[ Home page | Web log ]
A while ago William Heath -- of KableNet and the Ideal Government Project -- asked me what I thought of the LSE Identity Project's alternative proposal for an identity management infrastructure. My reply (which I wrote based on leaks, rather than the report itself, which I hadn't then seen) is available on Ideal Government, but here's a relevant excerpt:
[L]egislate to have government and the private sector recognise the cards as an optional `proof of identity' (quotes to avoid the philosophical issue here), [and] enable private industry to sell them to punters at whatever cost they want....
Now stand back and see whether people want the things or not. Personally, I'd probably be happy to own one for occasional use -- for instance, if you could check in more quickly at the airport if you presented one, it might be worth doing so.
Now, while it's certainly true that the government's proposals will intimately involve the private sector (basically by pissing money into IT companies at a rate unseen since the dot.com bubble years), the way in which they do so appears carefully designed to avoid deriving any advantage from doing so. In particular there will be a monopoly vendor of ID cards and everyone will be forced to buy one (for however-many hundred quid it'll turn out to cost); nobody will get to exercise choice, no market mechanism will operate, and any potential advantages of involving the private sector will be lost.
So, then, to the Clear Registered Traveller Programme, ``the smarter way forward for airport security'' (and who could deny that a smarter way forward is needed for airport security?):
The Clear registered traveler program is the smarter way forward for airport security. It's the smarter solution for you, getting you through security faster, with more predictability and less hassle. It's basic risk management: someone who is screened in advance is less likely to be a threat than someone who isn't.
The gag here is that you get `screened' by some outfit -- a strange amalgam of a US government agency and a private company -- and they issue you with a smartcard which carries some encrypted biometric information. Unlike the ICAO passports (which fill, so to speak, the same much-needed hole in the literature) they've actually made a sensible choice of biometrics (iris scan and fingerprints) and unlike the ICAO passports, they've designed the system (or say they've designed the system) so that the information on the card can't be inverted to produce a forgery of the biometric information. Their FAQs make them seem -- relatively -- sane and sensible, though a little hyperbolic. At least, they demonstrate concern about the right sorts of things:
Unfortunately, despite some evidence of good design, the whole enterprise is somewhere between silly and dangerous, a lesson which I suspect would apply to any private ID card scheme along similar lines. The Clear Card is designed to let its holder get through airport security more quickly, without having to go to the hassle and expense of buying a private jet. The idea (Bruce Schneier has written about this at length) is that, when somebody applies to get a card, you ask them a bunch of questions of the form ``are you a terrorist?''; if they're able credibly to answer ``no'' to all of them, you give them the card and then they can get through security without having to be subject to random bag checks and whatnot.
Naturally this is fine until one of THE TERRORISTS comes along and lies to all the questions (or tells the truth and is, like the recent London bombers, somebody with little or no background in terrorism, and therefore undetectable to the screeners). Now, since airport security isn't actually any good at detecting terrorists there's not much chance that the less stringent `Clear' channel through security would either, and presumably once a Clear card holder blows up an aeroplane or flies it into a building, the remaining cardholders will find their investment in membership of the programme has declined to zero. (That said, terrorism is pretty rare, so there's every chance this won't happen during the lifetime of the scheme.)
Generally this sort of thing isn't a lot of use; as Schneier says (in virtually every piece he writes, suggesting that this is still an important message),
In general, when you create two paths through security -- an easy path and a hard path -- you invite the bad guys to try and take the easy path.
So, in a way it's nice to see that it's possible to set up a biometric ID card system without being a giant, poorly-run government agency with no clear goal beyond spending a lot of money and trying to make the rest of government hopelessly dependent on the database you build. Equally, the `Clear' card isn't a very good advertisement for the technology. Opponents like me win either way....
So, then, a suggestion for those considering investing in private ID card schemes. Try to stick to manageable goals: goals like this:
Sorry, no holiday photo this time. When I get back from my holiday, maybe. And... you may have seen recent suggestions that Charles Clarke (perhaps skeptical that the ID Cards Bill will make it through Parliament) is now considering getting the EU to impose biometric identity cards as a European requirement; at a slight tangent (but on the same general subject of policy laundering) have a look at this piece by Martin Keegan on current EU attempts to stuff up our right to freedom of association.
So, I'm off to Stockholm on holiday tomorrow, but I promised you all another episode of `adventures in customer service', and here it is (though it's not the one about NTL, because I don't right now have sufficient energy or sweet, calming beer to face writing that one down).
