Vetting turnaround

The Independent Safeguarding Authority was set up following the recommendations of the Bichard report into the circumstances surrounding the murder of two young girls by Ian Huntley, a school caretaker, at Soham in Cambridgeshire. The murder was a shocking event and was quite rightly reviled but the outcome in the form of the ISA was the creation of a draconian new quango with the power to bar persons from contact with young people or vulnerable adults.

Of course there should be protection and there should be barring. Anyone convicted of a sexual or violent offence should be barred from working with vulnerable groups. That has been in place for many years. Part of the Bichard response was to bring together various bar lists into a single place - no problem with that.

The problem was that the new legislation required that all adults working with young persons or vulnerable adults on a frequent basis had to submit to CRB checks and ISA registration. Without the registration, employment or activity was not permitted. The issue was predominantly around the definition of the term ‘frequent’. Initially this was taken as meaning regular contact with children - monthly for example. The definition caught a number of groups who had not previously required clearance - authors visiting schools, parents taking part in the running of sports clubs etc. There was a backlash which was initially rejected - the protection of children comes above all else ….. On the one hand that seems reasonable but on the other hand the implications were that somewhere in the region of 11 Million people would need to achieve ISA clearance and registration in order to carry out activities - both employed and voluntary. It is the voluntary that causes problems (those undertaking employment expect to be checked and that successful checking will form part of the employment contract) - many perceived the checks as requiring them to prove that they were not paedophiles before being able to help out with clubs, societies etc.

There is a fundamental assumption in English law that a person is innocent until proved guilty beyond all reasonable doubt. In this case there was an assumption that if a person could not present an ISA registration then they must have something to hide and might well be a paedophile. This, of course, is wrong but that was the perception. A group of well known authors (Philip Pulman and others) objected and made it clear that they would cease to visit schools if they were forced to submit to checks. Parents found themselves being told that they would have to register in order to transport their own and other children to sports events.

Now, the Education Secretary (Ed. Balls) has announced a climb down - the definition of frequent is to be taken down to contact with the same group of children on a weekly basis rather than monthly. It is estimated that this will reduce the number of registrations by 2 Million - dropping from 11 to 9 Million. OK, a step in the right direction - but bear in mind that the number of barred individuals is only likely to be in the order of 20,000 to 40,000 - at worst case scenario just 0.4% of all those checked.

Now protection of children is right and proper but when you set 40,000 against 9 Million there does seem to be something of an over zealous approach. The figure of 20,000 barred individuals represents the current pattern (just 0.2%), however this could rise to 40,000 under the new vetting regime. Why the difference - well the ISA will take evidence of suspected activity rather than proven (in a court) when deciding to bar an individual. If there is suspicion that an individual may have engaged in activities but there is insufficient evidence to bring a prosecution to court then this may be disclosed to the ISA and may result in a decision to bar. The ISA (chair, Sir Roger Singleton, speaking on BBC Radio 4 ‘Today’ programme - 14th December) will give an individual the opportunity to dispute a bar decision but the Crusher does think there may well be a problem here. Unfortunately, many teachers are falsely accused of activities which might lead to barring and therefore to dismissal. When accusations are made they must be investigated although this can take far too long and can result in severe stress leading to deterioration in health and dissillusionment with working in the education environment. The result is that perfectly good and innocent teachers are forced out of their job. When the investigation clears the teacher it may be too late - but it may also be the case that the accusation remains on the teachers record and may be disclosed in a future ISA request. If that is then used to bar the individual from working this would be a gross abuse of process.

The Crusher is of the opinion that this may well happen - there are already examples where a employee has been rejected because a CRB search revealed a record retained within the national DNA database recording samples taken when the person was arrested on a suspected charge and retained even though there was no further charge or conviction. The person was innocent of any charge yet remains at the mercy of a retained sample. Somehow The Crusher suspects this will happen in the ISA process.

The reason for all of this bureaucracy is ‘the protection of the children.’ The Soham case is often quoted to justify the means -yet an investigation of the actual circumstances of that case suggests that the new vetting system would not have been able to prevent the act - the victims came to know the murderer through a third party who would have passed checks and registration.

