A very rapid betrayal

June 4th, 2010 at 14:07 UTC by Ross Anderson

The coalition Government plans to keep the Summary Care Record, despite pre-election pledges by both the Conservatives and the Liberal Democrats to rip up the system – which is not compliant with the I v Finland judgement of the European Court of Human Rights.

Last year colleagues and I wrote Database State, a report for the Joseph Rowntree Reform Trust, which studied 46 systems that keep information on all of us, or at least a significant minority of us. We concluded that eleven of them were almost certainly illegal under human-rights law, and most of the rest had problems. Our report was well received by both Conservatives and Lib Dems; many of its recommendations were adopted as policy.

Old-timers may recall that back in 1996-7, many of us geeks supported New Labour enthusiastically, as Blair promised not to introduce key escrow. It took him almost a year to renege on that promise; it has taken the coalition less than a month.

Blair’s U-turn on key escrow in 1998 led to the establishment of FIPR, and a two-year fight against what became the RIP Act (where at least we limited escrow to the powers in part 3). What’s the appropriate response now to Cameron and Clegg?

It’s inconceivable that assurances given to farmers, or to soldiers, or to teachers would be tossed aside so casually. Yet half a million of us earn our living in IT in Britain – there’s a lot more of us than of any of them! And many people in other jobs care about privacy, copyright, and other digital issues. So do those of us who care about digital policy have to become more militant? Or do we have to raise money and bribe the ruling parties? Or, now that all three major parties are compromised, should we downgrade our hopes for parliament and operate through the courts and through Europe instead?

Entry filed under: Legal issues, News coverage, Politics

8 comments Add your own

  • 1. igb  |  June 5th, 2010 at 10:05 UTC

    Actually Ross, I don’t quite read the announcement as the U-Turn you’re making out. I think it’s more nuanced (and cleverer) than that.

    If the government tears up the SCR project right now, it takes all of NPfIT down with it there and then. Given the withdrawal of two of the suppliers already, and CSC having missed the Morecombe roll-out date, abandoning the SCR would hit BT the hardest (as it has the spine and the data centres) and that would leave all four suppliers either out or holed below the waterline. NPfIT falls into abeyance and the dispute between Fujitsu and government over exit terms broadens to CSC (maybe) and BT (definitely).

    On the other hand, the current situation with SCR is that a lot of doctors object, a lot of PCTs haven’t passed the threshold for informed consent and the BMA have said they will back practices who decline to upload or who insist on opt-in (which amounts to refusal, practically). All Burns has said is that existing uploads (ie, not many) can continue: he hasn’t imposed additional duties on, or made threats to, PCTs and doctors that are not uploading. He’s saying that the uploads should only happen when doctors are convinced by both the opt-out opportunities (they aren’t) and the data quality (they aren’t).

    Trish Greenhaigh’s report is due out at the end of the month, and the rumours are that it’s savage, calling into question the fundamental purpose, architecture and assumptions of the project. It was put into purdah before the election, so it’s presumably not anodyne.

    By continuing to permit existing uploads, which aren’t really happening in any serious volume anyway, Burns defers doing anything which looks like government-imposed cancellation, which would be a trip straight to court over large exit penalties. Instead he waits until he can use an independent, academic report which says “this is all a bit shit, really”. At which point he can blame the suppliers, blame his predecessors and cancel it for being “a bit shit, really” rather than for cost and/or ideological reasons.

    Burns is saying “you can continue to do X, so long as an agreement that won’t happen is made between parties who are already firmly in disagreement, and I’m not saying anything to fix that disagreement”. He’s going to either let SCR wither on the vine or be killed by someone else. I suspect that the contracts with BT and CSC have a duration, but don’t guarantee volumes, so by allowing them to run to completion on nugatory volumes the payments are minimised compared to stopping the contract dead right now. If he can also get a third party to provide what amounts to proof of non-performance, so much the better.

    There’s also the nightmare that SCR/NPfIT is heavily bound up with PACS, which is actually working and is actually delivering benefits. PACS is dependent on N3 and various other NPfIT components, so starting to tear up contracts for NPfIT would make problems for PACS. Again, letting everything gently wither on the vine until the contracts for the bits that are wanted can be let will be a lot less traumatic for all parties than holding a bonfire of the vanity projects.

