Robin Wilton's esoterica

So many of my discussions with people about identity revolve around the 'technology/policy' boundary that I thought it was worth re-visiting briefly with some examples.

For instance, as far as the average mobile telco is concerned, the bill-payer and the SIM they give you are basically equivalent. You can (except with those carriers who lock their handsets) put the SIM into another handset and have it work just the same... but you'll still get billed. The telcos are good at managing the technology which associates the SIM with the phone number with the subscriber (or bill-payer). But think about it: if the subscriber doesn't PIN-protect their SIM, anyone who picks up the handset can make calls... which will get billed to you.

The technology part of associating the SIM with the bill-payer is in place, but the policy part (of somehow ensuring that every subscriber locks their phone) isn't.

Of course, it's in your interest, as a subscriber, to make sure that you're the only one who can run up costs on your handset... but if that part of the equation is so clear, why do so many people not do it?

Similarly, it's in your interest as a bank card holder not to write your ATM PIN on the back of your card (or on a slip of paper in your wallet), but anecdotally, that's what a lot of people do. Ironically, since "chip and PIN" was introduced in the UK for point-of-sale transactions as a 'more secure' alternative to cards and signatures, I've heard people say they love the new system - not because it's more secure, but because it means they can send someone else out to do their shopping for them.

Again, the technology of chip and PIN is in place, but the ability to control what people do with it is another matter entirely, and relies on assigning an inferred liability for the transactions, not on anything technical. In other words, if you dispute that you made a transaction, the argument will be that you must have disclosed your PIN to a third party.

It's tempting to step back and regard chip and PIN as merely a stop-gap until a new biometric mechanism can be put in place to replace signatures as the 'something you are' element - but there's little or no sign, in the UK at least, that banks are about to roll out biometric authentication for card transactions, and one can imagine a number of reasons why:

- they have just spent quite a lot of time and money on chip and PIN;
- some forms of biometric (such as fingerprint and iris scan) are felt to be unappealing to customers;
- some (such as facial recognition) are still felt to be too unreliable;
- voice recognition might not be practical, either for noisy environments like supermarkets, or for 'customer not present' transactions where there's a risk of spoofing.

Whatever the technical obstacles to overcome in these cases, though, I can guarantee that the solutions will not dissolve the technology/policy boundary - they will only move it.
.

Gordon Brown used a speech at the University of Westminster to explore the topics of liberty and identity in today's Britain. I just wanted to take a moment to reflect on whether that should be cause for optimism or dejection. As usual, it's a little of each.

One the one hand, it's probably good that he's speaking on the subject at all. The effect of the information age on social identity is a defining characteristic of this decade. It's also good to see this Prime Minister describing the need for balance between the privacy of citizens' personal information - and all the various factors which are used to justify increased public sector use of that data... about which we were used to hear so much from the previous PM and Home Secretaries.

On the other hand, it is sad to see some of the old misconceptions and mis-portrayals persisting under the new regime. Take, for instance, this paragraph from the speech:

"And on those occasions where we already have to identify ourselves
- when we open a bank account or withdraw money, pay for something,
cross borders or register with a GP - citizens themselves are
recognising that it is in their interests to have a modern and secure
means of identification which better protects against crime, fraud and
illegal immigration and also protects each of them as individuals,
their property but also their privacy."

You probably noticed the casual elision of "opening a bank account, withdrawing money, paying for something, crossing a border...". Hold on a minute. Paying for something? Withdrawing money? Those are commercial-sector services and I don't have to disclose identity data when I do those things, so don't try and lump them in with the public sector services like frontier controls and access to healthcare where the government wants mandatory disclosure of identity, not entitlement.

I've heard people say that they love the convenience of "chip and PIN" payments now in the UK... because it means they can send someone else to the supermarket on their behalf, instead of having to go because a signature was needed. Or, of course, you can just pay cash. The cash and the PIN don't prove identity - they prove ability to pay.