The Crusher is all in favour of checks, vetting and barring in order to prevent those convicted of relevant offences from working with children or vulnerable adults. But this has to be done in the context of a proportionate and relevant response. Even with the changes announced by Ed. Balls this week there does not yet appear to be a willingness to implement an appropriate control.

However, there was some additional glimmer of hope. Recent reports have shown some circumstances where schools have introduced procedures that go far beyond the legislation - requiring all adults coming on to a school site to be in possession of CRB checks, including parents - and local authorities have prevented parents from accompanying their children in play parks stating that children could only be accompanied by CRB cleared adults. Ed. Balls has now made it clear that there have been gross over-reactions and these should be reviewed. sadly this seems to be all too common a situation - headteachers and others react and respond to their perceptions of legislation and regulation without fully investigating or understanding the actuality of the requirement. Health and safety seems to be another area liable to similar mis-construction. The reason is always the same, ‘for the protection of the children’. By over-reacting we are denying much that is good and right - to the detriment of the children.

But - there is an election in the offing. Will the incoming Governement have the Balls to repeal and re-draft the legislation.

In the run up to an election …..

We know that a General Election is coming in the UK. The current government is now in the last Parliamentary session before they must prorogue Parliament and send members back to their constituencies to seek re-election. The last date that the election can be held is June 2010 - that is the time when the 5 year maximum period runs out.

So, the Government must go to the country. The likelihood is that the election will be before the absolute last date, possibly on Thursday 6th May. This is the date already set-aside for district council elections in England so it would make sense for the General Election to be held on the same day.

Of course, the election may come sooner and The Crusher hears whispers that a date in March may already be in consideration.

The recent State Opening of Parliament (18th November) saw one of the shortest Queen’s Speech ever as plans for future legislation were cut back and cut back to the absolute minimum. Many expected measures were dropped in the rush to cut back to what the Govt. thought they might just be able to squeexe through before the election. Perhaps the headline piece was the Digital Economy Bill which has now received its Second Reading in the House of Lords. This rather contentious piece now passes to the committee stage which will not now take place until January. That is beginning to look mighty close to the election. The Crusher is minded to think that there may be very little of the contents of the Queen’s Speech that will actually make it all the way to the Statute Book.

But - as we now run up to the election, and the State Opening was perhaps the first and opening element of the election campaign, a look at something elsewhere in Europe. A General Election was held in Portugal on Sunday 26th September. Posters across the country exhorted the population to cast their vote. But one poster caught the eye of The Crusher - a large billboard alongside the main road leading to the airport just outside central Lisbon.

Now, clearly child protection is an issue in Portugal as it is here in the UK. Perhaps we are less likely to see campaigning here on this particular front. Translated, the poster reads:

“If you want to provide paedophiles with freedom, continue to vote as you would normally. For chemical castration of these criminals and to change Portugal, vote MMS.”

This particular party did not win the majority mandate - the election returned the previous centre-left government but with a reduced majority.

Somehow it seems unlikely that we will see this poster reproduced here in the run up to the General Election.

Joined up thinking?

The Parliamentary Internet Conference held at Portcullis House, House of Commons, on 15th October was an interesting day - not just an opportunity to hear Ed. Richards (CEO Ofcom), Martha Lane Fox, Stephen Timms and others but also the opportunity for the All Party Communications Group (apComms) to release its report into its inquiry, ‘Can we keep our hands off the net?’

apComms called for evidence and submissions over the summer (during the Parliamentary recess - a period that most people link with lack of work and extra long foreign holidays for our elected servants) and has now put together a report and a series of key recommendations. There are 11 recommendations on a wide range of topics, from Privacy to dealing with illegal (or ‘unlawful’ as the noble Lord, the Earl of Erroll corrected) file sharing, from behavioural advertising to eSafety tuition in schools.

But, The Crusher was rather taken with two recommendations that appear to be at opposite ends of an argument.

There has been much discussion about the likelihood of Government mandating the filtering of child abuse sexual imagery at the network level by ISPs. In 2007, Ministers set a target of 100% consumer broadband circuits to be filtered - so far that target has not been reached although there is suggestion that the proportion of consumer circuits that are now subject to filtering is in the mid to high 90s% range.

