Robin Wilton's esoterica

You may remember that back at the end of February I posted about a couple of cases up for review by the European Court of Human Rights; at issue is the question of whether it is lawful (and adequately respectful of human rights - including proportionality) for the DNA of people arrested but subsequently found innocent or not charged to be added permanently to the UK's national DNA database.

Two things prompt me to revisit this story. One is recent news that Sir Simon Milton, Head of the Local Government Association, has written to local authorities to draw attention to disporportionate use of powers granted under RIPA, the Regulation of Investigatory Powers Act. Some councils have admitted "routinely" using RIPA to justify surveillance, including access to phone and email records, for offences including: owners allowing dogs to foul the pavement, clam-picking from an unclassified bed, and to spy on parents who claimed to live within the catchment area of a particular school (it was found that they did... but only after their children had been stalked for a couple of weeks. Never mind... that will all come out later, in therapy). 

Incidentally, the Chief Exec of Wyre Council in Lancashire is quoted as saying, apparently without irony, that dog fouling is an issue which local people "want the council to be tackling on the ground". If they start trying to deal with it in mid-air I think we're all in trouble... and dealing with it any earlier than that really would be disproportionately intrusive.

More seriously, though, my second prompt was this story in The Register, concerning a speech made by Gordon Brown on June 17th 2008 at the Institute for Public Policy Research (IPPR). The speech - on the topic of Security and Liberty - covered, among other things, the justification for retention of records on the national DNA database (NDNAD). The Prime Minister said:

"I say to those who questioned the changes in the Criminal Justice and Police Act 2001, which allowed DNA to be retained from all charged suspects even if not found guilty: if we had not made this change, 8,000 suspects who have been matched with crime scenes since 2001 would in all probability have got away, their DNA having been deleted from the database. This includes 114 murders, 55 attempted murders, 116 rapes, 68 other sexual offences, 119 aggravated burglaries, and 127 drugs offences."

That seems entirely clear and unambiguous. Precise figures, relating to specific offences, cases and suspects. But strangely, I don't remember seeing the news headlines - "over 100 unsolved murder cases closed, thanks to DNA database matches". According to this analysis  of Gordon Brown's speech, by Genewatch UK, that's because what the Prime Minister meant was actually something quite different.

The figures do not relate to specific cases or suspects.

They are based, first, on estimates of how many cases have been retained which might previously have been deleted from the database, before the law was changed to allow their retention; second, on estimates of how many of those retained samples might have matched samples from scenes of crime. It is not actually known, or reported in the NDNAD Annual Report on which the PM's figures are based,  how many specific individuals' records have been retained, which might previously have been deleted. Nor do the figures say how many of those estimated matches ever resulted in a prosecution, let alone a conviction. Instead, Gordon Brown's precise-looking figures are, according to The Register's article, based on an estimate of how many of the (estimated) matching cases are statistically likely to have been murder cases, rapes, assaults and so on.

According to the agency responsible for running the NDNAD "it is not possible to provide figures for the number of convictions produced by DNA".

The Genewatch analysis is happy to go on with the statistical approach, though; according to their figures, for every 8 DNA matches on the database the police get about 4 detections (prosecuting an individual for an offence); about half of those result in a conviction, and half of the convictions result in a custodial sentence. That's... one.

I'm too thick to do it for 114 murders, but as a byte has 7 data bits plus one parity bit, I can do it for 112 murders: if that was 112 DNA matches, it would be 56 detections, 28 convictions and 14 custodial sentences.

Hmm. Where did the other 100 go? Ah - I remember... into the non-existent headlines. I can see it now:

"100 non-existent murderers not matched to anything in statistical estimates, says PM"

Further to yesterday's post - here is a link to the HM Treasury page whence you can download a .pdf of the full report.

For more blog comment, here's a link to Tony Collins' analysis at ComputerWeekly.

