Robin Wilton's esoterica

First, on yesterday's topic of 'identity protection and financial services', you may be heartened to learn that the Financial Services Technology Consortium (FSTC) is working on stronger mutual authentication as part of the solution to this problem, and has just concluded Phase One of its 'Better Mutual Authentication' project. More information at www.fstc.org.

The FSTC has been looking closely at SAML and Liberty for several years now, and concluded back in 2003 that Liberty technology could help financial services organisations improve security and identity management.

I think what's changed since then is the increased recognition that strong authentication is, simply stated, a great example of a web service which one member of a circle of trust can provide to other members.

Second, Liberty members (especially the techier ones) are watching with interest as Kim Cameron is gradually exposed to some of the (frankly fun) group dynamics among the participants. You know how it is; you get to know people over the course of sometimes heated debate about identity principles, and every so often you have one of those arguments which looks to any outsider like a bare-knuckle dust-up. It's only when you know the two participants and their history that the whole thing looks altogether less vicious and more amusing.

There's also a good deal of innocent amusement to be had from reading these lines in Kim's blog:

"One of them asked why Liberty hasn’t caught on more since it has been around for almost five years. Not knowing Conor I might have imagined he would sidestep the issue with marketing gloop. "

As Kim immediately discovered, Conor is fresh out of marketing gloop... and is not expecting a re-stock ;^)

 

Without wanting to get into the subsequent to-and-fro between Conor, Paul Madsen and others, I'd just note this, as I have done in public comment on several occasions:

Those looking for mass adoption of Liberty often ask why large-scale e-commerce adoptions are not more visible. I think the e-commerce boom of the late 90s offers instructive parallels. The B2C bubble was highly visible and easily grasped, conceptually, by those seeking to understand this new technological phenomenon. However, there was both more money and greater longevity in the B2B market using exactly the same technology.

I think we're seeing some of the same thing in the identity market. Yes, there's adoption and growth in B2C applications - and that will continue; but there's a steadier undercurrent of adoption for B2B applications, even if those are not always as visible to the consumer or onlooker.

An interesting event to look out for is the point at which it becomes realistic for G2C identity infrastructures to intersect with B2C applications. That's not primarily a technology event - it's one driven by market and policy conditions - but in my view, if you're looking for candidate technologies to make it happen, Liberty is at or near the top of the list.

If so, you might want to check that you haven't lost your identity as well as the car and half your CD collection. This NY Times article (no sub required) describes how crystal meth addicts (remember them?) are taking advantage of the amount of personal information made readily available by, in this case, the local county recorder's office. (My thanks to another colleague, Cynthia Cauley, for alerting me to this story).

According to the article, Arizona officials have not only advised citizens about how to discard less of their personal information, but have also enacted more stringent laws on data disclosure, with penalties for identity theft and trafficking in stolen identity data.

The picture isn't entirely consistent, though; witness these two quotations from different pages of the same article:

"Arizona officials have responded with a preventive mantra: shred all documents and avoid giving Social Security numbers or bank account numbers to strangers over the telephone or the Internet."

...

"And the county's Web site, which earned a place in the Smithsonian's permanent research collection on information technology innovation, has made Social Security numbers and other information, once viewable only by visiting the county recorder's office, accessible to anyone with an Internet connection." 

The county recorder herself says:

"I'm not insensitive to people's fear ... My information is out there, too." But it is far too late to start editing Social Security numbers or other data from the county Web site, she said. "We have 100 million documents out there now."

Under those circumstances, it's hard to see what benefit will arise from improved user data management... the damage has already been done elsewhere.

The local law enforcers say that the exploitation of identity theft is such a distributed enterprise (the theft may happen in one state and the exploitation in another, based on transactions which happen across the globe) that 95% of identity fraud probably goes un-prosecuted.

Rather, they blame a consumer credit culture in which the prevailing drivers of behaviour are convenience and the marketing of financial services. The picture they paint is of lenders to keen to extend credit that they are prepared to incur all the risks associated with identity theft, if it buys them market share. The article noted that the consumer doesn't tend to bear the cost of the identity fraud  - though there's a growing number of articles which detail the very quantifiable costs of 'cleaning up' your identity once you have fallen victim.

In my view, two practical points stood out from the article. First, one of the preventive measures which appears to work is provided by a third-party service company. They will alert their subscribers every time a credit request is made in that user's name. (Interestingly, this was one of the first mechanisms proposed by members of the Liberty ID Theft Special Interest Group... including members from financial services companies...).

Second, it was noted that one of the identity thieves' methods of avoiding detection was to use other people's wireless internet bandwidth to access the web. It's a salutory reminder: leaving your wireless router open for access by others is not necessarily a 'victimless crime'.

So tighten up those routers, folks. It may be slightly less convenient for you, but how about enabling WEP or WPA; why not use IP or MAC address filtering? Make it at least a little harder.

And in the words of Sgt Esterhaus - "let's be careful out there".

Thanks to my colleague Hellmuth Broda for a link to the following article in Der Spiegel. (No subscription required, but article in German).

Suffice it to say, they are not sanguine about the eventual outcome of the EU ruling. Although the ruling represents a victory for the European Parliament, the airlines, the article says, are caught between the devil and the deep blue sea: on the one hand, if they comply with US requests, they will be breaking the law; on the other hand, if they refuse what will become illegal subject data requests, they are likely to be barred from landing in the US.

Such pressure as there is now transfers to the European Commisison, which will have to try and find a compromise agreement which meets the US security requirements but is acceptable to the European Parliament. As Der Spiegel notes, the US does not have a track record of flexible negotiation in this regard.

In summary, the article concludes, it is optimistic to expect the solution to this problem to be one which is satisfactory from a data protection perspective.

Peter Hustinx, the EU's Data Protection supervisor, was asked by the European Parliament to present a case to the European Court of Justice, countermanding a deal between the European Commission, the Member States' governments and the US which allows airline passenger data to be transferred to the US in accordance with regulations brought in after the 9/11 attacks.

