"X grants Y the right to do Z"
Something tells me people don't understand the meaning of the term "right." A right exists whether or not someone decides to recognise or "allow" it.
9 publicly visible posts • joined 4 Aug 2007
This is just a rumour, so keep that salt pot at hand, but if it turns out to be true, there's a pretty straightforward explanation.
The UK government is heavily invested in MS technology. They're very much in bed with the company. Workers in, for instance, the NHS, get "sweet deals" from Microsoft (like home licenses) in exchange for not allowing any of its potential competitors to participate (the GP surgery I worked for while this deal was made were forced to get rid of their UNIX server, and in doing so had to upgrade the hardware and sacrifice about half of the capabilities it provided).
This whole standardisation nonsense is due to people making noises about "future-proof" office formats, we all know the story. Well, Microsoft's eagerness to get this as a standard could easily be said to mirror that of the govt: they don't want to have to spend a load of money training people to use some other office productivity suite, and MS knows how to chat decision-makers up.
Unfortunately for them, Office 2007+ IS another office suite, and WILL require a whole load of training. But as anyone who follows the UK govt knows, giving ones decisions more than about five minutes of consideration is just out of the question.
Bill in a halo, for the lulz.
One of my parents works as an IT bod in the NHS. We have discussed the "spine" issue before. The thing is that there are systems already in place for sharing data without sharing a massive database. These were originally done through the post, but have been done through email as well. With minor tweaking (off the top of my head, some set of keys for signing and encrypting messages between institutions, which are dispersed through other means, like recorded deliveries) this could be a superb system. However this method has a major drawback. Due to "security concerns" GPs are forced to print out the notes, send them through post, and verified against what was sent electronically at the receiving end. For some reason these concerns aren't being raised in order to cripple the central database idea. My proposal below is largely based on these discussions.
I have spoken to many GPs in my region (job interviews, don't ask) and they are deeply concerned about the spine; you don't need a degree in IT to see what a risk to privacy it is.
I think governments can learn a lot from peer-to-peer file sharing networks.
It doesn't matter where the data is stored, even the indexing information. All that is important is that patient notes are transmitted between two points on a network, without third parties getting a look in easily. The whole thing could be achieved with some kademlia-style key sharing protocol, with some simple common-sense security tweaks. The channels that are already followed at the moment, the negotiation, validation and transfer, don't require a server, and could be easily adapted to such a regime. Without the server the system would be far more robust and secure, because breaking the security of a node won't take down the system or compromise everyone's records; there isn't any obvious starting point for someone to try to break the system.
A peer-to-peer system wouldn't be perfect, but it would certainly be an improvement. As people who follow the subject, regardless of their specific technical knowledge, can see the dangers in a central database, and can voice intelligent opinions on alternatives, one wonders what was going through the minds of advisors, or what kind of remit these advisors were given. I can only really explain the decisions thus far as being those of politicians and bureaucrats who are either so ill informed, or so unconcerned about security, that alternatives were never seriously considered. But I'm a cynical bastard, so what else would I say?
Surely this would be far more useful in monitoring inside the UK, rather than simply the coast?
I mean, you've only got a bit of smuggling on the coast. Whereas you could pick up anything if you really started monitoring citizens properly.
All this pussy footing to a police state is annoying me. Shouldn't be bothering with half measures.