Keeping paper voting: right policy, wrong reason

In six days, Britons will use stubby little pencils to put crosses next to people’s names on pieces of paper. In each of 650 areas, the person with the most crosses becomes a member of parliament. If more than half of those MPs come from one party, that party forms a government and its leader is prime minister. It’s easy to understand and trust.

If someone hacks your bank account, you will notice and will probably be able to get recompense. If someone hacks an election, you are unlikely to know unless your votes was published – which would rather undermine the concept of a secret ballot. Also, we can all understand people counting pieces of paper. Very few of us, including apparently many NHS organisations, can say likewise for computer security. Continue reading “Keeping paper voting: right policy, wrong reason”

The paranoid style in IT journalism

There’s a type of technology journalism which is the non-fiction equivalent of a horror story, the opposite of uncritical technophilia. Scaring readers is a pretty good way to hold their attention, but it doesn’t necessarily get to the heart of the story.

Earlier this month, The Register published my piece on Cambridge Analytica and its targeted political advertising based on online psychometric profiling. The company does itself no favours by not responding to questions, but I did speak to academic Michal Kosinski, who according to a widely-read article in Swiss publication Das Magazin (republished by Vice’s Motherboard section) ended up racked with guilt at having developed ideas in this area which Cambridge Analytica has since exploited. Continue reading “The paranoid style in IT journalism”

It’s Facebook wot wins votes

The Facebook fake news fuss is a distraction compared with the company’s bigger impact on politics: its ability to micro-target advertising based on its detailed knowledge of its users. As I wrote earlier this month for The Register, Facebook has helped the Conservatives to win the 2015 general election, pro-Brexit campaigners to win the referendum and Donald Trump the US presidency.

Facebook uses the Tory victory in its marketing to other political campaigners. As far as I can see it isn’t yet boasting about its role in Brexit, which included Leave.EU using Facebook to target racists until it got caught out by the Remain campaign. Continue reading “It’s Facebook wot wins votes”

No Mr Bond, I expect you to fill out the form

Britain’s security and intelligence agencies used not to exist, officially. Now, you can download documents discussing MI5 officers’ failures to fill out electronic forms. On 3 May, someone new to the approval process for accessing bulk personal datasets reported that it was being over-ridden. One imagines he or she was unpopular with colleagues; hats off, nevertheless, for protecting both the privacy of the largely innocent people on those databases and MI5’s reputation. Continue reading “No Mr Bond, I expect you to fill out the form”

Those GCHQ, MI5 and SIS NHS medical record denials in full

Last week, Computer Weekly published my article headlined ‘MI5 staff repeatedly overrode data surveillance rules’. This was one of several interesting stories contained within the documents released by Privacy International in late July which I rounded up in the article, another being specific statements by GCHQ, MI5 and SIS (or MI6) in witness statements that they do not retain bulk personal datasets of medical records, from the NHS or anywhere else.

Tweeting this attracted a fair bit of attention, including some querying the careful language quoted in the article. Given the interest, here are the sections regarding medical records from each of the three agencies, all from this document which contains the three witness statements. By bulk personal datasets (BPDs), the agencies mean untargeted data covering a lot of people, most of whom will be innocent – the haystack rather than just the needles. Continue reading “Those GCHQ, MI5 and SIS NHS medical record denials in full”