I was going to say that that whole process might sound strange to anyone in the US... but on reflection, it actually sounds more like the workings of a federal government than the UK national system.

At any rate, the European Parliament (made up of members directly elected by citizens in the member states) felt that there was no legal basis for the agreement, and it appears that the Court of Justice agrees.

When the measures were introduced, there was little doubt that

(i) the data in question came under the heading of 'personally identifiable information';

(ii) passengers were being given little or no information about what was being done with it, and

(iii) their consent was not being sought.

I wrote to British Airways at the time, to say that I thought what they were doing violated the Data Protection Act, and was simply told I was wrong. There's customer service for you.
 

The Court of Justice's ruling was, apparently, that there was 'no legal basis for the EU decision to declare US data protection "adequate".'

Interestingly, some of the work I've been involved with in the Liberty Alliance concerns the differences which can arise between regulatory environments (such as the US) which favour industry codes of conduct and self-regulation, as opposed to those which favour explicit and detailed legal protection (such as some EU member states). We concluded, in general, that it is better to seek an equivalent outcome than to try and achieve the same methods of data protection in all countries, even if that means that each country may have a different balance of legislative, self-regulatory and best practice measures.

From this ruling, it looks as though the Court of Justice has concluded that the US and EU data protection regimes are not only non-identical, but also non-equivalent.

It's interesting to hear Cherie Blair using a BBC radio interview to hit back at those who chose to make a news story out of her £7,700 hairdressing bill for the 2005 general election. She even played the 'sexism' card, noting that the £3,500 spent on TV make-up for the Leader of the Opposition did not generate thesame degree of negative comment.

"Honestly - what a load of fuss about trivia! It's something about women, isn't it?

"Who noticed, or who made a big fuss, that the Tory Party paid £3,500 for the leader of the Opposition's make-up?

"But women and their hair, women and their appearance - it's part of the thing that we seem to suffer."

The word "suffer" looks somewhat incongruous in a story about spending roughly 1/3 of the average national income on hairdos, in an election campaign which lasted one month.

It's also interesting to hear a high-profile barrister mount the "well, the Tories spent a lot of money on trivia, so why shouldn't I?" defence. I wonder if that works in court.

I would have been more interested to hear why Mrs Blair thought it was appropriate for her to autograph a copy of the Hutton Report into the death of government scientific adviser Dr David Kelly.

The autographed copy in question was then auctioned by two MPs at an event to raise funds for the Labour Party. You may remember that the Labour Party has recently suffered a bit of a blow to its finances because of allegations that it 'sold' peerages in return for multi-million pound 'loans' to party coffers.

Recall also that Mrs Blair had nothing to do with the Inquiry, either as a witness or as a lawyer... so it's hard to understand what motive she could conceivably have had for signing a copy of the report, other than doing it 'to create a collectible'.

You probably don't need reminding that the Hutton Inquiry investigated the circumstances of Dr Kelly's apparent suicide with a view to establishing, among other things, whether any of Mrs Blair's husband's colleagues (elected or otherwise) had deliberately leaked Kelly's identity to the media, setting in train the events which led to his death.

That's not an affair I'd want to put my name to.

kevin's post about dumb questions prompted a certain amount of discussion - particularly his link to a list including this one:

"Why don't they make mouse-flavoured cat food?"

Why indeed. They make it with rabbit, so why don't they make cat food with shrew, blackbird, pigeon, earthworm or any of the other beasts I've found, of a morning, disembowelled on the kitchen floor.

Conversely, when did a cat ever catch a tuna-fish (or, ahem, a horse)? If they're going to make fish-flavoured cat food, why not something more plausible... goldfish, perhaps?

A few weeks ago you may remember that there was discussion of whether or not Google was 'adjusting' the information available online to people in China about things such as, for instance, the Tienanmen massacres. At the time, I briefly considered emailing a colleague in China with the results of a (UK) Google search on the subject, and asking how the results compared to what was visible from that end.

In retrospect, I'm glad I didn't. According to Amnesty International, quoted in this BBC article, a Chinese journalist, Shi Tao, "is serving a 10-year jail sentence for sending an e-mail overseas which detailed the restrictions the Chinese government wanted to impose on papers writing about the 15th anniversary of the Tiananmen Square massacre". Much as I disapprove of censorship, I would not want to inadvertently get one of my colleagues arrested for telling me about it.

Amnesty's comments come with the launch of their new 'irrepressible info' campaign and website, intended to highlight the ways in which some governments use or restrict web usage so as to suppress dissent.

The arcane world of sub-atomic physics has had to borrow terms from everyday language in order to be able to classify the characteristics of the particles with which it deals. So they speak of particles being 'ordinary' or 'strange', or having 'spin' or 'charm', for instance.

I don't know what the opposite of 'spin' is in sub-atomic particle terms, but I think I recognise it in the altogether more familiar world of politics. Here's a case in point, demonstrating that Jack Straw doesn't have much 'charm', either...

"Commons leader Jack Straw has claimed the "fundamental problem" with the Home Office it is the people it deals with, rather than its staff.

He described many of its "customers" as "dysfunctional individuals" who proved to be a "burden" and a "challenge"."

Well, gee, why didn't I think of that? Blame the customer. It's as simple as that...

He went on to say that other departments have it easy, because the people they have to deal with are "willing volunteers". That must ring so true with the Inland Revenue (or HMRC as it is now).

 

Elsewhere, spin is also in evidence at the Home Office: responding to yesterday's LibDem 'renew your passports now' stunt, they say they find it

""hard to see what would be achieved" by making applications in advance, "other than incurring unnecessary expense""

Help me understand this...

First, if I renew my passport before the new scheme starts, I will save myself the cost of attending an interview at a Passport Office to be interviewed and have my biometrics taken.

Second, if I renew my passport now, I will forfeit a maximum of 20% of whatever it cost me to renew it (in my case) 8 years ago. I can't remember how much that was, but let's be generous and say that, at today's rates I would be losing 20% of£51, i.e. £10.20.

