information sharing – present & future

August 30th, 2006

If you want a preview of how ‘helpful’ the trails of information gained by NIR trawling will be take a look at this article at nth position. It goes into detail about an active project in Bedfordshire which agregates information about crime levels, ambulance reports et al. in house-to-house detail. As you will see these records are rather simple to access and there are plans to allow public access via the internet to a range of data gathered:

Surely, I thought, in the name of all that is most sensible, those cannot really be emergency service logs? Later that day, Bedfordshire County Council’s press office kindly supplied me with a CD-ROM of the presentation. Yes, the spreadsheets glimpsed in the presentation really were pages from emergency service logs.

The level of detail included:
* X and Y co-ordinates allowing pinpointing of crimes and accidents on Ordnance Survey maps
* Details of crime victims including address, age and sex
* Ambulance data including patient problems
CDRP: Ambulance data, redacted for patient data privacyIn this last category, the medically confidential information had been shaded over for presentation to the council. However on examination it was easily readable, allowing me to zero in on the locations of the following incidents, all from October 1, 2005
* 12 cases of ‘assault/rape’
* One case each of ‘overdose/poisoning’ and ‘stab/gunshot wound’
* 16 cases of ‘specific traumatic injuries’ [nthposition has redacted the personally identifiable data.]
Information from the fire and rescue service also give OS grid references, street addresses and notes on whether fires are considered accidental or deliberate.
Information from the council’s environmental services includes unprocessed reports pinpointing complainants’ addresses.
From information on council trading standards ‘enforcement visits’, it could be seen that four specific shops in nearby towns had provided drink and/or tobacco to underage children. In the council’s words: “Data on crime and anti-social behaviour incidents is extracted from the partner systems and replicated into a central data store and a common application has been created to provide user access.”

Such is the CDRP’s belief in data protection that they lifted pages of this data store for a slide show, and then simply handed it out to the public on request. And this is the sort of information that is going to be pinged back and forth between the CDR partners. Bedfordshire’s CDRP also plans to show reported incidents of anti-social behaviour on a website map giving house-to-house detail. These maps will be available online to the public.

You will notice that enthusiasm for the project already means ‘institutional ignorance’ of data protection concerns is in place.
The ‘Geographical Information System’ in Bedfordshire is by no means alone. see this Home Office report (pdf) for introduction to the scope of another few (via Interestingly at least one of the Systems (COSMOS – covering the Birmingham area) has a vanilla http login page the insecurity of which should be obvious. This doesn’t exactly make one feel comfortable.

So that is where we are now. The fundamental question to pose with these systems is are they necessary? That question is not actually about whether they will aid the authorities which they almost certainly will but whether the information they gather is any more useful than limited research projects. It is the question of what amounts to ongoing mass surveillance is actually more beneficial than spending money on a research programme and then acting in advance of crime and antisocial behaviour – because whatever these systems do they are absolutely useless if no one actually learns from the data gathered. It should be pretty clear to most people that sink estates and higher crime areas share certain characteristics and the findings of research in one location can be applied with a bit of critical thinking to another area. The idea that ongoing mass surveillance is in any way more responsive or accurate than limited research is fallacious, moreover ‘unguided’ systems such as these may obscure potential solutions to problems that ‘guided’ research may uncover – indeed it is like finding a cure for ‘the common cold’ by counting how many people buy cough medicine.

Secondly we have the issues of security and privacy, as the writer from the nth position found, the regard towards data protection aspects is minimal, and has been sidelined in the interests of interoperability, with this approach the underlying assumptions are that everyone has a legitimate use for information gathered and that it is being requseted ‘innocently’.
Additionally in these systems it is unclear how accurate these databases will become once opened up to the public, as the nth position discusses:

Using a special page on the CDRP sites, members of the public will be able report instances of alleged anti-social behaviour. At present, Anti-Social Behaviour Orders (Asbos) can be made by local courts. They are yet another of Labour’s quick fixes: where prosecution might otherwise fail, or even where no specific crime has been committed, Asbos can be slapped on instead. The bald truth about Asbos is unpalatable enough: they can be (and in fact, are designed specifically to be) applied to anyone magistrates consider to have behaved legally, but badly enough to warrant legal restraint. Now, in a sort of post-modern nightmare, Orwell’s Big Brother has been ousted by Bazalgette’s Big Brother.

The public will be the ones doing the state’s spying, and ‘voting off’ fellow citizens.

You shouldn’t worry unduly about this, because (as one CDRP officer put it): “These reports will be sanity-checked.” What might ‘sanity-checking’ entail? On the face of it, emailed reports of pink elephants leaping over office blocks might not make it on to the map. Then again, you may remember the case of Caroline Shepherd, a woman from East Kilbride served with an Asbo in 2005 for answering her own front door while wearing a nightdress. Or perhaps the luckless would-be suicide who repeatedly jumped in to the River Avon and was hit with an Asbo preventing her from going near any body of water in the vicinity – her name is public knowledge, but I can’t see any benefit in repeating it. (Then there are the cases of Michael Donockley, David Gaylor and David Boag… but I fear that no-one will believe those actually happened: stick their names plus ‘asbo’ into a search engine and find out for yourself).

So on to the future.
If the NIR is implemented ‘successfully’ it will be possible for people/companies with access to GIS technology, and who have bought government database access to overlay ‘public’ and commercial information to create a ‘live profile’ of anyone registered on the NIR database. A criminal will be able to identify high crime areas, perhaps with poor police response times and correlate the data with people recently buying a new car/financial services with PNR flight data they could check if occupants are on holiday etc, etc. Obviously the converse data matching could be employed by the government for their own reasons (we shan’t be handing out any more ideas here I’m afraid). Even if access to this sort of information is more secure (https? phut!) it won’t prevent the internal compromises such as those reported this week at the Identity and Passport Service (the future gateway to NIR informtaion no less).

Naturally an ‘I told you so’ when the NIR fails will be a response that won’t address the problem of its creation. Much like using mass surveillance technology to respond to crime.

Leave a Reply

You must be logged in to post a comment.