Recommendation 7 is that the Government does not legislate to enforce the deployment of blocking systems based on the IWF lists. This has the potential to damage future attempts to fix problems through self-regulation and will thus, in the long term be counterproductive.

The thinking here is that all major ISPs already block access to child abuse images and that any action to force others to take action will be counterproductive as it militates against attempts to find self-regulatory solutions to other problems.

OK, that is fairly clear although there may be some issue with the perception of the extent of current filtering practice. Whilst the number of consumer circuits with filtering in place may be in the mid to high 90% range, these may well be as a result of the actions of fewer than 10 large ISPs. The Crusher understands that the number of ISPs currently implementing child abuse filtering may well only be in the order of 20 to 30 - with some 270 plus mainly medium to small ISPs not currently implementing any form of network level filtering.

The report then goes on to consider the problem of malware infected machines. Now machines that are infected with malware makes them likely to become part of a large scale ‘botnet’ and potential distributed sources of junk email and denial of service attacks. The problem is that the infected machines are not on the ISP network and are machines owned and used by end users who may have greater or lesser understanding of the security implications or needs of always on broadband Internet connectivity.

Recommendation 10 is that there should be a voluntary code for ISPs relating to the detection of and effective dealing with, malware infected machines in the UK. If this voluntary approach fails to yield results in a timely manner, then Ofcom should unilaterally create and impose sich a code on the UK ISP industry.

The report notes that ISPs have systems in place to proactively filter incoming junk mail but do not take actions to filter outgoing junk. The report continues, ‘a reduction in compromised end user machines is essential to make the Internet a dafer place, so the ISPs need to act voluntarily as a group to improve the situation ….. if the ISPs cannot voluntarily agree to act, the report sees Ofcom as the appropriate regulator to impose a compulsory regime.

Interesting stuff. Filtering out material from infected machines will not be easy and will not be cheap - so additional development and application costs for the ISP (and, ultimately the end user). But, note the sting in the tail here - if self-regulation does not work then a compulsory regime should be imposed.

The Crusher sees some lack of joined up thinking here. On the one hand the report suggests that mandatory child sexual abuse imagery filtering should not be applied as it militates against self-regulation in other areas - and then recommends a compulsory regime for filtering the output of malware infected machines, albeit in the event of a failure of self-regulatory approaches.

The Crusher is intrigued: a self regulatory approach has seen pretty well all ISPs implement filtering to identify and remove incoming junk mail and virus infected items. For most that has been a commercial decision but there is undoubtedly a cost for the ISP. Self regulation is now being proposed to require ISPs to filter and remove outgoing junk and infected items. There may also be actions in relation to unlawful (thank you Merlin!) file sharing. But, the one thing that is illegal is to view child sexual abuse imagery (it is a Criminal offence under the Sexual Offences Act to view obscene images of children) - there is self-regulation but mandatory filtering is not recommended. Yet it is for dealing with malware - and as far as I am aware it is not yet a criminal offence to leave one’s Internet connected computer unsecured, without anti-virus or firewall protection.

The apComms group seems to have have worked on elements individually and with application of specific evidence - but the linkage of items from one part to another seems to have failed. Joined up thinking in the final output would have been helpful.

The full copy of the apComms report can be found here

A week of Digital Reports ……

It has been a week of digital reports. On Tuesday the Digital Britain report was launched - introduced in the House of Commons at 15.30 and then a little later in the Lords. Lord Carter’s report has been much reported and commented elsewhere so the major points will be well known - particularly the proposal for a 50p per month levy (or tax!) on all landline telephone circuits to help to fund next generation networks and high speed broadband (fibre to the cabinet etc.) by 2017 and proposals for industry action agains file sharers.

But, as ever, the interesting bits are always in the details. Stephen Carter’s ‘Digital Britain’ report (you can download a copy here ) contains proposals for legislation to take actions against persistent file sharers. Here again is the three strikes route but there is recognition of the need for judicial review before termination - and there is also some recognition of potential for problems for the smaller ISPs.

