[ Home page | Web log ]
I think that we should all be prepared to help out British Industry whenever it's going through a sticky patch. Now is just such a time; here's my offer of help:
Director of Human Resources,
1100 Daresbury Park,
Re: Position of Chairman of BNFL
I understand from recent reports in the press (The Times, 22 December 2003, etc.) that BNFL is to appoint a new chairman. Could I recommend myself for the rôle? I have no prior experience of the nuclear industry -- according to reports, the position requires none -- but I have visited Sellafield twice and was once turned down for a summer placement job by AWE plc. I am sure that I can spare the one day per week and the £165,000 per annum would certainly come in handy. I can supply a CV and references on request.
That said, I expect them to hire somebody even less qualified than me. After all, I've never driven an industry into the ground, but in all likelihood they'll hire somebody who is to failing companies as a guillotine is to a headache.
A cynic would see in recent media reports a concerted campaign of spin to discredit the idea of data privacy laws, firstly by urging us to think of the children (when Humberside Police misinterpret the law, apparently the law is to blame), and secondly by appealing to our natural sympathy for those friendly people at British Gas, who let an elderly couple freeze to death rather than inform social services that they had cut off their gas supply. In the latter case, the excuse is apparently that sharing information about their customers' billing status would have breached their privacy.
The British Gas case is a particularly offensive example of a company trying to wriggle out of its responsibilities to the public. It's worth noting first that none of the Data Protection principles appear to prohibit the sharing of data in question; in particular, you might imagine that Schedule 2, part 4 of the Act, which allows processing of any personal data `in order to protect the vital interests of the data subject', would apply here. In any case, even if British Gas retained doubts about whether it was appropriate to pass on information to a third party, such as social services, they could have asked for consent from their customer to do so, for instance by putting a section on the supply-of-gas contract like,
Tick this box if you do not want us to contact social services if/when we cut off your gas supply. If you tick this box you may freeze to death this winter.
If they really expected to inform social services about customers in the unlucky position of Mr. and Mrs. Bates, then they would have thought about this beforehand, and added such a clause to their contract. Or actually read the Act. Either works for me.
My suspicion here is that British Gas fucked up real bad, and the Data Protection Act is a convenient (and topical) scapegoat. Idiots.
A few days ago Tom Steinberg mentioned to me an idea which apparently cropped up in mySociety discussions: to create some way to make informal online polling demographically representative. (He also suggested applying the same sorts of ideas to my Political Survey, of which more later.)
Usually, online polls -- by which I mean the kind that appear on the front of Slashdot or web logs or whatever -- are completely unrepresentative, because their audience is self-selected and bears no relation to the population at large. (A second problem is that very few people typically complete them, but that's independent of the sampling problem.) The way that `proper' polls fix this is to decompose the whole population into some set of equivalence classes (described by social class, region, age and so forth) get the same type of information about the respondents (either by asking them or inferring it some other way) and then weight the results of the poll so that the distribution of the respondents over the same categories matches that of the whole population.
Then you assert that the results of the poll of your small sample reflect the results you would get if you asked your questions of the whole population. If you're competent, you also state some confidence bounds, indicating the likelihood that the results are wrong. There's an example of the sort of thing in this page of results from an ICM poll about higher education funding, where the various categories are shown; and this briefing note from the Parliamentary Office of Science and Technology has another non-technical description, as does this article from a Dr. Roger Mortimer of MORI.
Tom's idea, I think, was to have some site which invited people to answer a set of general demographic questions (you can see the sorts of things used at the registration page for people wanting to join YouGov, an internet polling outfit); this site would then give you a cookie which would carry the demographic information (anonymously, presumably), so that later on if you filled in an online poll which supported the protocol, it could weight its results demographically, and produce more representative results than do the typical `Do you like (a) ski-ing; (b) meetings?' polls that adorn web logs all over the place.
This is a neat idea, technologically, though it's not clear that enough people would be interested to make it worthwhile. But his idea leads to the following, slightly inchoate, speculation:
There are lots of organisations -- I'm thinking particularly of small volunteer organisations, of which CDR is an example -- which could make good use of polling data in their campaigns. But polling is expensive. The polling companies don't seem to quote numbers on their websites, but a cost of £10,000 for a 1,000-person sample with a handful of questions is apparently typical. ICM quote £400 per question on a telephone poll, but I don't think this includes the cost of analysing the data.
This puts polling well out of reach of small organisations, so that much of their campaigning is not really informed by public opinion.