Set against that, I will save £42 (paying £51 as opposed to the forecast £93 for the new passports). In other words, anyone who renewed their passport more than about 2 years ago stands to save money by renewing before the price goes up.

That doesn't sound to me like "incurring unnecessary expense"; it sounds more like someone assuming we can't do the maths. Who have the Home Office been taking their customer relations guidance from... Jack Straw??

OK - I have been wrestling with whether to blog about this or not, but here goes.

There's something about the recent 'foreign prisoner deportation' scandal which has been bugging me, but doesn't appear to have been bugging the press or the Beeb. See if you can spot it in this handy tabular representation (EEA = European Economic Area, i.e. 'EU plus a few'):

EEA citizen	Non-EEA citizen
Gets nicked, tried, sentenced	Gets nicked, tried, sentenced
Does time	Does time
Gets released at end of sentence	Gets released at end of sentence
Is entitled to try and get on with life	Gets deported (in theory...)

Isn't that... discrimination on grounds of nationality?

However, perhaps I'm jumping to a premature condemnation. I can't find any corroborative reports of this story; so far I've only seen it on the Socialist Worker website and thence cited on the Lenin's Tomb blog.

However, if it's true, then it appears that one Saqib Almas, a UK citizen, has been rounded up for 'deportation' in the wake of the recent crack-down on 'missing immigrant former prisoners'. I say 'deportation' because surely, if he's a UK citizen, this isn't deportation, it's exile? Mr Almas' sister confirms that he has completed a sentence for minor offences - two years ago - (and therefore, presumably, discharged his debt to society).

Which brings me to the conclusion that I may be being hasty. Perhaps this is just a laudable attempt by the authorities to be non-discriminatory, and show that they are prepared to kick discharged prisoners out of the country regardless of nationality.

I'll be interested to see what further details emerge. 

A number of Liberal Democrat MPs and Green MSPs (Members of the Scottish Parliament) have renewed their passports early as a publicity stunt. The implications of doing so are that they now have passports valid for a further ten years, but have not had to be enrolled in the planned National Identity Register.

They have also saved themselves a few pounds: the current renewal fee of £51 is substantially lower than the £93 passports are expected to cost once they are linked to compulsory registration in the database.

 LibDem Home Affairs spokesman Nick Clegg predicts that ID cards will be "expensive, intrusive and ineffective". Others, such as the NO2ID campaigners responsible for the "Renew For Freedom" website, clearly hope that in the 10 years between now and the expiry of a just-renewed passport, the whole scheme will have been scrapped.

Whether these protests will have any effect remains to be seen, but the last couple of months suggest that now may be a propitious time for them to be pressing for change:

- the former Home Secretary, Charles Clarke, who finally saw the ID Cards Bill through parliament, lost his job amid growing scandals over the failure to deport foreign nationals on their release from prison;

- Clarke's successor, John Reid, has described the Home Office as 'not fit for purpose';

- the Home Office not only runs the National Offender Management Service (NOMS), but also includes the Prison Service, the Probation Service and the Immigration and Nationality Directorate.

As Mr Reid has been obliged to admit, this organisation was unable to keep track of a number of individuals - who were supposedly under lock and key - as they were processed through the system by these various departments.

In that context, and depending on how sceptical you feel, you might feel that being entered on a National Identity Register (for the population at large, rather than a subset of convicted criminals) entails the following risks:

- that your details will be correctly stored and managed, but 'relying' departments will fail to make effective use of them;

- that your details will not be adequately stored and managed, giving rise to the opportunity for identity fraud both through 'relying' departments and through the Register itself. (Remember that one of the largest reported public sector frauds of recent months was perpetrated by using employee records from the Dept of Work and Pensions to defraud the tax credit system).

You might conclude that renewing your passport prematurely could save you more than £42.

I couldn't possibly comment.

It's a characteristic of any new technology that, at a certain point in its evolution, we have to look closely and critically at the terminology which has accumulated around it. I think "User Centric Identity" has reached that point.

The phrase is being used by more and more parties, as if it means the same thing to all of them and to their audiences, and yet it is at once ambiguous and hopelessly overloaded.

It's being pushed into the meme pool at the deep end.

I think it's time to find, if not an alternative, then a complementary phrase which helps us refer clearly to some of the concepts which are currently heaped onto the unhappy "UCI" phrase.

My suggestion is that we consider "User-Sensitive Identity". By that I mean the treatment of identity data in a way which is sensitive to the user and their intentions. It doesn't necessarily mean storing the information under the user's direct control, any more than 'consumer retail banking' means keeping all your cash at home under the mattress.

But I do mean it to imply a sensitivity to what the user wants to be done (or not done) with her/his information.

I also want it to imply technical design which simplifies some of the things users really ought not to have to worry about: going online to look at your work email? Let's retrieve the correct mail-server settings for you and feed them into your mail client. Going online to do non-work browsing? Let's flip your proxy settings accordingly.

And I do want it to imply sensitivity to the user's privacy.

Some users don't want to have to worry about the underlying technology, others are comfortable doing so. Some users want to be 'centric', others want to delegate some or all of the nitty-gritty. I think there is huge scope for us to be sensitive to that range of intentions, but only if we design it in from the start. 

Rob McCallough of law firm Pinsent-Mason has written an interesting follow-up piece on the UK legal status of email signatures, referring to a case described in this earlier article.

I'd better start with a definition of what he means by 'signature': for our purposes, he's referring to 'the name of the sender, typed at the foot of an email'. (That is, he's not referring to cryptographic digital signatures).

He cites a UK High Court ruling of April 2006, in which Judge Pelling QC said that an email offering a personal guarantee for £25,000 was not a reliable basis for the creditor to claim cash from the sender because it wasn't signed. He said that, had the sender typed his name at the end, or even his initials, that would have sufficed "providing always that whatever was used was inserted into the document in order to give, and with the intention of giving, authenticity to it".

