Leatherhead Matters

There are an estimated 35,000 suppliers of car number plates in the UK. Yeah yeah yawn…so what you may say.

A car registration number is supposed to be a critical part of a vehicle’s identification and perhaps more importantly, a key piece of data to identify the owner. However, the police estimate that there are at least 20,000 cars driving round the UK with cloned number plates I.e. a duplicate of someone else’s car plates. This is nearly always to try and avoid detection by police use of APNR.

The British Police Service are world leaders in the application of Automatic Number Plate Recognition (ANPR) technology, a technology that was invented in the United Kingdom. Whilst use of ANPR technology in its first twenty years was largely restricted to counter terrorism purposes, there has been significant development in the use of ANPR in a wider policing environment in recent years.

But advances in APNR have spawned a number of responses by the criminal class:

1. Existing car registration plates are subtly modified to a different number by the application of black adhesive tape
2. Legal looking plates, using any number, can be purchased to order from web sites like THIS
3. Reflective plates are illegally fitted to fool APNR, purchased from sites like THIS
4. Showplates (like the this one ) are illegally fitted. These can be supplied to the purchaser’s specification, no questions asked, from sites like THIS 
5. Or, increasingly car plates are stolen from the cars of legal owners. Usually the stolen plates are transferred to a car of the same make, model & colour….which completely fools ANPR

Ok Ok I hear you say but, what’s all that got to do with the 35,000 suppliers, most of whom ask no questions…know what I mean guv? The surprise is that the Government don’t appear to have asked themselves the same question. The huge number of suppliers is an indication how large the market for false plates has become. So why doesn’t the Government licence 2-3 bona fide suppliers  & require them to cross check with DVLC on car history & owner details. All other suppliers could be outlawed.

Sure some illegal suppliers would continue by going underground or, going offshore Perhaps there would be an increase in stolen plates? However, the UK does appear to be unique in allowing this huge trade in illegal plates.

All suggestions on how to clean up the number plate industry…..on a post card to Gordon Brown please.

NHS Connecting for Health – which runs part of the £12.4bn National Programme for IT [NPfIT] – has quietly decided to weaken assurances given to patients about the confidentiality of centralised patient records.

The papers released under the Freedom of Information Act have revealed that NHS Connecting for Health has decided to change a written assurance to patients that non-clinical staff “WILL NOT” have access to your [patient] records to the weaker “MAY NOT” have access. This weaker restriction leaves open the possibility of administrative and other non-clinical staff such as receptionists & healthcare assistants) viewing the database of patient care records.

Paul Cundy, co-chair of the British Medical Association’s GP IT committee, said the papers obtained by Computer Weekly showed there has been an “erosion of the confidentiality of patient records that we feared would happen”. He said that healthcare assistants, who may now have access to patient records, were in essence “trained receptionists”

The pilot for the NHS Connecting for Health project (sometimes called the Spine) has been operating in the Bolton Primary Care Trust. NHS patients in the Bolton area were mailed  leaflets setting out the benefits of a national database & also informing patients of their right to opt out of having their personal health records uploaded. One leaflet (see page 11) gave a specific assurance to patients that receptionists will “not need to see your full clinical records”.

After the leaflets were mailed to thousands of patients it was realised that receptionists at Royal Bolton Hospital’s, Accident and Emergency department had - before the trial of summary care records began - been accessing the local electronic patient records routinely, then printing them to add to the casualty record card.

Never believe a bureaucracy which says “Trust Me”. 

H/T Computer Weekly

General Medical Council president, Sir Graeme Catto, said this week:

Because a patient had given consent to put a record in electronic form they haven’t given their consent for their entire record to be shared with everyone and new electronic systems had to cope with that requirement

This reply was given in response to a question from Bedfordshire GP, Mary Hawking, who asked whether the GMC had considered the ethical implications of sharing information from the proposed NHS detailed care record which will record all medical treatment. Read More HERE

I wonder if Richard Branson understands that the pronouncements of the General Medical Council are absolute?