Also at ComputerWeekly: you may remember that Toby Stevens of the Enterprise Privacy Group has a regular blog there, and noted that the Poyner Report was only one of a number of major privacy-related news items on the day in question.  He's got a lot on at the moment, but keep an eye on the blog, because I'm sure there's more to come on this topic, and it will be worth reading.

It's getting towards that time of year when we start checking we've got everything... sun-block, after-sun, stack of pool-side reading matter, mosquito repellant... you know the drill.

Well now there's something to add to the checklist: the HM Revenue and Customs podcast. Yes, get your holiday off to a flying start with this, "the modern way to communicate with people". It will tell you all you need to know about what goods you can and can't bring back with you from your hols. Why not give it a try? It could be almost as much fun as the previous podcast in the series: how to set up a Government-backed long-term savings and investment account for children born on or after 1 September 2002.

Actually, if you do succeed in downloading either podcast, please leave a comment... all I get is an error message. Maybe they are so popular that the site is swamped.

This has been a Public Information Service.

The Poynter report into the HMRC data breach is published today, though I haven't yet been able to find the text online. This is one of those cases where a problem emerges, an enquiry is launched, and the responsible minister (Alistair Darling, as Chancellor) immediately deploys the "let's wait for the results of the enquiry" measure as the simplest means of deferring embarrassing questions until (hopefully) the crisis fades from the public consciousness.

Except that, in the internet age, that isn't how it works. These days, all we have to do is type "poynter report" into a search engine to get instant access to the story. For example,  from December 17th 2007, here's The Register on Darling's immediate defence, and here's thisislondon on the same day, reporting Ruth Kelly's announcement of a further data breach at the DVLA...

Apparently a key finding of the report is that the loss arose from "serious structural failings" including poor communication between staff and managers, low morale, and inadequate training. This is somewhat at odds with the Chancellor's assertion at the time, when he laid the blame on a junior staff member who acted "contrary to all HMRC standing procedures".

I assume that "structural failings" would also include the strange equation by which it's 'better' for that employee to jeopardise 25m citizens' records than to ask his or her manager to approve the £5,000 expenditure which would have 'pruned' that data down to what was actually being asked for by the receiving department...

That theory tallies with another quote I have found so far from the Poynter report:

"Few members of staff appreciated the highly sensitive nature of the information contained on the two discs - and those who voiced concern were ignored"

It will be interesting to see what the full report has to add to that.

The House of Commons Justice Committee, reviewing a draft bill on constitutional change, has said that proposed changes to the role of Attorney General - the government's chief legal adviser- do not go far enough. Specifically, they are uncomfortable that the job of giving legal advice to the policial executive should, itself, be held by a politician. The BBC news story mentions three recent instances where this dual role has been of concern:

- The decision to call off a Serious Fraud Office investigation into the 'Al Yamamah' arms deal with Saudi Arabia;

- The advice provided to the Blair government concerning the legality of the Iraq war;

- The 'cash for honours' enquiry, in which a decision had to be taken as to whether to take legal action against some ministers in a cabinet of which the Attorney General was a participating member.

The committe's view apparently is that the greater interest would be best served if the roles of "chief legal adviser" and "governent minister" were not held by the same person.

In parallel, it's interesting to note that, as a result of some re-arrangement of civil service departments, the same civil servant is now responsible for the UK's passports, its planned identity cards, and its register of births, deaths and marriages (in other words, some of the key registration processes on which the issuing of credentials critically depends).

These elements - particularly the register of births, deaths and marriages - need to be managed with complete integrity relative to one another. It's no good having an ID card and passport issuing process which depends on correct certification of births, deaths and marriages if the integrity of the latter is questionable. And yet the fact that a single person is now responsible for oversight and governance of both the certification and the credentialling elements does not seem to have raised any concerns.

Another spam mail purporting to be from moneybookers today, this time inviting me to log in to an account I know I don't have, so as to check a new item of email which is waiting for me there. As Richard Veryard wondered in his comment on the previous post, why bother sending spam which blows its own cover?

