I’m not the first to observe this by any means - Scott Adams, the creator of Dilbert has made a career and damn good living out of it - but if this planet has one inexhausable, infinitely renewable resource then that resource in human stupidity…

… and there’s nothing so certain to bring that fact home to you than a few hours a week spent on the Internet.

The simple fact is that there are still plenty of people out there who are dumb enough to…

- send their bank account details to someone who e-mails them with the opening gambit of

“Good day, My name is Joshua N’Dombo and I am been working for the Nigerian Oil Minister for the last nine years…”

- invest money in what are obviously either pyramid or ponzi schemes

- believe they’ve won the Elbonian Lottery, which they’ve never even heard of let alone entered, just because someone sends them an e-mail telling them they’ve won

Never mind the whole business of believing that your bank/building society/credit card company needs you to remind them what your username, password and pin number is or that you really are going to win the big prize from that scratchcard that arrived through the post and not some crappy faux gold pendant that even Gerald Ratner would have refused to stock, just so long as you phone a premium rate line at £3 a minute - because, of course, your card is going to be the only winner.

Now to that venerable list of human stupidity we can add all those people who blithely handed over their e-mail addresses to the Labour Party through its ‘Big Conversation’ website without ever expecting to hear from them again.

Ok, as might be obvious by now this is a bit of a continuation of something which started with me debunking Guido Fawkes’ ineptly researched innuendos regards the Labour Party’s campaign e-mails during the recent election campaign here and here. - a spat which has brought in nigh on 200 visitors from the BBC in just over 24 hours since being featured on their website.

The difference this time is that, thanks to a comment from Eliot Flack-Hill the so-called ‘concerns’ of ‘privacy campaigners’ become oh very much clearer.

Eliot, to start with, takes issue with my assertion that only Labour Party members and people registering through Labour’s website went on to receive e-mails from the party. Not True, says Eliot, he only added a comment to the ‘Big Conversation’ website.

Mmmm. And just who did you think owned that website, Eliot? After all it was a Labour Party policy initiative which was announced at the Labour Party Conference and was paid for by… you guessed it… the Labour Party.

Eliot then goes on to admit that not only did he blithely hand over his e-mail address when asked by the site but he also ‘can’t recall what that site stipulated re personal data’ which would generally suggest that he didn’t bother to check anyway, making him would generally be known in trade as ’spambait’ as the experienced netizen knows damn well that you never, ever give a proper personal e-mail address to a website you’re not planning to use on a regular basis - that’s what free and eminently disposable webmail accounts at Hotmail and Yahoo are for.

But then none of that matters as he’s sure that if he’d have known that his e-mail address would wind up being used by Labour, at a later date, to send e-mails to him he would not have bothered with the Big Conversation in the first place.

It’s here that we step into the realms of logical inference as follows:

Q - A Labour Party website asks you for your e-mail address. Why?

A - So they can send you emails. Duh!

What we’re people expecting? A personal reply from Tony? A quick note to say sorry for invading Iraq?

Come on folks, it not difficult is it? Yet even with the benefit of hindsight it seems some folks still can;t work it out for themselves.

Ultimately we get to Eliot’s real beef which echo’s Guido’s comments about Tory voters getting e-mails from Labour when he says:

“I feel that Labour’s use of electronic data during the election campaign was exessive [sic], dishonest and underhand - I got more emails from Labour (referring to me as ‘Dear Supporter’ and some of them ludicrously claiming to be from ‘Tony Blair’) than I did from the Lib Dems, of whom I AM a member.”

Leaving aside the obvious questions like…

- Why not just click the unsubscribe link and have yourself removed from the mailing list?

And

- Have you never come across the concept of spam filtering?

Both of which become rather salient when you find out that Eliot is a software developer for IBM mainframes and can, therefore, hardly claim to be a total novice when it comes to information technology/

It seems the real ‘issue’ here has more to do with Labour having stolen a march on the other parties by taking the time bring in people who understood how to use the available technology to full extent permissable in law. It just happens that one of the people brought in - Zack Exley - has a bit of name recognition value due to his work during the US Elections which allows the likes of Guido Fawkes to feed on the paranoia and ignorance of some of the less net savvy amongst us.

