Robin Wilton's esoterica

I rashly took my eye off Eve Maler's blog, and in the meantime she's only gone and blogged two whole conferences and a few other snippets as well. Check it out for her amazingly comprehensive reports from the Open Source CMS Summit and the SDForum event.

As of Feb 14th this year, the introduction of retail Chip and PIN payment systems took another evolutionary step. It's now 'compulsory' to use your chip and PIN wherever the retailer can handle it. Where the retailer can't (and for example, DIY chain B&Q say they won't be ready for a few months yet), the banks will make the merchant bear the cost of fraudulent transactions. Filling up at a petrol station a few days ago, I noticed a new sign on the petrol pump which said "Please use your chip and PIN when paying. Remember --- we no longer accept payment by cheque". Are these two statements related? I don't know, but if they are, the implications are a little strange. Chip and PIN are being introduced because existing signature-based payments are too fraud-prone; the implication is that cheque payments are perceived as having the same shortcoming. However, the same card which has the chip and PIN also has the holder's signature on it, and a hologram on the back which specifies the amount up to which the card will guarantee a cheque. As far as I'm aware, the banks haven't changed the terms and conditions relating to that cheque guarantee limit (at least as far as the account holder is concerned) --- so is the petrol station just unilaterally vetoing one particular payment mechanism, or are the banks treating cheque payments the same as PIN-less card payments (i.e. passing the cost of fraud on to the merchant)? I don't know... but if you do, please leave a comment.

Next Monday (March 6th) the ID Cards Bill is due for its next reading in the House of Lords. To remind you of the ping-pong process, here are the steps: # MPs vote on the bill in the House of Commons (the Govt wins, despite losing some back-bench votes); # The bill goes to the House of Lords, where radical amendments are successfully made, and pre-conditions set for the introduction of a compulsory card; # The bill goes back to the House of Commons, where most of the Lords' amendments are overturned; # The bill is re-considered by the Lords next Monday. The Lords' second reading is an interesting test of their resolve. It can be the point at which they concede that they have already got all the compromise out of the government that they are likely to get (either on this bill itself, or in terms of 'bargaining chips' on other government business), or it's the point at which they stick to the principle and reject the bill once more, to show that they fundamentally still disagree with it in its proposed form. If they do the latter, it ultimately can only delay (rather than prevent) the bill's eventual passage, but it sends the government a signal that experiencd political heads have considered the proposal and still don't think it's right. I have no idea which course their Lordships will take. Hardened cynics among you (not me, of course, I am too trusting an optimist) will remember that imminent votes on (for example) the controversial Anti-Terror bill seemed to be the cue for high-profile news stories of the form "public safety threat averted by legislation very similar to what we are proposing". I'll be on the lookout in the run-up to Monday.

David Irving was sentenced to three years in jail last week in Austria under that country's laws, which make it illegal to deny that the Nazi Holocaust of WW2 took place. It turns out that unconventional views in the family are not limited to him; his twin brother John, a former county councillor, converted to Islam a couple of decades ago while serving with the armed forces of the Sultan of Oman. He is now a farmer in South-West England, attends a local mosque... and is probably one of the few Muslim pig-farmers anywhere. Mind you, that and the fact that Mr Irving (John, not David) is also the chairman of the county's Racial Equality Council may betoken a far more open mind than his brother appears prepared to admit to.

Ever since I first stared wordlessly up at my father fitting a "safety" razor blade into his razor (and then 'shaved' using soap foam and a bent-over Signal toothpaste tube), I've been becoming steadily more and more aggravated at the rip-off proprietary built-in obsolescence of the razor blade. It's no surprise that packs of modern razor blades were the first items any UK supermarket tagged with RFID tags; the tags were set to trigger a CCTV camera whenever anyone lifted a pack of blades off the shelf. That way they had an audit trail if you went through the checkouts and the razor blades didn't show up.* Hmmm. But now there is a new menace: the toothbrush. For one thing, the cost of an old-fashioned "manual" brush is outreageous... never mind that you have to choose between ergonomic handles, textured multi-profile heads, flexible necks and colour-fade bristles which remind you to... guess what... buy another toothbrush! All that is grossly outstripped by the electric toothbrush phenomenon, though. This takes the razor-blade principle and enhances it to sadistic levels. I saw packs of four replacement heads for an electric toothbrush at £13 or more this weekend. for goodness' sake! That's over five bucks a head! Of course, at those rates they are (learning from the razor blade price-curve) selling the handpieces for substantially less than a pack of heads. Comes now the refined sadism. There are now three electric handpieces in our household, all made by the same manufacturer; --- they all have a different re-charging stand, into which the 'wrong' handpiece will not fit; --- the recharging stands have a two-pin plug which won't go into a UK 3-pin 13-amp socket. It used to be possible to insert a European two-pin plug by a certain technique which I will not reveal, for safety's sake... ;^) But these new ones have pins which are too fat to fit in. Net result? Apart from incipient bankruptcy, either from paying for replacement heads or huge private dental care bills (I didn't mention, but an increasing proportion of the UK population has no access to National Health Service dental care these days...), we are running out of sockets in the house. Talk about attacking us on all fronts.... *They haven't tried it yet in our local supermarket, but if they do I am ready to have a lot of fun. First I will be removing packs of blades from the shelf and then, probably, deciding that I can't afford them and re-shelving them wherever I happen to be in the store. Then I will have to write to the supermarket asking for copies of any images they have stored of me. I'm not sure I'd have a legal right to any of the data, but I'd feel obliged to find out.

