Professionally, I am now curious how a scheme will be devised and implemented for local authorities to reliably generate free photo ID cards for people whose main problem is that they have absolutely none of the photo ID options that UK gov could think of in setting up voter ID. Politically, every chance it will be implemented like anything else in current UK (hostile climate, Universal Credit), erring on the side of ensuring nobody abuses it - with the likely side effect that requiring voter ID will lead to mass disenfranchisement despite "free ID".

Did the UK just lose the right to protest noisily, to vote without owning ID, and to have an independent electoral commission, or did I dream all that? Newspapers and BBC seem to suggest the latter ... At least Voter ID is trending now in UK, alongside Alan Partridge and a Sewing Bee.

BLOCKCHAIN CONSIDERED HARMFUL. There are always new technologies around in my discipline: computer science, and usually they are introduced with a really useful application in mind. Sometimes we discover a little later that the downsides of such technology outweigh the advantages Facial recognition is getting close to that point, and the online advertising industry is trying hard to convince us that browser cookies are in that category too
What is much rarer is a technology that is shown to be harmful before anyone has demonstrated that it could be useful

Just written 431 words "Blockchain Considered Harmful". Will share final version when it comes out, soon I expect. Of course someone had already used that title in 2017, a rather different argument in ACM SigArch by Tilman Wolf. sigarch.org/blockchains-co…

This is a terrible development. @NHSDigital citing "security" as a reason for not publishing DPIAs. This, as far as I am aware, the first admission that a DPIA for the NHS App exists (@lilianedwards you were asking earlier). theguardian.com/society/2021/s… Thread on "security" vs publishing DPIAs. Shallow argument: Kerckhoff principle says security by obscurity is bad, don't hesitate to publish what encryption used, just keep the keys secret. Nice separation, chance of scrutiny, etc. I don't think this is a valid instance though.

Good article but should have gone into why @EinsteinsAttic @medConfidential are still rightly worried despite positive promises.

https://twitter.com/POL_Research/status/1429381028855037952

These include:
- government narrative on data for innovation and explanation, which has captured public face of @Iconews too; and aligned drive for deregulation on data
- underhand behaviour on Covid NHS datastore, esp Palantir and Faculty role in it or actual processing in it

Live TV interview coming up on @trt 5:30 UK time: on the new Apple scanning features. Or rather @trtworld, and probably 5:40. It's building surveillance infrastructure in two places, and while there are mild bad impacts possible now, the potential for function creep is massive.

Remember how the NHS App was going to become our vaccine passport, as of yesterday? It turns out I was massively confused (or misled if you like) about its privacy notice, data controller, etcetera. This is because there are NOW 2 similar features on the app. On Sunday, I saw the "Check your COVID-19 vaccine status" feature appear, and thought it looked encouraging. See tweets

https://twitter.com/EerkeBoiten/status/1393586858039422983

- controller NHS Digital, can't be used by others, can't be used for work, etc etc, and an acceptable privacy policy.

BUT

Since I spoke to @journoandrea, some news updates: paper alternative (good for equality), apparently only for international travel (good), separate screen for vacc info (fudge), authentication/identification still unclear (bad), NHSX involved (ahem) & and ..

No DPIA (bad)

https://twitter.com/digitalhealth2/status/1391699545512423425

And indeed, my @NHSuk App updated itself, and I now have a vaccination passport. Meanwhile, still no DPIA.

I am absolutely disgusted by official publication by @bcs @BCS_Policy presenting issues around the NHS app under the heading of "Privacy vs lives saved". bcs.org/content-hub/th… The original BCS position paper press release bcs.org/more/about-us/… was already dubious by talking about "perceived Big Brother elements" (perceived!), but this is really going too far.

Some thoughts on the NHSX Datastore DPIA that was published, disappeared, and now reappeared at england.nhs.uk/publication/da… (Follow @owenboswarva to keep track of where it was last seen.) In earlier thread

https://twitter.com/EerkeBoiten/status/1266373298532712448

I talked about three data streams:
- app,
- track & trace,
- dashboard;
two purposes:
- tracking ill & suspected & contacts
- planning overall response.

This is dashboard for planning.

App data NOT mentioned. Odd: serves planning!

amp.theguardian.com/world/2020/may… Applause to (anonymous members of) this ethics board. You can't appoint an ethics board for rubber stamping. Serious DPIAs may lead to changes in design. Even limited oversight as an afterthought not working out fully here. Ethics Advisory Board (EAB) letter of 24 April also published, see …a-socialtracking.powerappsportals.com/EAB%20Letter%2…. Great letter, 6 principles.

Response …a-socialtracking.powerappsportals.com/Response%20to%… loosely dated "May", appears to agree to principles.

If I was on the EAB (rather than just EAB by myself), would I be happy?

My keynote, tomorrow #Computing2018: "No, let’s not put it on the blockchain".

"To carve out some scenarios where blockchain optimist narratives fall short, & specific properties of distributed ledgers & blockchain work against requirements. Includes GDPR, but no 20M fines." #blockchain Keynote was well received.
The scenarios in this thread, link to slides at the end.
1. Short-term information of any value. Everybody will have to keep it forever and you can't get rid of it.