APPENDIX 1
Memorandum submitted by Brian Leapman
I am Brian Leapman and I was the author of the
Diamond vision paper produced by SITPRO Business Process Analysis
Working Group that was used to get the various UK Ministries to
sign up to the concept of joined up government and the Single
Window concept. I am presently involved in a project to build
an Interoperability Service Utility ISU that will provide interoperability
and collaboration capability across multiple organisations, businesses
and regulators seamlessly for the cost of a phone call that we
are attempting to get EU funding for The EU commission has made
this one of their infrastructure priorities for the development
of the EU.
An ISU will be able to take feeds of structured
and unstructured information from databases, applications, emails,
conversations and videos and deliver the information to the user
in a search engine capability. The media and content makes no
difference to the comprehension of the information as relational
semantic is used that is language independent.
In our application for funding we have highlighted
an important social issue:
At one level the ISU is a great
tool in that it provides a customised view of the world to the
needs of the individual or organisation. This is called the Multi
Single Window MSW.
At the same time it gives the
possibility as a result of seamless interoperability the possibility
of government being able to obtain the Single Multi Window SMW
the omni view. This is the BIG BROTHER fear that society quite
rightly is concerned about.
Technically, we cannot create the MSW without
the possibility of creating the SMW and whilst the first is desirable
the second outcome is not so desirable particularly if the power
is abused.
The issue around the SMW is not that it can
occur:
But under what circumstances?
What are the controls on that
power?
How do we make sure that the
power is not abused?
Technology it should be remembered is neutral.
IT IS THE USERS WHO ARE EITHER BENEFICIAL OR MALEVOLANT TO SOCIETY
whether the terrorist, the individual, business or government.
Some of the risk can be mitigated through the
instigation and provision of Role Access User Digest provision
of information. We are building this into the architecture of
our ISU. In very simple terms the enquiring user, which could
be the government, can get the salient information without access
to information that is not regarded as relevant or that is personal
to the individual or organisation. I call it the Reader's Digest
version you get all the salient information without having to
waylay through the whole story.
For instance, let us say that the police want
to know if someone had been in hospital on a set of dates. If
we expose the full medical record; they would have private information
that really the police have no use for or need for, and that an
individual officer could use improperly. However, in the Role
Access User Digest model, the police information receives a reduced
report from the medical record that shows only the dates and time
of entry and exit. Let us say there was some relationship between
the entry into hospital and a particular crime. That search request
would be sent to the hospital, the police would be denied entry
to the search until the hospital had satisfied itself of the necessity
to reveal the additional information.
Whilst this may not be the actual scenario,
I hope I have illustrated the way well designed process management
can be used within the technology to mitigate the risks of the
abuse of the Multi Single Window.
In my opinion, there will be an increasing need
for a standing body, somewhat like the Audit Commission, made
up of professional business and technical process architects,
security experts with an element of legal council that has the
power to independently investigate abuses of government intrusion
and liberty, with the right to independently audit government
departments and agencies and to provide recommendations of functional
improvement.
The issue of government and the wider society
battling over intrusion towards a surveillance society is going
to be a continual ongoing concern for all parties. At the same
time government is charged with the creation of a more interoperable
collaborative and visible open society. They are in essence two
sides of the same coin. Our suggestion is the creation of an independent
entity charged to maintain the benefits with as little compromise
as is technically possible to the freedom of the individual and
organisations.
March 2007
|