Wednesday, November 17, 2021

The Open University Staff Tutor - a personal perspective

 I joined the Open University as a Staff Tutor in Technology in the mid 1990s. The uninitiated would be forgiven, at this point, for thinking 'yawn, don't care, what's a staff tutor anyway?' It seems like a pretty nondescript job title.*

Fair question if you can even get as far as being interested enough to ask it. Given the original multifaceted nature of the position, there is no such equivalent animal or role that I am aware of in any other organisation. The closest parallel, strangely enough, is that of a member of parliament, who has both national policy and local constituent commitments.

A staff tutor is an academic manager who looks after OU associate lecturers and students but also has central university policy decision making and academic production, presentation and research duties. You can think of the management part as being a bit like a director of teaching, traditional head of department or dean of studies; and the policy/production/research part as being like an academic writer/teacher/researcher and policy maker.

At the time I joined, staff tutors were based in regional centres - I was in Oxford and looked after about 120 tutors teaching the full range of (about 30) technology undergraduate courses in the South of England. Geographically I covered from Milton Keynes at the north end of the region to Portsmouth in the south east and Weymouth in the south west. Centrally we were based in faculties - in my case the Open University Faculty of Technology - and reported to the dean.

The subject matter of the curriculum taught by my tutors included:

  • ICT
  • Engineering
  • Environmental science, technology, policy & decision making
  • Design
  • Materials science
  • Systems thinking
  • Information systems
  • Maths - e.g. engineering mechanics, fluid mechanics and thermodynamics
  • Science - basic (first year) chemistry, physics & biology
  • Development studies

 I was academically comfortable with most of it apart from the development studies which I had absolutely no background in. I was concerned enough to raise this at my interview for the job, enquiring whether I would be expected to take responsibility for such an area when I knew nothing about it. My now friend of many years, Bob Clark, grinned at me and, with his characteristic twinkle, declared categorically, "Nooo, noo, no, we wouldn't ask you to look after a course you know nothing about." Reader, that was a fib.

The OU's development studies group had emerged and evolved in the Technology Faculty, an unusual home for such a group but one which worked. This was partly because of the interdisciplinary, permissive, open, intellectual culture of the faculty and the broad sociotechnical perspective on technology that was encapsulated, at the time, by our unique definition of technology -

Technology concerns itself with understanding how knowledge is creatively applied to organised tasks involving people and machines that meet sustainable goals.

This broad definition has three key aspects: 

Technology is about taking action to meet human needs through sustainable means

Technology is not just about the tech itself but about facts and values, craft/practice and theory, knowledge and creativity

Technology involves organized ways of doing things. It encompasses complexity (technological, organisational, environmental, sociological, economic, political, regulatory) and the interactions (intended, unintended, emergent, foreseeable and not) between products/services and the people and systems that create/make/distribute/use or are impacted/influenced by them

It's a definition, I believe, that stands the test of time.

Returning to Bob's fib and the subsequent offer and acceptance of the job though, I am spectacularly grateful for the 26+ years the OU and its amazing people have, so far, given me. In that time, I've had the privilege of:

  • looking after hundreds of tutors and thousands of students
  • writing for or being involved in the production and presentation of about 40 OU courses.
  • writing the OU's internet law course which played a part in the creation of OpenLearn
  • being an academic consultant on OU/BBC joint productions such as the BAFTA winning, The Virtual Revolution
  • working with the UK parliament, the European Commission, the World Intellectual Property Organisation at the United Nations, the Korean Copyright Commission, human rights NGOs and civil society on technology, policy, privacy, security, surveillance, education, intellectual property and its economics
  • having my work published in academic journals, books, by UK parliamentary committees, by consumer rights groups, in scientific & technical press e.g. from New Scientist to Wired and getting quoted in the broadsheet (and even tabloid) press
  • presenting papers at academic conferences all over the world, in subject matter as diverse as environmental/digital decision making, Maxwell's demon on the internet, gene patents, warring 6th century Irish monks, algebra with tiddlywinks, surveillance, security, privacy, investigatory powers, cultural agoraphobia and much more. (Favourite conference and conference people - Gikii, always)
  • appearing on TV and radio as an academic commentator
  • writing a book (with several others in a pipeline with no capacity, sadly yet, to complete)
  • being at the front line of the OU’s industrial-scale deployment of online learning, from the start
  • being a signatory of the ‘Necessary and Proportionate International Principles on the Application of Human Rights to Communications Surveillance’ and other collective academic efforts to educate policymakers and the public
  • helping to change the UK copyright law
  • being an external examiner at Reading, Cambridge, Essex, Glasgow and Southampton universities
  • being a visiting fellow at Harris Manchester College at Oxford University
  • working with the most incredibly caring, professional, gifted and dedicated educators, support staff, administrators, activists and policy makers 
  • serving on and/or leading multiple exam boards, regional, departmental, faculty and university committees, developing and writing university policy
  • writing more than 4700 blogposts, here, (this is number 4743) some of up to nearly 15,000 words...