Hence the idea: with internet polling, the marginal cost of actually performing the poll and collating the results must be very much smaller than that; in fact, YouGov need only stick a questionnaire up on their site and send an email invitation to enough of their volunteers to get a representative sample. YouGov offer `prizes' to people who complete the survey:
We are currently running a survey on the site and are very interested in your views.
Each member of the Polling Club who takes part in the survey will be entered into a draw to win one prize of 500 pounds. There are also 20 prizes of 50 pounds to be won.
-- the prizes, presumably, being necessary to convince respondents to take the time to do the survey.
Once YouGov have collected the data, the process of analysing the sample to obtain the properly weighted results is (or should be...) automatic; and it is well-understood. The only cost of conducting the survey -- once the questionnaire is written and the software debugged -- is £1,500, the sum of the prizes.
The statistical techniques and software to apply them are well-understood, and could be reproduced rather easily by a small team of competent people. Running the website is technically trivial.
So my proposal is this: somebody should build the infrastructure for on-line polling -- that is, a database of volunteers with demographic information and the means to survey them -- and open it up to anybody to use. The users could offer prizes, like YouGov does, if doing so is necessary to get responses; but the rest of the apparatus can run at almost no cost and with very little maintenance. It could be made available to any organisation which wanted to conduct a poll and had enough expertise to write the survey questions. The software could turn polling into a staple, not a luxury. The result? We might learn a lot.
As a caveat, I must refer again to this report by ICM on the accuracy of internet polling. Their conclusion--
We have found that at present internet polls based on a recruited polling panel may not necessarily produce results that are representative of the population as a whole, even after very considerable weighting of the results has been undertaken or care exercised to ensure that those who are asked to complete an internet poll are demographically and politically representative of the whole population. Being on the internet reflects a difference of attitude towards life that is to a significant degree independent of socio-economic background.
-- which is certainly a problem with any such proposal; but it is one which (a) can be measured, albeit at some expense; (b) should become less significant as more people get access to the internet, either through computers or `interactive TV'. (In marketing-speak that would be `as internet penetration increases', which sounds quite wrong to me....)
BUPA have now replied again, getting the point rather more than they did last time. Hopefully this has now been cleared up; the most recent reply tells me that,
BUPA does not give information to credit reference agencies, as this is unnecessary. If payment is not received after several credit control letters, the BUPA membership is cancelled.
-- which surprises me slightly, because I would have expected BUPA, as an insurance company, to try to measure and control the risk of non-payment just as it tries to measure and control the risk of its customers developing an expensive medical condition. In any case, assuming that this statement is true, it removes my major concern about the whole cock-up.
Barclaycard have also written back to me, though in this case their letter has illustrated only that you do not need to be able to read to become a `Customer Relationship Manager' at Barclaycard plc. Chris Garner writes, (punctuation as in original)
Whilst I am not aware percentage wise of how many addresses are changed fraudulently, if the figure was has high as you state, (40%) I am certain we would not use this procedure.
-- quite so. What I actually wrote was,
Signatures don't provide much security in this type of situation. According to researchers (see, e.g., Ross Anderson, Security Engineering (2001); New York, Wiley; and references therein) a failure rate of around 40% is to be expected in signature comparisons of this type. Requiring a signature at this stage does not of itself prevent fraud.
I don't in any way claim that 40% of change-of-address requests are fraudulent; rather, that simply requiring a `correct' signature to confirm a change-of-address isn't much use, because such a comparison would be expected to yield a 40% failure rate.
I cannot begin to conceive of the confusion of thought which would lead someone to read one statement and reach the conclusion above. I don't think this is worth following up.
A proposal for a new comic book: The Adventures Of Libertarian Man In The Twenty-First Century.
Like most superheroes, Libertarian Man wears his underpants on the outside of his trousers, but he has to go around like that all day, since phone boxes are an unreasonable exercise of state power (boo!). Libertarian Man does not have a sidekick. That would be gay... err, I'm sorry, I mean `collectivist'.
In each episode Libertarian Man takes on some group of statists, socialists, altruists, collectivists, or whatever -- bus passengers, charity workers, free software developers, police officers chasing a burglar, etc.; and beats them up a bit to turn them into Libertarians just like him. But after some early success, they regroup and fight him off, incidentally making him look a total ass in the process. The strip ends with a simple moral message: LIBERTARIANISM IS STUPID.
Yesterday I went to see the National Theatre's adaptation of Philip Pullman's His Dark Materials. This was really very good and you should all go and see it.