    ID Cards were different, because there’s nothing bound up with the contracts, and they weren’t that large anyway. If you’re going to kill ID, Phase 2 biometric passports and NIR in one fell swoop, you can just pay the (small) termination costs and walk away. The project’s in an early phase, it’s not delivering anything you want, and the main contractor doesn’t have much leverage anyway. None of that’s true, sadly, in NPfIT.

    So my summary is: SCR will wither, NPfIT will wither, when the contracts expire the stuff that’s actually useful will be re-tendered, the government won’t do anything to provide an excuse for BT to sue for unreasonably termination.

  • 2. Ross Anderson  |  June 5th, 2010 at 11:55 UTC

    Ian, I sincerely hope your analysis is right! Anyway, there’s already some national press coverage – in the Mail.

  • 3. Ross Anderson  |  June 5th, 2010 at 20:40 UTC

    and here in the New Statesman, and the BBC

  • 4. Clive Robinson  |  June 6th, 2010 at 10:28 UTC

    @ Ross,

    You make the options sound mutualy exclusive, they probably are not.

    Action through the courts is the one that hurts a government the most because it can be shown to be “injustice” which mi’lords do not like and the fourth estate goes to town on.

    Unfortunatly with court action you have to pick your battle very very carefully otherwise you could end up making adverse case law. It also can take an age though CPR is supposed to minimise this these days.

    As for lobying / bribing / buying politicians or their opinions I think you can safely say forget it.

    Look at Patsy “blew it” she has a nice little erner from BT these days and still gets other renumeration from Boots etc and other “consultant work”. The politicos know you have next to nothing to offer them likewise senior civil servants. And as they are not required to listen to pressure groups but only those they chose (see Private Eye ad nausum on how private industry accounts for 90% of ministers meetings etc on the likes of finance, the environment, farming, transport, health care) you might as well forget the idea. As has oft been said “you can lead a horse to water…” likewise with politicos they don’t have to act on the information you supply except under certain exceptional circumstances.

    There is of course another possability which might well occur which is theft of information. As a person who has had their medical records stolen twice but only once officialy (St Georges Hosp Tooting SW London) I am aware that this is very very likley to happen. Thus as patients become suspicious they should name and shame and thus make public as much as possible these events. Eventually the fourth estate are going to pick up on it, the trick then becomes keeping the spotlight on the issue.

    For instance imagine if you will what would happen if say Ruppert Murdoch’s (or one of his close family etc) medical records where obtained illegaly and put all over the Internet. I suspect the level of bad press would be so eye watering for all politicos that they would snap to attention and actualy do something.

    But what…

    There is the usual issue with the UK legislature that produced such utter messess as the Dangerous Dogs act and other more recent counter productive legislation.

    The solution is again as normal to do the job for them. That is effectivly draft the legislation or ammendments to existing legislation in a way they can just pick up and use. Or have appropriate clear and concise briefing material as to the issues remidies and most importantly pitfalls ready and avalable to stuff in their mits prior to civil servents dusting off their own agendas and re-cutting them to apparently fit (remember National ID cards where a civil service idea that successive governments had rejected for good and sensible reasons, and Labour tried to use as a party funds raiser).

  • 5. Ross Anderson  |  June 6th, 2010 at 13:13 UTC

    and the Indy

  • 6. J. MacFarlane  |  June 9th, 2010 at 11:52 UTC

    I have a Ph.D proposal on Human Rights & DNA Legislation. Anyone interested? (I am poor, no rich family so funding must be available).

  • 7. Emma Byrne  |  June 16th, 2010 at 08:53 UTC

    “For instance imagine if you will what would happen if say Ruppert Murdoch’s (or one of his close family etc) medical records where obtained illegaly”

    I admire your optimism.

    This (or something like it) has already happened to Gordon Brown and Alex Salmond’s emergency care record. The GP who did this will not stand trial.

  • 8. Gianni Tedesco  |  September 16th, 2010 at 22:34 UTC

    “should we downgrade our hopes for parliament and operate through the courts and through Europe instead?”

    Erm, yes… ;)

Leave a Comment

Required

Required, hidden

Some HTML allowed:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Subscribe to the comments via RSS Feed


Calendar

June 2010
M T W T F S S
« May   Jul »
 123456
78910111213
14151617181920
21222324252627
282930