His ruling was apparently silent on the matter of automatic email 'signatures' (i.e. footers) which give the sender's details. He did rule that the presence of the sender's email address was 'incidental' (presumably as an indication of authenticity).

I freely admit I know little of the law in this area, but I find this ruling strange, principally because it seems to contain so little to link the visible 'signature' with the person who typed it in. In that respect it seems liable to fail a basic test of 'authenticity', on the basis that the sender's name could be typed or otherwise inserted by someone other than the sender, and there would be nothing to distinguish that case from one in which the sender did in fact type their own name.

Rob McCallough cites the Statute of Frauds and Perjuries from 1677 as a law which requires that some documents (including personal guarantees) be in writing and signed. At that time, presumably, a 'signature' would have had to consist either of a conventional hand-written name, or a mark made in the presence of someone able to assert its authenticity. Judge Pelling's ruling seems to me to assume that a typed name can be treated in the same way, but I find that assumption unconvincing.

There's also detailed comment on the same case here, on the Financial Cryptography website, including the following passage, which I find instructive (reproduced with the author's italics &c.. The numbers refer to paragraphs in the court ruling):

[quote]

19. As well know to anyone who uses email on a regular basis, What is relied upon is not inserted by the sender of the email in any active sense. It is inserted automatically. My knowledge of the technicalities of email is not sufficiently detailed to enable me to know whether it is inserted by the ISP with whom the sender or the recipient has his email account. ...

Which is pretty well spot on, including the apropos injection of user confusion. The email address is inserted automatically by an agent of uncertain pedigree. Citing an 1892 precedent:

          25. It was this argument that succeeded. Cave J, said:

"I am of opinion that the principle to be derived from the decisions is this. In the first place, there must be a memorandum of a contract, not merely a memorandum of a proposal; and secondly, there must be in the memorandum, somewhere or other, the name of the party to be charged, signed by him or by his authorized agent. Whether the name occurs in the body of the memorandum, or at the beginning, or at the end, if it is intended for a signature there is a memorandum of the agreement within the meaning of the statute. " [Emphasis supplied] 

[end quote]

Here, the argument was about whether the email address constituted a signature, and concluded that it did not, because it was not 'actively inserted by the sender'. But let's consider the case of a cryptographic digital signature. When I send a digitally signed mail, I have to enter (once per email 'session') a password to the mail client's local keystore. Once I have done that, all subsequent emails are digitally signed with no further action by me. On that basis, it seems to me that a digital signature is inserted as automatically as an email address.

However, the relevant difference is surely this: that in the case of the digital signature, there is (because of the need to 'unlock' the keystore), a higher probability that it was me who sent the email, rather than another person, and a far smaller probability that a spurious signature has been inserted into the email by some other (unauthorized) agent. For instance, in the case under discussion: what would the judge have had to conclude if he had been presented - by the claimant - with a copy of the email which did include the sender's typed name?

My conclusion is that the legal argument here centres around a point which is interesting and relevant (can something inserted automatically be a signature?), but ignores a more telling question: can it be shown that the signature has been inserted by me or by my authorized agent, rather than anyone else or an unauthorized agent?

I would argue as follows: in the case of a simple name or initials typed into an email, it cannot reliably be shown that it was me, rather than someone else, who inserted them or caused them to be inserted (including tampering with the email at various stages of transmission).

If an email is digitally signed, and that in turn relied on the unlocking of a cryptographic keystore by means of a user-entered password, then I would argue that the digital signing routine has the status of an 'authorized agent'.

Admittedly, there are still two problems with that. First, as I said, my mail client settings only require me to enter that password once. If I were to leave my mail client unattended, someone else could send an apparently validly signed email without hindrance. That's one issue. If, in order to overcome it, I set my mail client to require the password every time I sent an email, there would be a further problem: to the recipient of the email (or any forensic enquirer) there is no way to determine whether, when the email was sent, my mail client was set to require only one password entry or one per digitally signed email. Any digitally signed mail would therefore have to be sceptically treated as though the mail client required only one password entry per session - and this therefore weakens the reliability of the digital signature because there must be assumed to be a time period during which another person might send a validly-signed email using my session.

 

But I come back to what I think is the key question. What would Judge Pelling have ruled, if the claimant had produced an email which did have the sender's name typed at the bottom. As far as I can see, his ruling would leave him with no option but to accept that the email was a valid personal guarantee, and therefore a reliable basis for the creditor's claim. And I don't think that is a desirable state for us to be left in.

I've been abroad for a few days and in self-imposed isolation from... well, pretty much everything - which was nice. No emails, no phone calls, no TV, no newspapers... and no blogging.

Coming back to the UK (which, with the current weather, was quite something - but that's another story) it's interesting to look at the headlines with a little more detachment than usual.

The new Home Secretary, John Reid, says that the Home Office is "not fit for purpose".

Amnesty International says that UK policies have undermined the ban on torture, that anti-terror measures have 'led to serious human rights violations', and that the government has "continued to erode fundamental human rights, the rule of law and the independence of the judiciary...".

And police used powers under the Serious Organised Crime and Police Act 2005 to (allegedly) seize personal property and protest banners from a long-standing one-man protest outside the Houses of Parliament. Apparently a one-man demonstration (Mr Haw, the demonstrator in question, has been in place for five years now) covering 3 metres is just about OK, but a demonstration with what Mr Haw describes as "40 metres of evidence of genocide" is a security threat. It's hard to see this as much other than a heavy-handed attempt to remove a visible embarrassment to politicians.

So all in all, being away from all this for a weekend may have given me a fresh perspective, but what's on view doesn't seem to have changed much.

Apologies for the interruption to normal blogging service. The issue has not been 'lack of subject matter' so much as 'surfeit of subject matter' and wondering how to encapsulate it all in a readable chunkette. I was struck by a common theme across a number of UK news stories this week: the theme seemed to me to be "rights" and their relative weight. It's hard to know where to start, but let's begin with the direct implications of a number of those stories (please bear in mind that these are not necessarily my views on any of these topics):

"The UK's implementation of the Human Rights Act needs to be overhauled, because (among other things) too many prisoners are re-offending while released on licence."

"The law on public company reporting needs to be amended to guarantee the privacy of shareholders in controversial industries such as pharmaceutical vivisection/animal testing."

"It's acceptable for the Prime Minister to sign a 'People's Petition' in support of animal testing, because some animal rights extremists resort to criminal activity in support of their cause."

OK, so much for the headlines. Let me just put a few personal stakes in the ground, so my own agenda is clear:

- I am of the 'Thalidomide' generation: my mother was offered that drug while pregnant with me, and it's a matter of pure chance that she decided not to take it;

- Given that I have had general anaesthetic a few times, and antibiotics (and other pharmaceutical products) several times, it's a reasonable assumption that I have benefited from the results of animal testing - but it's equally true to say that I don't know which products I use have been tested on animals, and I am not sure how I would reliably find out;

- I don't condone violence or destruction as means of advancing (or publicising) a political argument, but neither do I think it is helpful, as the Wellcome Foundation's spokesman this morning did, to class animal rights protesters as 'terrorists'.

- I am strongly of the view that in an ideal world new pharmaceutical products would not be tested on animals. I also recognise that we don't live in an ideal world. The question is, what are we prepared to do, or not do, in order to move closer to one?

First, there's no denying that some prisoners, released on licence, re-offend. The question is whether that represents flaws in the Human rights Act or its interpretation, or flaws in the release process, or flaws in the probation follow-up process. This story, which is cited by Lord Falconer as part of his argument in favour of change, strongly suggests that it is the release and supervision process which is flawed, rather than anything to do with human rights. Yes, the Chief Inspector of Probation says that "officials were side-tracked by considering Rice's human rights above their duties to the public" ... but then, if he didn't, the probation service would be the only organisation criticised. So, as another Rice, Mandy Rice-Davis, axiomatically put it "he would, wouldn't he?".

Of course, as we have a new Home Secretary this week precisely because of huge failures in the process of prisoner release, it's convenient for the Lord Chancellor to suggest that actually it's the Human Rights Act which is to blame, rather than poor administration. The irony is that amending the UK's Human Rights Act would not revoke UK citizens' right to challenge the government; it would - at worst - mean they had to pursue their claims through the European, rather than UK, courts.

Second, on the question of shareholder privacy: this has come into the headlines because animal rights protesters used shareholder information (in the public domain) to send threatening letters to shareholders in Glaxo Smith-Kline, in the hope of inflicting a damaging drop on that company's share price. Again, I don't condone that kind of threatening behaviour, but would question whether the best remedy for it is to change the law in ways which would be bound to reduce the accountability of publicly-listed companies.

There are other bizarre anomalies in this area too. For instance, elected members of county councils must declare their shareholdings (a prudent safeguard against possible conflicts of interest)... except, it turns out, where those shareholdings are in companies which might give rise to controversy. (Such as animal testing and vivisection firms, for example). To my mind, whatever its intention, the most likely outcome of this extraordinary policy is unethical behaviour on the part of both elected members and 'controversial' companies.

And third, what should be the Prime Minister's public position on this?

I would have expected slightly more separation between his personal views on this topic and what he is prepared to say as the leader of the government.

I would have expected a slightly more considered public position than "Animal rights extremists are criminals, therefore it's appropriate for me to sign a petition in favour of animal testing, 'just to show them' ". And yet that's what it boils down to.

I would have expected at least some indication of an 'ethical vision'; what policy steps is the government prepared to take in order to move us towards a future in which drugs can be safely tested without inflicting pain, distress and death on animals?

Unfortunately, as none of those expectations was fulfilled, I think his petition gesture just makes it look as though the Prime Minister is tucked snugly in the pocket of the pharmaceutical industry.

Looking at my blog entres for March again, I see that I was commenting on the failure of the Home Office and Police to create a National Firearms Register over the last decade or so.

Although I have never owned a firearm, I've recently had ample illustration of the lack of logic in the UK's firearms laws and policy.

Since the Dunblane shootings*, hand guns have been banned in the UK. Even the Olympic target pistol shooting team is not allowed to practice in the UK; they have to go abroad for their training (and let's remember, they tend to use single-shot small-calibre pistols).

It was a tough move, as far as the UK's pistol clubs were concerned. Their overwhelmingly responsible and law-abiding communities were, at a stroke, unable to practice their hobby.

However, those interested in target shooting were not left entirely without options. One pistol club near here illustrates the point. They are able to offer a couple of kinds of target shooting: small-bore (.22 calibre) and full-bore (generally, .357 calibre)... but not pistols: rifles.

Both small- and full-bore rifles come in multi-shot versions; there are 'self-loading' .22 rifles (i.e. just short of being fully automatic) and .357 'underlever' rifles (think of those cowboy Winchesters and you'll get the idea).

The latter can take 10 or so rounds of .357 ammunition, including magnum rounds, so have quite a rate of fire and 'stopping power'. And, of course, they have the accuracy of a rifle as opposed to a pistol.

So here's what I don't understand. Why does it make sense for a gun club to be able to shoot weapons like those, but not pistols? I'm not leaping to the conclusion that all pistols should be legalised or all rifles should be banned - but the current rules seem to me to be arbitrary and perverse.

In particular, it seems to me that there is scope for far greater acknowledgement that the target/sport-shooting community is highly motivated to be self-policing, and to take account of this in drafting the regulations.

 

*To a large extent, UK public perception of gun laws and firearms control is informed by two incidents: the 1996 Dunblane shootings, in which a gunman shot some 34 primary school children and adults, killing 1 people; and the 'Hungerford massacre' of 1985, in which 16 people were killed and 15 others wounded. At Dunblane, the gunman used two revolvers and two automatic pistols. At Hungerford, an automatic pistol and an assault rifle.