Similarly, when I enter my home country, what I should be being asked to provide is not proof of identity but proof of citizenship. When I request healthcare from the National Health Service, I should be being asked to prove my entitlement to that treatment, not my identity. Indeed, it might be appropriate for my identity to remain confidential. Take, for example, the government's recent announcement that it is to vaccinate 12-13-year-old girls with the Human Papilloma Virus to protect against cervical cancer: proof of the girl's identity need not be required for that process - just proof of the correct age, and the means to check that each individual is vaccinated only once.

With characteristic sleight of hand, the Prime Minister is, at a stroke, praising the potential benefits of the information age while declining to exploit them on the citizen's behalf. Today's technology offers the means to make attribute assertions while protecting personal privacy. If Mr Brown wants to establish a balance between privacy, security and service provision, that's a theme he would do well to explore.

Like many of the loos I've encountered here [in Tokyo], the one in my hotel bathroom has a heated seat. (It also has a range of 'upward spray' options, but let's draw the veil of discretion over those for now). Now, living in England, I am as conscious as the next man of the potential shock inherent in a cold loo seat... but let me just say, contact with an above-body-temperature seat can be just as surprising to the un-habituated.

By way of preparation for this visit, I carefully mugged up on what I knew would be the most useful phrase: "I'm sorry, I still speak Japanese badly".

Unfortunately, I mis-remembered one of the words involved and spent several days saying something more like: "I'm sorry, I still scape Japanese baldy".

Still, one way or another I guess I was putting the message across quite adequately, and people are far too polite to say "Yes... yes you do..."  ;^) 

I had a shiatsu (acupressure) massage on Sunday afternoon to try and work some of the kinks out of my back. I'd been wondering why it was aching more than usual, until it dawned on me that in the past seven nights, I had slept in seven different beds - except for the night on the red-eye to Tokyo, that is.

The masseur prodded me speculatively in various places and issued a verdict: "You are very inflexible in rumba region". Good point. I'm the last person who could be accused of having a flexible rumba. 

I'm in Japan at the moment, for the Liberty Alliance plenary meetings which start tomorrow. More on that topic as the week progresses, but in the meantime here's one of those "first-time visitor in Japan" posts. It's fascinating to experience how not being able to read 90% of public information basically reduces you to the societal level of a four-year-old. Instead of relying on textual information, you have to look for other clues which might tell you which street you're on, or which metro station comes next, or what kind of food you're about to get in a restaurant.

So far, I've worked out (albeit with some help) that the Japanese characters for "yakitori" (grilled stuff on little skewers) include one which looks like some stuff on a skewer.

Also, the Japanese characters for "ramen" (noodles in broth) include one which looks more or less like an "X", depending on which character set is used, how the characters are written/printed, and a couple of other variables, including this counter-intuitive one: a lot of restaurants advertise their speciality by means of slender, vertically-mounted banners... which is fine, provided the wind's blowing the right way. If it isn't, all the characters are backwards and good luck to you. Unless it's a nice "X", of course, in which case you're probably still OK.

Japanese food can also have a reputation for being expensive - and I know in some cases that's amply justified. It can be cheap too, though. At lunch today I gave up long before the ramen did, and it cost me under $5.  I'm not even going to try to find a "pound" sign on this keyboard... but about three quid.

I expect the rest of the week will abound in 'random food encounters'...

Have you looked lately at what it says on the humble tin of boot-polish? It's enough to put you clean off... as it were.

"May cause sentitization by skin contact. Avoid contact with skin. Wear suitable gloves. If swallowed, seek medical advice immediately. Harmful to aquatic organisms. Keep out of the reach of children."

I didn't know the bit about it killing fish - presumably that's why you never see a fish with shiny shoes.

The advice about keeping out of reach of children is pretty sound, though. That's what I always try and do.

I was at Thruxton circuit yesterday to watch the final 3 races of the British Touring Car Championship season - and with the final points scores of 300 to Fabrizio Giovanardi and 297 to Jason Plato, it could hardly have been tighter.

