The Glass Box for Monday
In the PM office we meet every night after the programme in this Glass Box:
We talk about the content of the programme and try to give an honest assessment of what worked and what didn't...the things we missed and the places where our ambitions were not met. THIS virtual glass box you are looking at is where you are invited - indeed encouraged - to be honest about our hour. Members of the production team will read it, and the editor should comment too. Click on The Glass Box link on the right of the page to read previous entries.
RSS feed
Email us
Listen to PM
I THOUGHT THE MINISTER OF JUSTICE WAS BREATHTAKING IN HIS COMPLACENCY ABOUT THE LOSS OF PERSONAL INFORMATION.
MY UNDERSTANDING IS THAT THE DISKS WERE SENT THROUGH THE POST UN-ENCRYPTED AND IT IS POSSIBLE THAT THE PASSWORD MAY HAVE BEEN INCLUDED WITH THE DISKS. THIS IS NOT A MISTAKE IT IS, IN MY OPINION CRIMINAL NEGLIGENCE.
WHEN I WAS IN THE NAVY, IF WE LEFT A CLASSIFIED DOCUMENT LAYING AROUND IN A LOCKED OFFICE WE WOULD BE IN TROUBLE!
THE FACT THAT THIS IS NEW TECHNOLOGY IS INEXCUSABLE.
THE SENIOR OFFICERS WHO HAVE ALLOWED THIS TO HAPPEN SHOULD BE SACKED.
I THOUGHT THE MINISTER OF JUSTICE WAS BREATHTAKING IN HIS COMPLACENCY ABOUT THE LOSS OF PERSONAL INFORMATION.
MY UNDERSTANDING IS THAT THE DISKS WERE SENT THROUGH THE POST UN-ENCRYPTED AND IT IS POSSIBLE THAT THE PASSWORD MAY HAVE BEEN INCLUDED WITH THE DISKS. THIS IS NOT A MISTAKE IT IS, IN MY OPINION CRIMINAL NEGLIGENCE.
WHEN I WAS IN THE NAVY, IF WE LEFT A CLASSIFIED DOCUMENT LAYING AROUND IN A LOCKED OFFICE WE WOULD BE IN TROUBLE!
THE FACT THAT THIS IS NEW TECHNOLOGY IS INEXCUSABLE.
THE SENIOR OFFICERS WHO HAVE ALLOWED THIS TO HAPPEN SHOULD BE SACKED.
Dear PM,
Why must all your reports involving any government issues be so relentlessly negative. You should, of course, question government spokesmen about problems but you should give a better reflection of the overall picture rather than focus solely on the items where there has been a failing, to maintain a sense of proportion. An example was the report on the recent flooding. The published report was a balanced view of what happened with some criticisms of state planning but your PM item dealt only with the (relatively minor) critical areas. This is not helpful in conveying a picture of the real situation. In general, your interviewers display audible glee when catching out an official or government member and clear disappointment if this is impossible. As a long standing listener, my comments are relevant to all governments, not just the current one. What we want is a proper picture of current situations, not tabloid sensationalism.
Umm, Dave Jones, when you were in the Navy, did people shout at you a lot? Just wondered.
Good show tonight I thought, though I missed some bits. Nice interview with the havering minister for excuses. Might just as well walk round with all our details attached to a label, a la Paddington Bear. Save the government having to give them away for us.
I feel that while there was reasonable coverage of the personal info loss stories we were missing the common history of these losses.
It would have been interesting to ask the Minister why the 25M records were lost when a few months before 60,000 similar records were lost yet lessons obviously hadn't been learned or implemented. So why should we assume they will this time?
I know that you would have gotten some blarney about waiting for the review to report but at least he would have been reminded that we hadn't all forgotten.
As to not answering if the password was contained within the package all it makes me think is that they really WERE that stupid.
Another question I would have liked asked is related to Norwich Unions fine - when can we see similar action on Government and it's Agencies?
If I understand it correctly, the recent loss of three million units of personal data from UK driving tests was lost in Iowa, USA.
What was the material, which concerns exclusively matters of British people and agencies, doing in the USA?
Apparently "a private contractor" was involved, but it still does not explain or justify that internal British data, given to a government agency, ends up with a private US company.
I am sure that this is only the tip of a very large and dangerous iceberg. How many public services are out-sourced to private companies? And how many of these are American? Does this not create a situation of virtual colonialism, where our personal data, given to our government in good faith (and often without a choice to refuse), are used - and perhaps misused - by greedy private US companies?
I often wonder why I receive an enormous amount of "spam" e-mails as well as mail shot in the post from companies I have never been in contact with and never will, many of them based in the USA. Even though I cannot prove it, I have a strong suspicion that there is a connection.
No other country in Europe is selling out to US interests in the way Britain does. This goes for private companies as well as the government, and the question needs to be asked in how far the United Kingdom is still a truly sovereign country.