The director, Nicholas Hytner, initially regarded the work as unstageable; what he's done is very cool. I'm not the sort of person to write a review, but some comments:
The trilogy -- in two three-hour parts, making watching it a bit of a marathon -- is staged on a pair of rotating stages, which rise and fall to accomodate different scenes in about two dozen locations, with about half that many different sets; the mechanics are perhaps over-exploited, but the scene changes are almost cinematically smooth, though there were a couple of moments when sounds of hammering could be heard from behind the scenes. (This didn't detract at all, and the production is quite new, so presumably the bugs will be ironed out in due course.)
The dæmons (and Gallivespians) are represented by puppets, so that each character is followed by a puppeteer, who also provides the dæmon's voice; this is extremely -- surprisingly -- effective. (The power of willing-suspension-of-disbelief strikes again....) The scripts were adapted by Nicholas Wright, who's had to add lots of `authorial voice' characters in order to make the story comprehensible on stage; this also allows him to cut a large chunk of the story and bring it down to a manageable length. In my opinion, he's cut the least effective story line, which is something of a win; but the dialogue falls a little short by comparison with the staging.
The stage production makes an interesting comparison to the Radio 4 adaptation; that made extensive use of a narrator, which probably couldn't be made to work on stage. I'm now looking forward to the films, though I expect them to be unremittingly literal.
Update: the Economist has a review of the production, giving away a little bit more about it than I do. It describes the plays as `the season's delight'; I don't really go to the theatre often enough to be able to make any intelligent comment about an entire season; in other respects, I agree with the praise heaped on by the Economist.
Some friends of mine went to see the latest Lord of the Rings film. For those of you who aren't going to waste their money seeing it, I can now reveal exclusively to my half-dozen readers how it ends: apparently Frodo does eventually manage to destroy the Death Star.
So, Saddam Hussein has emerged from his Undisclosed Location and Iraqis everywhere have been celebrating with the now-traditional car-bombings. However, unlike scores of other web-loggers, I'm going to let my ignorance of Iraq stand in the way of my commenting in any more detail.
Instead I'm going to talk about email. (This is where my half-dozen readers split into the non-technical, who will stop reading now; and the technical, who will disagree and then stop reading. Freedom of speech can be such a burden sometimes.)
Junk email is usually described as a `rising tide', a `flood', a `deluge', or in some other aqueous metaphor. And it's true that the stuff is mostly bilge. There's also a lot of it; in the past week, I've received, on average, 16 unwanted emails per hour; back at the end of August, it was more like 40 per hour, but that was a bit of a special case. In technicolour:
A couple of words of explanation of the plot. `Real' mail is mail which I want to receive, whether it's from actual human beings or garrulous computer programs like cron or Mailman. `Spam' is, basically, spam; advertisements, chain letters and the other internet detritus from people without the social skills to be telemarketers and who hear about a 0.0002% response rate and see an opportunity.
More generally, `spam' is stuff which can be automatically discarded based on content, so viruses like Sobig.F count as well. To filter spam, I use my own `Bayesian' filtering program, bfilter, and SpamAssassin, which is bigger, slower, and tries to be more general. Between them these two filters kill almost all spam; a few messages get through each week, and very occasionally a real mail is marked as spam.
`Forged' mail is error messages which are sent by remote sites in response to spams sent with fake headers which give one of my addresses as a return-path. Filtering these based on content is a really bad idea, because I don't want to lose error messages sent in response to my own mail. Instead I ensure that all mail I send carries a message-ID in a particular form; since message-IDs are usually quoted in error messages, it's then possible to tell whether a bounce message was caused by real mail, or forged spam.
The actual means by which email is delivered to me is quite complicated. A long time ago I was going to write a description of this. But the fact that my email system bears so much description probably means that I shouldn't expose others to its details. Anyway, I got as far as drawing a diagram of mail delivery before giving up:
This can safely be filed under `bad tube map art' and ignored, I think. Anyway, by explanation, the circles represent computers where I read mail, though the names have been changed; `rattus' is my home machine, on the grounds that one of its fans has started to squeak, and anyway when I'm at home I'm never more than 20 feet away from it; the other names are even less helpful. The lines of various colours represent transmission of email by various means.
The purpose of the whole contrivance is to ensure that email is available promptly and at any of the computers where I might want to read it. This obviously isn't important to most people, since they use Microsoft `Outlook' and set it to check email once every minute or something, and therefore add (on average) thirty seconds' needless delay to the delivery of every email. (I think that this is responsible for the rise of `instant messaging' and various other comedy internet protocols which were popular during the dot.com era, but it's possible that there was some other explanation.)