As you may be aware I am not a great fan of flying, and do my best to avoid it whenever possible. So, I thought, why not take the train to Stockholm? How hard could it be? For those who haven't seen it, Mark Smith's website The Man in Seat 61 will answer questions such as these; it turns out the answer is, `as hard as going from London to Brussels, from Brussels to Hamburg (overnight), from Hamburg to Copenhagen, and then from Copenhagen to Stockholm'. This takes about twenty-two hours, which might seem excessive, but it also involves precisely zero airports, which is pretty-much ideal.
Unfortunately buying tickets for European rail travel is not a simple business. Rather than just buying them from a ticket machine or a website you have to go through the tiresome and protracted business of getting a `quote' (price) from a `travel agent' (person who sits in front of a computer looking at a website which does sell the ticket you want, but to which you're not allowed access). You then hand over a fat wad of cash to pay for the tickets and keep the `travel agent' happy.
Allegedly Deutsche Bahn UK are the people to talk to in this field, so we tried them.
This began promisingly enough. I sent the people an email asking for the price of tickets on a particular set of trains and received -- less than twelve hours later! -- the reply that, for the very reasonable (they thought) sum of £636 a pair of return tickets from London to Stockholm could be mine (for comparison, tickets for the same journey on Ryanair were about £100, but obviously involved having to go through two separate airports).
So, we thought, fair enough; or, rather, not fair enough, but what can you do? (Exercise for the reader: compose a suitable rant about the evils or monopoly nationalised industries, or insufficient European integration, or whatever, to go here.) So I rang them up to buy the tickets (naturally you can't buy over the web even after getting a `quote'). And, they assured me, the tickets would soon be posted to me (paper tickets! that you can't just print out at home! how quaint!).
A little while later a chap from rang me up to explain that my credit card had been declined. Having overcome my surprise, I checked the address he was trying to put the transaction through on, corrected it, and thought no more about it.
The next day they called me to say that my card had been declined again. So I gave the chap a different credit card number, and rang my bank to find out what was going on. They told me that the transaction had not been declined, but had gone through fine; and that it had subsequently -- between the first and second phone call alleging that it had been declined -- been refunded. I was surprised at this and asked my bank to check the source and amount of the transaction; they confirmed that it was Deutsche Bahn, but that the transaction had been for £780.
This surprised me even more, given that I hadn't anticipated these muppets helping themselves to over a hundred quid more than they'd initially asked for. So I rang them again and spoke to some other idiot (one Thomas Huber) who explained that train tickets can change their prices at any time and that, therefore, DB hadn't any intention of honouring their original quote; and then spoke over me for a quarter of an hour before I finally managed to get into his thick skull the information that I'd been charged almost £150 more than quoted, without being warned that this would happen!
Now, to pause for a moment, it's obviously true that train tickets can get more expensive with time. It's also true that Deutsche Bahn's pro-forma quotation email is worded to the effect that the price they quote is more-or-less notional and in the brief interval between their supplying it and your ringing them up the quoted price may no longer be available. So this is all fair enough, up to a point; I question whether this was actually what had happened in this case, given that in the time between their giving me a quote and my ringing them up the price of tickets on Ryanair for the same journey had not increased at all, and -- since aeroplanes are much smaller than trains -- you would expect air tickets to rise in price more quickly further in advance than do rail tickets, but who knows? I am also certain that the delay of several hours between my ringing them with my credit card details and their charging my card was due purely to their own incompetence and disorganisation rather than a scam intended to inflate the prices they're able to charge.
In any case it's absolutely not OK for them to charge me some arbitrary sum larger than that quoted without warning me that that they were about to do so; and I'm not all that hot on them lying that my credit card had been declined when they'd in fact successfully charged hundreds of pounds to it.
Anyway, needless to say, correspondence with the proffered manager (one Gill Brassington) was pretty futile. She first told me that the quote I'd been given was in fact valid for the whole of the day on which it was sent, and then refused to explain why, then, I'd been charged more than promised. She then simultaneously denied that they'd made any error by overcharging while claiming that she'd apologised for their doing so (which she hadn't -- she apologised only for ``the confusion regarding your booking from London to Stockholm'').
It would be uncharitable to assume that since she refused to acknowledge the error, overcharging me without warning was intentional. Anyway, nothing anybody at Deutsche Bahn said gave me any confidence that they wouldn't cock up (or deliberately inflate) any further transaction; indeed, they were careful to make clear that they might charge me more-or-less anything if I were foolish enough to try to buy anything from them again.
