Shostack + Friends Blog Archive


Scottish and Procedural Liberty

car-crushed-by-tank.jpgIn “Scots Crush Cars Over ‘Document Offenses,'” Rogier van Bakel writes about bad new UK law:

Now cars can be seized and crushed if document offences are detected — and the region’s top police officer said yesterday a “clear message” is being sent to would-be offenders. … Tough new powers in the Serious Organised Crime and Police Act 2005 will allow officers to put the squeeze on “irresponsible and selfish” motorists.

The “would-be offenders,” in this case, are not only people who drive without a license, but also those who get behind the wheel without insurance. I don’t disagree that they need to be caught and corrected, but there’s something very unsettling about the fact that they apparently can’t have their day in court — that it’s within a mere cop’s powers to order a vehicle destroyed.

The idea that the police have the power to impose sentences is quite troubling, but more troubling to me is the idea that databases are now presumed correct. I don’t know if this is the case in Scotland, but many US states are going to “electronic proof of insurance.”

So let’s say that your insurance company computer is offline, and can’t provide proof of insurance. You know, sort of like AIG fumbled this week. Recall that AIG’s computer was stolen March 31, and they didn’t get around to telling anyone until June. A similar screw up could now get your car impounded and crushed. Odds are very good that AIG’s contracts will states that their failure to be online isn’t their problem, and you can’t recover damages for your time, loss of vehicle, or distress without taking them to court.

In the IT world, we used to talk about “Garbage in, Garbage Out.” It was an acknowledgment that data quality problems happened, and that they were often the fault of the system owner, not the customer. It was also a driver for the access provisions of privacy law. You have the right to access and correct certain data about you. (In the US, this applies mostly to the government, and certain aspects of the credit bureaus.)

With that loss of understanding comes a serious loss of liberty. The computer is presumed correct, and you are presumed to be a “demon customer.”

Car crush photo from the US Army.