link to briefings documents at magnacartaplus.org
 

briefing document

The Database State

James Hammerton



back to magnacartaplus.org index page

to the news at magnacartaplus.org

short briefing dcuments at MagnaCartaPlus.org

 
Google
 
Web www.magnacartaplus.org

 

Edit This

This is work in progress.

Index

Introduction
What does “the database state” mean?
Database state schemes in Britain
Britain’s database state and “transformational government”
Database schemes elsewhere.
Further information

Introduction

The original tagline for the NO2ID campaign was “Stop ID cards and the database state” (my emphasis) [1]. Of the two issues the original tagline highlights, I regard “the database state” as the more important and more worrying issue. This is because the development of the database state poses a fundamental threat to privacy, providing the state with immense power over individuals, using data collection and sharing schemes the Stasi would have been proud of. This document explains what the database state is, why it is a threat to privacy and provides an overview of the various schemes and government programmes that constitute the database state.

What does “the database state” mean?

NO2ID’s explanation of the term is as follows:

The ‘database state’ is what we call the tendency to try to use computers to manage society by watching people.

This rough definition highlights the key point. Rather than merely being any use of databases by public bodies or the government, it refers to the use by the state of database technology to monitor and manage the activities of the general public.

The National Identity Scheme (NIS) is the prime example of a database state scheme. A database called the National Identity Register (NIR) will be created. It will store every name you’re known by, every address you live at, the numbers of every identity document issued to you, your biometric details (current plans limit this to a photograph and your fingerprints) and the details of every occasion on which your identity is checked against the database. It will thus track the different places you live at, the different names you use, what official identity documents (e.g. passport, identity card, driving licence, etc) get issued to you and, via recording the details of each identity check, who you are doing business with. The government’s aim is that the identity card will be required for accessing public services, opening bank accounts and obtaining credit cards. They intend a wide take-up of the identity verification service by private businesses, and each time a transaction requires a check against the NIR, a log will therefore be created in the NIR of whose identity was checked and which organisation or person checked it. Furthermore, by creating a unique National Identity Registration Number for each adult, the NIS will enable the government to index into any other public or private database that stores the NIRN (it is pretty much inevitable this will be done), and thus to efficiently get access to any data stored about you on other databases. Possession of a national identity card will thus mediate your accesses to both publicly and privately provided goods and services, and the data stored on the NIR will determine what level of access you will thus be given.

The NIS thus enables detailed monitoring of the population and micro-management of their activities.

Database state schemes in Britain.

  • The National Identity Scheme. As mentioned above, this is the prime example of a database state scheme in Britain. This briefing document covers the scheme in detail.
  • ContactPoint, aka “the children’s database”. From the Action on Rights for Children web page on ContactPoint:

    ContactPoint is effectively a file-front that serves the whole range of agencies that may be involved with a child. It is intended to provide a complete directory of all children from birth, together with a list of the agencies with which s/he is in contact. It won’t hold any case records, but will enable practitioners to indicate their involvement with a family and contact each other in order to share information. It will also show whether an eCAF (an in-depth personal profile under the Common Assessment Framework) has been carried out and is available for sharing. ”

    The ContactPoint website states:

    ContactPoint will only hold the following basic information for all children in England (up until their 18th birthday)

    * Name, address, gender, date of birth and a unique identifying number.

    * Name and contact details for a child’s parent or carer.

    * Contact details for services working with a child: as a minimum, educational setting (e.g. school) and GP practice, but also other services where appropriate.

    * A means to indicate whether a practitioner is a lead professional and if they have undertaken an assessment under the Common Assessment Framework.

    Those providing a sensitive service (those in the fields of sexual health, mental health and substance abuse) will be required to seek informed, explicit consent before recording their contact details on ContactPoint. Where they are recorded, only an indication of an unspecified service would be visible.

    Informed, explicit consent will also be required for care leavers or those with learning difficulties to remain on ContactPoint up to age 25, to facilitate the transition to adult services.

    The legal basis for this was provided by the Children Act 2004. The scheme will be used by the police when investigating under 18s.

  • Criminal Records Bureau checks.
  • The National Staff Dismissal Register.
  • The database of communications data proposed under the Intercept Modernisation Programme.

    When using a phone or internet service, each time you phone someone, send an email or connect to a website, data will be generated indicating the origin, time, duration and destination of the communication. Such data is termed communications data. Note that the definition in the Regulation of Investigatory Powers Act (RIPA) 2000 excludes the content of a communication. Thus communications data includes the time, duration, origin and destination of your phone calls but not what you said. It will include the origin and destination, and possibly the headers, of your emails but not their bodies.