But, in the media frenzy that accompanied Lord Carter’s report there seemed to be little attention paid to another digital report published this week, the ‘Digital Manifesto’ published by the Children’s Charities Coalition on Internet Safety. You can download a copy of the Digital Manifesto here. The Digital Manifesto, written by John Carr, Secretary of CHIS and Zoe Hilton of the NSPCC, is a new version of a document originally issued in 2004. Since that timere there have been substantial changes in the provision of high speed services and the availability of new types of content and service. It is apposite that the new Manifesto is now available, particularly in the run-up to the next General Election.

Of particular interest to those with an eye on the regulation of the Internet industry are the recommendations for action in the area of content blocking and filtering of access to child abuse content. Typically the sites containing abuse content are identified by the Internet Watch Foundation who are able to provide subscribing ISPs with a CSV blocklist.

The report suggests: “The Government should prepare a Bill that will compel all internet service providers based in the UK to adopt the Internet Watch Foundation list, or some other technical solution that blocks access to all known child abuse websites and newsgroups. The Bill should also detail or make provisions for a method by which compliance with this policy can be tested and publicly confirmed. If it becomes clear that some ISPs will refuse to implement a blocking solution unless compelled by law to do so, the Government should immediately put the Bill before Parliament.

In the meantime the Government should issue an instruction to all departments forbidding them from purchasing internet services from any ISP that does not deploy a solution that blocks access to all known child abuse websites. The Government should also encourage the remainder of the public sector to follow its lead. The Government should consider the use of tax or other incentives to encourage ISPs and other technology companies to develop and deploy new or speedier ways of tracking, blocking or destroying online child abuse images.

Some background is worth entering here. In 2006, the then Minister of State at the Home Office, Vernon Coaker, announced a Ministerial target for ISPs to introduce content filtering to block access to child abuse sites for all (ie 100%) of consumer broadband accounts by the end of 2007. This followed the trials conducted by BT with their ‘Cleanfeed’ system. It is estimated that now, in 2009, the implementation of content filtering is about 95% with predominantly consumer circuits filtered by the big 6 ISPs. There is now considerable pressure for action to be completed to close the remaining 5% gap - suggested as representing some 700,000 households.

There now appear to be some distinct groupings amongst ISPs. There is a group that have implemented filtering, there is a group that have fundamental philosophical objections to the process; there is a group that claim that they cannot afford the cost and there is a final group that will not take any action unless they are forced by legal mandate.

OK, the last group are clearly targeted by the Manifesto recommendations. The cost issue is a little more of a problem. The initial costs for large scale providers such as BT were not inconsiderable. Although costs have come down they remain potentially high for the smallest providers, particularly those who only have a few hundred, perhaps a thousand end user customers. For these the unit costs can be substantial and potentially more than the margin on circuits in the tight UK market. It is interesting to note a comment amongst the detail (the devil is always in the detail!) in the Manifesto (footnote 60 to be exact) with a suggestion that there should be central Government support for the smaller providers, perhaps included within the provisions of the upcoming Communications Data Bill. ‘The Crusher’ thinks that any such support would help those for whom the costs of filtering represent a disproportionately large element of overall provision and might be targeted at those with fewer than 1000 consumer connections.

‘The Crusher’ is aware of the pressure to close the gap. At the end of April ‘The Crusher’ had a meeting with a Home Office Minister who emphasised the Governments commitment to the 100% target and the need to see self-regulation deliver filtering across all consumer circuits within the next few months. If the self-regulatory model was to fail then there was clear indication that the Government would look to introduce mandatory legislation later in the year, perhaps in October. This would be likely to be seen as a non-contentious Bill that would attract cross-Party and media support.

The CCIS Digital Manifesto is a pointer for action by the ISP community. It is clear that the issue will not go away and that ISPs will need to take actions. There is now a European dimension to the issue with a proposal for a Framework Decision which includes, as Article 18, a clause requiring member states to introduce mandatory blocking of child abuse images.

The Manifesto recommendation that Govt. should include filtering as a requirement in public sector contracts is interesting - and would follow the inclusion of quality management and environmental management credentials. The forthcoming ISPA Awards will be interesting - and there may well be pressure on winners, particularly in consumer delivery categories to state and, if necessary, to justify their position in relation to the Govt. target and the Digital Manifesto recommendations.

In a week when we saw two digital reports, it may well be that the recommendations of the CCIS Digital Manifesto have a greater chance of becoming law.