I blogged on Tuesday about Frank Abagnale's contributions to the BBC article on identity theft. It seems he's on some kind of retainer... one can hardly visit the site without finding more comment from him about identity and fraud.

I have to disagree with the logic of the more recent piece, though, in which he asserts that the days of the con-man and his social engineering skills are numbered. I think he's right in saying that technology has made it easier for fraudsters to carry out and replicate their attacks, and for some forms of fraud to rely on little or no social engineering - but I think that's always been the case.

Indeed, there was a fascinating piece on Radio 4 yesterday about the laying of the transatlantic telegraph cable - in itself, a technological innovation which 'shrank the world' as much as jet air travel or the internet. And guess what? The interviewee confirmed that, for almost exactly as long as the cable had been in service, it had been used for illicit purposes as well as the intended ones. But I digress...

One only has to look at the Shell chip and PIN story Mr Abagnale was commenting on on Tuesday to note that social engineering played a large part in the attack. I'm grateful to Alan Burlison for his comment, explaining some of the lengths the attackers had gone to to subvert the system.

I don't think for a moment that technology will render the con-man obsolete. In fact, in some instances, it is likely to make social engineering all the more important as part of an attack. For instance, the closer we get to biometric identification (where, in theory, there is an 'unforgeable' link between the individual and the credentials they present) the more likely it is that social engineering will be used to subvert not the technology of biometric verification, but the (human) processes through which a given set of biometrics and credentials are linked in the first place.

As you will have heard plenty of times before, Sun's motivating vision is that of "Everything of value connected to the network".

The trouble with that kind of vision statement is that the more it becomes embedded in the general consciousness, the less one tends to examine it for practical meaning. Every so often, though, it's worth taking a moment and looking critically at it to see if it's still relevant - and if so, how?

What promoted this thought was the recent announcement of a Sun RFID and Sensor Community site. OK, nothing too exceptional there, perhaps; Sun does a lot of this community-building stuff.

But thinking of 'things of value connected to the network' and RFID, it did  remind me that in defining our identity strategies for the future, we need to remember that the 'edge' of the network is expanding exponentially. I can't remember how many Java-capable phones there are out there now, but I am pretty certain that they now outnumber PC platforms. Then there are all the embedded processors in other things (cars, set-top boxes and the like) which are sometimes or always present on the network.

Next there's the wave of edge-connected things - which is where RFID comes in.  RFID introduces the notion that things have identities. Now, the same considerations apply as for human identites: you need to consider authentication,  authorisation, secure and reliable attribute exchange... and you need to consider privacy.

Take the use of contactless chips in passports and ID cards. The purpose of those is to enable quick, convenient and non-intrusive reading of the credentials in contexts such as immigration desks, check-in counters and so on. But clearly there's a privacy implication if the citizen's details could be read (quickly and non-intrusively) without the citizen's knowledge and/or consent.

So I welcome the formation of this RFID and sensor community; I think the identity requirements of 'the network of things' will provide a heck of a work-out for the principles which, up to now, have been applied only on a significantly smaller scale, and I think that's a very healthy test to have to pass.

The dangers of delegating: mother charged for abetting girls who dosed teacher's cookies with laxative. Unfortunately, not only did the young ladies put her advice into practice, but the teacher then generously handed the cookies out in class instead of either scoffing them all or leaving them on the staff-room table.

It also reminded me of this, from 'The Addams Family' film:

Girl Scout: Is this made from real lemons?

Wednesday: Yes.

Girl Scout: I only like all-natural foods and beverages, organically grown, with no preservatives. Are you sure they're real lemons?

Pugsley: Yes.

Girl Scout: I'll tell you what. I'll buy a cup if you buy a box of my delicious Girl Scout cookies. Do we have a deal?

Wednesday: Are they made from real Girl Scouts?

 

There's a slim chance you may remember me blogging about cheque payments vs chip-and-PIN back in February; somehow it seems a long time ago!

At the time, I remarked on a petrol station's notice saying that they would no longer accept cheque payments, now that the chip and PIN option was available. What I didn't say at the time was that this was at the Shell garage on the A303 near Amesbury.

The reason I mention it now is that Shell have just suspended the chip and PIN service at all their UK service stations, while a fraud investigation takes place into the alleged loss of over £1m from customers' accounts.

It's not obvious at this stage what the fraud mechanism is. A spokeswoman for Shell says that their "chip-and-pin solution is fully accredited and complies with all relevant industry standards", while a spokeswoman for the Association of Payment Clearing Services (APACS) says: "These Pin pads are supposed to be tamper resistant, they are supposed to shut down, so that has obviously failed". (Yes, but shut down in response to what....?)

So for the time being it's back to paying by card-swipe and signature.

Part of me wonders whether there's another attack behind this: making the new, more secure system such a pain to use that eventually the target turns it off and reverts to an older, less secure mechanism (which you already know you can beat). But that's just me being paranoid.

The other person who finds the Shell experience instructive is one Frank Abagnale - a former (convicted and rehabilitated) identity fraudster whose advice appears in this article on the BBC site. He cites a chip and PIN system he worked on in Australia 15 years ago which someone cracked within 3 weeks, successfully copying the details off the card.

His sobering parting shot is this:

And what about ID cards, like the one the UK government is pushing to introduce as quickly as possible?

"I give it six months before someone replicates it perfectly," he says. "Everything you need to clone an identity is in one place."

You won't have seen our Chief Privacy Officer Michelle Dennedy blogging much recently, for the best possible reasons, so the least I can do is keep the 'Compliance' theme simmering in her absence.

To that end, here's a comment from today's letters page in the FT, concerning the forthcoming Company Law Reform Bill:

"The mandatory process requirements in clause 156 of the bill require that directors, in fulfilling their good faith duties to promote the success of the company for the benefit of members as a whole, have regard to six factors: these include not only the interests of employees, but also relationships with customers and suppliers, impact on the community and the environment and the desirability of the company maintaining a reputation for high standards of business conduct."