Whistle blower John Spencer, who used to work for Virgin Healthcare recounts how:

Senior Managers at Virgin Healthcare want to find ‘a way around’ these regulations in order that they can then send Virgin marketing materials to the confidential list of patients held by an NHS GP.

Patient data confidentiality is already a problem within the NHS as new electronic data systems make access to patient data, by a much larger, geographically dispersed audience, much easier than traditional GP controlled data. But, as new commercial health providers are introduced into NHS health care, who is thinking about how to control commercial organisations access to patient data. It’s a marketers dream, selling patient demographic & healthcare data to say, the medical insurance industry or, as John Spencer suggest, using patient lists & addresses for direct marketing.

Who is thinking about controlling these new boundaries……I suggest no one is!  Which is probably why Richard Branson smells an opportunity.

The scope and size of government has soared exponentially under New Labour. Government now intrudes into every corner of our lives and collects more data on individuals than at any previous time in our history. But, the loss of 2 CDs by HM Revenue & Customs, last October, containing the personal details (inc bank account details) of 25 million citizens may have fatally punctured New Labour’s “Big Government Project”

Kieran Poynter (Chairman of PriceWaterhouseCoopers) today published a fascinating report of his findings & recommendations  (from his review of information security at HRMC). It’s  a riveting, forensic  expose of a thoroughly dysfunctional organisation. This insight into one of the biggest departments of state shines a light on the culture of British government and the civil service….and it’s not pretty!

If you want to read his 109 page report you can find it HERE but, I’ve tried to make it easier to find the juicy bits by highlighting (in yellow) key passages in the report.

Poynter’s report politely suggests that there is little leadership…no one is imposing themselves on this huge operational department. There is a total absence of any strategic direction for the organisation. There is a culture of sharing information (with just about anyone who requests it from within the public sector) rather than protecting it.  Meetings are called but with little thought or, consensus on the purpose or, agenda. Most of the operational level staff spend their time fixing problems rather than serving customers. We don’t get to find out what the senior civil servants spend their time on but, it’s certainly not leading the organisation.

It’s interesting that Poynter found that there was a total absence of  upward communication from operational staff to senior management to seek guidance on whether it was OK to send the details of 25 million citizens to the National Audit Office,  by untraceable internal mail on 2 unencrypted CDs. Based on conversations I’ve had with public sector staff, this is normal. If you ask difficult questions like this in the public sector  the classic response is “Do what you think is right!”. This avoids any career damaging blame should things go wrong and it discourages operational staff from asking difficult  questions in the future.

New Labour have adopted the language of business over the last decade. They talk about achieving world class performance, when they are struggling to even catch up to the average. Unlike world class businesses, New Labour constantly creates new agencies and new departments with overlapping responsibilities. They are unable to create a sense of a shared journey within the civil service because everyone knows the Minister is only likely to own his/her current portfolio for a few months. Change can’t be planned because the Minister demands attention to the latest big idea or, media driven interest.

Read the Poynter report and then ask yourself would you ever want the public sector’s operational scope to be anything other than, that which only Government’s can & must do?

 PayPal is a popular payment choice for online transactions, especially if you use eBay. Just create a user account and register a credit or, debit card for payment and PayPal becomes your trusted middleman for holding the cash when you may be dealing with a dodgy vendor. But PayPal’s growing popularity is attracting the scammers. 

I’ve only used eBay once but, I now regularly receive scam e-mail. Fortunately my computer security software picks it up & stuffs it into junk mail. 

The scam e-mail looks like this. Click for a larger image.

 It alerts you to the following message:

Our system detected unusual charges to a credit card linked to your PayPal account

The message then requests you click a link to reactivate your account.

It all looks very kosher except for a giveaway sign. Look at the source e-mail address (top left of e-mail). service@paypall.com. Then compare it to the links provided in the e-mail (on the right) to access the genuine PayPal website. See the difference?

The scam e-mail has two “l”s instead of one !

Always check if the e-mail address domain (letters after the @) on any sensitive financial stuff matches the web domain names of the website.

