Cheap
That seems very cheap compared with the cost of the database in the first place
Removing innocent people's records from the DNA database will cost almost £5m, the House of Commons was told yesterday. MP Diana Johnson asked crime prevention minister James Brokenshire how the batch loading system for getting records onto the national database worked. He explained that DNA samples are first converted into a …
#rm -rf /*
do it? less than £5 million/character.
I'd do it for half the price.
('course, Id probably need to be of non-UK origin to pass the stringent security and P.V tests, but...)
Sorry, I've never used that command. I'm told it's surprisingly effective. Especially (given tomorrow's date) to leave it - as a text - on the BOFH computer first thing tomorrow morning...
What makes you think this database is relational?
The only use of the database is to compare DNA profile X against all other profiles and print out the list of matches. This doesn't need a relational database, especially as the natural key, the DNA 'donor' name, isn't needed to do the search: it is only needed to delete profiles and that was never a requirement.
Given all the above, why pay for a DBMS when you can simply stuff files containing the profiles into a RAID 5 filing system so they won't be lost if a disk dies and because reading from it is bloody fast. Job done, and for minimal cost and zero thought except that putting 1000 profiles in each file will save file open and close time during a scan.
Each profile is added to a "batch" and loaded to the database with 1,000 others?
I'm sorry, but this really is technobabble at it's worst.
Does no one else think this is a crock of the highest order ? Mind you, given the perfect storm of technical illitereacy and journalistic credulity, I shouldn't be surprised. Who explained it to Mr Brokenshire (I urge readers to check his official mugshot out) Stephen Fry ?
To input DNA records or samples in batch sessions. Why batch only 5 or 10 at a time? Probably batches contain a couple hundred "contacts", probably done every 2 weeks. Not sure if that is representative of the level of relevant crimes, but I'm just pulling numbers for effect.
The collation of some number of contacts' files and their entry makes me wonder if file errors or contamination can let some suspects off and convert innocent suspects into incarcerated individuals.
And, what the hell is this batch entry got to do with isolating individual records. If a set of exonerating DNA is placed in the database to "extract" a deep-cover operative who needs a convincing case file or rap sheet, then it means that finding this anonymized record will be a major BI*CH to do so and not expose other records. Records requiring privacy sensitivity should be discrete and not commingled in such a way that deleting or viewing a specific record destroys or exposes or manipulates another record.
Either they have a horribly designed database, or the explanation is a crock of shit, or the interpretation of the explanation was maligned somehow.
Didn't the database design team know of CODD's rules, atomicity, and a slew of other best practices or database "laws" that help frame the design of ANY database. Even if it is object oriented, there still must be a valid concept of data atomicity, row and column locking, audit control, recovery, and so on.
Speaking of recovery, what about all of their backups. If there are 10s or dozens of off-site archives not yet purged, how do they know they will retrieve every last cartridge, disk, or other media and the logs that make references to that to-be-purged DNA? Do the references, too, need to be purged? If their logs are incomplete or inaccurate, they will probably never successfully remove each and every should-have-never-been-filed DNA record. If any of it traveled over a wire, across Wi-Fi, or into a cloud, even if encrypted, anyone knowing of the backup schedule could sniff and hope to crack the content encryption at a later date.
"The best way to avoid risk is by advising that any activity is technically impossible for reasons that are far too complicated to explain. If that approach is not sufficient to halt the project, then the engineer will fall back to a second line of defense: "It's technically possible but it will cost too much."
... that when everyone dies, recovering disk space will not be a priority. In all (or slightly more) seriousness, dead people should stay on the database anyway, since it's possible they committed unsolved crimes and their records may exonerate other suspects in the future.
Also, at that point, the crime of storing their DNA for (probably) no good reason has become victimless.
...matching. Sure there was some hope that a person of interest who proved innocent "this time" might be kind enough to leave a sample behind if he ever does offend.
However, that is small potatoes compared to the power of mining a comprehensive population wide sample of DNA. Even a relatively small sample would be enough to start getting direct hits on a parent, child, sibling or cousin. Once the number of samples has grown to a suitable representative size, it would soon become possible to say with some confidence: "We're looking for someone who's mother is a Kerry County O'Rourke and father is a Dun Edin McCleod." Which in turn requires a simple "hatches, catches and dispatches" lookup to resolve. Case closed.