FINAL WORD

Just to finish the analysis, I’ve now been through several of the Labour Party e-mails to look at exactly what was going on ‘under the hood’.

First thing to note is absence of embedded scripting or IFRAME tags - so nothing was happening unless you actually clicked on a link or image in the e-mail anyway. Sure they knew they’d sent you an e-mail as Guido states - of course they did, they sent the damn thing in the first place - but after that you were only even going to register ‘on the radar’ is you chose to click on a link and make something happen all by yourself.

Second, the only link to have a consistant personal identifier string attached to it was the unsubscribe link and it appears that the only change made to this link after the ‘Clem Atlee’s Battlebus’ e-mail from Matt Carter on 19th April - which was the last to use any ‘hidden’ scripting was that the method of unsubscribing was changed from a website link, which automatically unsubscribed you further e-mails to a mailto link which generated an unsubscribe e-mail you had to send manually.

The only e-mail to use this link other than for the purpose of registering your intent to unsubscribe from Labour’s mailing list was one that was ostensibly from Tony himself, announcing that he’d gone to the Queen to seek the dissolution of Parliament, and which used this identifier on links to volunteer for election duty and to invite recipients to send their questions to Tony via the Labour website.

And just for the ubergeeks out there, this identifier was in the form of four 8 character strings - a total of 32 characters in all - which is also, as it happens, the length of a GUID (global unique identifier) field used in most SQL-based databases, including MySQL on which this very blog runs.

Third, the other identifers in e-mails appear to relate only to specific elements in the email such as a particular image or link, i.e. ‘donate’ or ‘volunteer’. These used indentifiers in the format ‘LNK’ plus a 5 digit serial number - giving too few combinations, in fact, to allow for individual link tracking. These would have given Labour only statistical data on which particular links/images people were more inclined to respond to. Did people respond better to e-mails from Tony or did they prefer to be hearing from John O’Farrell? Did a generic appeal to support Labour work better than one which played on the party’s support for the NHS?

There idenitifiers, likewise, disappeared after April 19th, although whether as result of ‘pressure’ from the likes of Guido or simply becuase they’d already done their job by that point is, at this stage, still unclear. As I mentioned in my original piece, for a legal standpoint Guido was simply blowing smoke and has/had nothing which would stand up in court. However people like Zack Exley have been around long enough to understand how even a wrong-headed and inaccurate analysis like that which Guido finally put forward can easily blow up to the point where issues with the medium overtake the message that being put across to the detriment of the campaign as a whole.

In all, these hidden links undoubtedly provided useful stuff for the marketeers looking to identify which messages worked best and drew the best response but nothing which could be used to track individual behaviour, let alone tie that behaviour back to a specific person and post code.

That just leaves the matter of the one bona fide bit of cute scripting in thw whole campaign, the link redirection on links to the Privacy Policy itself which used a redirection via a server belonging to Microsoft - well actually Hotmail to be precise.

In simple terms what happened was that if you did click the Privacy Policy link you were redirected to the page in question, without necessarily realising it unless you were watching closely, via a cgi script running on a server at Hotmail.com.

So what’s all that about? Was it really the Beast of Redmond that was watching all along?

Well not really. This same type of link seems to crop up in many places on the net and on many different and unrelated websites and appears to be nothing more than Microsoft’s own proprietory version of Google Juice - hit the link and your hit on the site/page is first logged by MSN Search and goes some way to bumping your site up its search engine rankings and also, in the new cases, triggering their web crawlers to register and index the site with their own search engine before you are forwarded on the page you actually want - sneaky, yes, in a putting one over the competition (Google, Yahoo) kind of way but hardly a threat to your privacy.

And that’s all folks. That’s the whole shebang laid bare and in detail and nothing, really, to get worked up about at all.

If people want to debate the ethics of Labour’s use of new technology during the election campaign then fine, go ahead, its probably of interest to some - just don’t go wasting your time, effort and especially your money mount fruitless legal challenges because the only thing that’ll get you is a sizable bill…

… and don’t forget, by the time the next major election comes around - probably not next year’s local elections but almost certainly the next round elections in the Welsh Assembly and Scottish Parliament - it won;t just be Labour doing this but the other two major parties as well.

Res Ipsa Loquitur

One of the great myths and misunderstandings of the modern era is the idea that the Data Protection Act exists to protect your personal privacy - it doesn’t.

