Vote for change

[Dave Birch] We all agree that democracy is a good idea and that letting people who are stupid and/or uninformed decide how the country should be run is much better than letting (for example) me decide how the country should be run. We all think it is most amusing that the American franchise is populated by voters with especially nutty views, but no-one seems to think it odd that they are allowed to vote.

  • 13% of voters think Barack Obama is the anti-Christ;
  • 29% of voters believe aliens exist (so do I – I just don’t think they’ve kidnapped anyone from Arkansas to date);
  • 4% of voters say they believe “lizard people” control our societies by gaining political power (someone you trust is one of us);
  • 15% of voters say the government or the media adds mind-controlling technology to TV broadcast signals (the so-called Tinfoil Hat crowd);
  • Just 5% of voters believe that Paul McCartney actually died in 1966
[From Conspiracy Theory Poll Results – Public Policy Polling]

I was thinking about this because I was thinking about electronic voting. In my keynote talk at the Fourth International Conference on e-Voting and Identity, sponsored by Consult Hyperion and IBM UK, I said that the nature of digitisation is that we end up with new processes rather than analogs of analog processes. We don’t use iTunes to buy CDs, so the nature of the music business changes. The world music industry is now bigger than ever before (it’s just that sales of recorded music are continuing to fall, but so what). Think about this in the context of voting. We might start by using electronic voting to work in exactly the same way as non-electronic voting, for example.

Estonians today vote online and pay tax online. Their health records are online and, using what the President likes to call a “personal access key” – others refer to it as an ID card – they can pick up prescriptions at the pharmacy. The card offers access to a wide range of other services.

[From BBC News – How Estonia became E-stonia]

Why stop there though? Why not use electronic voting to improve the democratic process? While there are a great many different possibilities, I thought I would construct four scenarios for using an electronic vote along these lines to improve the voting process. The first is based on engaging young people, the second is based on the “Who wants to be a Millionaire” pub quiz machines, the third is designed to add convenience while reducing costs and the fourth is based on eBay.

The Provisional Vote

When the then Lord Privy Seal, Leader of the House of Commons, Deputy Leader of the Labour Party and the Minister for Women and Equality (all the same person: Harriet Harman) said that she was thinking about giving the vote to 16 year-olds I was naturally horrified. As the parent of one at the time, I remember being puzzled as to why society would ask such a teenager about anything at all, let alone who should be running the country.

It did occur to me, however, that there might be an alternative. Just as teenagers can obtain a provisional driving licence, under which they can drive but only when accompanied by a driver with a full licence, perhaps they could be given a provisional vote. The provisional votes cast in an election would be tallied and reported, but they would not count toward the result. That way, young people can be drawn in the democratic process — getting what Ms. Harman called “the habit of voting” — and learn the mechanism of the ballot box, but their opinions would not bind the rest of us.

In this scenario then, young voters are encouraged to download the standard government voting app (I propose to call it “Angry Voters” or “Call of Duty: Democracy” or “MPcraft” or something like that) immediately after their 16th birthday. When an election comes along the government sends a reminder to the app and the teenager can then click a button or two to obtain their voting certificate. In order to encourage teenage participation in the democratic process, the app could show them a map of where the nearest polling station is and provide the occasional nudge to remind them to pop down there.

Up until their 18th birthday however, these votes would be provisional votes. The next morning the newspapers could report the result of the general election and also what the result would have been had the provisional votes been counted so that young people might feel that there preferences were being recognised.

We might find a way of integrating with social media too. Perhaps the app can automatically post an “I just voted” status update on Facebook or perhaps offer young people the chance to join various Facebook groups. I only belong to one such group (“Che Guevara was a murderer and your T-shirt isn’t cool”) but they might be a way of getting teens to at least engage in some of the key issues of the day.

The Informed Vote

Engagement is important for democracy, but it’s not obvious to me how we benefit from getting people to vote when they have no idea what they are voting about. A rather depressing Ipsos/MORI poll conducted in June 2013 and published on 9th July 2013 illustrates the extent of public ignorance.

  • Almost a third of people think that the UK spends more on dole than on pensions, when in fact it spends 15 times more on pensions than on dole;
  • A quarter of people think that foreign aid is in the UK government’s top three areas of expenditure, when it is in fact slightly more than 1%;
  • The public think that a third of the population are immigrants (it is around sixth) and that a quarter of the population are Muslims (it is around one twentieth).

In this scenario, I propose to encourage engagement and an informed populace by extending the voting app to include a game which is a little like the sort of “Who wants to be a millionaire?” machines that you get in pubs so that when the citizen enters the polling booth the app asks three quick questions and gives them a few seconds to answer each. These would be general knowledge questions of political economy. Nothing too vexing: just basic questions such as “who is the Chancellor of the Exchequer”, “how much does a pint of milk cost in Tesco today” and “what proportion of government spending goes on welfare”. That kind of thing. Each question would be multiple choice and the citizen would have a few seconds to answer. We might even have the system award some prizes to people who answer all three questions correctly in the shortest time.

The e-vote would be cast as normal, but with the twist that the vote would have appended the number of questions that the citizen answered correctly, and only those votes with a at least two out of the three questions answered correctly would be counted. This would hopefully incentivise citizens to read an occasional newspaper or watch the news on television from time.

The Continuous Vote

If people become more informed, that is a good thing but we still need to encourage them to exercise their democratic right. With an electronic voting system, there’s no real reason to restrict voting to a limited time or to specific places. The suggestion that the UK should look at the option of advance voting to allow people to cast their vote in secret at specified locations during a designated period prior to voting day (Electoral fraud in the UK–Èvidence and issues paper 2013) has already been made. But what about the places?

Electronic or otherwise, voting must be a public act otherwise we face the insurmountable barrier of coercion. There is no reason, however, for it to be in polling stations. What about using Post Office counters or bank branches? Surely it would be much cheaper to pay the Post Office or the banks £1 per vote cast than to spend the close to £100m that a general election costs now (and that doesn’t include the disruption caused by closed schools and so forth).

So, perhaps elections could take a week. Any time during that week, a citizen can pop into a bank branch and cast a vote at the counter. After all, the machine in the polling booth would just be, in essence, another mobile phone so the tellers at the bank branches could just as easily use them. I would let citizens change their mind as well. If I pop in and vote for the Monster Raving Loony Party on Monday but then on Wednesday change my mind and pop in and vote for the Communist Party of Great Britain (Marxist-Leninist branch), or indeed change my mind ten times during the course of the week, then only my last vote would count.