Except with such a comprehensive database it would also be possible to frame up just about any member of the encompassing population simply by salting the scene with their DNA.
Big Brotherish enough thankyou that, even limiting the database to convicted criminals, still allows the "over the odds" apprehension of crime "families" with less than thorough police work.
Sympathetic (Voodoo) magic for real, where fingernail parings, hanks of hair, your blood and even your poop can be used to destroy you.
There is hopefully one silver lining. Technology is advancing at such a rate that spoofing advanced forensics like this is within reach of enough people, that conviction on forensics alone will hopefully soon assume a similar status to "only CIRCUMSTANTIAL evidence" as it properly should.
With a very very expensive, complicated and messy front-end connecting to this massively proprietary database that is keeping some third party (for want of argument, lets guess Accenture or IBM) in meal tickets for the foreseeable future! No doubt the sheer complexity of the storage was also sold as a security/encryption feature too.
Isn't that how all government databases work?
If the figures of 1 million samples illegally held is correct then nearly 5 quid a pop to look up a record and delete is somewhat costly.
I cant see what batch uploads have to do with it, if they have to compare samples they dont get results back in blocks of 1000!
Sounds like idiot Gov muppet getting the shaft from IT person that can spot idiot a mile off.
If this is the case, then the DNA DB is not fit for purpose and there should be serious questions asked of the supplier of the system.
Did they just build it thinking that our civil liberties would never ever be restored after more than 10 years of erosion (and bankruptcy) by Labour?
Please tell me it's a normalised relational database and there's some sort of common ID field linking the DNA profile with a human. If it is, then the hard bit would actually be trying to get together all the ID numbers of the innocent humans in the first place. The actual delete should be a simple process after that.
Surely under the data protection act people can just go and inspect this data and request for it to be deleted? Oh I forgot, the law doesn't apply to governments and their gravy train agencies.
Given that the purpose was to collect DNA data from everyone who came within swabs-length of the UK and to hold that data indefinitely then the database actually was fit for purpose.
It's the twats who decided we needed a database of this nature in the first place who were not fit for purpose.
If it's really that much work to remove records (and I don't doubt it is), surely the efficiency of the whole databse can be called into question?
Does rather sounds like an explanation worthy of a spooty youth in Dixons or Comet, mind you.
"Well, yeah, it'll cost, uh, four point eight million because we have to, uh, load them up in batches of a thousand at a time."
"But these are ones we want to get rid of."
"Yeah, but, well, then the ones we've loaded up won't be in thousands no more, so we have to load them up again. And that needs Barry from Head Office, cos he's, like, better at this."
And so on.
... the root of the problem can of course be illustrated by executing the following SQL commands:
SELECT * FROM [civil_servants] WHERE [location] LIKE 'whitehall' AND [clue] IS NOT NULL;
(0 rows returned)
and
SELECT * FROM [civil_servants] WHERE [location] LIKE 'whitehall' AND [self_serving] = TRUE;
(server crash - result set too large)
How much does it cost to do a DNA profile?
I can't imagine it's cheap, private companies charge about $250 for paternity tests etc. So assuming that $1=£1 and add a 1000% government contractor markup they are paying a few quid to put innocent people's DNA into the system in the first place
If you waited for them to be convicted before doing the profile than you could save the cost of removing the innocent ones pretty quickly
Seriously? Did the civil servant/politician who received this estimate just blindly accept it, and not do any kind of mental figuring or apply any sort of common sense to ponder just how ludicrous it is? The fact it comes a day after a huge government announcement about how they're going to do things different now, and no longer accept getting repeatedly screwed by the big IT suppliers just makes me despair. The kind of money quoted would pay a team of 20 consultants £750-a-day for OVER A YEAR. There is no way that even a government IT contractor could figure out a way to string out a few SQL deletes that long. Anyway, they seem to know there's a million innocent people on it... rerun that query with DELETE instead of SELECT COUNT(*) and the job is good as done.
The impact assessment is here.
http://www.homeoffice.gov.uk/publications/about-us/legislation/freedom-bill/pof-bill-ia
It states that "Evidence" from police and security services state national security investigations could last 25 Years (no doubt without *any* convictions). But they wouldn't mind if such a case was reviewed every 3 years or so.
And yes it does think that there are about 1 million people wrongly on the DB so that is c£5 each.
For what I have *no* idea. Perhaps the National Police Improvement Authority (who run the NDNAD) could explain the intricacies to someone from Vulture Central.