This all works fairly well, with only one wrinkle. Many companies have decided that it's easier just to spread email viruses then spend large sums of money on `anti-virus' software than simply to not use software which propagates viruses. (This may be a rational decision, though that would be slightly surprising.) The sellers of `anti-virus' software have also branched out into filtering spam. One thing they haven't branched out into is having a clue about email, with the result that `anti-virus' programs spray useless error messages around the internet with gay abandon. (It's important to remember that most computer viruses never affect any computers outside the offices of `anti-virus' software vendors. It's no great surprise that `anti-virus' software is, therefore, quite effective at stopping viruses. Sadly it is not true that the majority of spam is seen only inside the offices of `anti-virus' software vendors....)
And the people who write this software -- who are pretty dopey anyway -- really screw the pooch when it comes to sending those error messages. In internet email, an error message must be sent with a `blank return-path'; this bit of jargon means simply that the field which usually gives the address of the sender of the message should be blank. It is important that error messages be automaticallly distinguishable from normal messages, in part because an error message must never itself cause another error message to be sent -- doing so could cause broken mail servers to spend all their time bouncing error messages back and forth, consuming bandwidth, disk space, and money in an ever-increasing bonfire of cluelessness -- and also because it's useful for other types of software to be able to distinguish errors from other mails.
`Anti-virus' software vendors and users apparently don't understand this. Failing to maintain this distinction is incredibly irresponsible, and a much worse problem than the viruses themselves. After all, whether you run a computer which is susceptible to Microsoft Windows viruses is your own choice; but if you want to participate in the Internet, it's vital to handle email error messages correctly.
And so to my latest Internet guerilla campaign. Every time I receive one of these error messages, I'm going to reply with this form letter:
Important; please read
The message reproduced below is some kind of bounce or error message produced by anti-spam or anti-virus scanning software at your site. Since I am not a virus or a spammer, it was obviously sent me in error. This error occurred because your software made the completely wrong assumption that the addresses given in the from-address or return-path of an email it received were valid and could be used to communicate with the sender of that mail.
This assumption is wrong. Spammers and viruses routinely forge the addresses in email headers, and have done so now for many years. These addresses are wrong, and there is nothing you can do about it. By sending error messages to the wrong addresses quoted in the headers of spam and virus emails YOU ARE MAKING THE PROBLEM WORSE, by generating even more unwanted email.
You have compounded the problem by failing to send your error message with a blank return-path (written `<>'). All email error messages MUST be sent with a blank return-path, in order to show that they are error messages. This prevents mail loops, and also allows wrongly-sent error messages, like yours, effectively to be filtered out.
It is no excuse to say that your email scanning software comes from a respected vendor or that everyone else has made the same mistake. Your software is doing the wrong thing; it has already caused me -- and probably countless others -- wasted time and money; and one day it will cause a mail loop and cost YOU large amounts of time and money to fix the problems it created. It is your responsibility to fix these problem, just as surely as if your organisation was selling a dangerous product or dumping dangerous pollution in a watercourse.
You can fix your software by preventing it from sending error messages like that below; or, if you must send the error messages -- which are useless to 99% of the people who receive them, people whose email addresses appear in message headers by pure accident and who have nothing to do with your organisation and no desire to -- then you must make sure that the error messages originate with a blank return-path. Otherwise you will continue to cause the problems I describe above in even greater quantity.
If you did not understand any part of the above explanation, then please pass it on to someone in your organisation who is responsible for email service and who does understand it. If there is no such person in your organisation, then please for god's sake hire one without delay, before you create any more trouble for yourself and others.
I don't expect this to help -- and, indeed, I've already got one response from a fairly heavyweight academic institution in Denmark which completely missed the point. But it's important to try.
Actually, sod this, I'm not going to let these fuckers get away with their incompetence:
15--19 Bloomsbury Way,
Thank you for your letter (reference XX/XXXX-04DEC03/XX/XXX). I trust that despite it being misaddressed to a `Mr. C M Lightfoot', I will not now start receiving correspondence for an additional, fictional person.
You have misunderstood the problem. The letters that I have received were being sent to me at an address where I receive mail (though not my home address); they were not, as you suggest, being wrongly delivered by Royal Mail; in fact, they had been sent by BUPA to the wrong person. I suspect that you have a database of people to whom you deliver mail -- I'm sure I got junk mail from BUPA before you started sending me bills -- and that database did not distinguish two people with substantially similar names.
In any case it seems all I can do is hope that the letters stop arriving.
You did not answer my question about credit ratings. What information does BUPA send to credit reference agencies, in general? Has it sent any information to any credit reference agencies regarding me because I have not paid these misdirected bills? Has it sent any information to any credit reference agencies which would connect me with this other C W Lightfoot, who is nothing to do with me and about whose credit record I know nothing?
Thank you also for your comments about purchasing health insurance. Are you aware of any `league table' which would allow me to compare insurers on the basis of how often they make time-consuming bureaucratic errors?