We know mobile phones give out your location... and we know that law enforcement, emergency services and of course the mobile carrier itself are therefore able to pinpoint where you are. We also tend to assume that your location will remain confidential among those organisations, unless you consent otherwise (for instance, to be sent location-specific information or service offers). However, a number of articles recently cast a new dimension on this which raises several issues. The BBC, the Guardian and then the Register have all carried stories about websites which allow a phone to be tracked and the location to be displayed online on a map. The sensationalist perspective on this is that the person who signs up for the service doesn't have to be the mobile phone owner... so the 'Big Brother' interpretation is that you can 'remotely stalk' someone through their phone. In both stories I've seen, the 'tracker' got the consent of the 'trackee'... but the clear imnplication was that, given five minutes' access to an unattended phone, anyone could be unwittingly and unwillingly signed up to such a service. In their defence, the tracking service companies point out that they have a code of conduct, and that under that code, they send periodic messages to the 'trackee' at random intervals. This is intended to ensure that the 'trackee' cannot indefinitely remain unaware that they are being tracked, even if it was someone else who signed them up. Nonetheless, it may be a couple of days before a tell-tale message reveals the fact. However, it's not clear whether someone who finds out, through this mechanism, that they are being tracked can find out by whom... The site I looked at does not appear to offer any way of checking whether your phone has been signed up without your knowledge. So what should we conclude? Well, it is by no means surprising that this is technically possible. What is technically possible, clearly, can be put to questionable use. It is appropriate that usage should be controlled by a balance of industry self-regulation (the code of conduct) and legislative measures, underpinned by appropriate technical means. In these cases, the legislative layer appears thin to non-existent; in the UK at least, there's no formal underlying 'right to privacy' which could provide a back-stop to any potential abuse. The self-regulatory code of conduct is in place, but looks somewhat immature; a proactive check to see if your phone is listed seems a sensible addition to what is in place. Technically, too, it looks as though things could be tightened up further without compromising the stated aims of the system. For instance, a confirmatory message every time you turn the phone on, in addition to the 'random interval' messages. I also wonder whether the 'incoming divert' feature on most phones might be abused to prevent the alert messages from reaching the 'trackee'. All in all, this does make a good 'Big Brother' headline, but a balanced view suggests that it could be both better and worse. You might want to be careful who you allow to access your logged-on phone though... and anyone whose phone is not already PIN protected should be feeling a bit queasy by now!

David Orain has posted a summary of last week's 3GSM conference in Barcelona. Apart from the staggering growth of this forum (50,000 attendees this year, from 34,000 last year and 24,000 back in 2002), the other headline messages he noted were: # 1 --- Java is the de facto standard for FMC (Fixed/Mobile Convergence) service development and deployment; # 2 --- Identity is the common, most critical component across converged services, service delivery platform and IMS; # 3 --- Participation is key to address the device, services, network, data center, DRM and OSS/BSS challenges created by FMC. Those look reassuringly familiar. He also noted the dominant theme that "content is king". That's an interesting one from the identity perspective, because (as I've been saying for 3 or more years now) it's a classic case of what I call 'mediated web commerce'. That is, the mobile telco has to function as a delivery and billing channel for services which it does not itself create. That implies a set of trusted relationships which allows the mobile telco to deliver the correct content to the right subscriber, and accurately return payment to the service/content provider. It's a classic use case for federation. I guess that makes federation mainstream... if we needed confirmation.

I think anyone likely to be reading this blog has reached the stage where incoming email accumulates at a greater rate than one can sensibly deal with it. I suspect we're on a similar curve with regard to blogging. Some days, blogworthy stuff accretes faster than I could redact and publish it.. at least in any form you long-suffering folks would want to see. Not sure yet what to do about that --- though I watch with great interest and some technical envy the use of tag clouds, aggregators and the like. Having just done a quick Google on it and found nothing, I hereby assert my right to be identified as the originator of the term memetrawler... though the implementation of this invaluable future tool must, unfortunately, be left as an exercise for the reader ;^) Do let me know how you get on. ©Robin Wilton, February 2006

