Toxic by design

Digital, data, and technology (DDaT) are increasingly being misused to create a 24×7 surveillance society, behavioural manipulation and, in some countries, institutional discrimination and subjugation. This surveillance increasingly underpins private sector revenue and state control, online and offline. All too often, it can seem like there’s little to distinguish between governments and global businesses as they indulge in the acquisition, analysis, and exploitation of ever-greater quantities of our personal data.

Let’s look at the example of London’s automatic number plate recognition (ANPR) cameras. They help to implement road charging for both the Ultra Low Emissions Zone (ULEZ) and Congestion Charge. The system was featured in the news recently, providing a timely illustration of the mismatch between a system’s stated purpose and what gets designed and implemented.

London’s ANPR, ULEZ, and congestion charge

The ANPR cameras installed in London scan vehicles entering and leaving the city’s ULEZ and Congestion Charge zones. Although installed to automate road charging, the London Mayor later expanded their use to give the Metropolitan Police access to all vehicle movement data[1]. The result? The police now have open access to private citizens’ movements around London.

This is a perfect example of the scope creep often seen once digital solutions are deployed, raising fundamental questions about their true purpose. The design of London’s ANPR system could have simply validated whether a vehicle complies with road charging rules, and discarded vehicle data instantly where no charge needs to be raised. Only the data of vehicles in breach of ULEZ requirements needs to be recorded, and solely to collect the required payment.

Instead, London’s road charging systems store the number plate of every vehicle movement past every camera around the city. They also store an associated image “including a ‘front of vehicle photo’ taking in everything that happens to be around when the image is snapped.”[1]

Scope creep by design

London’s ANPR system goes well beyond the administration of road charging. It acts by design as a city-wide public surveillance and movement tracking system. But where was the transparency and democratic debate about the proportionality of these systems prior to them being designed and installed? And where was the democratic public scrutiny when their purpose was changed to allow police access?

These are important questions for another reason: the increasing implementation of road charging schemes nationwide. Will we see London’s data-gathering scope creep finding its way into all of these systems too?

Road charging systems should deliver only their stated purpose—road charging—and not become a CCP-inspired means of state tracking and monitoring of the movement of every private and commercial vehicle across the entire UK.

However, if one of the secondary purposes of nationwide road charging is to create a vast database of every vehicle movement in the UK, that purpose needs to be made explicit and debated fully in public. Even if there is eventually agreement on the need for such a system, it requires a more competent and better design than London’s: poor digital design like this not only undermines democracy and freedom, it weakens a nation’s resilience against hostile or corrupt actors, both internal and external, and erodes public trust.

Digital design is political design

London’s ANPR design provides another illustration of why DDaT and public policy need to be designed together—in transparent, collaborative, and participative ways. DDaT design is political design: decisions taken by development teams have profound legal and societal consequences. They should happen in the open by default, wherever possible.

One of the principal benefits of DDaT should be its role in fostering open government, encouraging a culture that commits to the freedom of information. Or, as former US President Obama put it, providing “a clear presumption: in the face of doubt, openness prevails”.

If we assume that UK citizens are happy to have their personal movements monitored and recorded by the state (an unlikely assumption I admit), the data acquired could be held independently, technically secured, and protectively monitored. It would only be made available to appropriate authorities through due legal process. This would minimise the misuse and abuse of personal data by police and other insiders—after all, 237 police officers in the UK were disciplined for computer misuse during just two years[2]. And they’re just the ones we know about.

The complex balance between DDaT design, ethics, accountability, liberty, freedom and the legitimate needs of the police and other government agencies requires an open and meaningful discussion—and far better digital implementation. DDaT can be designed in secure, privacy-enhancing ways that protect democracy whilst leaving the potential for police access under due process. However, the mission creep of London’s ULEZ and congestion charge systems echoes what happened globally with CCTV surveillance before it.

Inadequate digital design and administrative scope creep are a toxic combination: they erode essential tenets of a free society. In a democracy, citizens have the right to be aware of and actively involved in these decisions, and the designers of such systems need to become far more accomplished at security- and privacy-by-design. In the meantime, no wonder the Public Accounts Committee describes some government use of technology as “Dysfunctional, damaging and sometimes dangerous“.

Democratic governments can and should do better than this. It’s time to help return to those original, early, and more radical ambitions for DDaT from the 1990s, and use it as a public good—a catalyst to:

make fundamental changes in the relationship between the citizen and the state, and between nation states, with implications for the democratic processes and structures of government.


[1] Sadiq Khan issued with legal challenge after ‘terrifying’ number plate camera decision. Rowland Manthorpe. 3 August 2022. Sky News. 

[2] 237 police officers disciplined over computer misuse. Bobby Hellard. 8 November 2019. IT Pro. 


My forthcoming book Fracture | The collision between technology and how we fix it (published autumn 2022) explores the interplay of DDaT and politics. I’ve used this recent story about London’s road charging system as an example in a section discussing ‘Surveillance’.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.