The purpose of the Data Protection Act is to ensure that personal data is processed according to a number of key principles, these being that personal data must be:

1. fairly and lawfully processed
2. processed for limited purposes
3. adequate, relevant and not excessive
4. accurate and up to date
5. not kept longer than necessary
6. processed in accordance with the individual’s rights
7. secure, and
8. not transferred to countries outside European Economic area unless country has adequate protection for the individual.

Note, the 7th Principle states that personal data must be processed securely and in Data Protection Law securely does not automatically mean privately.

How do I know this? Because in my last job I was the registered data controller for employer and therefore the personal most directly responsible for compliance with the Data Protection Act - and this is also why I note, with the usual mixture of amusement and frustration I experience on such occasions, that the erstwhile Guido Fawkes and others, including rather surprisingly Tim Ireland of Bloggerheads etc., are current barking up entirely the wrong tree in trying to chase down Zack Exley over the inclusion of tracking links in a number of Labour Party e-mails during the election campaign.

I must admit to wondering quite where Tim was going with making subject access requests to the Labour Party during the election campaign - now I understand.

Now, ok, I’m not going to lay into Guido quite as heavily as I might on other occasions for getting things so badly wrong. The Data Protection Act is a horridly complex and arcane piece of legislation when you actually understand it, let alone when you don’t - which is why its so often misunderstood, but lets try as best I can - without getting too far into the intricacies of the Act and the Privacy and Electronic Communications Regulations, also cited by Guido - to explain why he’s wrong in asserting that the Labour Party broke the current ‘e-laws’.

The first thing to understand is the matter of ‘consent’ in Data Protection.

When you consent to your personal data being processed, as everyone receiving these e-mail will have done as they were sent only to party members and others registering through Labour’s website, what you are actually consenting to is the processing of your personal data in accordance with the various purposes registered by the Labour Party in the Data Protection Register - Labour’s main entry is actually here.

Data controllers are not required to seek your express consent in order to process your personal data in a particular manner, if that manner is specified in their register entry and, equally, they are not required to seek your express consent for disclosure of your personal data to a third party if the nature and purpose of that disclosure is specified in the register - the practice adopted by many websites of seeking express consent for third party disclosure is part convention forced upon them by privacy conscious netizens but mainly because such disclosures are generally made to third parties who will use that data for their own purposes and not for a purpose covered by the registration of the company collecting the data in the first place.

So when Guido complains about data being passed to a private company - Email Reaction - he does so incorrectly as the Labour Party’s own registration permits such a disclosure to an employee or agent working for the party for the purposes specified on the register and such a disclosure is not, of itself, a breach of privacy as this would only occur were Email Reaction to sell on or use the data for another third party of whom you were not aware at the time of giving consent. Guido has, therefore, no cause for complaint so long as the data passed to Email Reaction is used only for the purpose of their work on behalf of the Labour Party and is not made available to any other third party.

Why were you not told this? Because the Labour Party is under no legal obligation to tell you. Consent in Data Protection is a simple matter of caveat emptor - if you want to know what your data is go to be used for and how it may legally be processed before giving consent then its up to you to consult the Data Protection Register and find out for yourself.

As regards the spyware and link tracking issue highlighted by Guido, again he is rather mistaken in his interpretation of the regulations, particularly in trying to assert that this somehow contravenes the regulations as they relate to obtaining information via misrepresentation.

This particular offence relates specifically to the practice of phishing in which the recipient of an e-mail believes themselves to be responding to one party only for their personal data to actually be sent to another, unrelated, party - this is commonly used by fraudsters as a means of illegally obtaining bank account details and other information for the purpose of committing a financial fraud.

In the case of the Labour Party e-mails, while you may not be aware that tracking information is being sent back to Email Reaction rather than the Labour Party, or even sent back at all - unless you examine the source code of the e-mail as I invariably do - this does not mean that the information is being obtained by misrepresentation. Email Reaction were clearly acting as an agent of the Labour Party and therefore entitled to collect data on their behalf - the practice of using hidden tracking links may be ethically questionable and therefore certain to cause annoyance, especially to experienced and generally very privacy conscious netizens, but it is not intrinsically unlawful.