I've missed several of the Formula 1 races this season, so it feels like a while since I've heard the Italian national anthem at the end of a motor race, but yesterday Giovanardi was on top form, winning the first two BTCC races and finishing second in the last. Plato, chasing points right to the end, was characteristically 'committed' in the last race, reminding me that Touring Car racing can often be very much a contact sport. As well as the Touring Cars, there were also races of Formula Renault, Porsche Carreras, Renault Clios and Ginettas, and air displays by the Army Air Corps (Lynx helicopter) and the Red Devils (parachutists). A great day's entertainment, with plenty of straight-forward, full-on racing.

Formula 1, on the other hand, seems still to be being dogged by the kind of thing which sours my appreciation of the amazing skill and commitment of the drivers. The FIA has appointed an 'internal scrutineer' specifically to monitor the McLaren team during the championship-deciding Brazilian Grand Prix next weekend. The scrutineer will be there to make sure McLaren treats both drivers even-handedly and doesn't make any attempt at using team orders to determine the outcome of the race.

If Ron Dennis were actually employed by Bernie Ecclestone, he'd surely be considering an employment tribunal claim for constructive unfair dismissal by now. McLaren have already had a technical scrutineer imposed on them by the FIA in the wake of the 'Ferrarigate' scandal over leaked technical documentation - to ensure that their 2008 car doesn't incorporate anything they might be considered to have learned from those leaks. The practicalities of enforcing such a ruling are so absurd - given the extent to which any leading team has to innovate to stay competitive - that it essentially represents a blank cheque to McLaren's competitors. Essentially, McLaren could simply find themselves spending the whole of next season fighting a series of vexatious claims that whatever innovation they have introduced has somehow been derived from the leaked documents.

OK - the 2007 championship is going down to the wire; OK - the tension between Alonso, Hamilton and Dennis has been palpable as the season progresses. But McLaren have a winning car and two extremely competitive and capable drivers. McLaren have a reputation for letting their drivers fight it out, and have no history of using team orders to rig the finishing order. When there were allegations of team orders at Monaco earlier this year, the resulting investigation completely exonerated the team of any inappropriate behaviour, finding instead that every tactical decision they took was 'entirely reasonable', 'entirely legitimate' and 'standard practice'.

As far as I'm aware, no team in F1 history has ever had such external scrutiny imposed on them in the past. So why this extraordinary move? It's hard to conclude that it's anything other than F1's opaque governance model at work again; 'follow the money': whose interests are advanced by this ruling? Bernie Ecclestone's... he gets a final in which an already-competitive sporting showdown is articifially inflated to soap-opera proportions; and Ferrari's. The ruling increase the chances that their primary competitor will win on the track but lose in the pit lane - because some bean-counter questions why one driver's tyres was brought out rather than the other's, or why someone was left out on the circuit for 3 laps with a visibly de-laminating tyre.

And why are there specific regulations forbidding team orders in the first place? Well, it goes back to Austria in the 2002 season, and the 6th race out of 17 for that year. As the teams went into that race, Michael Schumacher had achieved almost maximum points, winning 4 of the first 5 races and finished 3rd in Malaysia (45 points). His team-mate, Rubens Barichello, had retired from the first three races, failed to start in Spain and finished 2nd in San Marino (6 points).

Schumacher's closest rival at that stage, Juan-Pablo Montoya, had 3 second-place finishes, a 4th and a 5th (23 points).

At the A1 Ring in Austria, Barichello led the race until the end, when he was instructed to let Schumacher pass him for maximum points, to the jeers of the crowd. Then, in the penultimate race of the season, at Indianapolis, the Ferrari drivers again staged the finishing order... by this time, though, they had won all but two races of the season. Schumacher would ultimately finish the season with around twice the points of Barichello and three times the points of Montoya. Schumacher later suggested that his aim had been for the cars to finish exactly side by side... which, in this era of 0.001-second timings, did little to reduce his reputation for arrogance.

The FIA fined Ferrari $1m for the Austrian farce, and introduced specific rules forbidding the use of team orders to influence the finishing order of a team's drivers.

For reasons we need not go into, I was looking up the term for "fear of change".

In fact, I found no fewer than four, which suggests a level of refined sadism I had not previously associated with the psychiatric profession. There's

- neophobia

- change phobia

- metathesiophobia

- kainotophobia

Logically, therefore, there must also be the condition of meta-metathesiophobia... the fear of going back to your therapist and finding that the name of your condition has been changed.

