WIREDGOV

QUARTER OF ALL DATABASES FUNDAMENTALLY FLAWED AND MUST BE SCRAPPED, SAYS LANDMARK STUDY

The first ever comprehensive map of Britain’s database state today reveals how the database obsession of government has left officials struggling to control billions of records of our most personal details and almost every contact we have with the agencies set up to serve and protect us.

Database State examines every major public sector database in the UK and demonstrates how many multi-million pound IT projects either don’t work, or have such serious safety or privacy problems that they are alienating the public and harming the vulnerable groups they are meant to support. Some of the government’s flagship databases, such as the DNA database and ContactPoint, are so flawed they should be scrapped immediately.

The report, published by the Joseph Rowntree Reform Trust, and written by a team of internationally renowned information policy experts, charts the sheer scale and financial cost of data collection, the methods used to maintain and secure the data, and the treatment of critical issues such as consent.

Database State finds:

• A quarter of all major public sector databases are fundamentally flawed and almost certainly illegal. The report says these should be scrapped or redesigned immediately;
• The database state is victimising minority groups and vulnerable people, from single mothers to young black men and schoolchildren;
• Children are amongst the ‘most at risk’ from Britain’s Database State, with three of the largest databases set up to support and protect children failing to achieve their aims;
• Data sharing is a barrier to socially responsible activities. It is deterring teenagers from accessing health advice and undermining goodwill towards law enforcement;
• Only 15% of major public sector databases are effective, proportionate and necessary;

We spend £16 billion a year on public sector IT and a further £105bn spending is planned for the next five years – but only 30% of public-sector IT projects succeed.

Database State examines each of the 46 major public sector databases which hold personal information on us all, or a significant minority of us.

It uses a ‘traffic light’ system to assess whether each system is illegal under human-rights or data-protection law; whether the collection and sharing of sensitive personal data are disproportionate, or done without our consent, or without a proper legal basis; or whether there are other major privacy or operational problems.

Database State also highlights the real plight of individuals left suffering at the hands of the database state – from the single mother terrified social services would take her child away if she talks to her GP about post-natal depression, to the 13-year-old girl left with a criminal record for life because of a playground incident.

Report co-author Professor Ross Anderson of Cambridge University said: “’s database state has become a financial, ethical and administrative disaster which is penalising some of the most vulnerable members of our society. It also wastes billions of pounds a year and often damages service delivery rather than improving it.

“Too often, computerisation has been used as a substitute for public service reform rather than a means of enabling reform. Little thought is given to safety, privacy and value for money.

“There must be urgent and radical change in the public-sector database culture so that the state remains our servant, not our master, and becomes competent to deliver appropriate public services that genuinely support and protect the people who most need its help. That means we have got to develop systems that put people first.”

Database State calls for:

• 11 of the 46 systems assessed, including ContactPoint, the NHS Detailed Care Record, ONSET and the electronic Common Assessment Framework, to be scrapped or redesigned immediately
• Respect for human rights and data protection, so that sensitive information is only shared with the subject’s consent or subject to clearly-defined legal rules that are proportionate and necessary in a democratic society
• The right for citizens to access most public services anonymously

The report says the public sector must learn to build the right systems - and build them well. It recommends new measures to promote scrutiny and transparency of all IT projects; radical initiatives to select and train civil servants to handle complex systems; and changes to public-sector procurement rules to favour more medium-sized systems over the monster projects that have damaged so many government departments.

But it warns: “There is a sense in the senior civil service and among politicians that the personal data issue is now career-threatening and toxic. No-one who values their career wants to get involved with it. Like Chernobyl , some brave souls need to go in and sort it out while others plan better ways to manage things in the longer term.”

Note to Editors

• Database State is published by the Joseph Rowntree Reform Trust. The research team included: Professor Ross Anderson, Professor of Security Engineering at Cambridge University; Action on Rights for Children director Terri Dowty; Angela Sasse, Professor of Human Centred Systems at University College London; Open Rights Group chair William Heath; Ian Brown of the Oxford Internet Institute and Philip Inglesant of University College London.
• Database State says that, across government, there are now thousands of databases operating but not even government knows the precise number. The Serious and Organised Crime Agency alone inherited 500 databases from predecessor agencies and is now trying to rationalise them into 50 or 60 databases.
• The report describes how has now become the most invasive surveillance state, and the worst at protecting privacy, of any Western democracy.
• As well as an overview, it provides a triage – which of these database systems should be kept, which should be killed and which should be fixed.
• The Joseph Rowntree Reform Trust Ltd is a limited company that pays tax on its income and is therefore free to give grants for political purposes. Although founded by Joseph Rowntree, the Reform Trust is completely separate from the other institutions that bear his name, the Joseph Rowntree Charitable Trust and Joseph Rowntree Foundation.
• Report co-author Terri Dowty of Action on Rights for Children said: “Children have never been so weighed, measured, graded, monitored and discussed. The state hovers over them like an over-anxious parent constantly looking for problems, but this level of intrusion into children's private and family lives simply cannot be justified on the basis of good intentions.”
• Report co-author Ian Brown of the Oxford Internet Institute said:“The needs information systems that support citizens and professionals on a human scale, rather than multi-billion pound centralised databases used to stigmatise and snoop.”
• Report co-author William Heath of the Open Rights Group said:“The database state was sold as 'personalised services'. But it means mechanised discrimination and loss of dignity at huge cost.”
• Report adviser Professor Douwe Korff of London Metropolitan University said: “Many of these databases manifestly breach european data protection and human rights law. It is folly to spend millions on systems that are open to fundamental challenges in the european courts.”

Database State - full report (PDF, 879KB)

Database State - Executive Summary (PDF, 260KB)

For further information and interviews with authors contact Jon Flinn on 0151 709 0505 or Melissa Milner on 0207 793 4035.