Let's see what happens now.
So, writing snide letters to incompetent organisations is a pretty base form of entertainment, but unlike some other forms of entertainment it sometimes improves my life. Of course, it would be nice to get a response with some fire in it, rather than simple bland corporateness like,
Mr. C M Lightfoot,
Dear Mr. Lightfoot,
Thank you for your letter addressed to our Chairman. Mr. Sanderson has asked me to investigate the reasons why you have received mail from BUPA, which is clearly addressed to another person at a different address with a different postcode in Cambridge.
I am sorry that this has occurred, as I am sure that it must have been extremely annoying for you. My enquiries with the Royal Mail were cut short, however, when I learned that Mr. Lightfoot, the BUPA member, has now moved hundreds of miles from Cambridge. Therefore, I am hopeful that the Royal Mail will not be able to continue incorrectly delivering his mail to you.
On the other hand, please do not hesitate to contact me if you experience any further problems regarding this matter.
With regard to your ambition to have health insurance, I would suggest that you research the market thoroughly in order to obtain the best possible cover at the lowest possible price. I wish you well in your search.
(signed, one of the BUPA directors' staff)
There are several things to say here:
That said, the demands for money may stop in any case; I haven't had any for a while, and BUPA might even have been provoked by my letter into investigating which letters are sent where. And I doubt there's much point writing again unless they fuck up some more (though I need to clear up the point about credit ratings...).
Pete writes about speed cameras, and the lousy statistics used in the debate about them. In a sentence, the problem is that speed cameras are installed at sites in years where there are above-average numbers of accidents; as a result, it's hardly surprising that there are fewer accidents in subsequent years. This effect is called `regression to the mean' and is a huge problem in all sorts of policy areas. (Pete is also at pains to point out that he's in favour of speed cameras, for reasons which are founded in actual thought about what they do, rather than on bad statistics.)
Many motorists are, of course, opposed to speed cameras. Typically this is because they like to drive their cars above the speed limit and don't like to be fined for doing so, though that's not normally the argument employed. Instead, these people -- 90% of whom believe that they are `above average' drivers, which is, at least, unlikely -- claim something like, ``Other drivers shouldn't speed, because that is dangerous; but I am a much safer, better driver, and therefore the law should not apply to me.''
Moving on from such dangerous nonsense, we come to a different type of sophistry, as practised by crank pressure-group The Association of British Drivers. Here the claim is that speed cameras make the roads more dangerous. Usually the argument is that cameras make drivers brake sharply, either when they notice the camera, or after they have been photographed by it. Since the cameras are placed at `dangerous' locations, this is terrible! Something must be done! Think of the children! Etc. The ABD support their theory with documents like this press release, which argues that a downward trend in road casualties slowed at the time that speed cameras were introduced. As a rule you should be suspicious of anybody who uses the word `trend' without explaining what they mean, and the ABD is no exception. What's most hilarious about this is the description of what they've done as,
A rigorous analysis of Government-published figures....
This must be some new definition of the word `rigorous' of which I was not previously aware.
What they've done is shown in the following plot: (compare with the poorly-formatted original on the ABD site; ignore for the moment the blue curve showing vehicle usage, which is a red herring)
They've fitted a line through the number of road casualties in 1993, the year before the first cameras were introduced, and claim that this represents a `trend' in the data. Specifically their claim is that the number of fatalities in a given year should be falling by 166 each year. Then, for years after 1993 and only for those years they've plotted the difference between their `trend' line, and the actual numbers of deaths. A leap through the correlation-implies-causation window allows us to plummet to the conclusion that speed cameras `caused' these deaths.
This is, and not to put too fine a point on it, total bollocks. Among the problems with this methodology:
1993 was a year with a relatively low number of accident deaths. By fitting a `trend' line through the 1993 results, the ABD have ensured that all but two years appear to be above-trend (apart from 1993), as this version of the plot with the residuals for all years shows:
By selecting the year in which they fix their `trend' line to the actual data, the ABD have gone a long way towards showing the result they want.
Using a linear trend for road casualties is obviously wrong over some timescale. The ABD's `trend' predicts that road deaths will drop to zero some time between 2015 and 2016, and will be negative after that. Surely some mistake?
It might be more sensible to use another (non-negative) function, for instance an exponential decay, but once you've started on the selective business of statistics-by-press-release, it doesn't really matter which idiotic data `analysis' technique you use.
