UCL News


UCL computer scientists on 'database state' failure

23 March 2009


Database State illustration cs.ucl.ac.uk/people/m_angela_sasse/" target="_self">Professor Angela Sasse
  • Dr Philip Inglesant
  • UCL Human Centred Systems Group
  • Database State executive summary
  • Professor Angela Sasse and Dr Philip Inglesant, both of UCL Computer Science, have contributed to a study published today that reveals that a quarter of all public sector databases are flawed.

    According to Database State, published by the Joseph Rowntree Reform Trust, only 15 percent of major public sector databases are effective, proportionate and necessary. There are thousands of public sector databases in operation, but no one in government knows the precise number. It states that the UK spends £16 billion a year on public sector IT, and that a further £105bn spending is planned for the next five years, despite the fact that only 30 percent of public-sector IT projects succeed.

    The report also claims that vulnerable people are suffering as a result of government officials' losing battle to control billions of records of personal details and contact with government agencies.

    Professor Sasse (Head of Human Centred Systems Group at UCL) and Dr Inglesant contributed sections on databases focusing on tax and benefits and those held by local authorities.

    Dr, Inglesant commented: "We looked in particular at the major databases held by the Department for Work and Pensions and the Treasury. Clearly, efficiency and fraud prevention are crucial in these areas. But we are concerned by the extent to which this data is shared around government departments and local authorities. In some cases, the DWP does not even know exactly with whom it is sharing its data, and the ostensible benefits of data sharing are ill-defined. Already there have been data breaches by local authority staff who have been given access to DWP data."

    Database State examines every major public sector database in the UK and demonstrates how many multi-million pound IT projects fail, or have such serious safety or privacy problems that they are alienating the public and harming the vulnerable groups they are meant to support. 

    The report was written by a team of internationally renowned information policy experts led by Professor Ross Anderson of Cambridge University, and charts the scale and financial cost of data collection, the methods used to maintain and secure the data, and the treatment of critical issues such as  consent, for the 46 major public sector databases which hold personal information on us all, or a significant minority of us.

    The report's key findings are below:

    • A quarter of all major public sector databases are flawed and almost certainly illegal. These include some of the government's flagship databases, such as the DNA database and ContactPoint. The report says these should be abandoned or redesigned immediately;
    • The database state is victimising minority groups and vulnerable people, from single mothers to young black men and schoolchildren;
    • Children are amongst the 'most at risk' from Britain's Database State, with three of the largest databases set up to support and protect children failing to achieve their aims;
    • Data sharing is a barrier to socially responsible activities. It is deterring teenagers from accessing health advice and undermining goodwill towards law enforcement.

    Database State advocates the immediate scrapping or redesign of 11 of the 46 systems assessed, including ContactPoint, the NHS Detailed Care Record, ONSET and the electronic Common Assessment Framework. The report calls for respect for human rights and data protection, so that sensitive information is only shared with the subject's consent or subject to clearly-defined legal rules that are proportionate and necessary in a democratic society. It also proposes the right for citizens to access most public services anonymously.

    The report recommends new measures to promote scrutiny and transparency of all IT projects; radical initiatives to select and train civil servants to handle complex systems; and changes to public-sector procurement rules to favour more medium-sized systems over the very large projects that have damaged so many government departments.

    To find out more, follow the links at the top of this article.


    UCL Context

    The Human Centred Systems Group is part of UCL Computer Science. The group investigates new technologies and systems - often working with leading industry partners and within EU projects.

    The interdisciplinary background of the group members enables it to cover a broad range of research themes with a strong focus on usable security systems (Biometrics, CCTV, general computer security). It also focuses on mobile systems, social networks, intelligent user interfaces and e-government.

    Related stories

    UCL wins £40m EPSRC grant for seven new Centres for Doctoral Training
    Security study led by UCL
    Consult and communicate better, scientists tell government