The Transferable Vote

This kind of scheme ought also to provide a solution to the problem of proxy voting. This provides an alternative method of voting for those who are unable to vote in person in a polling station for reasons such as illness, disability, vacations, living overseas or serving in the armed forces, and who may appoint a proxy in advance to vote on their behalf. So I can’t vote, but I can pass my vote to my sister and she can go and vote for me.

Therefore votes have to be transferable.

Noting the common heritage of the kind of e-voting scheme assumed here and Bitcoin induces another thought experiment. If votes become a bit like Bitcoins, then why can citizens transfer them? There’s no reason why we couldn’t find a way to allow the voting app to transfer votes from one app to another. We could decide that it’s allowable under certain circumstances. I don’t think it would benefit society to allow “P2P” transfers because we’re trying to get away from the corruption attendant on for example postal votes. We don’t want husbands to be else to force their wives to transfer their votes to them any more than we want husbands to be to force their wives to accept their driving licence points for speeding. But we might allow authorised exchanges, whereby citizens transfer their votes to registered organisations.

Suppose, for example, that I find the democratic process confusing and exhausting. I know little about politics and genuinely don’t know who to vote for. But I like Greenpeace, and I trust them to make the right choices on my behalf, so I’ll pass my vote to them. I’d suggest that organisational votes are not blinded, so that in the pursuit of transparency anyone could log in and see where the Greenpeace votes went.

You can see how this might work in combination with social networking to create a kind of citizen engagement in the political process that makes sense. You might, for example, a Facebook campaign against, oh I don’t know, franking underneath the Surrey Downs. At the moment the best that a committed activist can do is write letters to The Guardian, but under a transferable vote system they could set about trying to collect votes for their campaign and then donate those votes en bloc to a politician who shares their distaste for inexpensive, local energy supplies.

Treating. A person is guilty of treating if either before, during or after an election they directly or indirectly give or provide any food, drink, entertainment or provision to corruptly influence any voter to vote or refrain from voting. Treating requires a corrupt intent – it does not apply to ordinary hospitality.

Definition from the UK Electoral Commission.

This triggers a final speculation. Under English law, political parties are not allowed to “treat” individual voters. Thus is my local Tory candidate were to offer me a bottle of champagne for voting for him, he would go to jail (although, oddly, not if he offered my favourite elderflower squash, because the law on treating only covers alcoholic beverages). It is, however, entirely acceptable to treat groups of voters. A political party can say to pensioners, for example “vote for us and we will loot the future prosperity of the nation’s youth in order to excuse you from contributing more to care costs” and that is fine. This is buying votes in a non-transparent way, but it’s still buying votes.

I think a more transparent approach would be better for democracy. So why not just take your transferable vote and put it on eBay? If I don’t feel strongly enough one way or the other on any issue, I might just choose to sell my vote — in an entirely above board and transparent way — rather than donate it to the English Defence League. Again, I would suggest that whereas the votes of individuals are blinded, the votes of purchasers (whether individuals or organisations) are not, so that it is a matter of public record as to how much was paid for each vote and to which candidate the vote was given.

So where next?

I think we have the technology. We have cryptography, mobile phones and biometrics. We can build a better voting system. But what should we use it for? What are the priority problems that we should be tackling first? In the UK, I think it is remote voting that stands out.

One of the biggest problems with postal votes is that they don’t guarantee you a secret ballot.

[From Mary Ann Sieghart: How dodgy postal votes may decide our next government – Mary Ann Sieghart – Commentators – The Independent]

That is not the only problem though. Our manual, paper-based electoral system is open to fraud at many levels. A random search of the UK newspapers for this month find this:

Nasreen Akhtar, who was a polling station clerk at the Madeley Centre Polling Station, in Arboretum Ward, yesterday admitted helping her nieces, Tameena Ali and Samra Ali, to cast fraudulent votes by pretending to be someone else. Tameena Ali cast her vote for the Labour candidate, Gulfraz Nawaz, in the name of Noshiela Maqsood, who is no relation, whereas Samra Ali left before marking the ballot paper. Maqsood, 24, then lied to police, saying she had personally voted.

[From Women admit election fraud | This is Derbyshire]

We (technologists) need to come up with a solution that makes this sort of thing impossible. Or at least detectable.  But with all of these problems, where do we start? According to an article in the 18th May 2013 edition of The Spectator (“My vision for Eurovision”, p.20), in Azerbaijan the Baku police tracked down and questioned people who used their mobile phones to vote for Armenia in the Eurovision song contest. This gave me a brilliant idea: why not use Eurovision as a testbed for secure electronic voting technologies?

Remote voting is a real issue in the UK right now and it is one of the key problems that electronic voting is supposed to solve. So let’s make the next Eurovision song contest a testament to British creativity, problem-solving and algorithmic excellence rather than a testament to our song writing. If we can create a world where people in Baku can cast a vote for [insert name of popular beat combo here] in safety and confidence, we will have achieved something.

These are personal opinions and should not be misunderstood as representing the opinions of 
Consult Hyperion or any of its clients or suppliers

Tesco in the frontline war on… what?

[Dave Birch] I travel a lot for work at the moment. Normally, when visiting a technologically-advanced nation (such as the Netherlands or the USA) I don’t bother with cash any more. I just use cards. In America I used to use a pre-paid US dollar card for incidentals, but now I have a Simple account so I just use my Simple sort-of-debit-card. I have a pre-paid euro card for use on the continent. These suffice. However, when I had recent occasion to visit the south of France I thought I’d better get some cash in advance since there, in the heartland of the NFC payment revolution, you can’t even use a card in a taxi, let alone a mobile phone.

For unusual reasons, we happened to pop into a Tesco superstore the day before I was off on my trip and on the way out I noticed the Tesco Currency Exchange. This jogged my memory so I said to the family “hold on, I’ll just nip and get some euros”. I presented my chip and PIN card to the cashier and asked for a hundred euros. The friendly lady clerk offered 120 euros for £105, a bargain was struck and I went to put my card in the terminal. At which point I was asked for ID. I couldn’t help but ask why, even though I knew perfectly well what the answer would be: “it’s the rules”. So I showed my driving licence. But she asked me to hand it over, so I took it out of my wallet and gave her both the chip and PIN card and the licence and then watched while she copied (by hand) my driving licence details on to her copy of the till receipt. What on Earth for?