This time there's a hyperlink in the body of the mail, which points to a site hosted by an Australian ISP. I have no idea what the "login" page contains, but the home page for the site advertises air-conditioning. Just the job for an English summer. Now, if only there was some secure way I could pay for it online...

Jonathan Feinberg over at wordle.net has developed a fun toy which generates word-cloud pictures from text (or from a del.icio.us page). Thanks to Adriana for the pointer...

Here's a wordle of my white paper on Identity and Privacy in the Digital Age...

Hmm. Interesting... I received a piece of unsolicited email today. It was the kind that rings alarm bells:

1 - it says it's about some kind of financial service;

2 - it includes an attachment;

3 - the link between the subject and the contents seems slightly bogus.

It's from "moneybookers.com", and the subject line reads "Money Laundering Policy - Read Carefully!".

In the body of the email there's a reassuring message which reads as follows:

"For security reasons we have sent you this message as an attachment file. This measure has been adopted to prevent personal information theft and data loss."

Nyuh-hhuh.. 'Course you have... That's the logical way to prevent personal information theft, after all.  I'll open the attachment right away. What's the worst that could happen?

The email also gives the company's registered address and UK company number - and sure enough, that matches an entry in the Companies' Register. Their website decribes the payment services they offer for online commerce.

But so what? I have a constructive suggestion for anyone hoping to develop an e-payment services business. If your service is legit, for goodness' sake find a better strategy than marketing it the same way as dodgy viagra!

Very strange.

It is unlikely to make any difference in the short term, as opposition leader Morgan Tsvangirai has announced that his party will not contest the head-to-head vote against Robert Mugabe. Mr Tsvangirai's decision come after a concerted period of violent suppression of opposition campaigners and likely opposition voters. Even had a poll taken place, it seems unlikely that it could have been representative of voters' real intentions, as this comment by an MDC organiser indicates:

"Tineyi Munetsi, MDC organising secretary for Chitungwiza, rang me from Mr Tsvangirai's house and I asked him what he thought of the decision to pull out.

"I believe it is the right decision," he answered. "For the last week it was my task to organise polling agents for the rural constituencies, and they are all being targeted.

"There is not a single area we can campaign in, even the townships are closed. And think of how many of our people have been murdered. This is not an election, this is a war, and we will not legitimise it by taking part in what is a farce."

Mr Munetsi also alleged that the MDC had discovered plans for massive ballot-rigging.

"Look here, people are being told that after they vote they have to write down the serial numbers of their ballot papers so the fake election monitors can cross-reference them to who they voted for."" Source: BBC News site

While I was in Japan earlier this month, one of our meetings was very kindly hosted by the Institute of Information Security in Yokohama.We were warmly welcomed not only by Prof. Itakura, Head of Faculty for Biometrics and Personal Authentication, but also by Prof. Tsujii, the President of the Institute, and Head of Faculty for Cryptology and the Electronic Social System.

The Institute's website is all in Japanese, I'm afraid, but here is a paragraph from a one-pager handout we were given, which gives a good idea of the breadth of Prof. Tsujii's vision (I have slightly modified the phrasing in one or two sentences - I hope I have done justice to the English and Japanese originals):

"A Life that Exceeds Time and Space

The development of the information network has brought about a multiplying effect of real space and cyber space, ultimately expanding the breadth of our lives. Digital technology that resolves information into ones and zeroes, meanwhile, is extending social activity in all areas, including the direct exchange of opinion between producers and consumers. Such outcomes suggest that "digital technology has activated even analog communications". In this context of information network development and the daily lives of individuals, "freedom", "equality" and "safety" become the most important themes. For technology to enhance efficiency and convenience - thus expanding people's base of freedom - and to allow people to accept such freedom equally and use it safely, it becomes necessary to define measures which closely combine the four fields of: security technology, operation and management, legislative development and social ethics. Information security is an interdisciplinary, comprehensive science which investigates and realizes such social order."