The scam seeks to persuade you to click on the link which sends you to an imitation of the genuine web site. It then asks you to log-in to your account. The scam site has a key logger which harvests your log-in details and voila they have ownership of your PayPal account.

Mr Brown thought long and hard and decided to use a number without any bad connotations.

1 .. One career in the balance
2 .. Two pence fuel duty planned rise
3 .. Three % is now even the CPI inflation figure
4.. Four. Channel Four making that documentary about where it all went wrong
5 .. Five years in Iraq..
6.. Six % is likely the real inflation figure
7 .. Seven days a week Mr Brown spends thinking about helping the UK
8 .. Eight Billion pledged to spend on affordable housing
9 .. Nine thousand number of jobless claiming benefits increased by in May
10 .. Ten is the Number of my House
11 .. Eleven is the number of my old house
12 .. Twelve % was the drop of the Pound to a basket of currencies in April
13 .. Thirteen !! No Way
14 .. Fourteen days between rubbish collection now
15 .. Fifteen pounds average loss of a low paid worker due to 10p tax rate change
16 .. Sixteen mobile phones since October
17 .. Seventeen Percent swing to Tories in Crewe and Nantwich
18 .. Eighteen hundred jobs announced to be axed by Aviva last week
19 .. Nineteen.. n n n nineteen… average age of a soldier
20 .. Twenty Percent. Liberal Democrats Poll Ratings
21 .. Twenty one pence rate of rebate truckers want to end fuel protests
22 .. Twenty Two % was the doctors pay increase awarded in error 2006
23 .. Twenty Three million pounds of Labour Party debt
24 .. That TV show all the media are pinching the graphics from
25 .. Twenty Five hundred Post Offices closed 2008
26 .. Twenty Six percent is Labour Party poll rating
27 .. Twenty Seven percent increase in factory gate inflation figures this year.
28 .. Twenty Eight days is the current number of days for detention without trial
29 .. Twenty nine seats the government held in 1906. the wheel turns full circle..?
30 .. Thirty. number of Cleggovers.. Don’t go there
31 .. Thirty One hundred new criminal offences created in nine years by Mr Blair
32 .. Thirty Two % of people who still trust Alistair Darling on the economy
33 .. Thirty Three % of students currently overdrawn by more than £1250
34 .. Thirty Four normal number of rebel Mps
35 .. Thirty Five Labour MPs that the GMB Union has decided to withdraw funding for.
36 .. Thirty Six weeks since Mr Brown didn’t call an election
37 .. Minus thirty seven is Gordon Brown’s personal poll rating [ from a high of plus 48]
38 .. Thirty Eight thousand rise in UK unemployment figures for May
39 .. Thirty Nine Billion was pledged to be spent on government projects in the first 7 weeks of Mr Brown’s premiership.
40 .. Forty % increase in the price of eggs this year.
41 .. Forty One Percent. Mr Brown’s poll rating when he became Prime Minister
42.. ???????????? Yep that’s the one!!
43.. Forty Three percent current UK taxation level
44 .. Forty Four out of the 101 is the number of missed targets set by Gordon Brown at the last spending review 2007…
45 .. ………………… etc

From Capitalists @ Work: Why 42 was the chosen number

As the exam season looms, one of the examination boards, Edexcel, is gearing up to introduce James Bond style gizmos to detect exam cheating.

Schools’ names will be invisibly written within single letters of exam papers using “microtext”, effectively watermarking them to prove they are genuine because the microtext cannot be photocopied.

24 Hours style radio tracking technology will be fitted to the courier bags in which exam papers are sent to schools. Bosses will be able to scan exam papers remotely to make sure they have not been tampered with.

The board will continue to use sophisticated anti-plagiarism computer software to analyse pupils’ written answers and detect whether they have copied each other’s work, or if a whole class’s answers are suspiciously similar.

According to Edexcel’s managing director, Jerry Jarvis, 80% of children that cheat get caught and the chances of them getting away with it have fallen dramatically. (How does he KNOW that 80% get caught if he admits some don’t get caught???)

