So… it’s the Swiss we don’t like…

I regret that I have two corrections to make to my earlier post about the UK ID Cards policy.

The first is that, far from being a climb-down or policy course-change, the Home Secretary’s cancellation of compulsory ID cards was in fact a re-affirmation of committment to the scheme and the signal for an accelerated roll-out. This document on the IPS website provides further details.

The second is to clarify that, while European Economic Area citizens will not have to be issued with UK ID cards, the exemption does not extend as far as European Free Trade Area citizens. So, while the Norwegians, Icelanders and Liechtensteiners are OK, the Swiss are PNG.

I can only assume this is at once a subtle pay-back to the recently-defeated Stanislas Wawrinka for keeping Andy Murray on court past his bedtime, and a masterly pre-emptive ploy aimed at Roger Federer.

Stephen Potter would be proud

Doctorow’s DIY Digital Deed-box

Interesting piece here about Cory Doctorow’s search for a solution to the problem of what to do with your “digital legacy”. Now that so much of our lives is lived/captured/stored digitally, it’s far more likely that our executors and relatives will need to unlock a laptop, disk drive or a file than a desk drawer or a filing cabinet… and yet, as Cory notes, there’s not much on the market that provides a simple solution.

The French eID scheme has, for some time, included a ‘digital vault’ for each citizen to use as a repository, but I don’t know what the escrow arrangements are should the citizen die and someone else need access. Perhaps someone could comment if they know the details?

Cory mulls over the compliexity of various DIY options – but fortunately for him, help may be at hand in the form of the EU-sponsored PrimeLife project. At the project’s Reference Group meeting in Frankfurt earlier this year, I heard an excellent talk by Sandra Steinbrecher on “Trusted Content and Privacy Throughout Life”. The slides are online here, and I recommend them for their clear analysis of the problem.

ID Cards scrapped… but what next?

Home Secretary Alan Johnson has taken advantage of his recent arrival to announce a change of policy: ID Cards will now not be compulsory… for anyone other than foreign nationals working in the UK.

Though, if I remember correctly, it remains illegal under EU law for any Member State to require the citizens of another Member State to carry its (the former State’s) identity credential… so actually that means “foreign nationals other than citizens of other EU States…” and possibly European Economic Area/European Free Trade Area States (Norway, Iceland, Liechtenstein and Switzerland) as well, I don’t know. “EU Member State” is one of those categories which seems neat and tidy at first glance, but turns out to get a bit fractal the closer you peer at it. Apparently the Falkland Islands, Greenland and Nouvelle Cal├ędonie are not Member States, for instance, despite being overseas dependent territories of countries which are. I apologise in advance to their worthy inhabitants, but I’m not even going to look up San Merino, Andorra and the Vatican…

But I digress. The point is, by the time you rule out UK nationals and “citizens of the European Fractal”, I wonder what percentage of the inhabitants of these islands you’re left with, who may legitimately be challenged to produce an ID card. However, adoption of a voluntary citizen card, by the rest of us, is unlikely to achieve critical mass unless there is already a sufficient infrastructure (of authentication devices, for instance) to stimulate the development of a service provision ecosystem, which in turn make such a card worth carrying. Carrying that logic through to its conclusion: I cannot, in the current circumstances, see a Home Secretary committing to the investment required in such an infrastructure in the hope that it might stimulate enough demand for the scheme to pay for itself in the end.

When you then consider that anyone who still counts as a “foreign national working in the UK” will have to have their own country’s passport, and probably a visa, work permit and/or other documentation in order to get in and stay here, Mr Johnson’s announcement is probably sufficient to make the roll-out of any ID card fall below critical mass. What would be the point? A database record, indexed to the individual’s immigration record on entry, would satisfy the same purpose without anyone having to issue, carry or check a plastic card.

All that having been said, Mr Johnson’s announcement signals less of a policy climb-down course-change than it might appear. There is, for instance, no change to the plans for a National Identity Register, and anyone applying for a UK passport will continue to have their details entered in that repository. Similarly, there’s still no apparent change to the policy on DNA retention, despite the European ruling earlier this year… though perhaps it’s a little unreasonable to expect two major climb-downs course-changes in quite such short succession.

So where do we go from here? Despite successive Home Secretaries’ determination to confuse the two, the National Identity Register and the National Identity Card were never the same thing, and a National Identity Scheme can quite viably continue without anyone having to carry the “terrifying, small… plastic card“. The question, then, is what the government plans to do with the Scheme once its plastic card has been virtualized – NIS 2.0, perhaps… (sorry).