It was a pleasure and an honour to be hosted by such a visionary academic.

Fascinating opportunity yesterday to hear Prof. Richard Swinburne set out his arguments for the existence of the soul as an essential, non-physical and persistent part of "me". I'm particularly grateful to Prof. David Charles for his continued generosity in arranging these opportunities for former pupils to reconvene and have their grey matter given a thorough pummelling.

Without going through it all in detail at this stage (though I will probably write something on specifics in due course), I have to admit that my preconceptions about Prof. Swinburne's views were not entirely positive. For instance, I had read Prof. Yujin Nagasawa's succinct and telling critique here, and found it to be very persuasive. I was wondering what Prof. Sinwburne could say to convince me otherwise. That said, within very few minutes of his starting to speak, I had to admit that his ideas really needed serious consideration.

This is not least because he adopts an approach which is either necessary, or very shrewd (or conceivably both). Within about 10 minutes, he had set out, as the 'supporting pillars' for his over-arching contention, principles concerning substances, events [physical and mental], identity, persistence, and semantic reference. First, it's worth noting that any one of these areas is practically a philosophical career in its own right; second, it means that if one wants to undermine the basis of Prof. Swinburne's position, one has to be prepared to tackle him on some pretty formidable topics. As I say, I will come back to a couple of specifics in a later post... but I'm certainly not qualified to mount a direct assault on all fronts.

Touching briefly on Prof. Swinburne's views on identity, though, I think we can point to some concepts which will be familiar to regular readers of this blog. For instance, Prof. Swinburne wants, as part of his argument in favour of the existence of a non-physical and persistent essential part of "me", to assert that "I" may survive even if my physical body ceases to be. (This is one of the arguments which Prof. Nagasawa seems to counter very effectively). In support of this argument, Prof. Swinburne advances a 'thought experiment', not unlike Derek Parfit's "malfunctioning teleporter" example. Imagine that your brain were surgically removed and half put into one empty skull and half put into another. The missing hemispheres in each skull would then be supplied through cloning, duplication or whatever.

Prof. Swinburne argues that, although we clearly cannot say that "all of you" has survived in the case of either of the two resulting beings, enough of you has survived to make it at least worth asking which of them, if any, is "you". In other words, that your identity - your 'self' - has survived to at least some degree despite the fact that your physical body has not.

A couple of questions suggest themselves:

- first, given that the two new beings each have only one hemisphere of the original brain, is Prof. Swinburne justified in asserting that each half still has the same kind of privileged access to the same feelings, memories, opinions etc. as the whole original brain? I tend to think not.

- second, if his argument rests on the idea that some persistent aspect of "me" is successfully transferred from the original to each of the new beings, does that imply that my 'soul' is divisible (and if so, what else might that imply)?

And lastly there's the good old "argument by counter-example" riposte: if, in order to support your thesis, you have to rely on examples involving improbable mechanisms such as flawless transplantation of severed brain hemispheres, supplemented by flawless cloning of the respective other halves, doesn't that suggest that the thesis itself may be a little far-fetched?

As I say, I'm not qualified to judge... and I haven't spent the last 40 years or so devoting myself to the study of this problem. However, whether I found Prof. Swinburne's position convincing or not, I certainly had to take it more seriously than I had expected to do.

There's news today that convicted cleric Abu Hamza (currently serving a sentence in the UK for soliciting murder, incitement of racial hatred and other offences) has lost an appeal against requests for his extradition to the United States (where he is wanted on a number of terrorism-related charges).

This appeal was made on the basis that some of the evidence on the basis of which the US extradition was being sought was obtained through torture. The High Court judges ruled that there was insufficient specific evidence that this was the case. Let me say, first, that all the public history seems to indicate that Abu Hamza is a right sweetie... prepared to use places and services of religious worship as the forum for inciting violence and murder, for instance, and with an apparent mission to radicalise anyone prepared to listen. I think I'm happier with him off the streets, regardless of whether he's off them in the UK or off them in the US...