It's a very *grudging* start. 3 years is *still* too long IMHO for some not *charged* or convicted.
Since there will be many innocent people still on the database - those accused of but not found guilty of a "serious offence" - the cost is not a true reflection of how much should really be spent.
Remember, Not Guilty does not mean "Got Away With It" or "Probably Guilty".
As I have said before, this is nothing but bullshit PR and will remain so until *all* records of innocent people are deleted.
Now, managing thousands of hand-written paper cards was difficult.
Imagine having to store, collate, sort and search these all day?
You needed a pretty sharp HB back then.
I can understand £5M for major changes to that kind of chaos.
But £5M to update a computer system?
Computers; we were promised speed and efficiency.
I am also waiting on my flying car!!
First, let me state that I developed a DNA-paperwork-tracking database for the local Police force. The way DNA-profiling works (here at least) is as follows:
System generates paperwork (DNA + Fingerprint, including barcodes to help track the paperwork + samples) which is printed and handed to the person who will be doing the sample. Why? Because as far as forensics is concerned it can be shown that this DNA belongs to the person with this set of fingerprints. BTW, fingerprints are actually a more accurate identification system - twins (for example) will have the same DNA but different fingerprints. It has been suggested that even clones of a person would have different prints. But DNA is easier to get at a crime-scene these days.
Samples are taken from the suspect and the paperwork is signed, and barcode strips are attached to the samples. DNA Samples are sent away to the DNA labs, FP samples are set to the fingerprint bureau (we'll leave the Fingerprints alone now and concentrate on the DNA).
DNA bureau get the barcoded samples and process them to extract a DNA signature. Both the sample and the signature are only referred to by their barcoded number - you would need both the DNA sample data (with a unique identifier *for each sample*) and the paperwork/system data to link sample(s) to a person. (note; I was informed at the time that DNA-ing a person costs ~AU$100 per sample)
Upon requiring destruction, the system issues the relevant destruction paperwork *with unique identifier and barcode* which is sent to the labs. The labs, which store the samples/signatures base on the identifier, retrieve the sample and signature and destroy them (by sterilisation and/or burning). They then sign the compliance letter which accompanied the paperwork and send that back to HQ. (note; again I was informed that destruction of a sample costs ~AU$10 per sample).
The reason it's done this way is that the police force here can (and has to) retain the fact that you *were* DNA'd and the accompanying facts for legal reasons (like FOIs, court actions, etc). But if you are not charged, or are found innocent, the *identifying markers* (i.e., the DNA sample and signature and the fingerprints) which were taken *for that purpose* have to be destroyed. (note: any existing DNA data for instances where you *are* guilty can/will be retained).
So: £5m pounds is ~ AU$7.75m - does this mean the UK has 775,000 "innocent DNA" samples?
<quote>So: £5m pounds is ~ AU$7.75m - does this mean the UK has 775,000 "innocent DNA" samples?</quote>
Could have indeed. Everyone arrested has their DNA taken, and never removed no matter what the outcome. And its been going on for 16 years already. But somehow I suspect this figure of £5m is bullsh1t.
Every figure the government tells you seems to be weighted towards their preferred outcome. Minimum wage? Too expensive, will cost us <£ Big Number>.
Privatisation? Extremely cost effective and good for everyone, will only cost <£ Small Number>
Etc.
Probably just that the profile number is linked to the person with asymmetric encryption keys and the decryption routine is only built to provide the person where a match has been found already.
The bulk of the cost is probably around the need to keep the bulk decryption routines you have to develop and also the decryption key properly secured or you lose the value of having it in the first place.
Stop hold press! House of commons was misled. Removing innocent people's records from the DNA database will save £ 24 M. The minister only mentioned the cost side of the impact assessment. On the benefits side the impact asessment from the home office actually show 10 year savings of £61.8m in todays money. Now what I'd like to know is if this was cock up or conspiracy to withold the facts. Maybe it was a bad April's fool joke?
More on 'Reclaim your DNA on FaceBook' where you can find the links
Sure, deleting the data is probably fairly trivial and cheap. The vast majority of the cost is likely to be getting rid of the physical DNA samples. This is biological waste, you can't just leave it out for the binmen. Add to that the fact that the samples need to be securely destroyed to make sure they don't accidentally end up on some health insurance database somewhere, and this doesn't seem like such a huge figure. For government spending, at least.