Some memories of Caspar

“Bullshit!” came the shout behind me.

Caspar wasn’t about to let the former Home Secretary who had reintroduced ID cards to the UK for the first time since WWII get away with claiming a ‘Damascene conversion’ on personal privacy, even at a birthday party amongst friends (PI’s 20th). David Blunkett may indeed have had a rough ride from very public exposure of aspects of his private life in the previous few years, and may well have modified his thinking somewhat – but not fundamentally. And for Caspar, it was the fundamentals that mattered.

Very few people I know can combine a rigorous grasp of first principles and unswerving moral sense with the ruthless attention to detail and relentless practicality required to do something about them all. Caspar could. And did.

I met Caspar, like many people did, as I started to campaign in ‘his’ territory. He was by no means the only person who helped school, support and tool me up to fight the ID scheme and a whole series of other pernicious database state assaults on privacy, civil liberties and human rights – but he was one of them, and he was always there when I needed him.

Making introductions, feeding me (sometimes literally – we both enjoyed a good steak!) with academic papers, articles and legal insights I needed to better understand the nature of the battles we were fighting. Bouncing around ideas, playful with technology and always willing to talk through tactics and, as I expanded my frame of reference, strategies; we were both angry at injustice, and we both understood we were fighting a war against almost overwhelming odds.

He couldn’t resist complimenting me one time when I thought I’d screwed up by losing my rag and tearing a strip off some hapless, poorly-briefed MP on the radio – but looking back I realise he wasn’t just being kind, or funny. Caspar knew how to channel his righteous anger for effect and was encouraging me in his own inimitable way to learn how to better channel mine.

Caspar left Microsoft the year I stepped down from NO2ID. He came to Bonfire with me that November, and we talked extensively about “what next?”. We were both minded to try to bring on / train up more campaigners, but I guess neither of us were temperamentally suited to doing that as a full-time occupation. If it happened – and with Caspar it happened a lot – the ‘training’ was by osmosis, by generous sustained interest and encouragement, and by example.

Of course, the front line beckoned.

Caspar forged ahead on PRISM/Tempora, FISA and nailing ‘cloudveillance’ and I (along with Terri, Sam and others) got stuck into medical confidentiality and consent. We crossed paths at ORGcon North in 2013, both presenting our latest findings and predictions. Both, unfortunately, turning out to be right.

Our mutual friend William Heath told me a few weeks ago that Caspar was sick, shortly after I had (only half) jokingly ‘nominated’ him for the post of UK Interception Commissioner on Twitter. It’s a running gag amongst some of the UK privacy advocates to send in CVs for positions like that, when they come up. But of all of us, Caspar, who spent nearly 10 years inside Microsoft, had the tools – if not the temperament – to do a proper job.

I’m really going to miss him. As I’m sure are many, many others – my Twitterstream today is testament to the worldwide networks of privacy and other human rights activitists, technologists, journalists, campaigners and legal folk to whom Caspar meant a great deal.

My thoughts – which quite clearly at this late hour are unravelling – are with his family and loved ones.

I’ll sign off with a small sample of links to what others have said today.

Goodbye, Caspar.

Thoughts and memories, in no particular order, from: Malavika Jayaram, Alexander Hanff, Ben Goldacre, Robin Wilton, Simon Davies, Glyn Moody, Ray Corrigan, Natasha Lomas, Chris Soghoian, John Leonard, Danny O’Brien, Cory Doctorow, Wendy Grossman, Martin Hoskins, Helen Wilkinson, Sarah Clarke, Jim Killock, Bella Sankey, Laura Kalbag, Joanna Rutkowska, Ania Nussbaum.

And not from a named person, but heart-warming nonetheless, Tweets from  The Tor Project, Privacy International and UK Information Commissioner’s Office.

In the hospital Caspar Bowden asked that we work to ensure equal protection regardless of nationality. Privacy is a universal human right.
– Jacob Appelbaum (@ioerror)

If you care about privacy – your own or others’ – please donate to the Caspar Bowden Legacy Fund for privacy advocacy and technology.

I added this video some time later. As they say in some Government press releases, “Check (bits) against delivery”:



Posted in communications data, database state, ID cards, identity, medical confidentiality, medical records, Microsoft, NO2ID, privacy | Leave a comment

The Four Horsemen of our rights Apocalypse

Sam and I have been having a conversation, and this article (posted originally on was one of the results:

The worst excesses of’s mandate to collect and exploit your medical records are coming back, and the scheme’s descendants are planning to expand into new areas of your life.

Says David Cameron: “For too long, we have been a passively tolerant society, saying to our citizens: as long as you obey the law, we will leave you alone. This government will conclusively turn the page on this failed approach.”

The three main protections in the health arena are medical ethics, Data Protection, and the Human Rights Act. The first two may have slowed down last time, but the committee responsible for ethics got abolished while everyone was distracted by the election. And now your rights are under greater threat.