Bob Blakley of IBM has written a thought-provoking piece on Kim's 'First Law', here. He makes a number of very valid points; for instance, that the 'Law' is not really a 'law' as one commonly understands that term in the technical world. I expect Kim is getting fed up with this frequent comment on the 'Laws' --- but it bears saying. Sometimes (as in Bob's case) it's a reasoned argument based on his analysis that this particular 'Law' is a statement of "things as we want them to be rather than things as they necessarily are" [my paraphrase]. That's a fair point, and once Bob has re-cast the 'Law' as a statement of requirements, he goes on to point out the value of a discussion of whether those requirements are desirable or feasible. And that's worth doing. Other times, people balk at the use of the term 'Laws' because they suspect that this is a Microsoft ploy to establish an opinion-forming impression that this view of identity is 'self-evident and immutable'. Whether or not that's true at a corporate level is up to you to evaluate, but I don't think anyone who has actually debated this stuff with Kim would impute that motive to him personally. Because the 'First Statement of Requirements' (as I guess I will have to call it for consistency's sake... how about FSOR for short) mentions 'ownership' of one's identifying information, Bob breaks identity down into two versions: your self-image (the representation you make of information about yourself) and your reputation (the representation others make of information about you). Biographies are often very different stories from auto-biographies. In Bob's analysis, identities are subjective. I don't agree 100% with that in the context of Bob's argument, because a lot of the data he subsequently includes in 'identity' is objective: for example, a bank's information about your credit history. There are those who hold that accounting data is subjective, but they tend either to be exponents of 'creative book-keeping', or on the more extreme fringes of 'post-structuralist discourse' theory. Pragmatically speaking, data such as credit history is objective; though if you decide to take the contrary position with your bank, do let me know the result. Bob goes on to say, and again I agree, that often we agree to give out 'reputation' data because it's more convenient to do so than to try to live without doing so. So we agree that our banks hold data about the transactions we initiate --- a credit card purchase, for instance. When considering data privacy and user consent, though, we have to be careful about these cases, because they are not necessarily as simple as they appear. For instance, who counts as a 'third party' in this case? There are more of them involved than the average consumer might assume: there's the merchant, of course. There's probably a credit card company. There may well be a credit checking bureau or transaction authorisation service which provides an intermediate approval rather than involving the issuing bank online in real time. Subsequently the merchant's acquiring bank will also be involved. Bob's right that a system in which all of these parties may only exchange this transaction data with the user's explicit in-line consent would be unworkable. What happens in practice is that, as far as the user is aware of it, consent is usually derived from some original set of banking terms and conditions relating to credit card payments. You, as the card-holder, agreed to that exchange of data more or less explicitly when you signed the forms. And uncomfortable though that thought may be, those of us who are conscious of it still go on using plastic payment, because of the relative inconvenience of being more rigorous about data privacy. However, that doesn't mean we shouldn't open up these areas of 'implicit compromise', 'tacit connivance', call it what you will. The existing way of doing things has, let's face it, been arrived at more or less organically, by a set of evolutions, mutations and incremental changes driven largely by the service provider, not the user. (The UK use of 'cheque guarantee cards' is a case in point, which I will have to come back to at another time). What ought to prompt change (or at least a thorough re-examination of assumptions) is the extent to which the user is now being expected to 'participate', to 'take greater care of personal data', 'shred sensitive documents', and actively manage an ever-widening range of online relationships. When Bob comes to a concluding paragraph or two, it seems to me that he closes the door rather too firmly on the notion of user consent to data exchange. Here's how he puts it: "It's clear that this "First Law requirement" isn't feasible --- a system which actually obeyed this law would be illegal (because it would withold information in cases in which the law requires it to disclose information without the data subject's consent), and it would be dangerous to the data subject (because it would withold personal information even in critical situations if consent couldn't be obtained --- for example when the data subject is unconscious and injured after an accident)." I would cast it slightly differently. --- First, even if one regards the First Law as canonical (and we started out by suggesting that it is not), then I think Bob would agree that the 'First Law could not and should not be universally applicable'. --- If it is, instead, a Statement of Requirements, then again, it is not a statement of universal and unqualified requirements; it is a statement of qualified requirements which apply to varying extents in different circumstances. --- The example Bob ends with does not, in my view, either follow from his premises or support his conclusion, and here's why: He elides the distinction between 'personal information' and 'identifying information'; in a medical emergency, with an unconscious injured patient, the patient's identity does not, of itself, help the physician. It help the physician insofar as it allows her/him to retrieve relevant healthcare information about the patient --- and while knowing the patient's identity is a useful way of retrieving that information, it is not a necessary condition for doing so. For instance, if if it is reasonable to assume that the physician used the unconscious patient's driving licence as the 'index' to find the patient's healthcare record, it is no less reasonable to assume that the patient could be issued with a 'healthcare card' which either carried the relevant healthcare data itself, or provided an 'index' allowing retrieval of that data from elsewhere. Neither mechanism need disclose the patient's identity as well as their emergency healthcare data. This post is now far longer than I originally intended --- but I told you Bob's piece was thought-provoking! Incidentally, so was another (independent but related) conversation I had at IBM on Wednesday. More on that story later. I'll just end with a plea to Bob: don't leave us in suspense! You promised to write soon about the subtle relevance of privacy vs. security to this knotty problem... how about it?

