Category: security

  • UK to crack down on financial scams

    UK to crack down on financial scams

    The UK government has announced a ban on all cold calls selling financial products: … last summer, 41 million people were targeted by suspicious calls and texts, according to media regulator Ofcom.  UK to ban all cold calls selling financial products. BBC News, 3 May 2023. 41m people targeted in just one summer? Ouch. And…

  • Toxic by design

    Toxic by design

    Digital, data, and technology (DDaT) are increasingly being misused to create a 24×7 surveillance society, behavioural manipulation and, in some countries, institutional discrimination and subjugation. This surveillance increasingly underpins private sector revenue and state control, online and offline. All too often, it can seem like there’s little to distinguish between governments and global businesses as they indulge in…

  • “Tap to pay” becomes “Tap to prove” …?

    “Tap to pay” becomes “Tap to prove” …?

    As expected, Apple has announced that merchants (US-based only at first) will be able to accept Apple Pay and other contactless payments using only an iPhone and appropriate app. Apple has clearly made good progress integrating the technology it acquired with the $100m purchase of Mobeewave in 2020. This will be a significant disruption for point…

  • Back to the past with government identity

    Back to the past with government identity

    The Government Digital Service (GDS) has a generous £400m budget to develop “One Login”, a single sign-on and digital identity system for government services. But it comes with a nagging sense of déjà vu: although billed as a fresh approach, it’s remarkably similar to the solution implemented in 2001 by an earlier Cabinet Office team at a cost…

  • UK Government single sign-in since 2001

    UK Government single sign-in since 2001

    Here’s my attempt at a very simplified slide summary of UK cross-government single sign-in since 2001: If you have any difficulties seeing the embedded Google Slides above, you can view the deck online here.

  • Social media, free speech and abuse

    Social media, free speech and abuse

    Social media is back in the news for all the usual negative reasons: hateful, racist, sexist, fraudulent and otherwise abusive users. None of which is surprising or new. For well over a decade, ideas about how best to tackle online abuse have been repeatedly explored, and then generally left to rot on the shelf. As…

  • Community networks: Reloaded

    Community networks: Reloaded

    Amazon is in the news, yet again (when isn’t it?). This time it’s for ‘Amazon Sidewalk‘: it aims to connect together every Echo speaker and Ring security camera in the US into a shared wireless network. I first saw these plans for Sidewalk mentioned in The Register last year. It’s now receiving more widespread media…

  • International Standards and Digital Identity

    International Standards and Digital Identity

    So-called ‘digital transformation’ can often involve little more than moving things from paper onto a screen or automating the way things are already done, aiming to optimise them or reduce costs. Nothing wrong with that in itself of course, but it’s not really ‘transformational’ in any real meaning of the word, more about efficiency and…

  • Online public services in the UK—23 years of federated identity

    Online public services in the UK—23 years of federated identity

    Here’s my paper providing an overview of Federated Identity for Access to UK Public Services: 1997-2020 (PDF): As its catchy title suggests, it provides an historic overview of the UK Government’s approach to federated identity over the past 23 years, segmenting the journey into three stages: It isn’t intended to be history for its own sake—it aims…

  • 21st century identity

    21st century identity

    My opinion piece for Computer Weekly – implementing a 21st century approach to digital identity – has been published this morning. It sets out a new, modern approach – one that embraces identity as a means of personal empowerment rather than state or corporate control. It looks at how the current trust model around identity…

  • The elusive pursuit of outsourced digital identity

    The elusive pursuit of outsourced digital identity

    Remember when UK banks were innovative, leading the world and always at the top of the polls for brilliant customer service? No, me neither. Actually, that’s not entirely fair. There have been brief flashes of innovation. In the late 1990s and early 2000s the UK government hoped that banks would become trusted providers of digital…

  • Digital government and asymmetric justice

    Digital government and asymmetric justice

    Governments are acquiring and sharing more of our data on the basis that it will improve efficiency, personalise services, and reduce fraud, error and debt. Data acquired for one purpose is often used for another, whether the citizen agreed for this to happen or not – perhaps most notoriously our health records or children’s data.…