I think a public inquiry would be useful to establish the fact and figures.
Alexander Bergen @ 6, I agree with you very strongly.
Even a ´óÏó´«Ã½ man presumed to be reasonably neutral on this story did say 'in Iowa, of all places' at one point.
What was this data to be used for, by whom, and why did it need to be in the States at all seem to me to be reasonable questions.
On the missing L driver details I though the most interesting question wasn't asked - what were the details doing outside the EEA? In order for your details to be sent outside the EEA you've got to specifically agree this with the implication, as I understand it, being that you have an opportunity to get an equivalent service without your data going outside the EEA (and potentially to an area with weaker data protection legislation). However, if the service is to be a learner driver or not there is no choice - seems wrong.
It's always interesting to compare PM with the News At Ten on the ´óÏó´«Ã½ (you know, moving pictures and things).
Someone from Wales said their pensions had been decimated, so they were desolate. Now it turns out they're going to get 90% of their money - so they're over the moon.
According to my dictionary, getting a decimated pension and getting 90% of a pension mean exactly the same thing. So why the sudden mood swing?
Sid
When Hilary Benn started his interview, I thought he was attempting to do it in Basic English (you know, when you use only 800 words to convey all sorts of concepts).
I loved his 'water that fell from the sky' for 'rain' - but then he gave up. Shame.
Sid
It is interesting that there is plenty of press about the Government losses of personal data, yet private company's don't see the spotlight.
See the following register link -
Fasthosts lost up to 500,000 customer's details including addresses and credit card details. Yet they got off pretty lightly.
Shaun @ 11, maybe the difference is that people are deemed to have chosen to give their details to Fasthosts and other private companies, whereas anyone with a child under 18 has had no choice about their details being taken and kept by the family allowance people? I'm quite sure that anyone wanting to take a driving test was given no choice about their details being taken from them. And so forth. People who require our details and give us no choice about letting them have them really ought to look after them properly, is the reasoning here.
(Too many 'them's in that last sentence but I'm sure you know what I mean.)
Alexander Bergen at #6 ;
Most large companies and government departments have long since handed over their entire I.T. departments to overseas companies. It's called 'outsourcing'. Pretty much the entire FTSE-100 and -250 companies have done it.
It's done on the understanding that it will save the organisation money over a number of years. It rarely works out that way, although you'll never get them to admit that.
Most of these 'outsource partners' are American. Their policy is monothematic, reduce costs to below the minimum. That means job losses, sometimes on a swingeing scale, because people are the largest cost to most service industries.
Those which aren't American are mostly Indian. There are more degrees in I.T. awarded in the city of Bangalore alone each year than in the whole of Britain.
We are outnumbered and expensive in Britain, you can hire 5 or 10 people in India for the price of one Briton. And if they are not, in every case, as good as a British worker (especially in terms of individual initiative) they solve things on sheer weight of numbers applied to the problem.
Often the American outsourcers will subcontract some portion of the work to those same Indian companies, in order to reduce their own costs. Confused yet?
That's why most large call centres are now based on the subcontinent. Financial work is now often transacted over there. The database holding the details of your bank account may reside physically on hard disks in a datacentre in London, but the people viewing your details might well be in Madras. Tesco, for example, now has virtually it's entire accounting department based in India. All the transactions, payments, receipts, stock levels, supply chain management run from 6000 miles away.
A high street bank got into hot water a few years ago when a client pointed out that it is illegal to transfer the financial details of any customer outside the U.K. without their express permission, which he hadn't given to them. So the data, as I mentioned, is retained here in the U.K. But you don't have to sit at a desk in the U.K. to see it and work with it, do you?
In terms of your specific questions;
Armed Forces payroll is outsourced to EDS. So an American company has the personnel and financial details of every uniformed and civilian person working in U.K. defence.
IBM run DEFRA's I.T. systems (including the notorious Rural Payment Agency).
And many more besides. EDS has assiduously tied up large sections of government I.T. provision, whilst delivering lousy value for money.
The sole protection for these things is the legal requirement that any person having access to data held by, or on behalf of, any department of government must be a U.K. citizen with a background check to at least 'Security Cleared' level.
After the recent round of data losses and the revelations on 11,000 illegal workers in the security industry how confident are you that all this is being handled properly?
I believe this blog is "outsourced", managed by "six apart".
xx
ed
Hello
I was editing last night's programme. Thanks for your interest.
Our main problem was finding a way of pulling together the assortment of data protection stories. As mentioned above, not only was there the issue with the learner drivers' details, there was also an update from the Chancellor on the Child Benefit discs and the fine imposed on Norwich Union. Hopefully it wasn't too confusing to mention them all in the same story.
Unrelated to this, we also had three men from the Ministry of Defence watching us in action, so we were all on our best behaviour.