The Government's plans for the local or central Big Nanny databases which will be created on every Child and parent in the UK, under the Children Bill, overturning any confidentiality under Common Law are still secret, and have not yet been clarified.
You can get a glimpse of the sort of thing that is envisaged by looking at the
RYOGENS (Reducing Youth Offending Generic Solution) project being tested by Local Authorities in Lewisham in London and Warwickshire, with the support of the Office of the Deputy Prime Minister, the Home Office etc. but which the developers hope will be rolled out to most other Local Authority areas.
The Ryogens system shares data and soft intelligence Concerns about vulnerable Chilfren between the Police and Schools and Social Services, below the levels of concern required for statutory reporting, and also links to Geographical Information Systems and attempts to alert various Child Care Professionals i.e. it must include rumours and unsubstantiated reports and possible libels.
This system is web based and the result of a "Rapid IT Procurement Process" which is usually code for "shoddy work, to impossible deadlines promised by the sales droids to the gullible politicians and civil servants, with no consultation with the general public".
We are not convinced that the necessary security, managerial, procedural and audit procedures are in place for a system which deals with sensitive personal information about Children and their families.
There are limited technical details about the poject available:
"The system is built on a three-tier architecture with external and internal firewalls between VLAN segments. It is based on the xplatform provided by Esprit, our technical build partner. It supports three local authorities and can be easily scaled to support many more. Users connect to the web site through a secure 128-bit SSL connection. They can best view the system using Internet Explorer 5.5 or above. We have deployed sophisticated security software for managing user authentication and user account management and to implement role-based access control to system resources. For security reasons, we cannot publish details of the various software and hardware components on this public web site, nor can we make the technical architecture document available, since such information would be of great value to hackers. If you should like to obtain further information we would be happy to discuss it with you further as soon as we can verify your identity"
Utter rubbish - do NOT trust this system with your children's data until these have been published and scrutinised by independent experts. If the system has been designed and tested properely, it will remain secure, if not, then it is very likely that there is something to hide.
The biggest risk to the system is from internal hackers or legitimate users who exceed their authority, just like the the unconvicted computer and privacy criminals in the Inland Revenue etc.
Some other Concerns about Ryogens:
- The Senior Manager role is too powerful for a single individual - the system should require Digital Signatures from 2 or more Senior Professionals. Hasn't the Dr. David Shipman mass murder scandal highlighted the need not to rely on a single professional signature ?
- Despite using 128 bit SSL, why are three no Client Side Digital certificates ? How are Man-In-The-Middle attacks via insecure Local Authority LANS. WANS (including Wi-Fi wireless and GPRS mobile phone) and the Internet prevented ?
- What exactly are the business rules and risk scoring logic ? These criteria should be public - has nothing been learned from the disasters of "post code lottery" financial risk management sysems - these are children's lives that are at risk, and need higher standards than for example, determining credit risk for a car loan application.
- In these days of spam and computer viruses, it is unprofessional, and potentially hazardous to children, for the system to rely on sending email notifications to Senior Management about immediate Concerns - the chances are that some of these will be ignored or deleted or the necessary action will delayed due to the volume of emails in people's inboxes.
- The Audit requirements do not seem to address the need for full Data Protection Act compiance i.e. a Data Subject Access request asking for the Logic of any Automatic Data Processing to be explained "in plain english".
- Where is there an acknowledgement that as of next year, this data should be made available to the Children and Parents under the Freedom of Information Act ?
- Who exactly has access to Children's Personal Data (and also to potentially libellous "Concerns" about Parents or Guardians) ?
- What is the Data Retention policy ? How long will the Ryogens data be kept for, and when will it be destroyed ?
- Where in the Workflow process is there a notification to Parents that Ryogens system has magically dermined that their Child's electronic "zapiska" has automatically totted up enough "risk points" to be placed in a higher category of risk ?
- Exactly how are mistakes on the Ryogens system corrected ? Does any single Agency which is doing the Data Sharing have the power to get mistakes corrected, or is it always "Sombody Else's Problem" ?
- Helpdesk - is this staffed soley by Criminal Records Bureau checked personnel, or is it sub-contracted out offshore to India etc ?
In case you do not think that this data is sensitive or potentially libellous, consider that they seem to be planning to record Orwellian Thought Crimes:
ROLE AND REMIT OF AUTHORISED USERS - RECORDING CONCERNS
Authorised users of the RYOGENS system will be enabled to raise a
notification of concern either on a child already within the system or against a new child. A notification of concern will consist of five elements:
1. Child personal details;
2. Personal details of the originator of the concern (where the originator is
not the Authorised User);
3. Reason for concern or the fact that a child or parent/carer has requested
intervention;
4. Evidence/explanation for each reason for concern;
5. And whether consent has been gained for sharing the concern and, where it
has not, the legal purpose for sharing the notification of concern.
Users select their reasons for concern from the following list:
Child: Mental Health Concern
Child: Physical Health Concern
Child: Sexual Health Concern
Parent: Physical Health Concern
Parent: Mental Health Concern
Missed medical appointments
Not registered with health professional
Mental Well-being
Bad Behaviour in School
Exclusion from School
Poor school attendance
Negative Home Influence on Education
Learning Difficulties
Lack of Facilities/Equipment
Financial and/or Housing Difficulties
Frequently Moving House
Caring for Relatives at Home
Lack of Family Support
Domestic conflict/violence
Poor General Parenting Skills
Lack of Awareness of Child's Needs
Absent from home
Family/peers Involved in Crime
Criminal Area of Residence
Substance Availability
Involvement in Anti-Social Behaviour
Denies part in /does not believe commits Anti-Social Behaviour
Suicide Attempts/Self Harm
Dangerous Behaviour
Has Harmed Others
Has Intent to Harm Others
Animal Cruelty
Suffering Harm
Non-constructive spare time / Easily bored
Social Isolation
Child: Substance Misuse
Parent: Substance Misuse
Substance Availability
Victim of Bullying or Discrimination
Perpetrator of Bullying or Harassment
Other
Horrible. "Does not believe commits anti-social behaviour" - this applies to anyone who doesn't commit it!
An interesting article - I work on the RYOGENS project and there are several key points made in this article, the clarification of which is easily available. Would anyone be interested in the full information?
This bit says it all:
"we cannot publish details of the various software and hardware components on this public web site, nor can we make the technical architecture document available"
In other words, it relies on security by obscurity, the worst possible idea.
Any system whose architecture and controls cannot be published, is almost certainly insecure.
In other words, another typical public-sector cock-up; but one with more potential than most to cause horrifying injustices.
Yes , we would welcome any further clarification about Ryogens.
If it really is not quite as Orwellian and Kafkaesque as it appears to outsiders, then we would welcome more information which answer any of the points raised above.
Even if Ryogens is a benign system, its potential for abuse when it (or something like it) is coupled with the controversial Children Bill which could destroy confidentiality through powers "notwithstanding any rule of common law which prohibits or restricts the disclosure of information" must be obvious.
ARCH have a response to Ryogens which is also worth reading:
http://www.arch-ed.org/ryogens.htm