Back on Feb. 8th, I blogged about the figures released by the Home Office, purportedly to show the financial cost of ID Fraud to the UK economy. I have to acknowledge --- I have since found out I was behind the curve, and the same points had already been made on silicon.com... I just hadn't seen them there. I was amused to see that one of the people who left a comment there gave the following details: Name: Anonymous Location: UK Occupation: taxpayer

I've blogged before, here,, here, here and especially here about the unseemly haste with which government ministers at all levels appeared to swerve deftly past the factual concerns raised about the ID Cards scheme and (without passing Go or collecting £587m) go straight to personal attacks on one of their critics, Simon Davies. "A last trick is to become personal, insulting, rude, as soon as you perceive that your opponent has the upper hand, and that you are going to come off worse. It consists in passing from the subject of dispute, as from a lost game, to the disputant himself, and in some way attacking his person." Arthur Schopenhauer - 'The Art of Always Being Right' Now, this article in the Sunday Times casts those attacks in a (yet) more unsavoury light. Simon Davies reports the direct personal and financial impact they have had on him. Now, I am not suggesting that public policy on ID Cards should be revised simply because its formation has a detrimental effect on one person --- but it should not be necessary for policy-making to be carried out in a way which does. Sir Howard Davies, Director of the LSE, has written to the Prime Minister in defence of Simon Davies, and made two very relevant points: --- First: Mr Davies is one of about 60 contributors to the LSE report. It is somewhat bizarre that he should be singled out for such ruthlessly political rough-and-tumble, just for being prepared to articulate the report's concerns in public; --- Second: the 'lack of impartiality' criticism which has been levelled at him is frankly perverse; as Sir Howard sums it up, "I would also question the assumption that an interest in civil liberty necessarily means that one is biased when producing an estimate of costs". I'd put it somewhat differently: anyone who has no interest in civil liberty ought to be very carefully vetted before being allowed to make policy on ID Cards. There are a couple of other things which I think ought to be borne in mind, in the light of the Sunday Times article. We should never forget, in this kind of debate, that there is a substantial asymmetry built right into it. As the Sunday Times piece shows very clearly, Mr Davies has (wittingly or not) put his livelihood on the line in the course of doing a piece of objective research work. Mr Blair, Baroness Scotland, Mr Clarke, Mr Burnham and others who have contributed to the personal reaction to the LSE report, are policy-makers. They do not stand to suffer the same kind of adverse consequences whatever happens to the ID Cards bill. Policy-making is only partly about rational, objective decisions; it is also about convincing, persuading, shifting public opinion. That's understood. But those should not become a vehicle for simply by-passing the rational, objective input to the policy-making process. "If you have no refutation whatsoever, you can make one aimed at the audience; ... Though your opponent is an expert, those who form your audience are not, and accordingly, in their eyes, he is defeated, particularly if the objection which you make places him in any ridiculous light." Arthur Schopenhauer - ibid.

There are two stories in today's news which don't at first seem to be linked, but in fact suggest a disturbing common principle. The first is that of the three UK bankers who have lost their appeal against extradition to the US under the Extradition Act 2003. This grants the US the ability to request the extradition of suspects from the UK, without the need for US authorities to provide prima facie evidence in support of the extradition request. The legislation was introduced in the aftermath of the 2001 terror attacks. There is no 'symmetry' in the Act; there is no corresponding entitlement reagarding extradition from the US to the UK. The second is the matter of six people, returning to the UK from the Berlins Film Festival, who were detained at Luton Airport and questioned by police under the Terrorism Act. (If you remember, police powers granted under the same act were used when Walter Wolfgang was ejected from his own party's conference in Brighton last year, for the heinous crime of heckling from the back row of the auditorium.) In the case of the six, it just happens that the film they had made (and which won a Silver Bear in Berlin) was about two men rounded up in the US invasion of Afghanistan, 'rendered' to Guantanamo, and eventually released without charge. The six included the director (Michael Winterbottom), actors from the film, and the two former detainees who were its subject. One of the actors reports that in questioning him, an officer asked 'if he intended making any more "political" films'. The point is that both of these seem to be highly questionable applications of far-reaching powers which were enacted in the wake of exceptional events. I find it hard to believe that those drafting the laws in question had any intention that they would be used to extradite white-collar fraudsters or detain award-winning film-makers --- but once a law is on the statue books, it will be invoked. For good or ill. The Road to Guantanamo, directed by British film-maker Michael Winterbottom, tells the story of the Tipton Three. The men from the West Midlands went to Pakistan to arrange a wedding and eventually found themselves at the US camp. They were picked up in Afghanistan and believed to be terrorist suspects and were eventually released from Guantanamo Bay in 2004 without charge.

We tend to think of DNA as the ultimate 'personal' identifier... something unique to each and every one of us. Well, in one sense of course, it is (unless you have identical siblings); in another sense, the reason it's unique is that it's a new combination of the DNA of both parents. If a national DNA database is built up, the privacy-related factors relating to the disclosure and use of he data in it need to be very carefully considered. This article describes what the writers refer to as the 'predictive power' of DNA-based analysis of identity. It is clear that disclosure and analysis of one person's DNA has, by definition, profound privacy implications for that person's relatives. I don't believe those privacy concerns are addressed by current UK data protection laws, which tend to regard the immediate "data subject" as the only person who qualifies for protection against disclosure.