Nevertheless, two things caught my attention relating to the story.

First, it appears that Abu Hamza might be extradited to the US - but only for as long as it may take to bring him to trial there - then returned to the UK to serve the remainder of his current sentence, and then (if found guilty in the US) sent back there once again to serve whatever sentence may be handed down at his US trial. It will be interesting to see whether his trial takes place under the normal domestic practice of federal law, or whether anyone succumbs to the temptation to deal with Abu Hamza through the more 'pragmatic' processes of Guantanamo.

Second, although they have concluded that the extradition request was not based on information under duress, the UK judges must also be assuming that 'standard operating procedure' will apply to Abu Hamza's pre-trial detention... no water-boarding, duress positions, sexual humiliation etc.. Otherwise, one would have to assume that Article 3 of the European Convention on Human Rights (and therefore the UK Human Rights Act) could be held to apply. This reflects the European Commission on Human Rights' finding that "Article 3 could be engaged by the extradition process and that the extraditing state could be responsible for the breach where it is aware of a real risk that the person may be subject to inhuman or degrading treatment" [Soering v. UK, 1989]

It will be interesting to see how his extradition unfolds in practice.

Oh- and in case, like me, you were wondering about the missing eye and hands: apparently these were lost while doing mine clearance in Afghanistan... which is an interesting twist. The persona we are otherwise being shown via the media doesn't include much to relieve the uniform blackness of character.

I flew in to Heathrow's much-maligned Terminal 5 on my way back from Tokyo at the weekend. In most respects T5 is... well, an airport terminal. At the architectural level, it's neither depressingly awful nor heart-swellingly amazing - though the multi-story car park ground-side of the main building is unusually hideous even of its type. Strangely, as the entire purpose of the terminal is to process a massive flow of people, the building's layout itself helps very little, and needs constant signage to tell you where you're supposed to be going (in its catastrophic opening week, this was one of the major obstacles for travellers and staff alike). It's good to see, at least, that in terms of flooring T5 has moved on from the frankly horrid carpets of its older siblings.

The most spectacular failing of the opening days was in baggage-handling, with a backlog of 19,000 bags, some thousands of which were trucked to Milan to use the (working) facilities at Malpensa. So it was with some dread that I surrendered my suitcase to the check-in staff at Narita and, 14 hours or so later, descended in the hope of recovering it, Lemminkainen-like, from the Tuonela of Terminal 5... [Apologies if my Finnish grammar is not up to scratch... that should probably be Tuonelasta or something... ;^)]

There are lots of information panels in the baggage retrieval area. This meant that none of the crowd of waiting passengers had trouble seeing that there was a backlog of 10 flights-worth of bags for which the collection carousel was not yet known. Not a cheering sight. Then it turned out that it wasn't the baggage-handling system that was down, but the information system... so our cases would emerge OK, we just wouldn't know where. Also, the PA system wasn't working, so a lone BA staff member was spending her Sunday trotting up and down the baggage hall shouting out the flight and carousel numbers whenever she could glean them from her intercom. "Tripoli, carousel 7", she would yell, "Athens, carousel 4"... and, like a well-worn refrain "cancelled flights: baggage on carousel number 9".

Poor sods.

As it happened, our baggage arrived with roughly normal promptness.
You may be wondering what on earth this has to do with Hazel Blears' PC... well, only this: you would have thought, given the incredibly high-profile failure of the T5 baggage system in its first weeks, that BAA and BA would have flung resources at it so that either nothing went wrong, or if there was a glitch, hordes of back-up bag-men would swarm in and sort it out manually. But no.

Likewise, you might wonder - given all the damage to the government's reputation as a reliable custodian of sensitive data - what on earth might prompt a Minister to store restricted data on a machine in her constituency office, despite data custody rules which forbid it. There may, of course, be a perfectly rational explanation... I couldn't possibly comment.