The Bill also requires companies to document the process by which they have regard to those six factors.

I know there are those who think technology vendors see all such legislative initiatives solely in terms of the amount of business they could wring out of them... but I can't help feeling this one really would mean getting your arms round a whale.

A while back, on the subject of the mangling of language for political purposes, Richard Veryard kindly quoted Humpty Dumpty:

'When I use a word,' Humpty Dumpty said, in a rather scornful tone,' it means just what I choose it to mean, neither more nor less.'

Shortly after that, he also says:

'When I make a word do a lot of work like that,' said Humpty Dumpty, 'I always pay it extra.'

In which case there must be quite a run on the Blair purse at the moment. It seems that the reason he should not set out a timetable for the handover to his successor is that it would 'paralyse the political process'; whereas continued unresolved bickering about his refusal to do so positively invigorates and lubricates the political process...

Then there's the word "renew", which has been getting the work-out of a lifetime. Gordon Brown used it some 18 times in a single (statesmanlike) interview, and now Tony has borrowed it too. Calls for the Prime Minister to be replaced apparently mean they want "not to renew Labour but to reverse it".

I know just what he means. Someone renewed into my car the other day, so now I'm going to have to reverse it.

You may remember I blogged last November about the mystery of a man whose identity was definitely not that represented in his passport. From a blogging perspective, it's interesting that this strange episode has probably resulted in more subsequent hits on my blog than any other single post - including a comment ostensibly from the mystery man's daughter.

I guess I'll have to say goodbye to that traffic soon  ;-)  : although I missed the documentary in question, Sky recently broadcast a programme confirming that the real identity of Christopher Buckingham is Charles Stopford, a Florida man who disappeared from the States in 1983.

Apparently Stopford's parents, seeing 'Christopher Buckingham' on television, were convinced that he was their missing son, and this was subsequently confirmed by fingerprint tests.

Well, two days on from the cabinet reshuffle, and not only is it still in the headlines, but it's hard to find a headline which reflects a positive analysis of it.

Among the more negative comments:

- there have been expressions of outrage at the fact that John Prescott 'keeps his role and all the pay and perks which go with it, although all his departmental responsibilities have been taken away'. The question seems to be "what is the taxpayer paying him for?".

- Jack Straw's demotion from the role of Foreign Secretary has also generated a lot of negative reaction. One comment was that replacing Straw at a crucial phases of the UN/Iran negotiations significantly raises risk in that very volatile process.

It was entertaining to hear Lord Heseltine (former Tory Cabinet Minister and one who, while a strong candidate to succeed her, was agitating for the ejection of Margaret Thatcher) on the radio, as he trod the fine line between saying that replacing Straw was a really bad idea, while stopping short of saying that the Foreign Secretary might have been doing an OK job of it.

But the epicentre of the most persistent aftershock is Tony Blair's departure date. Dozens of Labour MPs are said to have put their names to a letter calling for the Party and the PM to set out an explicit timetable leading up to a stated handover date.

Just as happened last November around the government's defeat over the Anti-terror Bill, all Gordon Brown seems to have to do at the moment is stand in the wings and look statesmanlike. Meanwhile, centre stage, his fellow ministers get shuffled and humiliated, and Mr Blair takes the flak for a re-shuffle which increasingly looks damaging, ill-conceived and badly executed.

Links:

The Observer (The Guardian's 'Sunday sister'): "Blair's bid to relaunch government 'derailed' "

Observer comment on Prescott's enhanced pension 

The Times: "crony cabinet" is Blair's "praetorian guard" 

Financial Times: "besieged" Blair pulls off "stunning surprise" (Subscription content)

 

 

 

Two other nuances visible on closer inspection of the reshuffle:

- Andy Burnham, who had been Charles Clarke's chief protagonist for the bill, moves to a junior ministerial role in the Department of Health;

- Fiona McTaggart, who had been responsible for the criminal justice system at the Home Office, and in a key supporting role for Baroness Scotland (the ID Card Bill's principal proponent in the House of Lords) has apparently 'left government'. 

In a wide-ranging reshuffle which is the biggest re-org of his time in office, Blair has indeed sacked Charles Clarke from his ministerial role.

In this case, the only real empty chair is Clarke's, as he has been shunted out of the Cabinet and onto the parliamentary back benches. Another minister leaves the Home Office: Hazel Blears moves to become Chairman of the Labour Party.

Clarke's place is taken by John Reid (Defence Secretary); Reid's is taken by Des Browne, who comes across from the Treasury.

So much for that chain. The other set of moves is triggered by the political equivalent of a smacked bottom for Deputy Prime Minister John Prescott. For exposing the government to an unedifying infidelity scandal right before the local elections, Prescott keeps the titular post of Deputy Prime Minister, but has his whole ODPM empire taken away from him.

The resulting line of dominos goes like this:

- Ruth Kelly moves from the Education hot-seat to head the ODPM;

- Alan Johnson moves from the Dept of Trade and Industry to Education;

- Alastair Darling (Transport) takes over at the DTI,

- David Alexander (Europe Minister) takes over at Transport,

- Geoff Hoon (Leader of the House) becomes Europe Minister (bearing yesterday's blog in mind, does this mean Blair expects us to become the focus of European resentment???);

- Jack Straw (Foreign Secretary) moves to become Leader of the House... when Robin Cook was given the same nudge it was billed as a demotion;

- Margaret Beckett arrives at the FO from the Dept of the Environment, Food and Rural Affairs (DEFRA) to become Britain's first female Foreign Secretary;

- Local Government Minister David Miliband takes her place at DEFRA.

That's quite a chain, and I have no idea what combination of pragmatism, logic and chicanery underpins it all. The interesting thing is this: not all the demotions look like punishments, not all the punishments consist of demotion, and not all the promotions look like rewards.