Many thanks to my colleague Cynthia Cauley for pointing me to this article. Writing in the New York Times today, Op-Ed contributor Douglas McGray exercises some of the arguments in favour of a national identity card infrastructure for the US... You may find that access to the article requires either a free registration or a User Agent Switcher (as recommended by Alan Burlison). McGray looks at a number of possible 'benefit-based' justifications for a national ID card, some of which bear more scrutiny than others. Based on my own experience of this market to date, here are some initial comments --- acknowledging, of course, that national political attitudes and processes differ widely and are a significant factor in the success or otherwise of such schemes. --- Health-care. I suspect Mr McGray doesn't know just how much work is going on to define and specify an open, interoperable patient healthcare record under the HIMSS banner. I'm not saying it's a bad idea at all, but exposure to the spade-work for a few weeks might temper his blithe enthusiasm for this as the mainspring of a national system. --- Voter Empowerment. This is an interesting one. He cites Republicans' use of volunteers to 'challenge' voters in Democrat-heavy counties. I don't know enough about US voting laws, but to my mind, any civilian volunteer demanding that a voter identify themselves outside a polling station deserves at least a sharp rebuke, and possibly a civil charge of interfering with the free and fair election process. But that's just my opinion. 10/10 to Mr McGray, though, for re-casting 'stamping out election fraud' as 'voter empowerment' ;^) --- Poverty. Another interesting point. McGray plays the 'social exclusion' card, arguing that a national ID might help prevent the poor/unwaged from being unable to identify themselves, for instance for benefit claims. Comparing this with the UK case, I wonder how it would work in practice. Over here, as far as they are prepared to commit to a figure, ministers are suggesting that a national ID card will cost around $50, though those on low incomes 'will pay a reduced fee'. One of the things we are not being told is whether that will be subsidised through higher charges for the better off. --- Education. I'm short of the relevant facts here, but McGray's argument is that there is currently "no way to track individual children from grade to grade and see how they progress". Leaving aside the problem of following children who move from school to school, that first point seems to indicate a systemic problem which an ID Card would be unlikely to fix. --- Social Welfare. The argument here is that a national ID would be an important enabler of 'joined-up government', because it would enable better data-sharing among disparate welfare agencies. Yes and no, in my view. From the point of view of individual case-handling, a mutually-recognisable identifier might help different agencies deal consistently with the same person; from the broader perspective of resource allocation and large-scale policy definition, those are objectives which should not require the exchange of individual identifiers. --- Immigration. This was the shakiest of the proposed justifications, I felt. The logic just doesn't stack up. First, if unscrupulous labour contractors currently 'supply fake IDs and then play dumb when pulled over', I don't see how a national credential would change things one whit. They could still plausibly deny having issued the fake IDs; in fact, the better the real credentials, the more plausible that denial would be. Second, McGray's argument is that currently, it's 'the little guy' who gets hurt, because the enforcement authorities end up 'having to arrest the laborers'. Again, I don't see how a national credential would change this. Over-all, I'm not sure this adds up to a set of proposals which would robustly justify a national ID card scheme, either individually or collectively. But it's great that the discussion is taking place, and it's also great that Mr McGray is putting the effort into looking for positive benefits which could be set as aims for such a scheme.

'Brokeback Mountain' won Best Film at the BAFTAs --- I haven't seen it yet; 'The Constant Gardener' won Best Editing --- I haven't seen that either, but I've read the book and it was far from being Le Carré's best; that said, one of the things which made me uneasy about it was the nagging feeling that it had been written with an eye to providing material for a screenplay, so maybe the film made the best of it. "Curse of the Were Rabbit" won Best British --- I've seen that, and it's good; but it is to the previous Wallace and Gromit films what a novel is to a short story. I liked the three first films because they were such gems. But nuts to all that; the revelation of the day was that (along with Ian Williamson and John Newton), I got a "You Got The Funk" Award from James Governor over at Redmonk. Short of meeting me in person, only reading my blog is likely to give you any idea of quite how amusing it is to have me and 'Funk' in the same sentence. Thank you, James.

... those planning national ID card schemes could do a lot worse than sneak over to Mark Dixon's blog and have a look at his recent entry on Identity Risks. See, that's what I like about Sun... if one of us doesn't know the answer, chances are there's another one who does. And for every one of us who has a bright idea, there's another one who knows how to put it into practice. The interesting thing about blogging, though, is that now we tend to be able to find one another. 8^)

Henry Porter didn't pull any punches in his piece on civil liberties and legislation in this week's Observer. (To set context for those not tuned in to the UK press, the Obvserver is the Sunday edition of the Guardian. The Guardian sometimes attracts a certain amount of flak as the paper of the liberal intelligentsia... but like it or not, the topics for which it is sometimes caricatured are now undeniably mainstream political concerns --- 'green' issues, human rights, global warming, ethical consumerism and so on). One of Porter's principal arguments is that the increasing volume of legislation which removes civil liberties in the UK is not counterbalanced by any formal Bill of Rights... that because we don't have such a formal 'statement of entitlements' we are inclined to take our liberties for granted... and that our assumptions in that regard are increasingly misplaced. It's not a comforting perspective at all, but it's hard to argue against the basic premise that the risk assessment has so far been entirely one-sided.

by John Wilton Part 7 of 8

(What's this?)