If I’d gone to an ATM at Heathrow and drawn out a hundred euros, I wouldn’t have had to show my ID or fill out a form or whatever else. I’m genuinely baffled as to why the government should waste my time and Tesco’s money on the nonsense of ID “verification” (it wasn’t verified of course, since the clerk had no way of checking whether driving licence was mine – or even whether it was real at all) for a transaction this small. Does anyone have any theories about this? Is there something in the psychology of international money launderers that means that they are known to avoid ATMs and are therefore vulnerable to clever traps set for them at in-store exchanges? Is there a government policy against in-store currency exchanges?

At first I thought that international gangs of terrorist drug-dealing money-launderers might have targeted Tesco and that by sending out hundreds of smurfs to obtain €100 in each branch of Tesco in the United Kingdom, over a period of some months, they might amass a suitcase full of €500 notes to ship abroad in furtherance of their nefarious plans. But I think, on reflection, that it was a pointless and money-wasting irrelevance, because it turns out that the drug-dealing money-laundering terrorists will always find a cheaper and quicker mechanism for transferring funds across international borders.

One law enforcement official told The New York Times that Liberty Reserve (*), which allowed users to transfer large sums money without ever identifying themselves, was “really PayPal for criminals”.

[From Founders of ‘PayPal for criminals’ Liberty Reserve are charged with money laundering – Americas – World – The Independent]

So. It’s ridiculous to make me jump through hoops to get €100 at Tesco and it’s ridiculous that people can send arbitrarily large amounts of money anonymously. Hence there must be a balance somewhere. But what is the right balance? Since €500 is the largest denomination banknote printed by the European Central Bank (ECB) it is probably a good psychological breakpoint. If you want less than €500 in cash, whether in Tesco or at an ATM you should be able to use your ATM card to get it. If you want more than €500 in cash, then you should have to produce identity documents and have the details recorded. If you want more than €10,000 in cash… well, you can’t. Over €10,000 should be electronic-only.

By the way: if I were an international law enforcement officer, I might have been very tempted to take over Liberty Reserve rather than shut it down, because the ability to monitor criminal flows — irrespective of whether you know the “real” identity of the counterparties — might be rather valuable. Forcing the bad guys back into cash may not be the optimal law enforcement strategy. Instead of encouraging me to blow off Tesco and use the ATM in Nice instead, surely the forces of law and order should be looking at making it easier for me to get one of those prepaid Euro cards.

Finally, prepaid cards leave records. They allow transactions be traced. Most criminals want to be able to take their money and disappear off the radar, not leave tracks across several countries.

[From Scanning Prepaid Cards At The Border Won’t Stop Money Laundering – PaymentsJournal]

This is a critical point. As I’ve consistently argued across a spectrum of new cash-replacement technology options, and especially in the case of mobile payments, law enforcement agencies should be doing what they can, working in partnership with the central banks, to reduce the amount of cash in circulation and persuade criminals to switch away from cash. Erecting high KYC/AML barriers to low-value prepaid accounts, or to getting a miserable €100 from the in-store currency exchange, raises everyone’s cost, reinforces social exclusion, does not affect criminals in the slightest and has no law enforcement benefits. If anyone has some figures from a reputable source to demonstrate the contrary, I would be more than happy to link to them.

These are personal opinions and should not be misunderstood as representing the opinions of 
Consult Hyperion or any of its clients or suppliers

Necessity is the mother of identity

[Dave Birch] This is a blog about electronic transactions, not politics, and I do not want to be accused of introducing a political perspective. But I think it is fair to observe that there are tensions in trying to balance the free movement of people within the European Union and the exigencies of a collapsing welfare state. I mention this only because I want to discuss the practicalities of identifying and authenticating people for the purposes of distributing welfare benefits. And, to avoid any suggestion of parochialism, let me start by noting that this is not a specifically British problem.

Once in the Netherlands, the Bulgarians registered as residents at addresses rented by accomplices, and then applied for rent and child-support subsidies. They were able to open Dutch bank accounts to receive the social subsidies, and then to return to Bulgaria and withdraw money from cash machines. The ringleaders took a cut of the proceeds.

[From Dutch uproar over Bulgarian benefit fraud – FT.com]

The best part of this story, by the way, is in the denouement. The fraud was not uncovered, as you might have thought, by diligent investigation on behalf of Dutch taxpayers or the sophisticated quantum-computing anti-fraud neural network super-computer cluster at the Dutch DWP "Big Data" analysis centre…

The fraud came to light when some villagers complained to Bulgarian police that they had not received payments they had been promised as part of the schemes.

[From Dutch uproar over Bulgarian benefit fraud – FT.com]

In Britain, the mounting panic over immigration and its relationship with welfare distribution is leading to what some observers have labelled knee-jerk irrationality. In particular, the minister "in charge of" the National Health Service (NHS) has found himself caught up a bit of row about all this sort of thing, between the scylla of ill-informed public outrage and the charbydis of soundbite politics. The minister, Jeremy Hunt, is responsible for

a new ‘do-it-yourself’ immigration law unveiled today as the centrepiece of the Queen’s Speech. It will require GPs, hospital staff and landlords to police the new legislation.

[From The Queen's Speech: Immigration Bill passes buck to doctors and buy-to-let landlords | News | The Week UK]

How a doctor or a landlord is supposed to determine who I am or what my immigration status might be I haven't the slightest idea. And if I were a landlord, I'm not sure I'd care. If someone turns up with a birth certificate (that I cannot possibly verify) showing me they were born in the UK or a Bulgarian passport (that I cannot possibly verify) telling me they are an EU citizen, I can just tick a box to say that I've seen the documents and I'm off the hook.

So what has this to do with thought leadership in secure electronic transactions? Well, there is an inevitable destination on the badly-folded roadmap in the hands of the government. The fundamental British distaste for state identity documentation (which I share) prevents rational discussion on the topic, but the truth is, in true tabloid headline style, "something must be done". Identity is a mess, and it's getting worse. In our world of retail transactions, identity is a cost and a source of chaos and frustration. But, clearly, since we still log in to our home banking and shopping services using email addresses and passwords just as we did fifteen years ago, the problem isn't bad enough to warrant concerted action. I wonder, however, if access to welfare might turn out to be the fraud straw that broke the identity camel's back, so to speak.

British citizens could be forced to carry ID cards to access free NHS care as part of crackdown on health tourism

[From British citizens could be forced to carry ID cards to access free NHS care as part of crackdown on health tourism | Mail Online]

This is not, as it happens, what the Mail's own story actually says. The story refers to an "entitlement card". There is a great difference between the two. For those not versed in the recent history of the UK's catastrophic attempts to introduce an ID card, let me simply highlight that when the then-Labour government introduced the idea of entitlement card in 2002 (Consult Hyperion were one of the organisations that responded to this consultation process – not that anyone ever paid any attention whatsoever), I thought it might be an opportunity to introduce a key Privacy-Enhancing Technology (PET) infrastructure for the new millennium and was rather in favour of the idea. The government, though, eventually abandoned the entitlement card idea. The Home Office under David Blunkett decided to introduce an identity card instead and in 2004 awarded a contract to PA Consulting as the "development partners" for such a scheme. This, which is what people are referring to when they talk about the "UK ID card", was eventually abandoned in 2008.