Some names were conspicuous by their absence, despite having made the headlines in the run-up to the reshuffle:

-Patricia Hewitt retains her job as Health Secretary despite the rough ride she got last week from healthcare professionals;

- Tessa Jowell's embarassments of a few weeks ago have not cost her her job as Culture Secretary;

- and (contested) accusations that Peter Hain offered an opposition candidate a peerage if the latter would withdraw from the hustings have likewise not proved damaging enough to unseat Mr Hain from his post as Secretary of State for Northern Ireland and Wales.

One very interesting view of the political 'message' behind this reshuffle can be found here. According to this analysis, the thread which runs through all the individual appointments is a prominent one-finger salute to Gordon Brown. Apparently the Chancellor was not involved at all in the discussions, and the new appointees are staunch Blair supporters. No sign that Mr Blair is even laying the groundwork for any kind of handover to his nominated successor.

Still, that's politics for you, I guess. Sooner them than me.

You have to play the hand you're dealt... and yesterday's local elections appear to have dealt Tony Blair a moderately serious blow. However, he at least has the option of re-shuffling the pack - and the media are buzzing with speculation and provisional announcements as that re-shuffle is in progress.

According to the BBC, Charles Clarke will lose his position as Home Secretary; the Guardian says John Prescott is to have his responsibilities cut, and Geoff Hoon (currently Leader of the House), Patricia Hewitt (Health Minister) and Jack Straw (Foreign Secretary) are rumoured said to be moving - though it's not yet clear whether those moves will be up, down, sideways or out.

From my admittedly narrow perspective, the local election results and the reshuffle potentially affects one of the major factors in the UK ID Card programme: if Clarke has indeed lost his post, the ID Card programme will henceforth be championed by someone other than the minister who saw it voted through into legislation.

Foreseeably, before the programme is close to full roll-out on a national scale, we will have a new Prime Minister and could even have a new party in power. For an initiative as controversial as the ID Cards bill has proved to be, each of those changes represents a significant challenge.

Today has seen more unwelcome headlines for the government ("Welsh Secretary accused of offering peerage if opponent would 'not stand against Labour'", "Prescott's department accused of 'climate of bullying'"), and all the while, polling continues in local elections.

Against this backdrop, there's the clearest sign yet that the government still feels distinctly uncomfortable over the Home Office release/deportation issue: Geoff Hoon has been wheeled into the firing line, to soak up criticism from the Liberal Democrats and the Shadow Leader of the House.

On past experience, that's something they resort to when there's no alternative but to have someone stand in the way of brickbats which cannot be deflected by the normal tactics*. I don't know how Geoff Hoon gets compensated for this unenviable role; perhaps he gets a clothing allowance for kevlar pants and a teflon suit. 

 *Which appear to run along these lines: deny anything is amiss for as long as possible; when faced with incontrovertible evidence, make a virtue out of 'being big enough to admit one's mistakes'; then say that remedial measures have already been taken to fix the problem, and promise 'tough new legislation to ensure that it can't happen again'. If (as now) those options run out before the criticisms do, it's time to deploy the Hoon.

If I sound disenchanted, it's because this with this particular comedy of errors, novelty is all. Once that's exhausted, so's the humour.

I thought I remembered this, so I checked and it is the case: Jehovah's Witnesses don't vote. It is considered to imply that one places one's faith (no pun intended) in human agency to solve the wrongs of the world, rather than in Jehovah.

Agree with that or not, as you may (I thought the point of "render unto Caesar" was to distinguish between one's obligations temporal and spiritual... but I am definitely not the person to come to for Christian exegesis!), it would leave the government with something of a problem enforcing any compulsory voting law. Jehovah's Witnesses could presumably successfully argue that the law discriminated against them on the basis of their religious convictions. I wonder how much stomach there would be for a fight on that basis.

Sorry to put that as the Subject, but I know how it is. You know the feeling too, I expect: you watch a travel, nature or survival documentary, and all too predictably (though seldom to footage of a particularly cute hyena or stonefish...) the narrator's tones suddenly become hushed, reverent. It's time for the eco-message.

Well look, I know they feel obliged to put one in, but that doesn't stop a certain about of Repetitive Sympathy Exhaustion setting in - hence the apology. That said, I recognise that these are important issues - just as I also recognise that each of us will respond differently, depending on how the problem is expressed.

For me, it was expressed extremely powerfully on the radio a few days ago, in the context of global warming. In previous periods of radical climate change, some species have died out - unable to adapt to the change in conditions. An important factor in the survival of other species was the extent to which they were able to move and still find suitable habitat.

This time around, things will be different. Uncounted species (as well as the ones we know about) now survive only in pockets of habitat - constrained by human presence and human activity. If their current habitat is lost or changed by a sustained increase in global temperature, there will, quite simply, be nowhere for them to go.

The preservation of rare and endangered species by establishing game reserves and conservation areas has been a sop to the liberal conscience for most of my lifetime - but we need to recognise it for the short-term measure it is. Systemic change in the climate will, at a stroke, make that conservation strategy a fatal one, because it will radically change the enclaves in which we have allowed those species to be confined.

The investor Warren Buffett has said that it's an acceptable strategy to "put all your eggs in one basket; then guard the hell out of that basket" - but I think we have to face the fact that putting the basket in the oven probably wasn't what he had in mind.

You know I don't do this often, but as Q106 has brought Sun two positive analyst surveys in succession for its Identity Management products, it would be remiss of me not to comment at all...

A Forrester assessment of provisioning software vendors praised the Sun product for its functionality and ease of use; you can get the report here.

Then, more recently, Gartner released their 'Magic Quadrant' for Identity Management, and Sun leads on both axes - 'completeness of vision' and 'ability to execute'.

It's that last one which prompted me to reach for my keyboard. Sun can sometimes be perceived as being great at the vision stuff... spending a packet on R&D, keeping a load of technocrats on the payroll and so on - but being less capable when it comes to delivery. I think it helps enormously to have third party analysis correcting that perception.

I can't provide a link to the Gartner report at the moment, but it and a press release are on their way, and as soon as they're on the public site I'll let you know.