    Under RIPA, the police, security services and Revenue and Customs can demand this data about you from your phone company or ISP, without a warrant. Under the “Snooper’s Charter” this power was extended to government departments, local councils and numerous other public bodies. Britain has also operated a voluntary agreement with providers whereby telephony and subscriber data has to be stored for 12 months, with other data usually being stored for 6 months (but some is stored for shorter periods). Most recently, under the European Data Retention directive, legislation which the British government pushed for, communications data will need to be stored for at least 6 months by all communications providers in the EU. In Britain however, telephony data will have to be stored for a minimum of a year.

    However the British government is proposing to go one step further and create a central database of all such communications data related to the UK. This would mean that anyone with access to that database would be able to find out who is communicating electronically with whom without even needing to ask the internet or phone companies concerned to provide the information.

    Where the data is currently stored in a fragmentary manner across different service providers and you’d need to know which providers to ask in order to get a particular person’s communications data, this database would ensure it can all be found in one place. It also means the government can extend the length of time with which the data is stored and fund it via the taxpayer rather than burdening the phone and internet companies with the cost.

    Such a database will be very valuable to anyone wishing to find out any of the following:

    • Who a politician’s or activist’s associates are.
    • Who a public official’s associates are.
    • Who a journalist is communicating with, e.g. to try and track down their sources.

    Yet organised criminals can easily circumvent it by meeting face to face, using the post, or (less easily) using anonymisation services and encryption to protect themselves. At the same time, the database will be a honeypot for foreign intelligence agencies wishing to undermine the British authorities, or for organised criminals to either subvert the authorities themselves. The temptation will also be there for the government of the day to use the database against political opponents.

    As of the end of 2008, the database is still a proposal and a consultation is due to appear in January 2009. One of the reported options likely to be put forward in the consultation is that the database will be run by a private company. The Register reported that the aim is to get the system in place by 2012.

  • Automated Number Plate Recognition (ANPR) and “average speed” cameras.

    Increasingly, ANPR cameras are being used as a means of mass surveillance of the public as they drive around in Britain, e.g.:

    • London’s Congestion Zone works by noting which cars enter/exit the zone and calculating charges accordingly. However the data recorded is being used for a lot more than simply imposing the congestion charge. The recording of journeys occurs 24/7, regardless of whether the charges are in force, and the police and security services have real-time access to the data. The system is thus explicitly being used by the authorities to monitor all vehicle movements in and out of the congestion zone.
    • “Average speed” camera schemes are being rolled out across Britain’s major roads. These schemes will record the time taken for a car to go between pairs of cameras and issue speed tickets if the average speed is too high. Of necessity, this involves recording which cars travel between each pair of cameras in the scheme, and thus a database of people’s journeys will be created. The experience with the congestion charge in London suggests it will only be a matter of time before such data is routinely passed to the police and security services. The experience with the power to demand communications data suggests it will then be extended to every public body in the land. The Independent sets out how extensive this surveillance is likely to become.
  • School fingerprinting.
  • Pub fingerprinting.
  • e-Borders and Passenger Name Records (PNRs). According to a recent government press release:

    A new ‘e-Borders’ electronic border system will ensure that every visitor is counted in and out of the country by 2014.

    More than 99% of foreign nationals from outside the EEA will be tracked in and out of Britain by 2010 through targeting of higher risk countries, the Home Office announced today.

    A new ‘e-Borders’ electronic border system will ensure that, by 2014, every visitor is checked against immigration and security watch-lists, and counted in and out of the country.

    Thus, anytime someone enters or leaves the country, the government will make a record of the fact and check them against watch lists. Additionally, travel between the EU and the USA involves the sending of Passenger Name Records to the US authorities by at latest 15 minutes after departure.

  • Entitlement Cards.

Britain’s database state and “transformational government”.

Database state schemes elsewhere.

Further information

Notes

[1] NO2ID’s tagline is changing to “Stop the database state”, reflecting a growing emphasis on the database state on the part of the campaign.

email feedback@magnacartaplus.org

magnacartaplus.org 2006, 9 December

variable words
prints as variable A4 pages (on my printer and set-up)

abstracts of documents on magnacartaplus.org UK Acts of Parliament click for news from magnacartaplus.org orientation to magnacartaplus.org orientation button links to other relevant sites links

Powered by WordPress