It was flawed from the start, and as a showcase for the British technology industry, it was an embarrassment: it provided none of the services that the identity cards systems in advanced nations (eg, Germany, Hong Kong, Estonia) provide and there was never any evidence that it would do so.

[From Digital Identity: Back to the future of the ID card]

When I was asked to give evidence to the House of Commons Science and Technology Committee in 2006, I thought that the clear distinction between an entitlement card (good thing) and an identity card (not a good thing) might persuade the government to change direction and go back to the original Home Office vision. A properly-implemented entitlement card could be a key way to provide privacy in an online age, because it would shift the standard mental model of the citizen-state nexus from "who are you" to "what are you entitled to" with identity removed from many transactions completely. All water under the bridge now.

Meanwhile, across some other water, our neighbours in Eire had decided that an entitlement card was the right way forward and they began to draw up plans for what became known as the Public Service Card. (Before the e-mails pour in, let me be transparent: Consult Hyperion are consultants to the Irish government on this project.) The card went live last year and is seen by the Irish government as an essential component of its campaign not only to reduce welfare fraud but to deliver efficient electronic government. They are looking at extending its use in a number of directions.

The Department of Health is in discussion with the Department of Social Protection, The HSE and the Department of Public Expenditure and Reform on using PSC infrastructure in support of a health Identifier.

[From e-Government Reporting]

One obvious and privacy-centric way to do this is to use a cryptographically-strong one-way function to generate the health identifier from the PSC identifier (e.g., by hashing) so that when a citizen presents a PSC it always connects to the correct health records but if bad guys get into the health records they can't get back to the PSC identifier. These are well-known techniques and, to be honest, no different to the suggestions around entitlement cards that we made to the British government back in 2002.

My point is that it can only be a matter of time before UK has to introduce a similar kind of entitlement card, so doesn't it make sense to begin a sensible and measured planning process for this now — using the Cabinet Office Identity Assurance (IDA) framework — instead of being panicked into buying some sub-optimal collection from vendors at the last minute? Rather than build an electronic identity system that embodies the concepts and values of physical identity cards from a generation ago, surely it is better to design a fit for purpose identity infrastructure for the 21st-century and then provide physical smart cards that implement it. In this model, the privacy broker in the smart card and the mobile phone, watch or hat would be no different and the ubiquitous, standardised deployment ought to trigger the rapid evolution of value-added services on top of that basic infrastructure.

I don't want the government to develop some nutty jumbo IT system to help landlords, or doctors or anyone else. I want an infrastructure. The entitlement card concept from 2002 deserves to be brought out of the cupboard and dusted off and (with Consult Hyperion's response to the consultation taken as the core specification document) and then the implementation can re-architected for the new world of mobile phones, identity assurance and the interweb tubes.

These are personal opinions and should not be misunderstood as representing the opinions of 
Consult Hyperion or any of its clients or suppliers

What’s your e-mail address? Don’t tell him pike@homeguard.org.uk!

[Dave Birch] On this sceptred isle we’re not too bothered about North Korean cyberattacks because we are going to fight them on the breaches, in the upmystreet.co.uk and in the e-fields. We shall never surrender. Who do you think you are kidding Mr. Kim Jong Un?

A Home Guard inspired Dad’s Army of computer security experts will be set up to protect Britain’s businesses and help the armed forces at times of national emergency, it has emerged today.

[From ‘Dad’s Army’ of cyber security experts to be formed to tackle growing threat of website hackers in Britain | Mail Online]

This does, at least, open up the possibility of some continued employment for me as I fight to stave off the cat food years in amongst the embers of post-employment Europe. But hold on. Just how bad is the cybersecurity situation? We are all used to reading statistics about the size of the problem (I seem to recall that Detica estimated it to be £27 billion in the UK) but let’s go and find out what the top people think about it. I imagine the head of the US National Security Agency would know.

Gen. Keith Alexander is the director of the National Security Agency and oversees U.S. Cyber Comman… he cited statistics from, among other sources, Symantec Corp. and McAfee Inc., which both sell software to protect computers from hackers. Crediting Symantec, he said the theft of intellectual property costs American companies $250 billion a year. He also mentioned a McAfee estimate that the global cost of cybercrime is $1 trillion.

[From Does Cybercrime Really Cost $1 Trillion? | Threat Level | Wired.com]

Wow. A trillion. What kind of crimes are racking up these numbers? Tidal waves of cybercriminals looting bank vaults? Could be. But it would take teams of cybercriminals working round the clock on their trivial $45m ATM raids to get anywhere near this figure. Redirecting flows of cash from their rightful owners to Mafia oligarchs safe behind their computer screens? That would be hard to distinguish from regular investment banking. On the whole, it turns out that putting a number on cybercrime seems to involve a bit of interpretation. To see what I mean, consider the example of a cybercrime that I heard discussed at a forum on the issue recently.

Blooomberg reveals that the hackers spent one month “pilfering sensitive files” about Coca-Cola’s attempt to acquire China Huiyuan Juice Group for $2.4 billion. If successful, the transaction would have been the largest foreign takeover of a Chinese company ever. The breach started with malware-infected e-mails to Coca-Cola’s senior executives which, when opened, enabled the hackers to infiltrate the network and steal proprietary information. Once revealed, the Huiyuan deal collapsed three days later.

[From Coke Cyber-Attack Raises Corporate Disclosure Issues]

That sounds terrible. A successful cyber-attack on a multinational and a billion dollar deal collapses. I thought this might make a useful case study in a workshop with a client, so I decided to investigate a little further. And I found that the “cyber-attack” was not as clear-cut as it seemed.

But some investors were relieved that the offer didn’t go through. Coke had said the acquisition would dilute earnings by three cents to four cents a share for the first full year after completion of the deal.

[From Beijing Thwarts Coke’s Takeover Bid – WSJ.com]

There may have been no cyberattack at all! It may have been the company’s own shareholders working through incumbent management. Now, I am not for one moment saying that there are no real cyberattacks. Clearly there are and some of them a considerably more serious than a few percent different in a share price.

The Moscow-based firm said it found Gauss had infected personal computers in Lebanon, Israel and the Palestinian Territories. It declined to speculate on who was behind the virus but said it was related to Stuxnet and two other cyber espionage tools, Flame and Duqu… According to Kaspersky Lab, Gauss can steal Internet browser passwords and other data, send information about system configurations, steal credentials for accessing banking systems in the Middle East, and hijack login information for social networking sites, email and instant messaging accounts.

[From Virus found in Mideast can spy on finance transactions | Reuters]

Cyberattacks are real. Cyberwarfare is real. Yes, companies should be designing and implementing more robust infrastructure and using sensible risk analysis methodologies to determine levels of exposure and appropriate countermeasures (as you would expect me to say, since this is precisely what Consult Hyperion does for payment organisations and others). But wee have to be a little cautious in responding to the trillion dollar cybercrimewave, even if it actually does exist. We don’t want to fall into knee-jerk responses that might end up making the problem worse.

A number of countries, including Russia and China, have put forward proposals to regulate aspects of the Internet like “crime” and “security” that are currently unregulated at the global level due to lack of international consensus over what those terms actually mean or over how to balance enforcement with the protection of citizens’ rights.

[From The United Nations and the Internet: It’s Complicated – By Rebecca MacKinnon | Foreign Policy]

All of which suggests to me that the problem might require something more infrastructural than a bunch of old duffers like me fiddling about with laptops in the snug. We need business to work with government to do something about it and I think that a high-level commitment to a sensible identity infrastructure might be a place to start. The longer we persist in messing around with passwords and similar pseudo-security, the more the mysterious foreign viruses will attack. One of this year’s Economist “top ten” global trends for business leaders to factor into their strategies this year is cybersecurity.

Cyberspace is the new frontline for security. Knowledge and information is a source of competitive advantage for organizations, nations and individuals. But it’s a growing challenge to retain control as mobility and the democratization of everything (commerce, politics and societies) increases – along with cybercrime and cyber war. Look for a rising tide of litigation, policies and regulation. Digital freedom or a “big brother” society?

[From Global trends for 2013: A top ten for business leaders | The Economist]

I don’t think it’s an entirely accurate dichotomy but you can see the idea they are getting at. One the one hand there are people who think that people should be able to communicate freely over the open public internet and the other hand there are those who want to control, spy on and censor inter-personal communications: the Icelandic government, Sony UKHillary Clinton and me for example (although I want to do it in a better way). Time for some better informed public discussion, I think, and a rational debate about what to do about cybersecurity.

These are personal opinions and should not be misunderstood as representing the opinions of 
Consult Hyperion or any of its clients or suppliers

Witness for the prosecution

[Dave Birch] Identity issues have been steadily climbing the agenda with many of our clients and as we put more thought into the subject, more complexities are uncovered. It’s not going to be easy to develop the next-generation identity infrastructure that we all seem to want and one of the main reasons why it is difficult is that none of us can agree on what it should be. Not in technology terms (although we can’t agree on that either) but in terms of the vision. What do we want from next generation identity?

One day we’ll see a blending between our virtual identity and our physical identity. In many ways, the web is the backbone for what’s coming next. We’ll see the integration of digital services and apps into our real-world environment.

[From One Day…Our Physical And Virtual Identity Will Blend – PSFK]

I’m sceptical about this, because I think that in the future people will have multiple virtual identities. This is a fundamental conceptual disagreement. It isn’t resolvable in technology space. In terms of vision, there is no overlap between this view and the view of, say, Charles Raab, Professor at the AHRB Research Centre in Intellectual Property and Technology, School of Law, University of Edinburgh. When speaking at “The Life of Mobile Data” at the University of Surrey back in 2004 Charles said that “In the world of post-modernism, it is no longer clear that any one identity is ‘real'”. I still think this one of the most insightful comments I ever heard on the topic, and one that continues to have a profound impact on my thinking in this area.

But what does it mean? Here’s a practical and immediate example. The British government has announced that it is to reform the Witness Protection Scheme (WPS) which, as the name suggests, protects people who have given evidence in criminal trials. The people and their families are given new identities and moved to another part of the country to start a new life. There are currently 3,000 people under protection in this way.

The UK’s first national witness protection scheme has been launched to overhaul the currently “inconsistent” approach to keeping vulnerable people safe, the Ministry of Justice has said.

[From BBC News – Witness protection scheme launched in UK]

Witness protection is one of those cases that makes the design of an identity system interesting and complex. During my time as a member of the Home Office Advisory Forum in the days of the proposed UK national identity card, witness protection was one of the factors that persuaded me that a token-based solution was the way forward, rather than some form of purely biometric solution.

There’s a great danger in accepting an infrastructure of passive identification where you, the target, do not have a choice in how you are identified. It may seem superficially attractive to have network-based solutions that do not require tokens, but I really don’t want websites to use a plug-in that identifies me every time I visit them. This is not because I’m in the witness protection programme but because I want a very basic choice of interacting as Dave Birch the private citizen or Dave Birch the executive officer of Consult Hyperion or John Doe.

In such a system, how does the identity infrastructure know which identity to use? I suppose one way of determining which identity might be returned would be to look at the nature of the request. Imagine a national identity service that was solely based on personal characteristics. It doesn’t matter whether they are your fingerprint, face, typing pattern or anything else. The chap at the pub wants to know whether you are 18 or not, so he captures the relevant characteristic (let’s use fingerprints for the purposes of discussion) and fires it off to the identity service. The identity service sees that your fingerprints appear twice in the record: once for your “real” identity and once for your “witness” identity. Since it is a pub asking, the service sends back your witness identity and life goes on. But, for example, if it is a policeman asking, then the system might return both identities. This would of course be insanely dangerous because, as is well documented, unauthorised access by policeman and others to existing databases is rampant and it will be no trouble for criminals to determine previous identities. In the case of the ill-fated UK national identity card, unauthorised access to the identity database started even before the system went live.

Nine U.K. government workers have lost their jobs after misusing their access privileges to view personal information on public citizens stored in the government’s national identity database… 34 U.K. local council employees were found to have illegally accessed the Customer Information System (CIS) database, according to a news report. The CIS is one of three systems that will constitute the U.K. government’s national identity database…

[From Nine U.K. Workers Fired For Tapping Into National Identity Database –]

It’s one thing to have trusted and vetted and responsible council workers rummaging around in a National Identity Database, but imagine what happens when just about anyone gets access to that database and it is recording who is in the WPS. Actually, you don’t have to imagine it because we already know.

