The truth outs: CCTV doesn't cut crime
A [UK] Home Office report confirms that the vast spending on CCTV systems is almost certainly unjustified
By Henry Porter
At last we appear to be nearing the truth about the effectiveness of CCTV. After senior police officers suggested, a few years back, that CCTV had no substantial impact on crime, a research group funded by the Home Office has established that vast spending on systems is almost certainly unjustified.
As Alan Travis reports, the review of 44 research studies on CCTV found that they do have a modest impact on crime overall, but CCTV cameras are at their most effective in cutting vehicle crime in car parks, especially when used alongside improved lighting and the introduction of security guards.
So, there are some benefits, as most acknowledged, but the idea that CCTV has any special power to reduce crime generally is clearly flawed. Travis notes that the investigation by a group including Cambridge criminologist David Farrington was cited by the Home Office in their response to an important report from the House of Lords constitution committee that suggested the spread of CCTV undermined fundamental rights guaranteed by the Human Rights Act.
It is now becoming clear that the £500m spent by local councils on the CCTV in the decade up to 2006 has been on surveillance of the innocent public rather than crime prevention. As I pointed out last week, it may not be long before these cameras can be connected and upgraded with facial recognition technology.
What we need now is a new national surveillance commission, where spending of public money on CCTV is weighed against the loss of privacy and the threat to the public from likely technological developments. It would cost a fraction of the money being wasted on elaborate systems and in the end save a great deal.
Nine sacked for breaching core ID card database
The government must be quietly grateful to the distractions of August. Only Computer Weekly noticed that nine local authority workers have been sacked for accessing the personal records of celebrities, and their acquaintances held on the core database of the government's ID scheme.
This is a significant story because government ministers have always dismissed campaigners' claims that once all personal information is stored in a single database it will become vulnerable to abuse by those with access to the system. Ministers have repeatedly insisted that security will be absolute and that severe penalties will deter anyone tempted to read files illegally.
Not true. The magazine's website reported that the nine fired were among 34 people who illegally accessed information. Some were reprimanded, some resigned and some were sacked but none was prosecuted. Using a freedom of information request, Computer Weekly found that Cardiff and Glasgow Councils sacked people who had looked up celebrities in the customer information system (CIS) which is run by the Department of Work and Pensions (DWP) and contains 90 million records. Various other councils sacked people for looking up their friends, their own details and in one instance, a girlfriend's.
The really important point is that these cases come from sample checks, this raises the prospect that the security of CIS is in fact much more regularly breached. "Over 200,000 government officials have access to the database," says the website, "including 480 local authorities, and numerous government departments, including the Department of Work and Pensions, HM Revenue & Customs, and the Courts Service. The Child Support Agency uses the CIS to trace missing parents."
A DWP spokesman suggested that the small number of breaches recorded indicated that unauthorised access by officials was spotted quickly. He did not, of course, acknowledge that these cases came from sample checks generated by the system.
This is absolutely critical. For years Professor Ross Anderson of Cambridge university and NO2ID have been arguing that by their nature large databases will never be free of such abuse. Anderson's Rule means you cannot construct a database with scale, functionality and security because if you design a large system for ease of access it becomes insecure, while if you make it watertight it becomes impossible to use.
And yet government presses ahead with the grand scheme of linking database together and allowing access to hundreds of thousands of officials. A note on security contained in a DWP Information bulletin, unearthed by NO2ID, hints at the possible problem when it mentions access to tax data from Her Majesty's Revenue and Custom. "DWP and HMRC customer information is shared with local authorities on the understanding that only authorised access is permitted." The document goes on to admit that the sample checks have revealed serious security breaches and warns that anyone found abusing the system will face sanctions ranging from disciplinary action to prosecution. Investigators will plot "audit trails showing the full access history of those under suspicion," says the document rather unconvincingly This may catch may a few bored council workers who have trespassed in a friend's file but lets just imagine a more sophisticated attack involving one of those crime syndicates specialising in identity theft and about which we hear so much from ministers trying to scare us into accepting the ID card. It surely would be an irony if the aggregation of personal information in the United Kingdom were to make identity theft more, not less, likely.
The CIS system will be the foundation of the ID card scheme. It came into being in 2005 after Accenture and the Department of Work and Pensions completed a pilot. It is designed to provide an overview of personal details of anyone who has a national insurance number. It includes the deceased, their beneficiaries and details of ethnic background. In other words, the customer information service, which incidentally has a friendly supermarket ring about it, presents a hugely attractive target for organized crime and maybe a lot of other bad hats too – foreign intelligence services, for example.
Back in 2005 Computer Weekly suggested that CIS was "good news" because "its relatively simple design looks like achieving success." Today it is clear that this is the problem – it is too user friendly to be secure, which is extremely worrying given we are only at the start of this process of merging databases.
Anyway, I leave you with that cheerful thought as I go on my holiday. I shall be away for a couple of weeks or so and unlike Tomasky will not have a computer or Blackberry with me.
Images - http://2.bp.blogspot.com/_qLZCK7dYhVA/TMxdf8OY0sI/AAAAAAAAAtU/FBpc2NUqWAA/s1600/surveillance.jpg
For further enlightenment enter a word or phrase into the search box @ New Illuminati:
@ http://nexusilluminati.blogspot.com (or click on any tag at the bottom of the page for direct references)
or @ http://newilluminati.blog-city.com (this one only works with Firefox)
The Her(m)etic Hermit - http://hermetic.blog.com
New Illuminati – http://nexusilluminati.blogspot.com
New Illuminati on Facebook - http://www.facebook.com/pages/New-Illuminati/320674219559
This material is published under Creative Commons Copyright (unless an individual item is declared otherwise by copyright holder) – reproduction for non-profit use is permitted & encouraged, if you give attribution to the work & author - and please include a (preferably active) link to the original along with this notice. Feel free to make non-commercial hard (printed) or software copies or mirror sites - you never know how long something will stay glued to the web – but remember attribution! If you like what you see, please send a tiny donation or leave a comment – and thanks for reading this far…
From the New Illuminati – http://nexusilluminati.blogspot.com