Another operation in which the Levies played an essential role was in the deposition of the usurping Shaikh of Kalba, who in 1952 assassinated his cousin and took over his Shaikhdom. In 1948 his father had been deposed as Ruler of Ras al Khaima without bloodshed by a nephew, the present Ruler, Shaikh Saqr bin Muhammad, reported in October 2005 as "now into his 80s, upright, smiling and with a firm handshake". In 1948 when he came to Sharjah to be told that His Majesty's Government recognised him as Ruler I was spending part of my MECAS language break in Sharjah and accompanied him back to Ras al Khaima and a celebratory luncheon. In 1995 when my son Christopher was appointed Consul General in Dubai and went to call on him, he remarked "I remember your father. He was the one with the fly whisk ." Not, perhaps, the most flattering grounds on which to be remembered, but it was a very desirable accessory on the Trucial Coast at that time. The usurpation of Kalba had followed the immemorial habits of the inhabitants of the region; few Rulers survived the ambitions and conspiracies of their relations and neighbours into old age. It was something like the Wars of the Roses. In the 1950s, faced with the need to bring the Shaikhdoms into the age of oil and industrial development, the British Government began to insist that it would no longer accord recognition to Rulers who acceded by assassination --- and the practice largely ceased. A deposed Ruler of Sharjah murdered his cousin and lived thereafter in exile, but otherwise such coups as have taken place in the Gulf States have been bloodless. The Kalba episode was a step in the establishment of this happy modification of a centuries-old tradition. It was possible for the British Government to frustrate the murderer's accession because the presence of the Levies, small force though they were, meant that an effective gesture could be made in time without mounting a ponderous combined operation involving British troops. The first step was for me to go to Kalba with a Levy escort and inform the Shaikh that the British Government would not recognise him. This was accomplished by driving to Kalba up the then almost impassable Wadi Ghaur, involving a brief incursion of a few hundred yards into Muscat territory. Sultan Sa'id of Muscat had been consulted and had acquiesced in the action (few of the Gulf Rulers had any active sympathy for the usurper in person or the practice of assassination in general, and my operations were observed with a mixture of fascination and benevolence by the Shaikhs of the Coast). I was met at the frontier by the Wali of Shinas and solemnly escorted across some hundreds of yards of the Sultan's territory. On arrival in Kalba I camped on the plain outside the town and sent word that I wished to speak to the Shaikh. In due course he appeared, with an armed retinue, and approached the camp. The assassination of a Political Officer was an eventuality that could not be wholly ruled out in the circumstances and Major Hankin-Turvin prudently sited two machine guns, clearly visible, to command the ground across which the Shaikh and his party had to approach the camp. The interview was brief and chilly and the Shaikh withdrew to his fort to wait and see what, if anything, would happen next in this novel scenario. I returned to Sharjah and reported to the Political Resident in Bahrain that the message had been duly delivered; and that if follow-up action were required the Levies had sufficiently demonstrated their ability to get me back to Kalba if need be. A small combined operation was then mounted. The Senior RAF Officer in the Gulf flew to Sharjah in his Anson aircraft and together we made an aerial reconnaissance of Kalba and buzzed the Ruler's fort. We did the same for another fort sited in a commanding position above our route through the Wadi Ghaur. The fort was occupied by the Shaikh's father (the deposed Ruler of Ras al Khaima) and there was the possibility that he might try to obstruct our passage. The appearance of the aircraft would, we hoped, discourage him. We relied upon his not knowing how limited were the warlike capabilities of an Anson. As we arrived back at Sharjah, the Group Captain thought it would be kindly to let my wife know as soon as possible of our safe return and flew up the creek level with our drawing room windows. Alas, my wife was more concerned that he might have wakened our four month old son Christopher who was in his cot on the verandah. Incidentally news of Christopher's expected arrival had occasioned a certain disquiet among the Rulers, who sent cautiously to enquire of Ali Bustani, the Agency Clerk, if it was really true that I would expect them to offer their congratulations even if, "la samah Allah", a girl... I replied that we would be equally happy whichever, but that I had no wish to embarrass anyone and would not be offended whatever they felt appropriate. As my wife duly produced "Mustafa", the first of our four sons all born in Arab countries, general rejoicing was in order and I could look any Shaikh in the eye.

I thought I was seeing things. Turns out it was the NBA's "East v West" All-star game. As the highest-scoring team in the Eastern league, Detroit had four players in the All-star team; LeBron James was the only representative from neighbouring rivals the Cleveland Cavaliers. A bit of a shame not to see the Cavs' Zydrunas Ilgauskas in there as well, as he's another consistent scorer for them, but James is definitely the rising star. The highest-scoring player in the All-star game was Tracy McGrady of the Houston Rockets, which must have delighted the home crowd. He scored 36 points to James' 29. The latter, who is still only 21, was voted MVP (and is the youngest player to achieve that honour). The Eastern team came from 21 points down in the last quarter to win 122-120. Must have been quite a game.