The British Broadcasting Corporation (BBC) indicated in a 2009 article that, according to a report by a Mexican magistrate, [translation] “the majority of protected witnesses who have cooperated with the judicial system in Mexico have been assassinated”.

[From UNHCR | Refworld | Mexico: The use of government databases by third parties to locate persons; privacy issues; security of information about witnesses in the witness protection program (2008-September 2011)]

If you are a spy, or an undercover policeman, or in the witness protection programme, or perhaps even a restaurant critic, you may have perfectly legitimate reasons (in some cases very literally a matter of life and death) for wanting one identity asserted over another. Who controls this? In a token-based environment, there is no problem. A policeman stops me in the street and wants to know who I am. I take out my phone and touch it against his phone. His phone requests and authenticated identity, my phone asks me for a PIN or pass code which I enter, and my phone sends back my driving licence which includes a photograph that is displayed on the policeman’s phone. In this latter case, my personal characteristics might form part of the process but for the purposes of local authentication against the token: thus I might be required to speak into my phone or present my fingerprint to the phone, or whatever, but this would be used only within the phone for template matching. Google has apparently come out in favour of tamper-resistant hardware tokens, which ought to finally give impetus to this approach in the mass market.

An identity service founded on the principles of post-modern relativism thus has no problem dealing with the multiple identities. In essence, it would treat all identities as pseudonyms. The use of the pseudonym that happened to coincide with your “real” name would not be a special case. To see what I mean, imagine that my name is Jelly Dave (an epithet earned through my knowledge and skill in using gelignite to open safes). I fall out with Mr Big, the head of my gang of bank robbers, and I decide to turn Queen’s Evidence and start a new life. Quite straightforward: my digital identity is revoked and I’m given a new one. I use that digital identity to obtain a new pseudonym from the national identity service (in essence, I send them my blinded public key, they send me back a signed public key certificate and then I remove the blinding) and I’m now Telly Dave, a couch potato from Woking. If a policeman stops me in the street, my phone tells him that I’m Telly Dave. If he is corrupt, it doesn’t matter, because there is no link between Telly Dave and Jelly Dave. The pub, the policeman and everyone else is provided with a pseudonym, not the underlying real identity. And since neither the pub nor the policeman has access to the biometric register that ensures uniqueness, they never the Meaningless but Unique Number (MBUN) that connects the pseudonym to the physical entity.

(The key to making all of this work is to separate the relationship between the “real” person and the pseudonym through the mediating relationship of digital identity, but that’s not really what I want to discuss here.)

Incidentally, I know we only tackling part of the problem here because the witness protection issue is about to get substantially more complex (unless my idea of issuing standard Facebook-blue burkhas to the population takes off). Using digital identity infrastructure it is easy to give you a new pseudonym, but it is not easy to give you a new social graph. Witness protection in the age of Facebook is a whole lot more complicated because protecting your privacy in an online age is a minefield, as “Real Names Randy” Zuckerberg just found out. My new identity of Telly Dave is sooner or later going to get tagged in a photo somewhere that will end up with Mr Big. So without knowing anything about the WPS itself, or how the government proposes to restructure it and centralising, I would think that it has a massive job on its hands to set about forging the social graph for spies, undercover policeman, protected witnesses and restaurant critics in the face of services like Andrew Nash’s new venture Trulioo, which helps to uncover phoney Facebook identities. I would imagine that services like this will make it much harder for the WPS to maintain social graphs for people who need protection. Someone out there must have thought about this, so I’m desperately keen to read about potential solutions. Links please!

These are personal opinions and should not be misunderstood as representing the opinions of 
Consult Hyperion or any of its clients or suppliers

Data sharing sounds good, but it is dangerous

[Dave Birch] It’s not appropriate to say where, but I recently happened to be in a seminar where I saw a member of the German parliament talk about the sharing of data between law enforcement agencies. He used the example of the Austrian and German police exchanging fingerprints and DNA samples and pointed out that cross-border searches had had “many thousand” hits (i.e., a fingerprint gathered at a German crime scene shows up in a search by Austrian police). He called for all EU27 countries to share this kind of data.

Naturally, we are all in favour of tracking down the perps (sorry, been thinking about Judge Dredd again — “I am the law”) across borders, but hold on. Am comfortable about my fingerprints, DNA and personal data being shared with, say, Swiss law enforcement agencies? I may be traducing them unfairly but I have no knowledge of the rigorous data protection and security enforcement procedures within the Swiss government. No, wait, I do…

According to a report from Reuters, sensitive information on counter-terrorism shared by several foreign governments was potentially compromised by a massive data theft at a Swiss intelligence agency. The data heist, according to what European national security sources told Reuters, was by an unnamed IT technician for the NDB, a Swiss intelligence agency.

[From Report: Swiss Spy Agency Warns Of Huge Data Leak from Insider | SecurityWeek.Com]

Even in the UK , with the most stringent data protection laws and ruthless enforcement, we find civil servants being disciplined all the time for unauthorised access to databases (and they are only the ones that are caught). Journalists, private investigators and criminals do not seem to have too much difficulty in getting access to personal data held by government departments and agencies as far as I can see.

Around 25 civil servants are being reprimanded each week at the Department of Work and Pensions for breaching rules governing its vast database, figures show.

[From Civil servants caught looking at private files in personal data breaches – Telegraph]

Still, at least the UK doesn’t have a national identity scheme with a database that stores everyone’s personal details in a structured and easily-accessible form…

Greek police have arrested a man on suspicion of stealing the personal data of roughly two thirds of the country’s population, police officials in Athens said on Tuesday. The 35-year old computer programmer was also suspected of attempting to sell the 9 million files containing identification card data, addresses, tax ID numbers and licence plate numbers.

[From Man arrested in Athens over ID theft of most of Greek population – thestar.com]

Sharing personal data to track down bad guys sounds like an Apple Pie policy (for UK readers: a Bread and Butter Pudding policy), one that you can’t possibly be against. The problem is, of course, that once the data genie is out of the bottle there’s no way of getting it back in again. I remember some of the discussions around TSB Encore project: once you’ve got a copy of my data, there’s no technological way for me to stop you doing anything you like with it (if there was, Hollywood would be using it). So it’s better not to share the data in the first place, except that doesn’t help us catch the bad guys.

I can understand why the Government wants more data sharing to improve the efficiency of public services but I can’t see how this isn’t going to end up in a Data Chernobyl unless we develop a more sophisticated approach to data sharing: encrypted storage, pattern-matching of encrypted data, pseudonymous identity infrastructure and all those other good things.

