Wednesday, November 21, 2007

Hacking Bureaucracy gets you in Bureaucratic Trouble

There's a small story going round at the moment about the government misplacing* 25m peoples-worth of data. As ever, SpyBlog dig out the pertinent details and asks the relevant questions. Meanwhile, back in press-coverage land, the focus has shifted from Darling to Brown, and one can't help but think the question of accountability has gone with it. Which is a shame. The question of accountability is a good one, but only as a starting point.

* preferable to the word "losing" as the originals are still there...

Rather than arguing over who's responsible and whose job is on the line, maybe we should take a step back and question the possible link between accountability, management bureaucracy, and why the loss occurred in the first place. It's clear that the request and task of sending the data off landed on the desk of a junior worker. Naturally, ignorance of the importance of identity data is still abundant these days (mostly due to people over-hyping identity theft and other problems, such as actual passwords or cards being stolen, being generally bigger). Procedures should have been in place to have such a request escalated - certainly the rules were.

But is this the problem? Anyone who's old enough to smoke (not that that's relevant) knows how much emphasis is placed on bureaucracy in the public sector. Bureaucracy is there to ensure transparency, enforce standards, and keep in place some form of accountability. What it does not do is make things more efficient. Both are important, and hence getting the balance right between the two extremes is the challenge of the day.

Can this shed some light on why this happened then? Can the task of getting data out be explained in terms of a resistance to over-bureaucratisation, a workaround to avoid the inefficiencies of the system? Those who have worked know how tempting it is to just slip something past, just look the other way while something we know should be done is hodge-podged, because if it isn't, that deadline is never going to be hit, and/or someone's going to shout a lot. (The irony is, of course, that bureaucracy loves deadlines too.)

This isn't to defend the actions of anyone. It's merely to suggest a link between the accountability we want in the system with measures to work around the "side effects" of that accountability. Concentrating solely on who's going to take the fall seems to be the (again bureaucratic) modern approach to such issues, but this fails to work out why this actually happening. (This is why party politics no longer matters - the system is bigger than the parties now, and things would be the same no matter who was in power.)

Meanwhile, scant details and increased finger-pointing just leave the public to ring up companies in their panic. At least it's slightly better handled than the Northern Rock PR fiasco, but we're still not getting out of the Groupthink Ditch that blights most national-scale problems. Here's a nice video to at least facilitate laughing the whole thing off until next time:

Elevator Candid, Must See... - The funniest movie is here. Find it

1 comment:

Richard Veryard said...

Shall I compare thee to a string of digits?
Thou art more personal and more private.
Rough Humphreys doth quiz the Darling on Today,
And Gordon's lease hath all too short a date.
Sometime too close the eye of Internet shines,
And often is the gold from banking accounts skimmed;
And every maiden’s maiden name declines,
By chance, or nature's changing course untrimmed.
But thy perfect database shall not leak
Nor lose possession of that CD they sent;
Nor shall the hacker spam and phish and phreak,
When with eternal ID card thou went,
So long as cars have chips and streets have CCTV,
So long lives your identity, and this gives life to thee.