Nor, indeed, can anything be read into the removal of tracking links following Guido’s exchange of e-mails with Zack Exley other than the simple fact that Exley has been around long enough to know exactly the kind of reaction that news of these links would provoke amongst seasoned netizens and that this would be far more damaging to the campaign than any possible threat of litigation over their presence - never, ever, underestimate the power of a good old fashioned slashdotting when dealing with someone who makes his living from his knowledge of the Internet and Internet technology, especially when, as in Zack’s case, your reputation already precedes you and you have a knack of making a fair few online enemies.

Once you under stand this you understand, in addition, how thin Guido’s argument is.

From what I can see he has but two arguable points in his piece and one of those, for the moment, only because I’m blogging from the office and therefore unable to double check my own e-mails for the presence of an opt-out link.

The absence of an opt-out link or other cancellation information would breach clause 22(3) of the Privacy and Electronic Communications (EC Directive) Regulations 2003, although it should be noted that the regulations state only that recipients must be given a ’simple means of refusing (free of charge except for the costs of the transmission of the refusal) the use of his contact details for the purposes of such direct marketing’ and that this need not, necessarily be an opt out link but simply instructions on how to opt out - the usual send a blank e-mail to opt-out address used by many listservs is equally valid under the regulations.

That just leaves the ‘charge’ of failing to provide information under a subject access request within the specified time of 40 days.

Well - and on this occasion I’ll not be holding back so much - Guido needs first to check his facts a little more carefully as in claiming that:

Melanie Onn, the Constitutional and Legal Officer for the Legal and Financial Compliance Taskforce for the Labour Party stonewalled on giving answers to all questions and requests prior to May 5.

… he neglects to mention that Tim Ireland’s subject access request was actually fulfilled on April 29th - although admittedly only after a fair bit of badgering and some 10 days late - Sorry Guido, but if you’re going to make allegations then you need to remember the trouble Andrew Gilligan got into over the matter of a simple lack of equivocation.

Even then, whether Guido, Tim or anyone else, for that matter, could make a complaint of non-compliance stick is open to question, particularly if the subject access request made specific reference to data being collected/held by Email Reaction and not, directly by the Labour Party and not, therefore, necessarily in the Party’s possession at the time the subject access request was made.

Any such claim must also take into account the ruling of Appeal Count in Durant vs Financial Service Authority which considerably tightens the legal definition of what constitutes personal data for the purposes of the Act in a manner calculated to prevent it from being used to conduct a ‘fishing expedition’ - much as one might well argue was conducted by Tim if one were a lawyer acting for the Labour Party. Just because information is collected it does not necessarily follow that it is either processed or stored immediately in what would now be considered a relevant filing system or that it is subject to disclosure under a subject access request.

In other words, and with the qualification that I’ve not had chance to check for opt-out links in any of the e-mails I personally received, its looks very much like Guido’s blowing smoke for the time being and needs to come back with something rather more substantial if he’s to make a worthwhile case.

UPDATE - 6:35pm

Just got home from work and checked through every single e-mail I’ve received from the Labour Party since around November of last year - so this includes a number that I get as a member of the Party and I can find only three in total which do not have a unsubscribe link in them - and none of these are the disputed e-mails which have the tracking links in them.

Actually, in the interests of precision, of the three that don’t have an unsubscribe link one is a newsletter for party members and the other two are what I would consider more personal as the come directly from a local constituency office, even if they are advertising a trip to Brussels for a meet and greet with an MEP.

With that in mind I’m now inclined to challenge Guido directly to produce one of the e-mails that he claims did not contain an opt-out link and I will then check it against my own copies to verify this.

The comments section is open Guido…

One of the dinky features of the blogging software I use is that it provides a wide range of stats, including a list of the most recent searches which referred peopel to this site.

So understandably I’m rather curious as to who might have been searching for “members smethwick community forum” one a few hours ago, especially as I’m the current secretary of the organisation.

Whoever you are, hi, please feel free to introduce yourself properly - I don’t bite [unless by special request] honest…

We did it.

We fucking well did it!!!! The Albion stay up.

Too emotional to write anything else.

Let me introduce you to someone.

This is Mike Whitby, who just happens to be the current leader of the Tory group in Birmingham and, thanks to the Lib Dems cutting a deal last year, of Birmingham City Council itself.