These are personal opinions and should not be misunderstood as representing the opinions of 
Consult Hyperion or any of its clients or suppliers

It’s simple, this money laundering stuff

[Dave Birch] I wanted to send some money from my UK bank account to my US bank account.

I logged in to do this via my bank’s online service but noticed that they want to charge me £25 for sending a few bytes of data. So I googled around for alternatives and I noticed that the UK Post Office are advertising a free service. So I decided to give it a try.

Remember, I do this so you don’t have to.

I logged on and set about creating an account, which didn’t take too long. But I couldn’t use my account to send any money. There was no “make a payment” option. I couldn’t figure out why, but by then I was too tired to think about it any more so I forgot about it. The following day, I saw an e-mail from Post Office International Payments saying that “To activate this facility we will require a conversation with you over the telephone”. I got a cup of tea and dialled. The nice lady at the other end of the line said that she needed to ask me a few questions because I had failed some kind of identity check.

Well, I suppose I could see why I I’d been flagged: after all, I’ve only lived at the same address for the last 17 years and only had the same bank account for the last 35 years. She asked me if I’d ever lived abroad. I said yes and she asked me where. I started by saying that in the early 1980s I lived in Indonesia. She asked me what I was doing there. I told her I was working on there. She asked me what I was doing, so I began to explain to her about the Palapa B-1 regional satellite system. I thought that if I explained my pioneering role developing X.25/X.28 software to run data networks over a slotted ALOHA satellite channels it would help with my KYC. I imagine that this is the sort of thing that can trip up even the most dedicated terrorists and money launders. If I had, for example, said that the Hughes HS-376 satellite launched in June 1983 used three solar panels then she would have hit the panic button immediately, because as most Post Office employees are well-aware, the spin-stablised 376s had only two solar panels.

After going through the places where I had lived abroad, which took some time, we then moved on to why I wanted to send the money to the US. I explained that I was an international drug dealer and that I needed cash to purchase supplies of Ketamine. No, I’m only joking, although once again I suppose that had I really been an international drug dealer, that’s just the sort of question that would have tripped me up.  I actually told her that I go to the US frequently, that I don’t want to use my UK credit card because of the rubbish rates and penal F/X charges and that I was a bit annoyed with my prepaid US dollar card because it doesn’t always work. So I was going to use my US debit card instead and so needed to top up my checking account.

The conversation continued, ranging over how often I was thinking about sending money to the US and so on. At the end, she told me that they would be back in touch to let me know when I would be allowed to send money. Oh well. I was leaving for the US tomorrow, so I ended up transferring money over to my prepaid card anyway. When I got to the US, there was an e-mail telling me that I could now send money, so I logged back in to the Post Office and sent the £250, which if memory served took about four days to get to the US. I should have drawn it out in cash and brought it with me on the plane, as that would have been three-and-a-half days quicker.

If I have to go through this bullshit — which was colossal waste of their time and money as much as it was of mine — to send £250 to the US, I wonder how third-world kleptocrats manage to salt away billions? The only conclusion that I can draw is that stringent KYC/AML imposes high costs and inconvenience on people like me — and holds up the progress of new payment and other financial services innovations — but is no more than minor inconvenience to drug dealer, money launderers, corrupt politicians and tax avoiders worldwide. That one phone call has already cost the Post Office more than the F/X margin that they’ll make on my transaction, and to what end?

These are personal opinions and should not be misunderstood as representing the opinions of 
Consult Hyperion or any of its clients or suppliers

Immobile

There’s something odd about a conference on Mobile Money & Migrant Remittances held in a hotel with no mobile coverage and a $25/day charge for wifi, but despite that I thoroughly enjoyed popping along and meeting up with friends from around the world there. I was on the Strategy Panel covering financial inclusion, and this coincidentally, the day after I had been quoted in Warren’s “Washington Internet Daily“:

Mobile payment systems are often treated with a lighter regulatory touch than mobile banking, to reach as many users as possible, Birch said. The need to integrate the “unbanked” into society should “tip the value” toward less regulation of low-value transactions, he said.

An entirely accurate representation of my views. A correspondent wrote in response:

Very sensible words! Not sure if you have actually read FATF’s NPM report from October 2010, but it is actually pretty good, and recommends the right thing: a light KYC regime (including no verification) for specific low risk accounts, praising the power of transactions limits and monitoring.

As it happens, I hadn’t read the FATF New Payment Methods report, so I downloaded it to take a look and discovered some surprisingly sensible conclusions. By “New Payment Methods”, or NPM, the FATF means specifically internet payment systems, mobile payment systems and prepaid card products. My correspondent had noted, to my surprise, that some of their conclusions echo my own ranting on the topic: that is, a light-touch KYC regime (including no verification for specific low risk accounts), with attention paid to setting the right transaction limits and appropriate monitoring and reporting requirements. The report is based on a number of case studies, so the conclusions are based in practical analysis, however it must be said that they are probably not statistically utterly sound.

The project team analysed 33 case studies, which mainly involved prepaid cards or internet payment systems. Only three cases were submitted for mobile payment systems, but these involved only small amounts.

Personally, I found many of the case studies in chapter four of the report uninteresting. Yes, in some cases prepaid cards, or whatever, were used as a part of a crime, but in many of the frauds so were cash and bank accounts. One of the case studies concerned the use of multiple prepaid cards by an individual found to have 12 legally-obtained driving licences in different names (and $145,000 in cash). I’d suggest that cracking down on the driving licence issuing process ought to be more of a priority! The issue of access to transaction record is, I think, much more complicated than many imagine. You could, for example, imagine transaction records that are encrypted with two keys — your key and the system key — so that you can go back and decrypt your records whenever you want, but the forces of law and order would need to obtain a warrant to get the system key. Sounds good. But I might not want a foreign, potentially corrupt, government department to obtain my transactions for perfectly good reasons (like it’s none of their business).

The report says very clearly that the overall threat is “difficult” to assess (so some of the rest of it, I think, is necessarily a trifle fuzzy) but also that the anti-money laundering (AML) and counter terrorist financing (CTF), henceforth AML/CTF, risks posed by anonymous products can be effectively mitigated. I agree. And I also strongly agree with chapter three of the report notes that electronic records give law enforcement something to go on where cash does not. This is something that I’ve mentioned previously, both on this blog and in a variety of other fora, because I think it’s a very important point.

