Database State

March 23rd, 2009 at 04:47 UTC by Ross Anderson

Database State is a report we’ve written for the Joseph Rowntree Reform Trust on the failings of public-sector IT in Britain, and how to fix them. There’s press coverage in the Guardian, the Mail, the Independent, and the Telegraph.

Entry filed under: Legal issues, News coverage, Politics, Security economics

11 comments Add your own

  • 1. James Hughes  |  March 23rd, 2009 at 11:36 UTC

    I heard your interview on R4 this morning. Why is it that politicians always know better than acknowledged experts in the field? Every time? Why are they never told ‘You are a minister for 5 minutes, I have been an expert in this field for 20 years. Why do you think you know better than me?’

    I’m sorry the politico in questions whose named slips my mind, ‘dissed’ this report out of hand (no surprise there) but at least he came off as being a rather slippery character, clutching at straws, and unable to answer any of the real questions put to him.


  • 2. Ross Anderson  |  March 23rd, 2009 at 13:55 UTC

    More news coverage in the Daily India, the Standard and elsewhere

  • 3. Ross Anderson  |  March 23rd, 2009 at 14:56 UTC

    … and here’s a blog in the FT that’s written by a doctor in Scotland

  • 4. Ludo  |  March 23rd, 2009 at 21:09 UTC

    Interesting report. However, not all conclusions appear to be justified in my opinion, particularly not as regards the section ‘European databases’.

    I will only comment on the two databases I have sufficient knowledge of: the Schengen Information System and the Prüm Framework.

    Staring with the Prüm Framework: First and foremost: this is NOT a database but a system to conduct automated cross-border checks. No data is held on the system, it facilitates comparison of data from different member states.
    Second, and equally crucial, the system works on keys that do not contain personal information and a hit-no-hit basis. For example, with DNA comparison only the numeric profiles (loci) are compared. If and when there is a hit personal information needs to be requested from the other state according via existing procedures, which depending on the member state could entail sending a judicial letter of request. If these procedures in the UK are not privacy compliant than that might be an issue to address. But that has nothing to do with Prüm. It remains therefore unclear to me on what evidence this ‘red’ flag is based.

    As regards the Schengen Information System, the report rates it amber because of the projected changes. In my opinion it would have been more accurate to rate the current system first. Especially if on follows the discussion at the European level it is evident that SIS II actually might never be build.

    In sum, it is an interesting report but these inaccuracies harm the overall value for me.

  • 5. callum  |  March 25th, 2009 at 13:59 UTC

    here’s another example from today’s press (BBC):

    “The parents of a girl who died suddenly have received a school letter demanding she improves her attendance.

    Megan Gillan, 15, was found dead in the bedroom of her home in Macclesfield, Cheshire, two months ago.

    Her parents say they were “floored” by a Macclesfield High School letter, which threatened to ban Megan from the end of year prom.

    The school has apologised for the mistake, which they said was down to an error on the computer database. ”

    This article shows up so many flaws in UK Gov database culture. The fact that a letter was sent out without checking & verification and then _blamed_ on the database!

  • 6. Ross Anderson  |  April 1st, 2009 at 06:51 UTC

    Beautiful comment from Simon Jenkins in the Guardian. The Home Secretary who told us that if we have nothing to hide we have nothing to fear is duly embarrassed …

  • 7. Ross Anderson  |  April 6th, 2009 at 22:19 UTC

    There has also been a debate in the Lords on the Report.

  • 8. Ross Anderson  |  April 30th, 2009 at 11:49 UTC

    … and a perspective in the New Statesman

  • 9. Ross Anderson  |  March 19th, 2010 at 11:32 UTC

    Our report is still being sidely cited and discussed a year after its publication.

  • 10. Tim Coote  |  September 28th, 2011 at 14:11 UTC

    Given that there’s such a large potential operational saving from turning off the worst of the systems, I’m surprised that we haven’t heard more about this report since the change of government.

  • 11. Ross Anderson  |  April 5th, 2013 at 09:33 UTC

    April 2013: here is a retrospective piece by Tech Week on how the new coalition government has reneged on its promise to cut back on the database state, and now watches us more assiduously than ever.

Leave a Comment


Required, hidden

Some HTML allowed:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Subscribe to the comments via RSS Feed


March 2009
« Feb   Apr »