Interesting blog post by Uri Rivner on the Finextra Communities site. He notes a recent RSA report that "Software as a Service" (SaaS) principles are making their way into the underworld of online fraud, and predicts that within 18 months there will be sigificant use of 'hosted malware servers' as the basis for Trojan software attacks. And there I was thinking that, anecdotally at least, it was the porn industry which was usually the first to achieve large-scale subversion of any given new technology.

The DefenceSecretary, Des Browne, will apparently announce today that, following talks between Gordon Brown and President Bush, the number of British troops serving in Afghanistan is to rise to its highest level yet. The war in Afghanistan has been in the headlines recently as the number of British servicemen killed there in the current conflict passed the grim milestone of 100. US Secretary of Defense Robert Gates recently addressed NATO with the announcement that in May, for the first time, US and allied combat deaths were more numerous in Afghanistan than in Iraq.

It's not, of course, the first time Britain has been entangled in a land war in Afghanistan. Whether or not it can be regarded as canonical, the "British Battles" website makes the following interesting observations about the disatrous British retreat from Kabul to Gandamak in January 1842:

- "The First Afghan War provided the clear lesson to the British authorities that while it may be relatively straightforward to invade Afghanistan it is wholly impracticable to occupy the country or attempt to impose a government not welcomed by the inhabitants. The only result will be failure and great expense in treasure and lives.

- The British Army learnt a number of lessons from this sorry episode. One was that the political officers must not be permitted to predominate over military judgments."

Of course, that last comment reflects a basic tension: the military option is always constrained within a political context (think, for instance, of the first Gulf War, in which the military preference was to press forward having liberated Kuwait, take Baghdad and overthrow Saddam Hussein while the momentum was still there... the political reality was that such a step would have gone beyond the agreed scope of the military action, and in doing to would have used up political capital in forums such as the United Nations and among the other nations of the Middle East.

As I've had a lot of time to spend in airports recently, I've spent some of it reading recent accounts of the Iraq and Afghanistan conflicts: "Sniper One" by Sgt Dan Mills, "House to House" by Sgt David Bellavia (US, Iraq), "3 Para", by Patrick Bishop (UK, Afghanistan).

In Sgt Bellavia's book, one very seldom gets any direct hint of the political context or its effect on operations - perhaps because the US and UK styles of deployment are different, perhaps simply because his book covers a shorter and very intense period of engagement. However, in both the others, the political dimension is always there, and is portrayed almost entirely as something which muddles, frustrates and inhibits the military action - usually resulting in greater danger and further casualties. The principal, fatal dangers appear to be these:

1 - political objectives which expand, but with no corresponding increase in the available resources;

2 - a political context which results in long, confused or conflicting chains of command (particularly multi-national ones);

3 - political goals with unquantifiable military objectives;

4 - a failure to address 'macro' causes at the political level, thus failing to stem the symptoms of conflict on the ground.

In both the Sniper One and 3 Para accounts, troops were deployed to make sure that reconstruction projects could take place. In both cases, by the end of the book, any notion of reconstruction had evaporated, and the troop deployments were basically acting as a lightning rod - attracting vigorous insurgency action simply by being present.

The 3 Para book explicitly mentions "Quick Impact Projects" or QIPs; civilian aid initiatives which the military forces are meant to undertake so as to create benefit for the civilian population and win their good-will. There is a telling vignette of the 'un-plumbed-in washing machine' which the soldiers wanted to install for the local townspeople, but were instructed to leave to the civilian reconstruction agency. At the end of their tour of duty, the machine was still sitting there in its polythene wrapping.

Tellingly, there is no mention of reconstruction goals in today's BBC news article (though, of course, the Defence Secretary's full statement may read differently). Instead, it repeatedly mentioned the theme of 'taking the war to the Taleban' and 'confronting them in Afghanistan rather than in Britain'. That looks like an unquantifiable military objective to me.

There is also no mention of Pakistan in the article, although it is clear that the Afghan question cannot be resolved without Pakistan's active and committed engagement. That looks like a failure to address macro factors.