I said that I was not sure that keeping people out of the “system” was the best strategy (because if the terrorists, drug dealers and bank robbers on the run stay in the cash economy, then they can’t be tracked, traced or monitored in any way)

[From Digital Money: Anti-anti money laundering]

The report goes on to expand on the issue of mitigation and, to my mind, deals with it very well. It says that:

Obviously, anonymity as a risk factor could be mitigated by implementing robust identification and verification procedures. But even in the absence of such procedures, the risk posed by an anonymous product can be effectively mitigated by other measures such as imposing value limits (i.e., limits on transaction amounts or frequency) or implementing strict monitoring systems.

Why is this so important? As well as keeping costs down for industry and stimulating the introduction of competitive products, the need for identification is a barrier to inclusion. This link between identification and inclusion is clear, whatever you think about the identification system itself. India is turning out to be a fascinating case study in that respect.

The process would benefit beneficiaries of welfare schemes like old-age pension and NREGA, enabling them to draw money from anywhere as several blocks in Jharkhand have no branches of any bank and would save them from travelling to distant places for collecting money.

[From Unique numbers will save duplication in financial transactions – Ranchi – City – The Times of India]

But I can’t help cautioning that while customer identification is difficult where no national identity scheme exists, but there is a scheme it may give a false sense of security because obtaining fraudulent identities might be easier than obtaining fraudulent payment services in some jurisdictions or where officials from dodgy regimes (like the UK) are at work…

Prosecutor Simon Wild told the court Griffith abused his position by rubber stamping work permit applications that were obviously fake or forged using false names and references.

[From British embassy official ‘nodded through scores of visa applications’ | Mail Online]

For low risk products, then, the way forward is absolutely clear: no identification requirements, potentially strong authentication requirements and controlled access to transactions records. One small problem, though, that the report itself highlights: there are no uniform, international, cross-border standards for what constitutes a “low risk” product. But that’s for another day.

Finally, I couldn’t help but notice that the payment mechanisms that scored worst in the high-level risk table (on page 23) and therefore the one that FATF should be working hardest to crack down on is cash.

P.S. I apologise to the conference organisers for my radio silence during the event, but I belong to the #canpaywontpay tendency: I can afford $25/day for wifi (since I’m not paying, I just expense it to the compnay) but I won’t pay it, because it’s outrageous. No wifi means no twitter, no blog, no buzz. That’s not how conferences should be in 2011.

These opinions are my own (I think) and presented solely in my capacity as an interested member of the general public [posted with ecto]

Do we really want a panic button?

The relationship between identity and privacy is deep: privacy (in the sense of control over data associated with an identity) ought to be facilitated by the identity infrastructure. But that control cannot be absolute: society needs a balance in order to function, so the infrastructure ought to include a mechanism for making that balance explicit. It is very easy to set the balance in the wrong place even with the best of intentions. And once the balance is set in the wrong place, it may have most undesirable consequences.

An obsession with child protection in the UK and throughout the EU is encouraging a cavalier approach to law-making, which less democratic regimes are using to justify much broader repression on any speech seen as extreme or dangerous…. “The UK and EU are supporting measures that allow for websites to be censored on the basis of purely administrative processes, without need for judicial oversight.”

[From Net censors use UK’s kid-safety frenzy to justify clampdown • The Register]

So a politician in one country decides, say, that we should all be able to read out neighbour’s emails just in case our neighbour is a pervert or serial killer or terrorist and the next thing we know is that Iranian government supporters in the UK are reading their neighbours emails and passing on their details to a hit squad if the emails contain any anti-regime comments.

By requiring law enforcement backdoors, we open ourselves to surveillance by hackers and foreign intelligence agencies

[From slight paranoia: Web 2.0 FBI backdoors are bad for national security]

This is, of course, absolutely correct, and it was shown in relief today when I read that…

Some day soon, when pro-democracy campaigners have their cellphones confiscated by police, they’ll be able to hit the “panic button”—a special app that will both wipe out the phone’s address book and emit emergency alerts to other activists… one of the new technologies the U.S. State Department is promoting to equip pro-democracy activists in countries ranging from the Middle East to China with the tools to fight back against repressive governments.

[From U.S. develops panic button for democracy activists | Reuters]

Surely this also means that terrorists about to execute a dastardly plot in the US will be able to wipe their mobile phones and alert their co-conspirators when the FBI knock on the door and, to use the emotive example, that child pornographers will be able to wipe their phones and alert fellow abusers when the police come calling. Tough choices indeed. We want to protect individual freedom so we must create private space. And yet we still need some kind of “smash the glass” option, because criminals do use the interweb tubes and there are legitimate law enforcement and national security interests here. Perhaps, however, the way forward to move away from the idea of balance completely.

In my own area of study, the familiar trope of “balancing privacy and security” is a source of constant frustration to privacy advocates, because while there are clearly sometimes tradeoffs between the two, it often seems that the zero-sum rhetoric of “balancing” leads people to view them as always in conflict. This is, I suspect, the source of much of the psychological appeal of “security theater”: If we implicitly think of privacy and security as balanced on a scale, a loss of privacy is ipso facto a gain in security. It sounds silly when stated explicitly, but the power of frames is precisely that they shape our thinking without being stated explicitly.

[From The Trouble With “Balance” Metaphors]

This is a great point, and when I read it it immediately helped me to think more clearly. There is no evidence that taking away privacy improves security, so it’s purely a matter of security theatre.

Retaining telecommunications data is no help in fighting crime, according to a study of German police statistics, released Thursday. Indeed, it could even make matters worse… This is because users began to employ avoidance techniques, says AK Vorrat.

[From Retaining Data Does Not Help Fight Crime, Says Group – PCWorld]

This is precisely the trajectory that we will all be following. The twin pressures from Big Content and law enforcement mean that the monitoring, recording and analysis of internet traffic is inevitable. But it will also be largely pointless, as my own recent experiences have proven. When I was in China, I wanted to use Twitter but it was blocked. So I logged in to a VPN back in the UK and twittered away. When I wanted to listen to the football on Radio 5 while in Spain, the BBC told me that I couldn’t, so I logged back in to my VPN and cheered the Blues. When I want to watch “The Daily Show” from the UK or when I want to watch “The Killing” via iPlayer in the US, I just go via VPN.

I’m surprised more ISPs don’t offer this as value-added service themselves. I already pay £100 per month for my Virgin triple-play (50Mb/s broadband, digital TV and telephone, so another £5 per month for OpenVPN would suit me fine).

These are personal opinions and should not be misunderstood as representing the opinions of
Consult Hyperion or any of its clients or suppliers



Subscribe to our newsletter

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

By accepting the Terms, you consent to Consult Hyperion communicating with you regarding our events, reports and services through our regular newsletter. You can unsubscribe anytime through our newsletters or by emailing us.