Report: Govt has lost control of database state

6:23 am - March 23rd 2009

by Newswire    

      Share on Tumblr

A quarter of all databases are fundamentally flawed and must be scapped, says a landmark study out today.

The first ever comprehensive map of Britain’s database state today reveals how the database obsession of government has left officials struggling to control billions of records of our most personal details and almost every contact we have with the agencies set up to serve and protect us.

‘Database State’ examines every major public sector database in the UK and demonstrates how many multi-million pound IT projects either don’t work, or have such serious safety or privacy problems that they are alienating the public and harming the vulnerable groups they are meant to support. Some of the government’s flagship databases, such as the DNA database and ContactPoint, are so flawed they should be scrapped immediately.

The report (exec summary / full report (pdf)), published by the Joseph Rowntree Reform Trust, charts the sheer scale and financial cost of data collection, the methods used to maintain and secure the data, and the treatment of critical issues such as consent.

Database State finds:

  • A quarter of all major public sector databases are fundamentally flawed and almost certainly illegal. The report says these should be scrapped or redesigned immediately;
  • The database state is victimising minority groups and vulnerable people, from single mothers to young black men and schoolchildren;
  • Children are amongst the ‘most at risk’ from Britain’s Database State, with three of the largest databases set up to support and protect children failing to achieve their aims;
  • Data sharing is a barrier to socially responsible activities. It is deterring teenagers from accessing health advice and undermining goodwill towards law enforcement;
  • Only 15% of major public sector databases are effective, proportionate and necessary;
  • We spend £16 billion a year on public sector IT and a further £105bn spending is planned for the next five years – but only 30% of public-sector IT projects succeed.
  • Database State examines each of the 46 major public sector databases which hold personal information on us all, or a significant minority of us.

    It uses a ‘traffic light’ system to assess whether each system is illegal under human-rights or data-protection law; whether the collection and sharing of sensitive personal data are disproportionate, or done without our consent, or without a proper legal basis; or whether there are other major privacy or operational problems.

    Database State also highlights the real plight of individuals left suffering at the hands of the database state – from the single mother terrified social services would take her child away if she talks to her GP about post-natal depression, to the 13-year-old girl left with a criminal record for life because of a playground incident.

    Report co-author Professor Ross Anderson of Cambridge University said:

    Britain’s database state has become a financial, ethical and administrative disaster which is penalising some of the most vulnerable members of our society. It also wastes billions of pounds a year and often damages service delivery rather than improving it.

    Too often, computerisation has been used as a substitute for public service reform rather than a means of enabling reform. Little thought is given to safety, privacy and value for money.

    There must be urgent and radical change in the public-sector database culture so that the state remains our servant, not our master, and becomes competent to deliver appropriate public services that genuinely support and protect the people who most need its help. That means we have got to develop systems that put people first.

    Database State calls for:

  • 11 of the 46 systems assessed, including ContactPoint, the NHS Detailed Care Record, ONSET and the electronic Common Assessment Framework, to be scrapped or redesigned immediately
  • Respect for human rights and data protection, so that sensitive information is only shared with the subject’s consent or subject to clearly-defined legal rules that are proportionate and necessary in a democratic society
  • The right for citizens to access most public services anonymously
  • The report says the public sector must learn to build the right systems – and build them well. It recommends new measures to promote scrutiny and transparency of all IT projects; radical initiatives to select and train civil servants to handle complex systems; and changes to public-sector procurement rules to favour more medium-sized systems over the monster projects that have damaged so many government departments.

    But it warns: “There is a sense in the senior civil service and among politicians that the personal data issue is now career-threatening and toxic. No-one who values their career wants to get involved with it. Like Chernobyl, some brave souls need to go in and sort it out while others plan better ways to manage things in the longer term.”

        Share on Tumblr   submit to reddit  

    About the author

    · Other posts by

    Story Filed Under: Blog ,Campaigns ,Civil liberties ,ContactPoint ,Local Government ,Our democracy ,Westminster

    Sorry, the comment form is closed at this time.