Now, while I'd more-or-less resigned myself to paying over six hundred quid to get to Stockholm and back, I was pretty unhappy about the idea of paying over seven hundred quid -- and that to a bunch of people who were not only incompetent and rude but also actually lied to me. So I decided that I would not be offering Deutsche Bahn UK the use of any more of my money.
I then looked for some other `quotes' from some other `travel agents', but tragically they were all even more expensive than Deutsche Bahn's (even after they'd added their hundred-and-fifty quid incompetence fee).
Anyway, at the close of this fiasco, Gill Brassington sent me an email to the effect that she had no interest in explaining what the fuck she and her staff had been playing at, and that (if I had the energy to) I should write a letter to one Oliver Ueck, apparently the director of the company. Well, frankly, I can't be arsed, but I will send him the URL to this post; let's see if he has the balls to explain himself.
(As a brief digression: why are train tickets so much more expensive than air tickets? Naively I'd expect that budget airlines would have driven down the price of rail travel to something competitive, but they clearly haven't. Since rail travel is -- for people who don't mind airports -- much less convenient than air travel, I guess the passengers must mostly be (a) people who like trains, and (b) people who don't like flying. Are there really enough of these to sustain a market for long-distance rail travel at six to seven times the price of air travel? Perhaps it's like first/business-class air travel -- mostly people's employers are paying, rather than the passengers themselves. I'd also welcome any suggestions on where to buy rail tickets without being lied to, overcharged, or otherwise fucked around.)
Coming up in future episodes of `adventures in customer service': mail-order computer companies, and how none of them seem to have mastered the relatively simple provisions of the Sale of Goods Act 1979; a (very) brief discussion of the differences between `an enterprise-class data center' and `a big building full of incompetent jobsworths with air conditioning that doesn't work'; and, if you're very, very lucky -- I wasn't -- the lengthy saga of NTL and their all-encompassing hopelessness.
So, the Home Office has now published its new draft Terrorism Bill, which creates offences of encouraging and glorifying terrorism, as discussed a little while ago in the context of exclusions and deportations. I couldn't find the document on the Home Office site, but the Guardian has a story about the proposals and have mirrored the text of the Bill.
Expressions used in this Part and in the Terrorism Act 2000 (c. 11) have the same meanings in this Part as in that Act.
and therefore, the same catch-all definition of `terrorism' applies (it is trivially amended -- s.28 -- to include acts designed to influence `an international governmental organisation' rather than just those which influence `the government'). The new Bill does contain an exception (s.2(3)) for glorification etc. of acts of terrorism done more than 20 years ago:
A person is guilty of an offence under this section in respect of a statement glorifying, exalting or celebrating anything occurring more than 20 years before the publication of the statement only if the statement relates, whether directly or indirectly, to conduct or events specified for the purposes of this section by order made by the Secretary of State.
i.e., Charles Clarke gets to nominate historical terrorist events which were so bad that anyone glorifying them should still be liable for up to five years in jail (the 11th September 2001 attacks are presumably an example of such events). Presumably he won't be adding events which are terrorism under the 2000 Act but sensible people don't regard as such (e.g. D-Day, per previous example).
I think it was jolly splendid that Britain and the United States invaded Iraq and deposed evil dictator Saddam Hussein in 2003.
As with the recent incitement to religious hatred stuff, it's not quite as bad as it might be; the new offences of encouraging and glorifying terrorism can only be prosecuted with the consent of the relevant Director of Public Prosecutions (s.15). So that's alright then: make everything illegal, and only prosecute the people you don't like. Top work.
So, no real content, but some links, divided according to invented tradition
Sam Smith, Matthew Somerville and others have built two excellent new mySociety sites: YourHistoryHere, a contributor database for local historical trivia (and who doesn't like trivia, even if it brings out the old codger in people?); and Placeopedia, a site which invites you to associate articles in Wikipedia with their geographical locations.
It turns out that the mindless task of clicking on stuff, finding out whether it's in Wikipedia, and then adding it to a list is surprisingly addictive; at least, that's my excuse for the breadth and pointlessness of my contributions to the latter site. Anyway, I hope this will not put you off submitting numerous valuable contributions.
Both of these, of course, use Google Maps to do their stuff (if I had an MBA, I would probably use the word `leveraged' about now). So I suppose Google Maps is splendid too... nice interface, but if you ask me its maps are actually a bit rubbish (what sort of map doesn't mark a railway station, for fuck's sake?).