I've blogged a couple of times about the difficulty of using the fingerprint authentication option on my laptop after I accidentally removed part of my fingerprints while on holiday. There's also the problem that I can't log on after doing the washing up; what does this tell us about the lives of the people who design these things...?

A note to the US Immigration Service folks, then: you might want to update the green 'visa waiver' card for arriving visitors, so that it includes the following instruction: "Do not wash your hands thoroughly before entering the country, as this may delay your authentication".

There's a serious side to this, though: any proposals to strengthen authentication in hospital healthcare systems by using fingerprint biometrics should be very carefully examined. The investigation into clostridium difficile deaths in a UK hospital trust has found that, over a 2 1/2 year period, 90 deaths were directly attributable to clostridium, that it was definitely a contributing factor in another 124, and a probable factor in another 55 deaths. Under circumstances like those, the trade-off of higher security for worse personal hygiene just isn't worth the risk.

Now there's a post title I never imagined I'd write...

Minding my own business in Second Life earlier, and I heard a huge commotion behind me. Turned round to see about 8 daleks doing what they do... yelling "exterminate! exterminate!" and blazing away (at each other, as it happens) with those egg-beater things. Not the loo plunger, the other one. Disregard this gibberish, obviously, if you didn't spend formative periods of your childhood cowering behind the sofa during Dr Who... .

I understand they are the creation of Fenrir Reitveld/ MechMind - and very good they are too. 

If you're ready for a mind-bending bit of real-life/Second Life crossover, have a look at this blog post. Look closely at the photo... it took me a while to make sense of everything that's going on there - but basically, there's someone in a lecture theatre at Harvard Law School, attending a lecture which is also being broadcast in Second Life, and the physical attendee is also logged in to Second Life and is sitting in the virtual lecture too. Accompanied, naturally, by a dalek.

Actually, having just had a great time speaking at an event in Rotterdam (Identity 2007, organised by the Institute for International Research), maybe I shouldn't be endorsing that last part... it would be quite unnerving to gaze out into the audience and find oneself staring a dalek in the eye-bulb. (Not the plunger or the egg-beater... the other one...)

The UK parliament's Public Accounts Committee has just published a report into its examination of the fee structure for e-passports and ID cards. You can find the full report (46 pages, pretty readable) here if you are, as they say, minded to do so.

They ask whether there isn't greater scope for reducing the cost to the citizen, given that the two credentials will contain largely the same personal information. It's a good question... but it raises another: why has it taken MPs until now to raise it in a substantive form... long after the primary legislation has gone through for both e-passports and ID cards, and precisely these concerns were raised in detail by (for instance) the original report into ID Card proposals by the London School of Economics. If you've been following this blog for a while, you'll doubtless remember the unnecessarily unpleasant tactics of the then Home Secretary, Charles Clarke, as he steamrollered the legislation through while launching shameless personal attacks on the report's authors. Here are a couple of the posts from back then:

- One on Andy Burnham's attempts to attack the author rather than the argument;

- One on Charles Clarke's refusal to publish the costings which were the basis of a KPMG report on the scheme... and so on.

This current Public Accounts Committee report raises many of the same concerns; why are the costings for the ID cards and e-passport schemes so interwoven? Why, despite that, does the over-all programme not seem to deliver the economies of scale and efficiencies of process which the PAC feel could be achieved? These are very valid questions... but for all that, the policy has already been set.

There are a couple of other interesting points in there:

First, the PAC notes (as has been pointed out on the Register and elsewhere) that the chips in the e-passports are only warrantied for a 2-year lifespan (whereas a passport lasts for 10 years). The question of who pays to replace passports with failed chips is therefore a very significant one, but one to which the PAC can't find an answer. I wonder if the original cost estimates took that point into account.