As for the balance between political and operational imperatives... only time will tell.

No, it's not a re-run of the Eurovision Song Contest, though goodness knows, a dire enough tune won that.

This is Ethiopian athlete and Boston Marathon winner Dire Tune, who - at the Golden Spike athletics meeting in the Czech Republic earlier this week, ran 18.517 kilometers in one hour. Even I, with my limited numeracy, can work out that that's an average speed of... just over 18½ kilometers an hour. OK - for those of us still on pre-Napoleonic units, a shade over 11½ mph.

... not that Jim needs the extra traffic, by any means, but one of his recent posts reflected very aptly on something which surfaced in the Tokyo Privacy Summit we ran earlier in the week. Here's a link to Jim's post - I explained the Privacy Summit reference in a comment. 

My thanks to Ken Rijock of World-Check for pointing out an upcoming change to US visitor registration processes. Starting from August this year on a voluntary basis, and mandatory from Jan 12th 2009, anyone who currently enters the US under the VWP will be expected to register online beforehand. This will replace the current I-94W form, but will have the added benefit that your electronic registration will be valid for multiple entries over a two-year period (or until your passport expires, whichever is sooner). The logic here is, then, slightly strange: currently, each I-94W you complete has to specify the address at which you will be staying while in the States, your airport of embarkation and your flight number. Those are pretty unlikely to remain the same for each visit over the two-year period... so for all but the first visit, that data will be obsolete and will contribute very little to the security of the homeland.

The announcement did not mention whether there will be related changes to the process for visitors leaving the US - a process which, over the last couple of years, has seemed to vary depending on your airport of departure (for instance, for a while, San Francisco airport had a rather half-hearted stab at collecting iris scans from departing visitors... but Chicago O'Hare and Washington Dulles didn't bother...).

Here's the relevant page at the Dept of Homeland Security. 

A quick follow-up to yesterday's post about the Home Affairs Committee's report on the ID Cards scheme: Dr. Edgar Whitley at the LSE was good enough to point me to their press release on the same topic. As the LSE press release notes, the HAC report is not the first to recommend that any national scheme should be based on a 'data minimisation' principle. After all, as our CPO Michelle Dennedy says of personal data: "If you don't have it, you can't lose it". That must prompt a rueful smile in many an organisation.

Here in Japan they don't have a national ID card scheme. The views expressed at today's meeting* were that it would be very hard for such a scheme to win the trust of the Japanese citizen - one significant reason being the possibility of doubt about whose benefit the scheme is being run for: the state or the citizen. There would also, I heard, probably be an instinctive aversion to anything which represents such a potential threat to personal privacy.

As one of my companions put it over dinner, "It used to be the case in Japan that there was really no such thing as personal privacy... particularly in the domestic environment, for instance. But now that it's normal for each person in a family to have their own room, and children can use mobile phones to get completely independent, unsupervised access to the internet, email and messaging, attitudes to privacy have changed fast. We're still learning how to deal with the new possibilities."

*It was held under the Chatham House Rule, so I can't disclose who the participants were or who said what... but I have good reason to suppose that this is a well-informed view of the situation. 

I flew into Tokyo this "morning" for a series of meetings, including the 6th of the Privacy Summits we've been running under the Liberty Alliance banner.

Of all the headlines you don't really want to see as you arrive in a city, "Seven dead in knife attack" is probably quite near the top of the list. Though I have to say, my (all too) brief experience of Tokyo and Sapporo suggests that you'd have to look for trouble quite determinedly to run into it on the streets.

This time it's the Home Affairs Select Committee, chaired by Labour MP Keith Vaz, and they are expressing unease about the potential for the ID Cards Scheme to damage privacy, undermine public trust, and lead to a surveillance society. They also draw attention to the danger of any ambiguity about what the scheme is for. Here's an interesting quotation:

"The Committee, which considers whether draft laws will have
unexpected or ill-advised consequences for the constitution, warns that
the Identity Cards Bill seeks to create a database that will record
more information about every adult in the UK than has ever been placed
on a single database before.