This is a story of our time. It’s a story of a collision of philosophies. On my  left we have a “we know best”, statist government, on the right we have a trendy, cool, private sector, global company. They have both committed themselves to digitise medical records …..please read on.

Yesterday Google launched, for USA citizens, an online “filing cabinet for all their health records. Once registered, you own the data and you can choose who you wish to share your data with (your doctor, health specialists etc). Click on the logo to see more details

Mary Adams, 45, a Cleveland Clinic patient who participated in the Google Health pilot, said that she was initially concerned about the privacy of her medical information.

Still, she felt safe enough to enroll and has been using the service for about six months, linking it with an online health management tool from the Cleveland Clinic and adding information on prescriptions and doctors to her online profile.

“I hate pieces of paper lying around my house, so I love the fact that i can log on with my normal Google login info and see everything at a glance,” she said, adding that with its public availability she’ll try to get her sister to use it.

The service, still a non-final “beta” version, does not include ads. But, Google doesn’t plan to start placing them to support the site. A search box on Google Health pages leads to standard Google search results pages, where there are advertisements.

Besides importing records from providers, users can enhance their password-protected profiles with details such as allergies and medications, they can search for doctors and they can locate Web-based health-related tools.

Back here in Nu Labour Land, the Government imposed a national health data base project on the NHS called The Spine. Current estimates are that it will cost the taxpayer £9 Billion+ ( that’s £300 for every tax payer in the country) and that it will be at least 4 years late in delivery and may have significantly reduced functionality even on this delayed schedule.

This project is a telling example of the statist New Labour approach to the Public Sector. First they started with the assumption that the state (via the NHS) owns our medical data and then they decided to fund what will be the largest IT project in the world to enable digital sharing of “their” data across the NHS. Result?

 Read how to opt out of your data being uploaded from your GP’s practice to the NHS Spime HERE

UPDATE: 29.05.08: Project going down the tubes

 Japan’s Fujitsu has been axed from a 896 million pound ($1.8 billion) contract with the National Health Service after talks to resolve a contractual dispute broke down, the Financial Times said on Thursday.

  I’ve posted before about the risks to patient confidentiality in the current project to create a national data base of patient medical records. The project, called the NHS Spine is now moving into pilot stage.

Already, the assurance given during the design stage of the project (on restricted access to patient records) is being weakened. Now it seems that virtually anyone with computer access in the NHS will be able to access your most sensitive medical history.

Read more about these latest developments HERE

Previous posts:

NHS Spending Millions on Centrally Stored Medical Records but, Germans Say NO

Hospital Workers Snoop on Celebrity Medical Records

How to Opt Out of Sharing Your Medical Records with the Nation

Government Departments have been trying to toughen up their procedures for protecting citizen’s personal data. This is in response to several incidents which demonstrated an extremely lax approach to data security (eg HM Revenue & Customs lost the personal records of over half the UK population).

So civil servants have now finally got the message that data security is one of their top priorities……right? Sadly, it appears not much has changed, even after all the public breast beating. How do we know? The following internal memorandum has been circulated to all staff at the Department of Work & Pensions:

Following the HMRC incident last November, increased security measures have been put in place for dealing with data transfers both clerically and electronically.
All staff should be aware of Security Notices 02/07 and 03/07 that were issued by the Departmental Security Team in December. This guidance covers data transfers and use of courier services. Information in these notices should be adhered to, in order for us to protect our customer information and the integrity of the Departments’ Security practices.
I have been advised of instances where password protected data has been sent out with the password being sent separately as detailed in Security Notice 02/07. However, once the data and the separate password are received, staff are then forwarding the data and password on together, this defeats the purpose of the security measure entirely.
Could I ask you to remind staff of the heightened security surrounding data transfer and ensure that data and passwords are sent separately.

        +    Password = dontgiveashit

So there you have it. Staff are forwarding citizen’s private data (mainly via CD) and putting the password to access the CD data in the same envelope.

It’s the stupidity of big government.

H/T Dizzy