Going far beyond health data, there are discussions within Whitehall and Westminster about ‘data sharing’, with lobbying from those who’d like to exploit the rest of data held by Government. Long-term plans to ‘share’ data for any purposes will almost certainly come back. The last attempt, the Cabinet Office Data Sharing process, ended in a “civil service success” (i.e. failure), as DWP expertly defended its desire to play whatever political games it wanted with its population-scale databases. (Though unsurprisingly, health was seen as too “toxic” to touch.)

You thought ATOS was a problem? With government data sharing, they can do much more. Automatically. Are you entirely sure that nothing in your history might be misconstrued by an underpaid contractor with targets to hit (or through error, or just to boost profits)?

What happens when a future Government tries to “sneak past the most data they can sell without anybody noticing”, as tried? And consider carefully what the next Government could have been, only a month ago…

Broader data sharing could recycle the original vision for ID cards and a “single source of truth” Database, with the canny marketing flourish that this time you’re free to pick your own card design, because Government will match “your” data behind the scenes anyway.

The Home Office ID scheme was an 80s disciplinary design which made usage explicit; a ‘linked identifier’ scheme based on data matching will be disproportionate, wrong and discriminatory. And the risks just increase as new genomics and control technologies are added to the coercion and profit incentives of the last century.

When the Snooper’s Charter comes back with a vengeance, if you think you can rely on all of Government not accessing anything? “I have to say I take a different view”, says Theresa May (q78). Do you want decisions affecting you or your family to be made based on events or thinking from the past?

Will any new proposals re-enact the worst of the old ID scheme, “Clause 152” and you can use any card you like, but it won’t make a difference, as they’ll ‘share’ until you match?

HRA repeal,, ‘data sharing’ and the Snoopers Charter: the four horsemen of our rights Apocalypse – driven by instincts that are Secretive, Invasive and Nasty.

A canary in the coal mine for the new Government’s intended use of data is likely to be how it resolves the Universal Credit IT debacle. Old way or new way? It’s not just about the headlines, nor a shiny new interface, but where your data will go.

Will they choose to be Secretive, Invasive and Nasty? If they do, how will you know?

Posted in choice and consent, communications data, database state, GDS, ID cards, identity, medical confidentiality, medical records, National Pupil Database, neo-feudalism, NO2ID, privacy, Transparency | Leave a comment


It’s been about a year since my last post here but I have been gainfully occupied, coordinating medConfidential along with Terri Dowty and Sam Smith.

If you want to keep up with the latest, please follow:

@EinsteinsAttic (me) or @medConfidential (the campaign) on Twitter

Or, if you’re into that sort of thing, visit our page on Facebook (ugh!)

If you don’t know what’s going on, or you’ve heard that something might be going to happen to your medical records then I strongly recommend you check out the medConfidential website and – if you have any concerns – opt out yourself and your dependents, i.e. minor children and people for whom you hold lasting power of attorney.

The scheme is currently on hold, and we (medConfidential and others) are working hard to ensure that it is fixed – or if they* won’t fix it properly that it is stopped. Beyond that, we are trying to ensure that every flow of personal data into, within and out of the NHS and the wider care system is consensual, safe and transparent.

N.B. If you opt out now, the information held in your GP medical record will not be extracted in the Autumn. If at that point or any point therafter you believe that the system is safe and that your data won’t go anywhere you don’t want it to, you can always opt back in. Just be aware that once your data has been extracted, it will never be deleted.

Meanwhile, here is a funny video that a nice man called Paul Bernal made:

(Lots of in-jokes, but all you really have to know is that the chap driving is called Tim Kelsey)

*”they” in this instance is the Government, the Department of Health and two arms-length bodies, the NHS Commissioning Board (which styles itself ‘NHS England’) and the Health and Social Care Information Centre (HSCIC).

Posted in choice and consent, database state, medical records, privacy | Leave a comment

Terri’s and my talk on the National Pupil Database at the Open Data Institute

Here is the PowerPoint presentation for the lunchtime lecture we gave at ODI on Scribd and here is the audio on SoundCloud – the sound is quite faint, so I did an amplified version which you can download here (27MB MP3 file).

Posted in choice and consent, database state, National Pupil Database, open data | 1 Comment

Response to Geoff Mulgan’s “Will open data be a damp squib?”

Geoff’s piece, Will open data be a damp squib? prompted me to comment. At length. And wander around a bit. So for what it’s worth…

An alternate view: the ‘value’ of open data is a function of its impact in people’s lives.

So transport and geographical data – ‘getting from A to B’ or ‘finding C’ – is unsurprisingly useful, and straightforward to monetise. Which possibly explains why government / Ordnance Survey / Royal Mail are so reluctant to relinquish their monopolies on some datasets.

Open data about the operation of government and/or public services may be useful – even invaluable – in terms of transparency and accountability, but its ‘entrepreneurial value’ is quite low. And institutions will tend to resist revealing the truly shameful, corrupt or embarrassing stuff, preferring – where they cannot avoid publication – to bury it in a blizzard of other data; the classic bureaucrat’s tactic. This, ungenerously, might also go some way towards explaining the ‘oversupply’ issue.