I think it’s fair to say that the ditching of said plastic cards removes an element which added enormous complexity for questionable benefit. My hope is that that will free enough “policy-bandwidth” to make something sensible and constructive out of the government’s citizen ID policy henceforth. For instance, perhaps this signals a shift away from the hierarchical, paper-credential view of citizen identity and towards one based on the selective management and disclosure of attribute-level assertions.

Perhaps we are ready to move away from the policy of:

“Tell me who you are, and I’ll look up everything about you” and towards one of

“Approve a minimal disclosure of just enough data to let me grant you access, deliver this service, establish this entitlement…”.

That would be a shift indeed, and one which could reflect a far more privacy-positive approach. It may be that I’ll have the opportunity to find out tomorrow, at a meeting of the All Party Privacy Group in Westminster.

UK policy and cyber-warfare

A few years ago I was given a very good piece of advice about technologists expressing a view on matters of policy: don’t.

“Think of three layers”, was the suggestion of my older and wiser colleague: “a bottom layer of technology, a ‘good practice’ middle layer, and a policy top-layer. Be aware that decisions at the policy layer are driven by all kinds of factors over which you will never have control… and however tempting it may seem to do otherwise, restrict yourself to opinions on the other two layers”. I took this advice to heart, and while I have had the occasional lapse, it has not let me down when I have stuck to it.

So, then, what to say about the government’s announcement, last week, of its plans to establish a cyber-security operations centre?

Well, I think there are three questions to ask:

1 – is there a pressing need for a cyber-security capability? I suspect the answer to that one is a clear ‘yes’. There’s no doubt that cyberspace represents an element of the Critical National Infrastructure (CNI), just like the transport, water, power, communications, financial and sewage networks on which our country depends. It may be entertaining to be transported back to the 70s by watching “Ashes to Ashes”, but few of us would much enjoy a long spell of being restricted to 70s technology levels.

And just like all those other elements, the UK’s cyberspace presence is inextricably linked into the global network. (“Sewage?”, I hear you mutter… “How is the sewage system cross-border?” Ask the Dutch… I read a report that, if the Netherlands couldn’t export the excrement by-product of its bacon industry, the whole country would be ankle deep in pig-poo before the year was out. And with all those greenhouses, they use a lot of mulch…). So – cross-border cyber-defence capability? Absolutely.

2 – is the government justified in maintaining/using an offensive cyber-security capability? This one is tricky to answer at the policy layer.

  • At the technical layer, I have no reservation in saying that I want the security services to know how cyber-attacks work, and even in maintaining significant expertise: after all, they can’t mount passive defences if they don’t thoroughly understand the attacks.
  • At the ‘good practice’ layer, offensive cyber-security capabilities tend to be restricted to getting malicious sites/services taken off the internet – and that only after going through ‘due process’ with the telcos, service providers, hosting companies and so on. Clearly, the latest policy announcement is based on the assumption that there may be cases where the security services expect to need to go further than that.
  • At the policy layer, then, I think it boils down to this: what confidence can we have that those responsible for exercising such a capability are doing so proportionately, justifiably and accountably? In other words, it raises all the governance and oversight issues which have been so much in the political searchlight in recent months. There are established structures (such as the Intelligence and Security Committee – ISC) which are intended to make it possible for those ‘on the outside’ to be confident that those ‘on the inside’ have to at least tell a cleared and trusted few what they are up to. It is quite possible that those structures, though, are effective at providing policy oversight, but not effective at building and reinforcing public trust. For instance, Tory MP Michael Mates, a long-standing ISC member, has recently said that policy-forming documents he saw in the run-up to the Iraq War would “make people’s eyes water” if and when they are made public through the proposed enquiry… and yet, the Iraq War went ahead.

3 – Can the cyber-security team meet the security policy objective, while simultaneously protecting the UK against repercussions from the policy, safeguarding citizens’ use of the internet, and providing sufficient evidence of accountability to maintain the public trust?

In policy terms, the cyber-security announcement does include a statement about the appointment of an ‘ethics advisory group’ to complement whatever other governance measures are put in place. This group is apparently to monitor the ‘proportionality‘ of actions taken under the policy. But the ethical issues don’t stop there.

Supposing the cyber-security folks pre-emptively take down a malicious server outside the UK… presumably they would want to do that in a way which leaves no evidence of the attack having originated in the UK (for fear of reprisals…); perhaps they might consider launching the attack from elsewhere, in the hope that any blame (and retaliation) would fall on someone else.