Notwithstanding the other errors, there's nothing terribly surprising about the pattern post-1993 in this analysis. In particular, it looks a lot like the post-1985 section of the graph. If we plot the frequency of the residuals themselves, we find,
Without a more formal statistical test -- it's not clear that there's enough data for this to be worth doing -- it's hard to say whether the post-1993 residuals are, in general, higher than the pre-1993 ones. Certainly there's no reason to suppose so from the above plot.
Even without problems 1--4, you're still stuck with the problem that correlation does not imply causation. Even if the post-1993 `residuals' show a real effect, these data don't show any evidence that speed cameras are to blame. As Pete points out, the same period coincided with the growth in popularity of mobile phones, increasing use of the roads (which would tend to increase the number of accidents) and any number of other factors. Although the ABD wins a brownie point for mentioning `regression to the mean', the rest of their `study' in no way improves the quality of the speed cameras debate. Idiots.
By coincidence, the Today Programme has been doing lots of stuff on speed cameras lately. Yesterday they interviewed -- very briefly -- Paul Garvin, the Chief Constable of Durham Police, who doesn't approve of speed cameras and has refused to install large numbers of fixed cameras in the area covered by his force. The Today interview was very short and didn't really give him a chance to explain himself, but there was a much better piece in the last Sunday Telegraph, in which Garvin was quoted as saying,
... having looked at the accident statistics in this area, we find that if you break down the 1,900 collisions we have each year only three per cent involve cars that are exceeding the speed limit. Just 60 accidents per year involve vehicles exceeding the speed limit.
Since speed cameras presumably only deter people from driving faster than the limit, this seems a pretty good reason not to employ them for casualty reduction. But contrast this article in yesterday's Torygraph, in which David Jamieson, apparently a `road safety minister', called upon Garvin to explain a 56% rise in road accidents from 2001 to 2002. As Garvin pointed out in his Today interview, County Durham was seriously affected by the 2001 outbreak of foot-and-mouth disease, and in 2001 there was much less traffic than in a normal year. Of course there were fewer accidents in 2001 than in 2002. It was interesting to listen to the Chief Constable explaining this on the radio, coming so close to discussing the idea of `regression to the mean' more generally, and then stepping back from the brink to allow the debate to continue along its normal slippery slope.
So, do speed cameras do any good? It's very hard to say. Accepting the premise that the point of the cameras is to make the roads safer -- implicitly there's obviously a trade-off here, since we could clearly make the roads safer by banning motor vehicles, which in darker moments of cycling 'round Cambridge sometimes seems like a good idea, but realistically would have undesirable results -- the only way to find out whether they work or not is based on actual evidence about their effects. And as Pete points out, little is forthcoming. In the interim, the best we can do is, as Paul Garvin suggests, to look at the causes of accidents. If many are caused by vehicles driving over the speed limit, then cameras might help. If not, well, it's unlikely that they will, unless the mere presence of a camera at a site makes drivers drive more carefully, or less drunkenly, or with better-maintained cars.
Nationally, the government claim that `excessive speed' is a factor in a third of fatal road accidents (repeated in numerous documents, for instance a Department of Transport paper entitled Speed cameras - Ten criticisms and why they are flawed which itself makes all of the mistakes Pete complains about). Another way of putting it comes from a frequently asked questions list for speed cameras:
Of the 3,450 people killed on Britain's roads in 2001, it is estimated that about one third resulted from collisions where speed was a contributory factor.
-- well, obviously speed is `a contributory factor'. You can't have a collision unless one party is moving, after all.
In fact, `excessive' speed is perfectly reasonably defined as speed too fast for the conditions (see, for instance, this report on an experimental `external vehicle speed control' system). Speed limits are a maximum and so don't always reflect the speed appropriate for the conditions; the problem is even more acute in the case of speed cameras. The cameras trigger at some fixed margin above the speed limit regardless of conditions and cannot be adjusted to (for instance) lower their speed theshold on foggy days. In the absence of any other figures about how many crashes involve drivers who are speeding above the limit, I think we should accept the 3% figure Garvin gives as being in the right ball-park (though obviously this must vary from area to area). Are the speed cameras worth a potential 3% reduction in accidents? That depends on how else the money could be spent, and also on the effect of the cameras on the relationship between police and policed.
The other argument for speed cameras goes, roughly, that the speed limit is the law; that it is imposed for a reason; and that it should be obeyed. Individual drivers might safely drive at higher speeds,
``But suppose everybody on our side felt that way.''
``Then I'd certainly be a damned fool to feel any other way. Wouldn't I?''
