I’m still cross about this so I’ve written to my MP

FOR THE ATTENTION OF:

Jeremy Hunt MP
South West Surrey

Wednesday 28 November 2007

Dear Jeremy

HMRC data breach and the “database state”
———————————-

The HMRC breach raises concerns about the other central government databases being built under the customer-centric policy of “transformational government”.

What troubles me is that, despite listening very carefully over several years, I just dont see the benefit to me of my health record to be centralised under Connecting for Health, my daughter’s social care on ChoicePoint, or all our biometric details on the ID System.

All the thrust of contempory service design and technology is for user-controlled devolved ID, health management etc. No third party cares how well my own records are maintained as much as me. To the officials involved my loved ones and I are just a cipher and our personal details some slightly valuable data to be shared and exploited.

All these centralised systems are accessible to tens or hundreds of thousands of public servants, including normal proportions of the clueless and the crooked. They could either be secure, or easy to use for the day to day work of thousands of people, but not both.

It’s not done with my consent, it’s an unnecessary risk, and I just dont understand what benefit it is supposed to deliver, yet it is supposed to be “customer-centric”.

I would like to try to understand. My mind is not closed, and I’m not trying to make a partisan point. But I feel very strongly about this (to the extent of pressing my GP to opt out of CfH and refusing to register for ID, heartened by being in the good company of Joanna Lumley and Dame Shirley Williams).

Do you think we could write to the Ministers responsible for ChoicePoint, ID System, and CfH and ask them to explain in plain language what benefits they seek to deliver? Or, in your experience of the system, is that a waste of all our time?

Yours sincerely

William Heath

Well, here they are

British citizens

Once it is up and running the National Identity Scheme could:

* protect your identity from theft
* protect vulnerable people from those who have lied to gain positions of trust
* offer a convenient way to prove your age
* speed up many everyday transactions
* make it easier for you to travel in Europe
* make it simpler to prove your ID
* make the internet easier to use
* make it easier to replace lost and stolen documents
* protect your privacy

Protect your identity from theft

Identity theft or fraud involves someone using your identity to, for example, open bogus accounts, apply for loans, buy goods over the phone or internet, or take over one of your bank accounts. By registering and using your card to prove who you are you will be able to protect yourself and help reduce identity theft. The National Identity Scheme is designed to be more secure than current ways of proving identity. It will make it extremely difficult for someone else to impersonate you, even if they have your ID card, because only you can be matched to your biometrics. More about protection from identity theft and fraud
Protect vulnerable people from those who have lied to gain positions of trust

You need to know that people in positions of trust (such as nannies, carers for the elderly, childminders, and so on) are who they say they are. Biometric data in the ID card means that a potential employer could quickly and reliably confirm an applicant’s identity. The Criminal Records Bureau could also use the applicant’s Identity Registration Number (IRN) in order to check that they have no criminal record, for example. Use of the IRN will speed up such searches significantly. (See a case study that illustrates this benefit.)
Offer a convenient and trusted way to prove your age

Whether you are a young person wanting to buy a drink in a pub or an older person who wishes to claim a travel discount, the easy-to-carry ID card will offer a safe and secure way to prove your age. (See how this could work in practice.)
Speed up many everyday transactions

Once you are registered with the National Identity Scheme you will have a quick and secure way of proving your identity whenever you need to, for example via a match of your ID card and biometrics or PIN. (See how this could work in practice.)
Make it easier for you to travel in Europe

With a UK ID card that shows your nationality you will be able to enter European countries without the need to carry your passport. The card will also reduce checking time at ports and borders.
Make it simpler to prove your identity

There will be no need to keep many different identity documents – just one convenient card that can be used only by you, since only you have the biometrics associated with your ID card. You won’t need to carry the card with you at all times, and if you need to prove your identity without the card you will be able to do so by providing a few details about yourself along with a biometric, such as a fingerprint or PIN.
Make the internet easier and safer to use

There will be less need to remember an array of user names and passwords – just use your ID card and PIN online. Your card will help you securely log on to services and also provide a digital ‘signature’. With this you can authorise important transactions and application forms, giving both you and the service provider more confidence in the exchange.
Make it easier to replace lost and stolen documents

If you lose your ID card or passport, or if they are stolen, all you will need to do is to go to a local office where your identity can be checked against your biometrics. Your original documents will be cancelled so no-one else can try to use them and replacements will be sent out to you.
Protect your privacy

The National Identity Scheme has been designed with your privacy in mind. Only the most basic information is contained on the card itself (more detailed identity information is held securely in the National Identity Register (NIR), and only accredited user organisations will be able to use the NIR to check your identity.

> You need to know that people in positions of trust (such as nannies, carers for the elderly, childminders, and so on) are who they say they are.

I wonder if this is a real of pseudo-justification. What you need to know is that they’re there and you can trust them. That’s about how they behave, not whether Heidi’s real name is Svetlana. It’s reputation in the relevant context, not identity.

Is there evidence of a problem of carers for the elderly systematically changing their names in order to be able to bully old people? Isnt that a problem that Patient Opinion fixes far more effectively and cost-effectively?

It feels to me this is based on a view of human nature which ends up saying “tick here if you’re a terrorist” (like the US Immigration form)

Oh wow. My MP has done a substantive reply in less than 24 hours

Dear Mr Heath,

Thank you very much for your email. I am grateful to you for taking the time to get in touch following the recent loss of 25 million child benefit records by HM Revenue & Customs. This has clear implications for many families in my constituency and throughout the country, because the information that has gone missing can be used by identity fraudsters, and so I can entirely understand the level of public concern.

My colleagues and I feel exactly the same way, as you may have seen from Prime Minister’s Questions last week, when David Cameron tackled Gordon Brown on just how this could have been allowed to happen. He said that the government had failed in its first duty to protect the public, and that Gordon Brown should be accepting some responsibility for this failure. The Prime Minister may argue that procedures were in place to prevent such a situation occurring, but that is no use if these procedures are simply disregarded.

As you say, the fact that HM Revenue and Customs have lost data on 25 million people shows the government can not be trusted to bring in ID cards, and it also has implications for our health records on Connecting for Health, and CentrePoint. Conservatives remain firmly opposed to ID cards on a number of grounds and my colleague David Davis, the Shadow Home Secretary, has made it clear that, if the Conservatives win the next election, his first act will be to scrap the scheme. He has written to the Cabinet Secretary to inform him of this. I urge you to visit http://www.conservatives.com to sign our petition on the campaigns page calling for the plans to be scrapped. I will also write to the Secretary of
State for Health, Alan Johnson, expressing your concerns about centralised health records, and asking him to reconsider implementing such a system. I will let you know when I receive any response.

The Conservatives will be doing all we can to hold the Government to account on this issue, and ensure that this is not allowed to happen again. If you should have any cause for concern then please contact HMRC on 0845 302 1444 between 8am and 8pm on any day of the week, and if you see any suspicious activity in your bank statements, then contact your bank immediately.

Thanks again for writing to me. Please do not hesitate to contact me if I can be of any further assistance.

Best wishes,

Jeremy Hunt
———————————————————————
Jeremy Hunt
Member of Parliament
South West Surrey

House of Commons, London, SW1A 0AA

I wrongly called it ChoicePoint; shd have said ContactPoint, but he pre-empted me and called it CentrePoint anyway. But the real problem is eCAF. Anyway, cheers Jeremy.

I Googled “benefits choicepoint ecaf” (In case I was missing anything obvious) and got (apart from IdealGov) this strange page: http://www.cs.queensu.ca/~skill/unique_n4.txt

Maybe this is what the evidence behind Transformational Government looks like?