(If, by the way, you are in London on Thursday evening, and are at a loose end, do come along to a mySociety and TheyWorkForYou drinks party at The Narrowboat, in Islington, from 1900h. I fully expect that this will be splendid too.)
Some bunch of anonymous tossers have managed to force John Band to shut down his web log. Bastards.
One crude measure [of migration between US cities] is to examine the one-way rental rates for U-Haul vans.
U-Haul is a truck, van and car rental company. Their website will quote you prices for one-way trips between (I presume) any pair of US cities where they have branches. In this specific case, Andrew Roth found that the hire of a 10' truck for a journey from Los Angeles, CA to Las Vegas, NV was, at $454, almost four times as expensive as the rental for the converse trip ($119). The inference is that U-Haul adjust their pricing to demand; and that people are moving from LA to Las Vegas at a much higher rate than from Las Vegas to LA. (He wanted, I think, to make an inference about the effects of different states' marginal tax rates.)
What happens with some more data points? Well, naturally, the first thing to do is to write a scraper for the U-Haul web site; unfortunately, when they come to give you a quote for the rental you're after, the actual price is presented as a little PNG image on the web page, rather than text (this at least suggests that somebody thinks the data are valuable!); happily, they don't do it very well, so gocr can extract the numbers, more-or-less. As another tangential observation, the U-Haul website is plenty slow, but arguably that's their own stupid fault for using Microsoft `Windows'.
Anyway, considering a fairly arbitrary selection of large US cities (New York, San Francisco, Houston, Chicago, Washington DC, Detroit, Phoenix, Denver, Jacksonville, Seattle, Las Vegas and Memphis, if you must know), we get data that look like this:
-- the vertical bars connect the prices for different directions between each pair of cities; I've used driving distances as computed by the Google Maps route planning thingy, but in fact the result isn't any cleaner than plotting the data against great-circle distances. (Though as a trivial factlet, here's driving distance vs great circle distance for the same set of cities:
-- within this sample, the US road system typically enables point-to-point travel at a ~16% penalty over the best possible route. Without seeing a comparison with other countries, it's not clear whether that means that the Americans have too few roads or too many, and anyway there are probably better ways to address this question.)
I collected these data at the beginning of September, asking for quotes for trucks available on the seventh, i.e. today. I don't know how much Hurricane Katrina will have affected this -- presumably everyone who was able and willing to evacuate did so before the storm arrived, but perhaps many people would have planned to return home around now. U-Haul presumably are in a position to adjust their prices more-or-less in real time. Of these, prices to and from Houston are most likely to have been affected.
Obviously the idea here is that if the journey from A to B costs lots more than the journey from B to A, there's a net flow from A to B. Working backwards, the assumptions have to be something like: each U-Haul outlet sees a monotonically-decreasing demand curve for journeys to each other U-Haul outlet; there is some fixed supply of trucks, and U-Haul are keen for them not to all pile up in one place; so they adjust the price for the journeys in each direction to obtain equal numbers of journeys being executed in each direction, while (hopefully) making money on each truck's round-trip. This looks sort-of plausible from the distance/price plot above; unfortunately, without knowing what the demand curves look like or what U-Haul's policies are (maybe there are some default assumptions here? dunno what they are, though), we can't get too much further.
However, we ought to be able to get some information about the relative size (in the sense of ranking rather than proportion) of the flows between different city pairs. (Except, of course, that depends on some assumptions about transitivity which probably don't hold. Ho-hum.) One important issue here is that the condition for one journey costing significantly more than its return is that the condition should be independent of distance (since otherwise the results would be biased by the distances). Though the difference between high and low prices doesn't have this property (it increases with distance) the ratio of the two prices looks more useful:
|San Francisco||Las Vegas||4.0|
|New York||Las Vegas||3.6|
(Update: as Adam points out in the comments, I'd mixed up Detroit and Chicago on the original map. Oops. Also corrected an error in the table, above.)
So, what does this tell us? Specifically, it tells me not a whole lot -- beyond astonishment that people want to move to Las Vegas -- because I don't know much about the geography of the United States. (The results mostly fit the hypothesis that lots of people are running away from `rust-belt' states to get to `sun-belt' states.) But maybe some of my half-dozen readers will have something more useful to say....
(If anyone wants to play with the data, here are: prices.csv, the price data; distances.csv, the driving distances between the cities; and coords.csv, geographical coordinates of the cities. The screen-scraper is linked above.)
This is all done with wwwitter.
Copyright (c) Chris Lightfoot; available under a Creative Commons License. Comments, if any, copyright (c) contributors and available under the same license.
Hosted and supported by