The child benefit data cock-up highlights all sorts of public data issues, most of which are missed totally by both participants and observers. Data literacy in Britain is non-existent. Here are a few points that have come to mind over the last couple of days of coverage (please add your own in the comments if you feel like it).
1. Ministers and spokesmen know hardly anything about data. For instance, some of them have obviously been briefed to say that the information in the planned central ID database will be safer because it’s ‘got biometrics’. No one has explained to them that biometric data captured from you and me has nothing to do with access to that data by civil servants: they’ll just use the password on the Post-It note like they always did.
2. No one has bothered to explain to managers and legislators that an individual’s identity could be easily and securely verified without a big, central database. A ‘zero-data’ ID scheme is technically feasible and (literally) infinitely more secure than the big database model (no data to lose, you see). Governments have no interest in such a scheme because it would represent a diminution of their status and influence and that’s anathema. Consequently it doesn’t even come up in the debate.
3. Hysteria about the lost data is practically universal. On the TV last night a ‘computer security expert’ told the world the data would be of use to paedophiles. Paedophiles, you see, will now be able to confirm that there are children all over Britain.
4. The leap from ‘two obscure-looking CDs gone missing in internal post’ to ‘massive fraud and ID crime inevitable’ has been well-and-truly made. The more serious point – that legislators universally (handful of exceptions) want more data held centrally and accessible by more agencies and groups – has been ignored.
5. The inescapable logic of deep reform for government data policy was seen to go ‘whoosh’ right over the heads of media and pols alike. Ignorance and political contingency leave them arguing only for ‘more security’ or ‘better protocols’ and not for ‘less invasive policies’ or ‘a reassessment of data ownership’.
6. Web 2.0 insights into data capture, storage and management have clearly made no impact on these data dinosaurs at all. OpenID, Attention Trust, Vidoop and the generalised 2.0 attitude that user data belongs to the user haven’t made it onto the news agenda at all. Good data and security practice exists right now in dozens of geek-run web 2.0 businesses. Will they be consulted? Fat chance.