This is Benjamin Franklin's tercentenary year, so it's particularly fitting to find him quoted by A.C.Grayling in support of freedom. Specifically, Grayling cited the following: "those who desire to give up freedom in order to gain security will not have, nor do they deserve, either." He goes on as follows: "Of course, it is sensible to take precautions and to do one's best, while preserving one's central values, to guard against enemies. But there is a vital question here [...] of proportionality: if protective measures compromise freedoms, is the loss genuinely proportional to the risk?". And his further comments on the subject of proportionality took me right back to Day One of this blog --- the last British National ID Card. Here's what I wrote at the time: On 21st. February 1952, identity cards were abolished in the UK. The National Registration Act 1939 established identity cards for the enforcement of security, conscription and rationing. By the date of their abolition, the identity records were being used by 39 government agencies. Unfortunately you need a subscription to get Grayling's full article here --- but if I find a legal way to reproduce it I'll let you know.

There's much in the rest of today's Independent on Sunday which makes uncomfortable reading... --- A front-page story about the shooting last August of Jean Charles de Menezes, mistaken by police for a would-be suicide bomber. Today's story does not do much to cast a positive light on the shooting, concerning as it does the allegation that Special Branch and surveillance officers altered a log-book so as to deflect blame away from themselves and onto the fire-arms officers who actually fired the shots. Charges of 'perverting the course of justice' are said to be being prepared. --- Camp Delta at Guantanamo Bay is the subject of a special report, as more voices are added to the calls for it to be shut down. In addition to the recent UN report, Archibishop Desmond Tutu, John Sentamu (Archibishop of York), German Chancellor Angela Merkel and Peter Hain (UK Northern Ireland Secretary) have all spoken out. Peter Hain is one of Tony Blair's cabinet ministers... but the most outspoken Mr Blair is prepared to get is to refer to Guantanamo as "an anomaly". The Foreign Office website, where foreign policy press releases generally appear, has not issued any response to the UN report. --- The National Air Traffic Services (NATS) has confirmed that registration numbers belonging to CIA planes create an evidence trail showing that extraordinary rendition flights did indeed land in the UK. Previous carefully-phrased Government disavowals have been along the lines of "no trace has been found of requests for such flights to land here". The photograph (syndicated from Getty Images) which accompanies this article shows the interior of a cargo plane. US servicemen and the Stars and Stripes are visible. The body of the cabin is filled with hooded captives, three and more abreast, bound and seated on the floor, and secured in place by cargo straps anchored to the sides of the plane. --- And finally, a cheery story on identity and privacy: London's public transport system now includes the "Oyster" card as one of the payment methods commuters can use. It's a contactless prepayment card; but it also identifiably records your every journey. The audit trail can be retrieved either by taking the card itself to a machine in the Underground, or by keying its serial number into a website. Lawyers and private investigators report an increase in the number of people using this audit trail to check up on the travel history of a partner. Thank goodness I don't do press interviews any more frequently... I'd feel obliged to read the paper each time, and I'm not sure I could take the joy.

It happens mercifully infrequently that I'm asked to give a press interview, and I generally find it a fairly scaly experience (as PG Wodehouse might have put it). There's so much to think about all at once: are you being coherent and relevant, are you making it easy for the journalist to turn your outpourings into interesting copy, and are you doing all this without dropping the kind of blooper that will have the corporate PR people after your scalp quicker than you can say "Sunday paper lands in the marmelade"? So it was with some relief that I read Tim Webb's piece in today's Independent on Sunday. I think I managed to avoid the blooper syndrome, and Tim's relaxed interviewing style belies the incisive nature of the resulting article. In a word... "phew"

Last week I went to Stockholm, for a whirlwind series of 5 customer meetings in two days. It was a great opportunity to work with my colleague Måns Håkansson again, and that's always a delight --- even if he was the one responsible for the hefty schedule ;^) I flew from Heathrow Terminal 3, and (even considering this was Monday around noon) the queues for the security scan were unbelievable. The 'snake' barriers (beloved of Tim Caynes) were completely full, and the queue backed up past the boarding-card checkers and out into the "tearful farewells" area. It took the thick end of 50 minutes to make it through to the terminal. So if you're travelling through Heathrow soon, do whatever you can to check on the current queue conditions, because you could find yourself needing twice the normal time to get to your plane. Incidentally, Måns also kindly spent some time trying to teach me to say the word "seven" properly in Swedish. It's spelled "sju", but sounds like... well, the best I can put it is: imagine the noise made by Tiger Woods just missing your head with a 1-iron... a kind of "hhhwiwww" sound. Not easy. 8^)

It's worth dropping over to Dave's Bit Bucket and checking out his matrix of "identity as applied to non-human entities"... And of course, if you can help populate it, leave a comment.