Mike doesn’t actually, so I understand, live in Birmingham, although he does own a property in Selly Oak on which he pays council tax or business rates so he does qualify to stand as a councillor in Brum.

He actually lives in Sandwell - on Lightwoods Hill in Bearwood so I have been told.

He also has a business is Sandwell - Skeldings - which is based in Smethwick. In fact by a strange coincidence in my previous job I actually worked in offices right next to his company.

As leader of Birmingham City Council, Mike is ultimately responsible for the state of Lightwoods Park in Bearwood which is ‘owned’ by Birmingham City Council but actually in Sandwell - this is not so uncommon a situation as most local parks round here were once the private lands of local industrialists and businessmen before being willed or place in trust with local councils for the benefit of local people. Parks were once a vey good way of ensuring that your posterity if you were wealthy enough to own a fair bit of land.

Now when I was a kid, Lightwoods Park was a pretty nice place to visit as local parks go and generally well maintained - it used to have a little putting green and the bowling green there was always busy if the weather was good. But over the years its gradually become more and more run down and fallen in disrepair, in no small part due to this odd situation where its in Sandwell but the responsibility of Birmingham city Council who really don’t seem to give a toss what kind of state the place gets into - not to put too fine a point on it, these days the park is a fucking disgrace.

Now we, in Sandwell, would like to sort this out, do a few renovations and generally ensure that the park is brough back up to scratch… except that we can’t because it belongs of Birmingham.

So here’s the rub. In June, Smethwick Community Forum will be holding an open forum meeting for the people of Smethwick at a venue in Bearwood and we’ve a few things we’re looking to get our teeth into - the Safeway/Post Office closure, the bloody casino which is apparently back and, yes you’ve guessed it, the state of Lightwoods Park…

…and as Mike appears to be a resident of Bearwood and would, therefore, be eligible to become a member of the forum then I think it only right and proper that we extend him an invitation to attend the meeting - in fact once the details are finalised than I may arrange for a number of local residents who I know to be very unhappy with the state of the park, to deliver the invitation in person.

—-

Now I don’t know of Mike has ever visited here - probably not - but I do know that John Hemming pops by every now and then, usually not long after I mention his name - so if you do happen by, John, be sure to let Mike know that there’s a few local people would like a word with him about the park…

…ooh, and before I forget, as ‘customer service’ at Birmingham City Council falls within John’s purview as Deputy Leader, perhaps he could also find out why a number of local people who’ve phoned BCC to complain about the Park have been told by Council staff that they can’t deal with their complaints because the complainant doesn’t live in Birmingham.

From what I understand this is nothing to do with the Contact Birmingham call centre, btw, but whoever it is that people have been speaking to directly within BCC.

Much strangeness in the e-mail box today, this arrived earlier from a job site I registered with ages ago and now can’t be bothered to deregister.
—-

Dear Jobseeker,

Our customer, the Security Service (MI5), would like you to know about opportunities they have for security guards, read below to see if you would like to apply.

Kind regards,
totaljobs.com jobseeker team

—-

The blurb for what they’re actually looking for (below) is nothing to write home about although I do like the bit about not discussing this with anyone but immediate family… oops, I guess that’s me out of the running then.

—-

Our task is to protect the nation, and we rely on our elite guard force to protect our premises and people, keeping confidential material in and potential threats out. Our professional training is exceptional, the job security and rewards are everything you’d expect from an important government department.

The Security Service is committed to reflecting both Equal Opportunities and the society we protect.

—-

Hang on eight months to hire a few security guards???

… the video of his speech, now showing at Backing Blair.

Told you something special was coming..

If all goes according to plan then sometime in the next day or two something special will appear either at Bloggerheads or at Backing Blair.

I’m not going to spoil the surprise, lets just say it will be a very moemorable audio-visual experience.

It seems that post-election ennui has well and truly set in.

For the most part, its all quiet on the blogosphere front since Friday as people, especially those who were liveblogging the big day, try to recover from their exertions and mull over what, if anything, there is to be learned from this General Election.