    Reader comments

    Great news that Ross Anderson and the FIPR ( ) have got this to public light today. You can see that it’s going to be a huge challenge to deal with this legacy – getting projects wrong in the first place has left a massive legacy of spending needed to protect our human rights.

    Some very basic points about hiring in experts at government level, so departments understand the implications of the technologies, is one key recommendation of the report, but the message to LC readers must be to take technology seriously as a campaigning issue.

    That is Open Rights Group’s raison d’etre, campaigning for your digital rights, so please feel free to take a look at our website, join our email list and get involved with active work pressing for our rights – including our human right to privacy.

    An MoJ Minister was on Today this morning and claimed that the DNA database is needed in its current form so that we can detect miscarriages of justice, like happened last week. I shouted ‘bollocks’ at the radio. Last week’s miscarriage was detected by comparing a specific person’s DNA to a specific sample. It had absolutely nothing to do with the database.

    Wot Jono @ 2 said. Also, that the authorities do not appear to be interested in using the DNA database for exculpatory purposes. If you are under suspicion, the system appears to work like this: if the DNA from the crime scene matches your DNA database record, you are screwed; if the DNA from the crime scene does not match your DNA database record, you are screwed.

    I think it is worth noting that the police continue to ignore the ruling in S & Marper, claiming that they are awaiting guidelines from the Home Office – yet the law says that retention is at the discretion of the Chief Constable concerned. One would have thought Chief Constables would be interested in complying with the law and judgements. The Home Secretary has seven days left to provide them with new guidelines.

    There is an apparent obsession with collecting ever more data and introducing more systems – it is a modern snake oil peddled by politicians and IT suppliers. But more data does not equal better data.

    We recently heard again about eBorders, a system intended to “identify passengers who are a potential risk and alert the relevant authorities”. But the arrest rate is worse than that for ostensibly random stops and searches, and it is costing us billions of pounds.

    We recently had further confirmation that there wasn’t a robust cost-benefit analysis for the National ID Card And Ridiculously Bloated Database Scheme. It is striking (but not surprising) that such projects can proceed without a robust cost-benefit analysis. I remain optimistic that the scheme will fail because it seems to meet at least six of the eight common causes of government IT project failure. Yet his failure will cost us billions of pounds – it isn’t finished but has already cost us millions and public sector employees are already accessing our private data on the databases that underpin it.

    It is all very well people banging on about paranoia, but can they provide adequate justification for any of these systems? And even if there is justification, are we competent enough to be able to deliver? Precedent suggests not.

    Finally, my irony meter exploded this morning when I heard that Government spokespeople had attacked the authors of the JRF / FIPR report for being politically biassed. This is the usual pejorative when they can’t think of anything substantive to say.

    inJustice Minister Michael Wills denied everything on Radio 4’s Today programme. It really recommend worth listening to this if you fancy spraying tea over your keyboard.

    Reactions: Twitter, blogs
    1. Liberal Conspiracy

      New post: Report: Govt has lost control of database state

    2. Gareth Winchester

      RT @libcon: New post: Report: Govt has lost control of database state

    3. Liberal Conspiracy

      New post: Report: Govt has lost control of database state

    4. Database State is Flawed, Insecure, Overpriced and Needs Scrapping | Sharpe's Opinion

      […] Database State is Flawed, Insecure, Overpriced and Needs Scrapping […]

    5. Free thinking « Curly’s Corner Shop, the blog!

      […] Government has lost control of the database state: The first ever comprehensive map of Britain’s database state today reveals how the database obsession of government has left officials struggling to control billions of records of our most personal details and almost every contact we have with the agencies set up to serve and protect us. An excellent examination of how the government’s astonishing fondness for databases is ineffective, inefficient, costly, flawed, possibly illegal, discriminatory, and a risk to children, amongst other things. […]

    6. On the UK’s DNA Database, Part 2 « Genetic Inference

      […] it really is. The governmental already hold a pretty scary amount of information on us (c.f. the recently report by the Joseph Rowntree Reform Trust), and investigating people based on genetic data seems much […]

    Sorry, the comment form is closed at this time.