(from Catch 22 by Joseph Heller)
This is fairly reasonable, but of course we have to accept that enforcement of the law is by consent only, and we should be very careful about using measures which piss people off, lest that consent breaks down. Is it really worth scattering speed cameras around the countryside if doing so makes motorists less accepting of more serious safety measures? As a recent documentary (and a variety of A P Herbert pieces) point out, 30mph traffic -- and now paranoia about child abuse -- have left parents too concerned about the safety of their kids to let them play in the streets. This won't be an easy problem to fix. While the tabloids might replace coverage of paedophiles with some other kind of scaremongering, slowing down drivers in suburban areas is difficult.
Imposing lower speed limits in residential streets -- 10mph would be a sensible speed which would give even the dopiest of drivers time to see a child running into their path and limit the chance that they'd kill anyone even if they're too inept to stop in time -- will only work if drivers are happy to obey such limits. Pissing them off by enforcing a law they dislike elsewhere is hardly likely to achieve this effect, and it's unlikely to be practical to fill the suburbs with enforcement cameras.
There's another argument here, which is about privacy. Now, few motorists, except for the extravagantly wealthy, spend any time driving around in private, and one of the standard defences of CCTV and other automated surveillance systems is that what you do in public is... public, and it's perfectly reasonable for your public actions to be observed and any crimes discovered to be punished. (The other argument about CCTV and privacy is that `the law-abiding have nothing to fear': an argument which should be given just as much weight here as when it is used to support identity cards. Papieren, bitte?) The problem is that collecting and aggregating this data is an invasion of privacy because it enables the authorities to get much more detailed information about those it watches than (say) a police officer on a street corner with a RADAR gun (NB: not a true story) could get.
That doesn't mean that we should reject automated surveillance; the London congestion charging zone, for instance, works well and is clearly a Good Thing despite collecting data which tracks the movements of motorists. But as with speed cameras it's important to decide how much privacy to trade for how much of whatever `social good' the surveillance is supposed to get you.
Occasionally you hear talk of putting telemetry systems in cars which will limit their speed, record what happens in accidents, automatically fine people using bus lanes, and so forth. Perhaps it could even detect inept drivers, something speed cameras will never do. All of this seems broadly plausible (with any luck it good be extended to apply to my perticular bugbear, the fuckwits who stop their cars in forward stop boxes, but that might be too much to hope for, especially given that I have never heard of the Police trying to enforce the law in that case). In addition to -- hopefully -- improving road safety, such a machine could be used for navigation, help route traffic around busy areas, charge motorists depending on what roads they use rather than a blanket tax that's the same whether you drive a thousand or a hundred thousand miles in a year, and perhaps cut down on crime by making it easy to track stolen cars (depending on how many thieves learn how to disable the system and how easy it is to drive a car undetected without the black box).
But why should motorists trust the government to Do The Right Thing with a system with such potential for abuse when we have already seen them plunging onwards with speed cameras, biometric `security', and other doomed technology projects without any firm justification for their use?
While it's possible, technically, to make an in-car telemetry system which is secure and private in some sense -- that is, it will only contact Mission Control when the law is being broken or with the vehicle driver or owner's consent -- all of the objections that apply to trusting electronic voting machines apply to such a system too. In particular, drivers have to accept that what's going on inside the black box is something that they're happy with, and they have to accept that on trust since there will be no way for them to check it. (Incidentally, while electronic voting can never be made acceptably secure unless it is regarded as a simple convenience measure to back up a proper paper system, I don't think that the same is true of in-car black boxes -- as long as they are sensibly designed and the debate about them is open and honest -- because in the end we are talking about a fairly marginal invasion of privacy rather than the future of our democracy.)
While the speed cameras policy has good intentions, it has not been well-handled; and the reaction to speed cameras -- both the visceral response of drivers who like to drive too fast, and that of others who believe that the policy is flawed -- suggests that other, more useful, safety measures may not be welcomed either. Which is sad.
So, two stories of corporate Excellence from the British service sector:
A little while ago I wrote about a bit of incompetence from Barclaycard whereby it turns out that any random person can change the registered address on a Barclaycard customer's account simply by returning a piece of mail with a new address written on it. I recently received a response to my letter from a chap named Chris Garner at (presumably) Barclaycard Mission Control in Manchester. He assured me that (a) my Barclaycard account now has a note on it preventing future unauthorised changes of address -- we'll see how much good that does --- and, (b) that I am not liable for any fraud committed because of their incompetence. Which is nice. Unfortunately, things go downhill from there. So I've written them another letter:
PO Box 599,
Dear Chris Garner,
Thank you for your letter (ref. bc/XXXXXXX) of 19th November about your change of address procedures. I am pleased that you have noted that no further changes of address are to be made on my account without my permission, and by your assurance that I carry no liability for fraud against my Barclaycard account. However, your other statements leave me little-reassured and I have more questions:
Barclays Bank and `linked customers'
You state,Our first step [on suspecting that a customer address has changed] would be to check if the cardholder concerned is a linked customer i.e. they bank with Barclays. If the address has been changed on the bank account, we are obliged to change the address on the Barclaycard also as we are part of the Barclays group.
