Friday, September 11, 2009

Government by Database

The government has announced new measures that on the face of it suggest a vast increase in the number of people that will be subject to criminal record checks before they are allowed to have contact with children

The aim of the initiative nobody could disagree with - to protect children from paedophiles and others who may harm them. I fear the result of this measure, like so many other 'government by database' initiatives will be one of expensive failure. I'm thinking ID cards to 'protect' us from terrorism/immigrants/whatever the excuse is this month, vast DNA databases of innocent people to 'protect' us from crime, or automated speed cameras to solve all our road safety problems.

The basic theory of 'government by database' is that a complex problem like stopping terrorism, saving children from paedophiles, ensuring road safety etc can be essentially solved by creating a vast state controlled database, then applying a relatively simple test (a single analysis of simple inputs producing a narrow range of defined conclusions), and using the results of the test to punish someone or stop them doing something.

In theory, this is the bureaucrats dream - difficult problems solved through the application of technology. A degree of control of undesirable behaviour that previous generations of authoritarian leaning governments could only dream of.

Trouble is, it is deeply, deeply flawed. I would suggest as a plan it is obviously flawed, but the Labour government has been so keen on pursuing this agenda, it is worth analysing in general terms why 'government by database' is such a bad idea.

Put simply, it doesn't work. You can't model a complex social situation in a single test. ID cards are touted as a 'foolproof' method of proving my identity, and therefore some proponents of them (like the aspiring-MP and Coleridge Labour Councillor who supports the government's ID card agenda) actually think individuals should welcome them as something useful.

The reality of life is that complex situations cannot be resolved to simple test. How do I prove my identity? - that can never be answered by a record on a database, that could be manipulated by any number of people, it is about who I am, where I live, my friends, my work, my beliefs and ideals, a vast array of complex interactions and information. You can never guarantee that you are speaking to who you think you are, or if they really have the characteristics they suggest and that you are interested in when deciding whether or not to undertake a social transaction, but the more you know about someone, the more a human can reach a reliable conclusion that they are comfortable with that interaction.

By contrast, the 'government by database' approach fails at many fundamental and simple levels.

The inputs to the database could be wrong - in the case of today's anti-paedophile announcement, one false allegation, one accidental misconnection of an event to the wrong person with a similar name, and the test could condemn innocent people, in an area where 'false positives' can have a devastating effect on the individual concerned.

Whilst the problem of wrong data should be a worry to those who think they have done nothing wrong (and therefore, as proponents will often remind, have 'nothing to fear'), wrong data is a huge opportunity for those who the systems are designed to protect us from. Who is to say information that indicates a potentially paedophile will ever make it on to the database, or if it is there, that any one of the thousands who are necessarily authorised to update the data won't amend this data to present a false picture of an individual.

Normally it just wouldn't be worth the risk of prosecution for a systems administrator who alters or accesses data, but the power of a single 'foolproof' test, and the faith placed in the result of that test by people who have no information other than the test result add immensely to the value of infiltrating the bureaucrats and technocrats who administer the systems, be it by paedophile rings or terrorist groups.

With the message from Government that we can absolutely trust the results of the 'government by database' test, even when that patently isn't true, we could even find ourselves less protected as slavery to the database changes behaviour. Human beings, like headteachers or social workers traditionally exercise professional judgement about the desirability of a person working with children based on all the information available to them (or they use social interactions to increase their available information if they don't think it is sufficient to reach a reliable conclusion). With this task outsourced to a government database - will the temptation be to reduce vigilance based around common sense. With the road safety example, as driving safely is ever more equated with simply not exceeding an often arbitrary speed limit - people are less inclined to think about the vastly complex risks present at all speeds of driving that could make a serious accident more likely.

What makes me really angry about the 'government by database' strategy is that despite it being deeply broken, the price we all have to pay is vast. Government IT is vastly expensive, a non-trivial part of the huge budget mess Labour will leave to the next government, but worse still, the government will be in possession of vast amounts of data, that could live on forever, and be used by a government to control us as individuals or our children for generations.

I'll stop as this appears to have turned into a rant - and to think I was going to do a rare post about how right the Prime Minister was today with his comments on Alan Turing...

No comments: