Posts by Disgusted of Cheltenham

Bananas

It was the EEC long before the EU that made special provision for 'dollar' bananas. This bit of history shouldn't be assumed to be a lie just because it was pre-internet:

https://www.cvce.eu/en/obj/treaty_establishing_the_eec_protocol_on_the_tariff_quota_for_imports_of_bananas_rome_25_march_1957-en-3bcfd762-ac40-422d-90a3-1bef6b69d255.html

Since half the people who try can't get in, how would compulsory help? Those are a cumulative 5m accounts, not people; whatever the position on fraud (which we are told is both out of control and none detected), it's designed so one person can have many, and no doubt some of those with providers who have gone will have taken out a second one, not to mention those who try to put in a tax return 366 days after the previous one.

Australia has lots of good ideas, like compulsory opportunity to vote so there's no intimidation to keep people away and no opportunity to masquerade as someone who will not turn up. (They even invented the secret ballot.) In this case, better to look to NZ or Canada. 'Platforms', we are told, have canonical registers; Verify doesn't. Much better either to have a proper distributed Jury service status register or to make the compulsory EU resident's database optionally available for UK citizens.

Why does it always take so long to fix?

It was obvious from when this was turned on that it was not being done with consent or any other legal basis, so how in their world of agile development did the issue not get noted, considered, and resolved rather than needing such effort to accept it was a mistake? It's not as if there's some political mandate like Universal credit under which jobsworths can hide. Of course most of us only need to phone then because we have a slightly more complicated case than the simplified big-font online information covers; this enforced attempt at enrolment came after the usual annoying exhortation to use w w w dot gov dot uk forward slash ... which not only adds to the delay and frustration of the caller but makes it harder for those answering the pre-grumpified 'customers'. I don't see any costings for taxpayer's wasted time, but, like a quarter of an hour each for 6 million failed attempts to use Verify , it starts to add up.

Digital?

The help finding next of kin is an interesting digression, but this whole system only works for those with a criminal record or non-EU immigrants. Any idea what proportion of the population of West Yorkshire that is?

I never carry ID - the grey beard says over 18, but then it's rare to even see police in rural Gloucestershire; What powers are being used to demand it?

No, Sam, GCHQ is not part of MoD

Anyway https://www.gchq.gov.uk/privacy is quite clear

We store your data on secure servers in the Republic of Ireland.

Quick work

This seems unlike GDS. Have they come up with an app in their first 7 years? The IPS prototype passport checking app wasn't theirs, but has gone and HMPO doesn't seem to have anything expected soon. There are NHS apps, but lo, so does gov.uk: First published:

27 March 2017 Asian Hornet Watch - new app launched to help people quickly and easily report sightings of this invasive species.

No, it's about humans, not citizens

'Citizen' does not appear in GDPR; it is about "data subjects who are in the Union" or any processing done within the Union. Unlike the citizen's rights in the US, Europe including UK takes a starting point under human rather than citizen's rights. Knowing someone's citizenship(s) is not very easy (so hardly surprising NSA is having trouble answering a question). Long may it remain irrelevant for almost everything.

Since UK companies will want to provide services into the EU, it's hardly unreasonable for them to comply with the law where the customers are, so getting an agreement is clearly important, but it would seem rash to assume that the EU-US Privacy Shield will still be in its current form in two years. And there will presumably be the need for a UK-US agreement as well.

Surely there comes a point at which it is fair to say that we have been trying to reform the EU from within, but have not managed to do so and have no new ideas on how we might? Even the (dubious) changes agreed are conditional on the UK staying, .i.e. were not accepted as worth doing anyway. We gave it a good try, and, as Churchill said, we wish it well.

Those who lead saying it's the wrong time chose the time. Gus OD thinks two years is not long enough, but what was his job when the Lisbon treaty was signed? People could do silly things and over-react; some of the threats have been quite creative, but the EEC banana problem dates from 1956.

In name only

GDPR is called a Regulation, but to get it though in the time given it has at least 40 places where national variation is allowed (e.g. an age threshold somewhere between 13-16), and presumably in each case there's at least one state that will have a variant (otherwise they could have agreed a common line), so those expecting a single set of rules will be sorely disappointed.

Perhaps something useful could arise?

How hard is it to have a 999 app: Here's a picture of what's just happened, and my phone will tell you exactly where I am? Call back if you want more details, but you can probably already tell that we need a fire engine, or whatever. If twenty people call you can tell from the location it's the same incident.(Meanwhile, I'm trying to help the victims rather than waiting for an incident number.)

Does anyone recall the 2nd data protection principle in the law?

Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes.

Trolls and those with good questions will go hungry

Jordan gone? That might explain why there was no blogged answer to the question as to why there is no systematic structure for the websites to handle pages with versions in different languages.

gc.ca managed this before he was born, and .eu and directgov somehow manage(d).

https://www.gov.uk/cymraeg still has just

Is there anything wrong with this page? and the tag

html lang="en"

Agile, innovative yet standard: quite a tall order. Would these be the standards that do not allow for Welsh, let alone anything foreign (Estonian or Korean names)?

You only need to look at the dates on the documents in

https://www.gov.uk/government/collections/identity-assurance-enabling-trusted-transactions

to see that the 'constant improvements from user experience' cannot have been fed into them.

https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/279649/Identity_Assurance_Hub_Service_Profile_-_SAML_Attributes_v1.1a.pdf

defines the character set as

<xs:pattern value="[A-Za-z0-9\s~!&quot;@#$%&amp;'\(\)\*\+,\-\./:;&lt;=&gt;\?\[\\\]_\{\}\^&#xa3;&#x20ac;]*"/>

which is essentially ASCII plus the Euro symbol for some unexplained reason, so no accents of any sort, it seems. O'Donnell will be OK, bit no way José.

Inaction fraud

Perhaps they have never tried to report anything on the action fraud website? There's nowhere to provide any of the inormation that might be useful to follow up an investigation - just a way to collect dubious statistics.