My thanks to James Governor for pointing me to Ian Angell's comments on the ID Cards Bill and the opportunities he expects to result from its implementation. I'm sure Prof. Angell in no way intends to asperse IT suppliers, but the image he conjures up, of a scrum of vendors jostling to get their head in the way of the money-hose while avoiding any failure-related 'blowback', is not an edifying one. I for one would sooner be associated with a success than a failure, even if the latter were lucrative. As my blog makes fairly clear, I have some serious personal misgivings about the ID Card Bill, not least about the way in which the policy has been pursued. I've sometimes been asked if that presents me with any kind of conflict of interest as a Sun employee. I think there are two strands to the answer. The first is that Sun's policy about employees' blogs certainly makes life easier than it would be if they were less liberal. There's no company edict that says I shouldn't blog my personal views about projects which Sun might be involved in. It's up to me to exercise responsible judgement in that regard, and to ensure that when I'm dealing with customers, it's Sun's interests I represent, not my own. The second is simply that I don't think having strong personal views about the possible drawbacks of an ID Card system necessarily causes me a problem as a vendor employee. In fact in many ways I think it's healthy. I'm grown-up enough to realise that if the legislation says there shall be ID Cards, then my own attitudes don't cut much ice one way or the other. If I am then invited to give my views about the best way to implement such a scheme, then I have the benefit of being keenly aware of some of the things I think the scheme should avoid (through policy, design, implementation, or whatever). It's a bit like designing a firewall... you'd be a mug to try and do so without asking a hacker how firewalls get broken.

Another interesting story in the news today, about talks apparently taking place between Microsoft and the UK authorities. Ross Anderson of Cambridge University (you may remember him from previous exercises in which he demonstrated that his computer science students were able to mount physical attacks which overcame the secrecy of cryptographic smart cards...) was invoked to describe some of the conflicting agendas involved, such as the differing objectives of: --- law enforcers wanting access to encrypted data on users' disks; --- users wanting control over the secure storage of their data; --- media copyright holders wanting to prevent abuse of their material. There are already laws un the UK which make it an offence to fail to hand encryption keys over to law enforcers, so presumably when Prof. Anderson says "it would be technically fairly seriously difficult to dig encrypted material out of the system if it has been set up competently", he means "in a short time, and without having the keys". But then, that's supposed to be true at the moment, if a person makes competent use of a commercial cryptographic product. The topic of 'back door' keys is given an airing. I worked on a couple of such systems (before US export regulations were relaxed), and my personal experience was that they tended to be very complex (in the case of commercial 'key escrow' systems) or trivially easy to subvert (in the case of a system where the authorities were given part of the 'system' key, so as to reduce the effort to them of cracking encrypted data). The other side-effect of introducing such back-door access is to erode user confidence in the security of their computer. As Microsoft's apparent aim is to increase the security tools it puts at the user's disposal, that would be a rather ironic outcome.

An item on the BBC site suggests that the Lords may reject the Anti-Terror Bill again; if you remember, this is the one which includes the contentious clause making it an offense to 'glorify acts of terrorism'. I blogged about that when Charles Clarke introduced it, back in September/October last year (if you use the exciting 'Search' function in the right-hand column and look for "glorification" you should get the list of relevant posts...). As far as I can see, the key questions remain unanswered: there's no clear statement of what constitutes an act of terrorism, and there's no explanation of how the law will cope with the fact that what is now the basis for a charge is the state of mind of the speaker's audience, rather than what the speaker says.

The arguments have flowed back and forth on this topic for many months now, and in the wake of Monday's House of Commons debate (and votes) on the Bill and its amendments, it's useful to have a summary of where things stand. Happily, the Beeb is ready to oblige, with this handy Q&A. Discussing the UK proposals with identity experts in Sweden, some interesting differences emerged: the Swedish citizen tends to view the government as a benevolent force acting on her/his behalf; the UK citizen often views interactions with government as a necessary evil, and can be quite sceptical about its intentions. In the context of personal information, I think a lot of the difference in trust can be explained by the transparecny of what personal information is used for when it is held by public sector bodies in the respective countries. There is perhaps a perception in the UK that, for all the claimed benefits of 'joined-up government', the flip sie is that measures such as the identity card could make it far easier for government departments to capture data for one (sweeping) purpose and re-use it for many others. That doesn't exactly build trust.

This piece by John Simpson is a gem of concise and balanced writing. To say more would be gilding the lily --- I just recommend you have a read. He is well-travelled enough not to get snarled up in the national political aspects of this, and to look at the principles which (either by illustrating them or by throwing them into sharp relief) current news stories reveal.

I was in Rome part of last week for the Liberty Alliance meeting, and it seemed to me that airport security at Heathrow was tighter than usual. Now, in principle I am all in favour of better airport security. I like my air travel boring: for me, excitement and air travel are a bad mixture, like sugar and weedkiller. But it occurred to me to wonder whether I was actually at less risk as a result. Because of the lengthier examination of hand-luggage and passengers, it was noticeable that the highest density of people in the entire airport was the concentration of (at this point un-scanned) people queuing for the security checks. Am I alone in seeing that as a high-risk environment in which to spend (as it happened) the best part of 45 minutes?