Second, the PAC report notes that although a substantial part of the cost goes to fraud prevention mechanisms, there is no supporting research evidence to indicate the cost-effectiveness of these measures. What's really worrying is that they're not just talking about the technology - though they do specifically mention the facial biometrics which will be incorporate in the credentials. They are also referring to the process-oriented parts of the system, such as the biographical checks and the interviews which form the very beginning of the 'chain of trust' on which the credentials and authentications crucially depend.

For the policy to have reached this stage without such metrics in place is extremely revealing.

Back at the end of August I blogged about the problems I had with the fingerprint biometric reader on my laptop - after I was so rash as to go kayaking while on holiday. Two months down the line, I can now once again authenticate to my laptop using the little finger of my right hand.

Just for completeness... the river where I went kayaking was the Cheat River in West Virginia. Several people, when I have mentioned this, laugh and say "Oh, "Deliverance", right?"... [cue 'Duelling Banjos'] so I had a look and it seems that Deliverance was actually filmed in on the Chauga River in South Carolina and the Chatooga and Tallulah rivers in Georgia.

That said, I did give in to temptation and buy one of the T-shirts they had at the kayak rental place (Blackwater Outdoor Adventures). On the back, it says "PADDLE FASTER... I hear banjos..."

In case you haven't seen them yet, the strip cartoons on xkcd are funny, surreal and ploymathic enough to really appeal.

Here, at random, is one about ninjitsu and  Open Source software, and here's one for the Paul Simon fans among you. Warning: bad pun alert.

If you prefer somethin a little darker and sometimes nearer the knuckle, check out Cyanide and Happiness;  and Cyanide and Happiness on caffeine.

The related topics of ID theft and ID fraud have been pretty high-profile ones recently, and there's now a call from the UK All-Party (parliamentary) Group on Identity Fraud for the appointment of someone to oversee and co-ordinate the anti-fraud activities of policy-makers, law enforcement and the commercial sector.

The answer to the question is, of course "it depends". Among other things, it depends on what that person's remit would be, and what resources they would have to enact such policies as they defined. I can think of a several things which they might be tempted to address, with varying probabilities of success.

For instance, they might choose to have a go at public awareness and identity-related behaviours. Apparently 'one in six 16 to 25 year olds publishes information about themselves on the web which could be used to carry out identity fraud'. My favourite recent quote in this area comes from Tom Ilube of Garlik: "50% of people say they are concerned [about privacy], but only 6% do anything about it. They care about it in the same way as they care about losing weight."

There's a lot behind that rather sassy epigram. For instance, how much of that apparent lack of urgency is because the web has few ways of making us feel unsafe. It appears to be much safer to walk down the online equivalent of a dark alley than it ever would in the real world... so lots of people wander through the seedy web neighborhoods, (metaphorically) waving their wallets above their heads as they squint through the viewfinder of their expensive camcorder.

Both those problems require the mass mobilisation of communities (the general public, the web designers) over whom an ID Fraud Tsar could expect to have only limited influence.

How about law enforcement, then? Surely there's scope here for a Tsar to carry out a few purges? Well, probably not. Bear in mind that ID theft and ID fraud are fundamentally borderless crimes. The credit card details which are 'lifted' in Canada might be aggregated in the Far East, written onto plastic cards in South Asia, shipped to Europe, and then used to buy things online from Japan for shipment to Africa. If you can find a law enforcement agency which would be interested in following that chain for any more than one hop, I'd be surprised...

My favourite quotation in this area is from author Jeffrey Robinson:

"As long as we persist with a C17th idea of the nation-state, a C18th judiciary and C19th law enforcement, the C21st will belong to organised crime".

If a Tsar is appointed, they should have that on a little plaque on their desk.

In his blog on the BBC site, political commentator Nick Robinson asks (rhetorically) why, if balancing the taxation/public expenditure equation is so easy, Gordon Brown hasn't already done it. After all, Brown's tenure as Chancellor was characterised by its stealth taxes as much as Blair's tenure as Prime Minister was by spin.

I am not remotely qualified to advise anyone on who to balance the national budget, but it seems to me that if the Shadow Chancellor was looking for a few easy policy coups, there were plenty to go for.