(Also, who says what is ‘open’? We don’t only want to know what the government is willing to tell us. We want to know what we want to know, which is why ‘open data’ should NEVER be allowed to replace, substitute for or weaken Freedom of Information.)

The most valuable data is data about people. People who can buy stuff, e.g. advertising; people who need stuff, e.g. service provision; people who can give you stuff, e.g. votes ≡ power. It is as it ever was; people as exploitable resource.

Everyone wants it. Companies will ‘give’ you loads of cool stuff for it – repackaged relationships (social networks), software, pizza tokens…

And the public services may hoover it up, form after form. Governments may even mandate it – which is what makes the database state especially dangerous. But just because personal data has been gathered in or by the public sector, doesn’t make it ‘public data’ any more than my name, address and date of birth ‘belongs’ to my bank.

Bottom line: personal data ≠ open data. There are laws about that.

And “anonymised” doesn’t get you off the hook, much as many in government and business would quite like it to. The shameful attempts to present “anonymisation” – in practice more often pseudonymisation or de-identification, as genuinely anonymised data tends not to be very useful – as an alternative to proper notification and informed consent are coming from a similar sort of self-serving, self-justifying, shallow-thinking place as the one that reckons ‘big data’ (i.e. pattern-driven prediction) is hard science, when it’s more like something between stats and artifact-discovery.

In reality, the ‘bigger’ data all gets – i.e. the more cross-referenceable datasets there are out there – the less anonymiseable it all is. And there’s maths about that (cf. Differential Privacy).

Taking or using something “just because it’s there” – or, to quote the Second Data Protection Principle, that has been obtained for a specified and lawful purpose – isn’t ‘openness’. It’s theft.

I repeat: personal data ≠ open data. For, in an information society, things done to my data affect me in my life as surely as if you walked up to me and punched me in my face. You might not intend to do those things – but if you suck up or process my data and you or others make decisions based on it, I’m the one who must suffer the consequences. So I get to choose.

Personal data is my data. Not anyone else’s to exploit without my consent. It’s not ‘public’, unless I freely choose it to be – and it’s definitely not ‘open’!

Returning to my original point about functional value; health data – deeply personal and virtually impossible to “anonymise” and keep useful – is amongst the highest value data of all. (The potential for fear marketing alone must be worth billions, probably trillions if you add in sequenced DNA data.) Hence the multiple ongoing attempts right now to suck up, pass around and sell or ‘give away’ – in “anonymised” form, of course – our health data.

I agree with Geoff’s point about vested interests – that where open data has succeeded it has done so because it didn’t threaten vested interests – and also with his observation that there’s not the political will to tackle the “top down systems”, i.e. the bureaucracies, which – cognisant of information as power – institutionally tend to use information technologies to embed and extend their empires.

The rhetoric is agile and citizen-centred, the reality is an all-too-familiar attempt to redefine personal data as ‘public’ or ‘open’; to “overcome the barriers to sharing”. And where government transformation – or “transformational government”, if you can remember back a few short years – isn’t about government changing itself at all. It’s about changing us.

(N.B. You will note that in this, the interests of the corporations and bureaucracies are quite closely aligned. Which makes ‘data envy’ on the part of governments all the more pernicious.)

So, if open data – i.e. information about systems and their operations – works, where’s the disintermediation in the public sector and the bureaucracies that we’ve seen in commercial supply chains? New political and bureaucratic initiatives add in yet more layers of complexity, exposing the citizen to yet more “computer says no” or “your problem doesn’t fit our solution”, paid for by paring back yet more front line staff while the back office and managerial layers metastasise and the systems integrators are laughing all the way to the (failed) bank, not even having paid their taxes…

For an example, look no further than the reengineering of the NHS: the new Commissioning Board introduces a brand new mega-bureaucracy, minimises accountability, replaces hundreds of administrative bodies with hundreds more, leaves an entire Department effectively redundant but still in place. And its first move? Abolish system-wide information governance oversight, re-write the Constitution and go for the data…

Until government proves it can properly reengineer itself, delivering genuinely citizen-oriented services without destroying the all-important human interface, it simply shouldn’t be trusted with any more of our data. Especially if it’s going to redefine what’s ours as ‘public’ or ‘open’ in the hope of a quick buck. Sorry, “stimulating economic activity”.

I understand the urgency. I’m a huge fan of entrepreneurship; I’ve been operating in that mode for the last 20 years or so. But the danger isn’t that open data is a damp squib, it’s that open data is subverted or suborned to drive the further commodification and bureaucratisation of personal data, to limit choice, control and consent*, and to make citizens less free.

*For if liberal democracy is to work we must be autonomous agents, not coerced ‘consumers’ of government or, far worse, the ‘product’ – as in “If you’re not paying for…”

Posted in choice and consent, database state, medical confidentiality, open data | Leave a comment