their religious convictions.

Thank heaven for little URLs…

Sorry, couldn’t resist that title for the post.

I’ve been updating the Future Identity website with some diary entries for “Recent Events”, and some “News” entries about events I’ll be speaking at in London over the next couple of weeks. It’s nice that the speaking invitations continue to come in.

As you may have noticed if you follow my Twitter feed, I’ve also been using the “tinyarro.ws” service for shortening URLs – and it occurred to me, belatedly, to generate a custom one for the FI website – so here it is: www.➡.ws/fi.eu. (The full URL still works too, of course).

If you haven’t encountered it, tinyarro.ws makes use of the fact that double-byte character set (DBCS) characters are valid in URLs, even if the binary value doesn’t render to anything useful. This gives them a huge range of characters which they can use to create a short URL which they then map onto whichever URL you submit. Suffice to say, it’s a lot easier to use than to explain! There are other similar services, such as TinyURL and bit.ly; Twitter users use them a lot so as to be able to include URLs in tweets while sacrificing as little as possible of the allotted 140-character message length.

All of which raises the question: what is the correct name for a little URL? A viscount, perhaps? [groan]

Freedom of Information – a retrospective

I just had to post this quotation from Martin Rosenbaum’s “Open Secrets” blog on the BBC site. Looking back on the MPs’ expenses row with an FoI perspective, he concludes:

(8) Finally, in keeping with the spirit of the times, an apology of my own. In the past, I expressed the opinion that the persistent attempts by the House of Commons to prevent full publication of material about expenses was doing more harm to its reputation than would probably be caused by the eventual release. Doubtless there are cases where the reputational damage from insisting on secrecy is greater than that potentially resulting from release of the material in question – but this isn’t one of them. Sorry I got that wrong.”


What do Electronic Patient Records mean?

OK, it’s a trick question. The answer, as with much data and all personal data, is “it’s contextual”… which is basically a fancy way of saying “it depends”. This CNet News article from yesterday throws up some of the questions, in a US-centric context, though there are many more, and even those it raises, the article doesn’t necessarily resolve.

So, what do I mean by contextual? Well, I’ve already given one example of that; the CNet News article (entitled “What you need to know about e-health records”) is fairly useful if you’re in the US healthcare system – but a lot of it is irrelevant if you aren’t. One huge contextual factor is which country you live in, with the associated factors like that country’s attitude towards state- vs. privately-funded healthcare, preventive medicine, health insurance, family doctors, privacy law and so on.

Here are a few more examples of contextuality which the CNet article illustrates:

  • at a “political” level, Electronic Patient Records (EPRs) ‘mean’ money. If you’re a techno vendor only interested in cornering a chunk of President Obama’s stimulus package for commercial gain, the data is incidental (in fact, paying to secure it only reduces your bottom line): what’s important is the subsidy;
  • if you’re an insurer, EPRs mean being able to get sufficient detail to judge – automatically if at all possible – whether a given treatment is covered under the policy or not. In that context, the distinction between “cancer which has spread to the brain” and “cancer which has spread to the spine” may well be irrelevant, as the article notes;
  • if you’re the patient or the physician, of course, that distinction might be highly relevant… but in the example given, the data in the EPR was ambiguous because it was designed primarily to meet the insurer’s requirements, rather than those of the other relevant stakeholders.

So what EPRs mean depends on things like who you are, what you’re doing with the data, where you’re doing it, why you’re doing it, and very often even when you’re doing it… (it’s one thing to need data urgently in the heat of emergency treatment – it’s another to need it forensically post mortem).

Why’s all this an issue? Well, as the CNet article points out, the stimulus package is driving a lot of efforts to standardise EPRs and make them portable, interoperable and consistent. At a syntactic level, that raises one set of problems (which experience suggests are solvable with time and effort). At a semantic level, as the contextual examples show, the problems are of a quite different order of difficulty.

That’s the point at which the technical work on interoperability needs to be complemented by work on contextual factors like policy, regulatory measures, user consent and control, and matching purpose of collection against purpose of use. These are the kinds of question we have worked on for some time in the Liberty Alliance Public Policy Expert Group (PPEG), and which I confidently hope will continue to grow into a compelling work stream under the Kantara Initiative. Also in the Kantara structure there is a proposal for a Health Information Assurance (HIA) Work Group, whose draft charter you can find here. I will be adding a draft charter for the Privacy and Public Policy Work Group (P3WG) within the next few days, and that will include a goal of effective liaison with the HIA group.

Precisely because EPRs raise so many issues – both within and between different national healthcare and regulatory systems – this work needs to be able to draw on a broad range of expertise. Please have a good look around the Kantara website; there are many levels at which you can participate in this work, and I would encourage anyone with a stakeholder interest in EPRs to do so.

Two years on…

This is why politicians probably hate blogs, the internet and anything else which counteracts our otherwise fallible memories…

May 18th 2009; House of Commons Speaker Michael Martin says that each and every member of parliament must work hard to regain the public’s trust. He wants discussion to centre on, among other things, “early publication” of expenses details.

May 17th 2007; Gordon Brown – accepting his uncontested nomination as Prime Minister – promises to “build trust in our democracy” through “a more open form of dialogue with citizens and politicians”. “It’s about a different type of politics, a more open and honest dialogue”, he said. He was also quoted as saying “I believe government only works when it’s dedicated to serving the people”.

Perceptive words. Shame about the follow-through.

May 18th 2007; Gordon Brown rejects calls to block David Maclean’s attempt to exempt MPs (and their expenses data) from the Freedom of Information Act. Among others voting in favour of a third reading for the amendment tabled by Mr Maclean (£155,609) were the following Labour ministers:

  • Parmjit Dhanda (£153,906)
  • Maria Eagle (£153,742)
  • Caroline Flint (£158,773)
  • Ian McCartney (£155,746)
  • Tony NcNulty (£134,402)
  • Meg Munn (£144,356)
  • Joan Ryan (£151,954)
  • Phil Woolas (£169,427)

I in no way mean to imply that any of those ministers committed any impropriety in their expenses, but if any were needed, it’s a clear indication of why it’s a bad idea to have MPs deciding, voting on and overseeing their own remuneration.

The same BBC article reports that:

Members of the backbench committee of the Parliamentary Labour Party have also emailed colleagues to say they “feel strongly” that the bill’s measures were “worthy of support”.

None of this makes it easy to believe that there was a strong line coming from the top, encouraging Mr Brown’s subordinates to opt for an “open, honest dialogue” based on the interests of the people.