Within the upper echelons of the newly returned Labour government, Blair et al will be slowly coming to terms with their new found vulnerability, courtesy of a sharply reduced majority, and busily doing the numbers to see which of the bills carried over from the last Parliament are likely to fall prey to rebellion within their own ranks - ID cards and Control Orders, when these next come around, are the obvious favorites. Meanwhile, the knives are already out amongst the ranks of the Parliamentary ‘awkward squad’ who’re eagerly awaiting their first shot at putting the PM’s diminshed authority to the test.

The Tories will be reflecting on a election which won them a good few seats off the back of own goals by Blair, lost them another party leader and saw their share of the vote going nowhere particularly fast. Worse still, for them, its now time for them to reflect ruefully on an upcoming leadership content in which the party that once saw itself as the natural party of government finds itself, once again, as shorn of credible heavyweight contenders as the sport of professional boxing. When the ante-post favourite for the Tory leadership, David Davis, is the same man who came fourth behind the non-entity that was Ian Duncan Smith in a previous leadership contest then you just know, deep down, that the Tories have a serious credibility problem to overcome.

Even the Lib Dems can’t be entirely happy. They may have had their best showing for getting on for a century and hauled themselves up into far more second places than at any time since Labour first broke through as a major electoral force but behind it all must surely be the recognition that much of their limited success, like that of the Tories, is a product of the personal unpopularity of Tony Blair and not their own credibility as a potential party of government. If the Lib Dems have achieved anything at this election then its that for the first time they’ve been able to carry the kind of protest vote they’ve been getting fairly regularly in by-elections for some considerable time into a general election. Its a modest success but still a long, long way from a real breakthrough or the advent of real three-party politics.

As a consequence anyone expecting the next few parliamentary weeks, heading in to the summer recess, to be anything other than dull and uneventful is going to be roundly disappointed. PMQs on Wednesdays will no doubt yeald its full measure of political knockabout, particularly from Michael Howard who, as an outgoing Tory leader will have little else to concern himself with on the parliamentary stage other than getting in a good few solid parting shots in Blair’s direction. It’s also here that Charles Kennedy’s obvious limitations as a Parliamentary performer will be most apparent - I think its fair to say that many Lib Dems would much prefer to see Menzies Campbell wading into the fray at PMQs on their party’s behalf rather than Kennedy who tends to punch well below his weight. And of course, we may see some fireworks from the newly elected member for Baghdad Central - assuming he turns up that is - although its best to play it cagey and see how his attendance record shapes up before calling Paddy Power for odds on the date of his first Commons suspension.

Beyond that the next few weeks promise to be amongst the dullest we’ve seen for a long time. With a posse of potential Labour rebels queueing up to deal Blair the kind of Commons defeat which would call his reported plans to stay on until 2008 into serious question, it seems almost certain that only the most anodyne and least controversial bills carried over from the last session will get an airing before the next Queen’s speech - precious little, in fact, for the nascent British Blogosphere to be getting its teeth into until the autumn.

Dull times ahead, methinks.

I dedicate this campaign to my son Tom, who was killed in Iraq four days short of his 21st birthday. He was sent to war under very controversial circumstances.

If this war was justified then I would not be here today. If the war had been just I would have been grieving and not campaigning. If weapons of mass destruction had been found in Iraq, then I would not have come to Sedgefield, to the Prime Minister’s stronghold, to challenge him on its legality.

I don’t pretend to be a politician, and it has not been easy for me, but it has been a very rewarding campaign, and I think it is remarkable that an amateur like me has come from a standing start in one of the most traditional and safe Labour seats of all to achieve a share of the vote which is not so far short of that of an established political party.

For this I thank the team which built spontaneously around me, my wife Sally and my other son Richard who have stood behind me, and above all I thank the voters of Sedgefield who put their trust in me.

I hope in my heart that one day the Prime Minister will be able to say sorry to the families bereaved by this war, and that one day he will find himself able to visit in hospital the soldiers who have been wounded by it.

So, as well as to Tom, I would like to dedicate my campaign to all the British servicemen - and I am aware that some people do not know how many it is who have been killed - to all 88 British servicemen who have been killed and given their young lives in this conflict.

And especially to those Royal Military Policemen who have become known as The Six, who were abandoned and slaughtered in a filthy police station in Al Majar Al-Kabir.

—-

Posted today at http://www.keysforsedgefield.org.uk/