Friday, January 23, 2009

In Defence of the Database State

Henry Porter has asked "Can you argue the case for the database state?", I thought I'd give it a go.

Let us start by establishing what we mean by “The Database State”. Technically, a database is simply a collection of records grouped together for a specific purpose, it needn’t contain personal details, it could contain, for example details of where certain items of stock are located within a warehouse. The databases for concern are the ones containing personal information, these are used in any organisation where there is a need to know the identity of the customer (for example banking, where an account needs to belong to someone).

In this rather broad context, it’s impossible not to have a database state. Elections, benefits, pensions and taxes all depend on the various databases used to administer them. It is not possible to have a database-free state, we can only decide on its limits.

To determine extent of the database state we need to look at it in a number of ways, as well as the information the state holds on a citizen there are also considerations on how many people have access to that information and how easily accessible that information is. Government plans for data sharing mean that although no new information is held on a citizen, that information is available to a greater number of people.

The danger of the database state is that information held could be put to dangerous use, there is a need to consider both minor abuses by individuals with access to this information and larger scale abuses by a government (including future governments1), when the database state is strengthened in whatever way, it is my belief that there is a need to balance the practical benefits against the potential dangers of abuse.

For example, I support ID cards because I do not believe that the information contained in the national identity register could be used by an individual or a future government to harm someone2. On the other hand, I oppose the new communications database because I believe there is a clear case for this one being abused.

So, to conclude, I accept the database state with the caveat that it’s expansion is scrutinised and permitted only where there is a clear benefit and minimal danger.

1. There is a limited extent to which I’ll accept the “future governments” argument because I feel that if a government wants to go full on authoritarian then we have seriously let our democracy go to the wall. I'll accept though that a govenment may indulge in more subtle meddling for political advantage.
2. I’m not sure of how much information will be contained in the ID card’s audit trail, I’m assuming that it will be kept to a minimum.

1 comment:

Anonymous said...

Andreas,

You wrote:

For example, I support ID cards because I do not believe that the information contained in the national identity register could be used by an individual or a future government to harm someone.

Take a look at this page on the Home Office web site:

http://www.ips.gov.uk/identity/how-idcard-daily-transferring.asp

And this one:

http://www.ips.gov.uk/identity/how-idcard-daily-collecting.asp

Do you notice what has happened here? Wendy and Colin have effectively had to apply to the Home Office for permission to carry out their transactions. What happens if the Home Office computer is perfectly satisfied that Wendy and Colin are who they say they are, but has been programmed to decline their transactions for some other reason? If that happens, we're looking at case-by-case Home Office monitoring and control of many transactions in an individual's life.

Here's a list of parts of your life the Home Office could track and possibly control:

http://www.ips.gov.uk/identity/how-organisations.asp

When you use a credit card to buy something, the credit card company effectively gives you permission to use their money for the transaction, trusting that you'll pay them back later. If the company doubts this, the transaction will be declined, and you'll have to find another way to pay - a different credit card, perhaps, or cash.

However, under the Home Office scheme, when you put an ID card in a reader you're effectively asking the Home Office for permission to use your own identity. If the Home Office won't let you, you're stuffed. You only have one identity, and they control it.

This is why I oppose the UK ID card scheme, and "Database State" built upon it.

Long post on this plus discussion here:

http://forum.no2id.net/viewtopic.php?p=87448#87448

Cheers,

Andrew Watson