I think the ethics advisory group is going to have a busy time.

Off-track action

It’s been a couple of months since my last rant about F1, and in the meantime the franchise seems to have come closer than ever to imploding. In the past, Ecclestone and Mosley have managed to present a united front when dealing with the teams or other interest groups such as the BRDC, but this time even the two of them don’t seem to be pulling in the same direction.

Mr Mosley seems to have antagonised most of the teams, not least by allegedly coming to an agreement with them on one day and then unilaterally revising it overnight. According to the teams it is this kind of high-handedness which makes him so unpopular as the sport’s titular head… and yet it’s Mr Mosley who is threatening to sue the rest of them for (among other things) breach of contract.

Apart from “governance style”, the teams are also still fundamentally unhappy with the details of Mr Mosley’s cost-cutting proposals. He wants to have two classes of engine; a rev-limited option for teams who wish to ignore the cost caps, and a ‘budget’ Cosworth with no rev limit. Mr Mosley is quoted as writing that “any engineer will confirm that this will not give the relevant teams any competitive advantage whatsoever”; the reply of at least one engineer was too frank to print on the BBC site.

There’s also the point, surely, that this is not what “Formula One” means. It means a single set of specifications which apply to all the cars in the race. I’ve been to GT races, and to be sure, they are entertaining not least for the different rates at which GT1 and GT2 cars go round the track… but that’s not “Formula One”, it’s cars from two different formulas racing simultaneously on the same track. If Mr Mosley thinks that would be more entertaining, he should come out and say so.

I assume that, at least in part, all this off-track chicanery is Mr Mosley’s attempt to give us something more interesting to watch than the on-track chicanes. Dominant though Sebastian Vettel’s performance was on Sunday, it was not an exciting race by any standard. The BBC Sports site today promises “The British Grand Prix in 90 seconds“. To be honest, I’m surprised they managed to pad the highlights out to a minute and a half.

Speaking of "known unknowns"…

A classic ‘information security’ case-study is unfolding as the redacted censored facsimiles of MPs’ expense claims are finally made public. Comparing what we know some of the receipts said with what the censors thought we should not be allowed to see communicates far more than the data could do on its own.

In some cases the message is simply surreal, as this piece by Martin Rosenbaum illustrates: for instance, apparently we are allowed to know that Tony Blair has a Siemens dishwasher, but details of which model it is have been doubleunpublished… despite the fact that that information had already been released in a 2008 FoI disclosure of the same receipt.

In other cases it is less benign. For instance, it is now established (through the Telegraph leaks) that Margaret Moran MP claimed for dry-rot treatment on a house which was impractically distant from her constituency: the redacted version of the receipts would have allowed that fact to remain concealed. The Fees Office explains this, with some justification, on grounds of security – but there clearly also needs to be some mechanism for preserving accountability where that is the very detail which could reveal abuse of the system.

The classic ‘information security’ solution to this classic problem would be to rely on a trusted third party, able to see and act on the data in question while protecting it from inappropriate public disclosure. The question is, can the parliamentary admininstration come up with a viable candidate for that role?

I’m having a Rumsfeld moment

I always thought that, for all his faults, Donald Rumsfeld was unfairly mocked for his famous remark about “known unknowns”. Here’s the passage in question:

“as we know, there are known knowns; there are things we know we know. We also know there are known unknowns; that is to say we know there are some things we do not know. But there are also unknown unknowns – the ones we don’t know we don’t know.”

It may not be a classically dumbed-down sound-bite, but it is entirely logical. It has echoes of the wisdom of another oft-derided sage, Neddie Seagoon:

“If only I knew what little I know, I would know a little.”

As usual, there is a connection (however twisted) between this and a recent piece of news… in this instance, an article about the apparent dropping of a law-suit between US trade representatives and a number of other parties from countries including EU members states.

If that sounds vague, have a look at the article in question and you’ll understand why. Information about an “Anti-Counterfeiting Trade Agreement” has apparently been withheld on grounds of national security, scuppering any enquiry into what it is about. It has been turned into an “unknown unknown”. We aren’t allowed to know what we don’t know.

The newly-arrived Obama administration proclaimed goals of transparency, accountability and communication. In the UK, serial ‘politics survivor’ Gordon Brown has stated his commitment to rebuilding public trust and confidence in the political system as a whole, and our elected parliamentarians in particular. Allowing the “Rumsfeld philosophy” to persist does little to build the credibility of those postures.