For instance, how about policies to redress two of Gordon Brown's more iniquitous tax tactics:

1 - in 1997 he announced the abolition of tax relief on dividends earned by pension fund investments in equities. That turns out to be as complex to fully account for as it is to say. Basically, it meant that pension funds which earned income from investment in the stock market were suddenly being taxed on any resulting 'interest'. As a result, the long-term income forecasts of a massive slab of the pension industry were, at a stroke, revised downwards - not through some slump in the global equity market this time, but because of a few self-funding strokes of the Chancellor's pen.

By 1997, the potential volatility of long-term savings (such as equity-based endowment mortgages) to slumps in the stock market could not have been clearer. For a Chancellor to single out equity-based pension investments as the source of additional tax revenue, then, takes some beating. If it's irony you want, consider the fact that the Tories's 1995 Pensions Act introduced legislation to protect pension funds against this kind of piracy, in the aftermath of the Robert Maxwell/Mirror Group pensions scandal. Brown's 1997 policy, which came to be known as his 'raid on pensions' not only irreparably damaged the long-term financial prospects of those prudent savers, it has also, over the subsequent decade, done much to help undermine the nation's faith in pensions saving as a basis for retirement.

Here's the logic which flows from that policy in the medium term, with all the inexorable pressure of a massive thrombosis: discouraged from investing in pensions, more people turn to property as their hedge against retirement (second homes, buy-to-let and so on); this exacerbates the house-price 'bubble', increasing the likelihood that it will burst - potentially destroying the value of that long-term investment too; it also inflates house prices, making it almost impossible for first-time buyers to enter the housing market... increasing the demand for sub-prime lending, which leads to the collapse of banks like Northern Rock. Does anyone feel sorry, yet, for Alistair Darling, who received this ticking time-baton from the outgoing Chancellor?

2 - in general, Brown perfected the art of taking your money away first, and then letting you have some of it back provided you claimed it properly... thus maximising, of course, the chances that the taxpayer would either not know they were entitled to a rebate, not know how to go about claiming it, or frankly, in some instances, simply not bother to go through the admin to get a percentage of the tax back.

This 'tax first, repay later' tactic has undoubtedly hit hardest at some of those least able to take the blow. By definition, if you're claiming benefits, you're less likely to have the resources to tide you over between getting taxed (or having an allowance withheld) and going through the process of clawing it back. Then there are those citizens, all too well known to organisations like the Citizens' Advice Bureau (CAB), who are in part dependent on benefits precisely because they just can't cope with the complexities of things like invalidity benefit, working families' tax credit, job-seekers' allowance and so on, let alone the added hassle of claiming back this or that slice of whatever benefit that has been withheld "for tax purposes".

Some people talk about the 'honeymoon period' enjoyed by a new Prime Minister. I have this to say about that: on our honeymoon, our car boiled dry and blew up 40 minutes after we left the wedding reception; we had about the roughest Channel crossing I have ever survived; Mrs W and I got 'flu one after the other; as we headed back towards England I ate the wrong trout, and my copious vomiting almost got us thrown out of the hotel. Don't talk to me about honeymoon periods...

OK, this would be the most outrageous piece of own-trumpet-blowing if I didn't also have the excuse that it's also a little obscure... text-book esoterica, in fact!

I got an unexpected parcel in the post today - always a fun moment - and it turned out to be the proceedings from the 30th Anniversary conference of the German Computer Law Association (DGRI), bound into a nice neat paperback. The theme of the conference was "From the punch-card to the global network - 30 years of the DGRI". I had the huge privilege of being invited to give the keynote address, and sure enough, there I am in print - what a happy moment! The conference as a whole gave some fascinating insights - not just because it was a look at 30 years of the history of the industry, but also because of the intriguing perspective you get when you look at IT through a lawyer's eyes.

This is a good opportunity to extend, once again, my thanks to Prof. Dr. Wolfgang Buechner and Prof. Dr. Thomas Dreier of the DGRI for the invitation, and my colleague Dr. Hellmuth Broda, who I suspect put in a good word for me behind the scenes...

For those of you keen to know more about this collector's item, here's the page on amazon.de. Don't get your hopes up too much, though: it's currently showing as 'unavailable'...