In fact I do bank with Barclays. I have not taken any steps to change the address on my Barclays bank account. Two questions therefore arise:
- Why was the address on my Barclaycard account changed when Barclays would have been able to verify that the address for my bank account had not changed?
- You say that you are obliged to change an address if the bank's record of a cardholder's address has changed. Is this procedure reciprocal? Do I now need to go through all the same inconvenience with my bank as I am presently doing with you? They have not contacted me about any such change, but then again, neither did Barclaycard.
You state, (emphasis mine)[When the address on an account is being changed without action by the cardholder...] A letter is also sent to the new address which asks for confirmation of the change and confirms that no new cards will be issued until we have received signed confirmation from the cardholder. This then prevents the account being open to fraud.
This statement cannot be correct.
To give an example, suppose that a fraudster were to change the address on my account to their own. If your procedures are correctly followed, they --- not I --- will then receive a letter --- at the new address --- telling them that they need to sign and return a form in order to receive a new card.
Signatures don't provide much security in this type of situation. According to researchers (see, e.g., Ross Anderson, Security Engineering (2001); New York, Wiley; and references therein) a failure rate of around 40% is to be expected in signature comparisons of this type. Requiring a signature at this stage does not of itself prevent fraud.
The fact that you send the request for confirmation to the new, not the old, address means that the cardholder will remain ignorant of the fraud while -- because of the limited value of signatures -- the fraudster stands a good chance of fooling Barclaycard into sending them a new card. You cannot prevent fraud relating to changes of address if -- as your statement above implies -- you implicitly trust any new address on a customer's account. Thus,
- How can you claim to prevent account addresses being changed fraudulently when you implicitly trust any new address you obtain?
As I stated in my previous letter, this procedure could be greatly tightened up by telephoning cardholders to confirm changes of address on their cards, and not allowing them to go ahead until such confirmation is received. If you'd done that, I wouldn't have wasted any time unpicking Barclaycard's mistakes, either.
BUPA, the British United Provident Association, is a health insurer (as you all know). They do not insure my health. However, they do insure the health of a Mr. Christopher W. Lightfoot of Leamington Spa, who is a completely different person. I get his bills. (I know about him from 192.com, an extraordinary web site which appears mostly to be designed for stalkers and other cranks. Whatever.) Telephoning BUPA to try to fix this is a joyless experience. So, letter number two:
Bryan Sanderson CBE,
15--19 Bloomsbury Way,
Dear Bryan Sanderson,
WITHOUT PREJUDICE TO ANY FUTURE LEGAL ACTION
From time to time BUPA send me bills for health insurance. These come with a `registration number', XXXXXXXXXX, and demand money from me by direct debit. Happily you do not have my bank details and have not succeeded in taking any of my money --- happily, because I do not and have never had health insurance with BUPA. I enclose a photocopy of one of these bills for your edification and amusement.
Apparently what has happened is that somebody else -- who lives in a different place, and has a different (if similar) name -- does have health insurance from BUPA. He gets the insurance, and I get the bills. No doubt he is completely content with this state of affairs. I am not.
I have telephoned BUPA on several occasions to ask you to stop sending me these bills. Your staff tell me that they cannot and spin some story about Data Protection and all sorts of other nonsense. Further, they make the extraordinary claim that it's my problem to sort this out. Well, now it's your problem and you can sort it out.
(Obviously I have no intention of giving you any money. However, I am very concerned that BUPA, acting under the misapprehension that I should be paying these bills, may be passing on details of my `non-payment' to credit reference agencies and therefore damaging my credit rating. Naturally if this has happened you will take steps to correct any such misinformation and to prove to me that it has been so corrected.)
On a completely different topic.... I do not have health insurance. One day I would like to. However, it is my ambition to get health insurance from a company which sends correspondence to its rightful recipients, not to random third parties.
What would you suggest?
Enclosed: photocopy of someone else's BUPA bill
-- in fact, I don't have it that bad. Tim Ireland was marched out of Waterloo Station by the Police for daring to complain about piss-poor train company South West Trains. I suppose we should chalk this up as another victory for privatisation.
This is all done with wwwitter.
Copyright (c) Chris Lightfoot; available under a Creative Commons License. Comments, if any, copyright (c) contributors and available under the same license.
Hosted and supported by