Data Handling Procedures in Government: Interim Progress Report

David Hansen ukcrypto at chiark.greenend.org.uk
Sat, 19 Jan 2008 11:36:57 -0000 

On 18 Jan 2008 at 21:11, Peter Tomlinson wrote:

> > _http://www.cabinetoffice.gov.uk/reports/data_handling.aspx_

> I'm not convinced.

Agreed. It looks like the usual smug waffle to me. However, thanks to 
David for drawing it to our attention.

As with the Home Office I wonder if those who wrote the slogan on the 
first page managed to keep a straight face while composing it.

Paragraph 35 talks of "activity", while I am more interested in 
results.

Paragraph 37 asserts that, "To deliver public services effectively and 
efficiently, information needs to be shared between different parts of 
Government.", yet fails to offer any evidence to back up this 
assertion.

Paragraph 38 asserts that, "Government has always regarded personal 
data of citizens as a critical asset akin to the most sensitive 
financial and other information handled within Departments.", which is 
obviously nonsense as we can see from the mass media.

If I believed Paragraph 42, "As a first step, Government should commit 
to enhanced transparency with Parliament and the public about action to 
safeguard information and the results of that action.", it would be a  
step forward. However, they will undoubtedly continue with the same 
smug waffle as they always do. An "assurance" in a report will not 
reassure anyone with the remotest clue, though such an "assurance" may 
allow officials and party politicians toclaim that they have "done 
something" while in reality they have only caused activity rather than 
results.

Paragraph 45 starts off well, "Similarly, the Government should commit 
in principle to the introduction of new sanctions under the Data 
Protection Act for the most serious breaches of its principles." 
However, the authors immediately negate that sentence with the 
following, "Such proposals will have to take account of the need not 
only to provide high levels of data security, but also ensure that 
sensible data sharing practices can be conducted in an environment of 
legal certainty."

Paragraph 46 uses many words to say very little.

> [I] doubt that things will get much better until the ICO has 
> both the teeth and the resources to police this area.

I'm not convinced. The current bod shows little desire to police 
information properly and many of his staff appear entirely 
disinterested. Any revolution in this regard would probably need to 
include taking the lot of them out and lining them upagainst a wall, to 
encourage their replacements to be rather more dilligent.

> The really annoying thing is that I'm convinced that the intention at 
> the top is for service delivery to be done properly.

I have a simple approach when evaluating the claims of those at "the 
top".

Things occasionally go wrong, but if things consistently go wrong then 
I become increasingly disbelieving about the assertions of those at 
"the top" and wonder what they really want to happen.




-- 
  David Hansen, Edinburgh 
 I will *always* explain revoked encryption keys, unless RIP prevents 
me   
http://www.opsi.gov.uk/acts/acts2000/00023--e.htm#54