26 April, 2004: Headcases and bad laws

[ Home page | Web log ]

I've just been reading the Consultation Document on the Bloody ID Cards Bill, which has just been issued by everybody's favourite politician, David Blunkett. I won't say that the Bill is bonkers, but I wouldn't be surprised if others were to do so. Like the European Constitution, it is also enormous (37 pages of near-impenetrable legalese), and I haven't time to write anything detailed on it now.

However, I was particularly struck by clause 31 subsection 2 of the draft Bill, which adds to the penalties provided in the Computer Misuse Act (1990) for the offence of unauthorised modification of computer material:

(8) Where an offence under this section [that is, unauthorised modification] is committed wholly or partly in relation to any contents of a computer that consist of the National Identity Register or any part of it, [that is, the ID cards database] subsection (7)(b) above shall have effect as if for `five years' [of imprisonment] there were substituted `ten years'.

That is, if you hack into a computer and modify its contents, you can go to prison for five years. But if you hack in to the ID cards computer and modify its contents, you can go down for ten years.

So, what's that all about? The Computer Misuse Act does not in general distinguish between the particular computers an offender might hack in to; this special case for the National Identity Register is a total novelty. Why would the penalties in respect of one particular computer be double those for others? And why not apply longer sentences to criminals who hack into other important computers, for instance those which run the stock market, National Air Traffic Control System, or Britain's nuclear weapons or whatever? After all, it would be very bad news if those computers were to be compromised -- arguably worse news than if the compromise affected the Register, depending on whether you were standing underneath the crashing stock market or aeroplane or falling ICBM or whatever other mayhem such a hacker might unleash.

Presumably the idea is that the Government already know that they can't make the Register secure, and therefore they are trying to discourage people from hacking in to it by making the penalty for doing so much greater than for any other act of hacking. This is a nice idea, I suppose, if you think that computer hackers are likely to respond to the increased penalty by changing their behaviour. In fact, prosecutions under the Computer Misuse Act are vanishingly rare and it would be astonishing if the increased penalty conferred any protection on the database.

The proper solution, of course, would be to make the thing secure. But -- oh no! -- they can't, because they haven't a fucking clue what they're doing. As an alternative, they could just not waste our money on the bloody thing. But -- oh no! -- Blunkett is obsessed with it. And this time he intends to ram it through before the General Election so that -- even though none of the other parties support it -- we won't get a chance to vote on it.

(As an aside, it's worth remarking that the recent poll on ID cards was run by MORI, who also happen to be running the trial identity cards scheme. But don't worry: conflicts of interest only apply to politicians and the government.)

And... yet again, I must apologise for the fact that, like government policy, my web log now seems to have acquired an ID cards strange attractor. Here are more holiday photos to compensate:

Frankly, I think the whole thing is quackers! What's good for the goose is good for the gander (or should be)

Update: according to this BBC piece, the Conservatives now support the ID card programme:

Shadow Home Secretary David Davis said the Tories backed the idea of ID cards but said safeguards had to be put in place to prevent the misuse of personal information.

-- which is sad.

Copyright (c) 2004 Chris Lightfoot; available under a Creative Commons License.