Such is the significance of the database to the Government proposals
that the Committee suggests that the Bill should more properly be known
as the “National Identity Register and Identity Cards Bill”.

“Such a scheme may have the benefits that are claimed for it, but
the existence of this extensive new database in the hands of the State
makes abuse of privacy possible,” says the report."

Mainly, it's interesting because it's from this Register article...from March 2005, quoting the House of Lords Select Committee on the Constitution. And here's one from silicon.com (July 2004), citing the Home Affairs Select Committee's concerns that the ID Card plans were too fuzzy, with a risk of function creep and loss of trust over possible hidden purposes.

I know both Jacqui Smith and Meg Hillier have taken steps to 're-launch' the ID Cards scheme, with new communication and implications of some reduction  in scope - but if a cross-party committee of MPs is still raising the same kinds of objection as 3 and 4 years ago, doesn't that suggest that a more radical policy revision is called for?

The Home Secretary, Jacqui Smith, continues to pave the way for next week's debate and vote on proposals to extend from 28 to 42 days the period for which a suspect can be detained without being charged.

The proposals are being described as a sensible precautionary measure, being put in place now so as to be ready in case of future contingencies which might require such powers, against the background of an ongoing terrorist threat.

I supposed that's marginally better than 'knee-jerk' legislation in the wake of (or even during) some future massive terrorist emergency, but it still seems to me to be far from a proportionate measure. Let's just look again at the comparable detention periods in other countries: 1, 2, 2, 2, 2, 3, 3, 4, 5, 5, 6, 7, 7.5, 12... and 42. As I noted back in December of last year, the 12 is Australia, the 7.5 is Turkey... at the other end of the
scale, the 1 is Canada and the 2s are South Africa, Germany, New
Zealand and the US.

As Turkey has one of the higher numbers among "the rest", let's not forget some of the issues which are making that country's possible accession to the European Union such a contentious topic:

- the EU's frustration over continuing prosecutions under Turkey's Article 301 offence of "insulting Turkishness" (mostly involving the arrest of writers and journalists...);

- a supreme court case over whether or not to ban one of the country's
political parties for alleged breaches of Turkey's laws concerning
secularisation of the state; the party in question is the AK party, which comfortably won elections last July despite fears that it had a hidden Islamist agenda and would fundamentally damage the secular system put in place by the Turkish Republic's architect, Mustafa Kemal Atatürk. In the run-up to the elections, the army had said it would intervene to protect the republic if necessary.

However, the factors most likely to jeopardise the UK's 42-day proposals are probably closer to home. First, there's the question of whether such legislation, if enacted by the UK parliament, would breach the European Convention on Human Rights (EHCR). Parliament's joint committee on human rights is unequivocal:

"No amount of additional parliamentary or judicial safeguards can
render the proposal for a reserve power of 42 days' pre-charge
detention compatible with the right to liberty in Article 5 of the ECHR
(European Convention of Human Rights)."

Then there's the question of whether the proposals for parliamentary oversight would actually be workable. The last time I looked at this, the proposal was that parliament must debate and vote on individual cases within 30 days (though it was not clear how that 30 day period was to relate to the 42-day period of detention...); the proposal is now that parliament should vote on individual cases within 7 days...

However, that still doesn't change the basics: how on earth can MPs make a valid judgement about the detention of someone who has not yet been charged, but who may later appear in court? Giving them enough information to draw a conclusion must surely prejudice any later trial. And we're told that the extra time is needed so that investigators can unravel complex plots and conspiracies... so surely an informed parliamentary debate would put into the public domain information about the investigation which would be of great benefit to those co-conspirators the law is designed to catch.

The Conservative and Liberal Democrat parties both oppose the plan, and its survival hinges on whether the government's concessions have been enough to win over the dissenters in its own ranks.