...and in some senses that is only scratching the surface of staff tutor life. Some of my colleagues have properly impressive CVs.

In some senses, too, that list of activities gives an idea of why certain elements of OU management and administration have always considered the staff tutor role as problematic. This had a name, even in the 90s - it was known by the University administration as "the staff tutor problem". 

Staff tutors were considered, in some quarters, to be a bunch of anarchic academics, swanning around, doing what we liked and nobody had any control over us. I had my own staff budget, a brilliant secretary, Geraldine Kirby and the autonomy to run my regional 120 strong tutoring crew as I saw fit, within the constraints of OU staffing policies, overseen by the regional director. The regional director was not my boss, the dean was. That was seen as a problem by the regional director and the regional director's boss.

As a general rule, autonomous employees make bureaucrats intensely uncomfortable. That autonomy did not survive the years and, to be blunt, multiple internal bureaucratic silos now require their pound of flesh when expediting what should be the simplest of internal processes.

To make a very long and complex story short, the Vice Chancellor of the time was convinced, by interested and influential parties, that a review of the staff tutor role was in order. This was to become a pattern - every single Vice Chancellor I have served with at the Open University has agreed to a review (or several) of the staff tutor role. It has been repeatedly and deplorably easy for actors with vested interests to present a distorted caricature of the role to successive VCs, followed by suggesting "reviews" intended to "review" the role out of existence.

Without fail, every single group tasked with the job of doing a serious, evidence-based review of the role, opened the lid on what they quickly realised was a Pandora's box; and concluded "Holy Baloney, shut that thing before chaos reigns; those people are working miracles. The University will interfere with them and what they do at our peril." But they didn't come without a cost. Despite recognising the uniqueness, the essential value and professionalism of staff tutors, they couldn't help themselves in making recommendations for "improvement", recommendations invariably meaning more form filling, box ticking and general micro administration, to ensure we were more restrained and doing at least something that could be seen, understood and measured.

That's not to say the freeloader problem that can accompany autonomy did not exist. There were a small, no, tiny number of staff tutor colleagues who led a comfortable existence. But even those comfortable few, when all hands were needed to the pumps and there was a serious operational crisis, invariably came through.

Staff tutors have managed frontline operations through monumental institutional changes in the past 27 years. When the OU began using the internet in the 1990s, (famously in the face of opposition from an earlier vice chancellor, who declared students would be required to have computers over his dead body, to which John Naughton replied "Challenge accepted, Vice Chancellor!"), we taught tutors how to use it in their teaching. When Martin Weller unleashed the first entirely online undergraduate course in 1999, we overhauled the OU administrative and operational infrastructure in less than 12 months to support it. When the course enlisted 13,000 students in the year 2000, we recruited and trained 550 people to tutor it, at a time when there were nowhere near that number of people in the UK who had the slightest idea of how to teach online.

When each successive VC and head of student services and head of IT [or head of anything else with a big salary, important title, a centralise, command & control psyche and a big ego to polish] or expensive consultants were making their mark, with the US OU, OpenLearn, merging of Technology with the Maths and Computing faculty, absorption of secretaries into general administration silos, the demise of summer schools & regional induction & course choice roadshows, decimation of specialist IT, academic editing and production design staff, the removal of academic control of the University senate, multiple re-organisations of regional centres, particularly the move to "Student Service Team" hubs [Oxford was marked to support the business school and my AL services support was moved to Birmingham and Nottingham; when Birmingham closed my support moved to Manchester], multiple departmental re-organisations, the massive institutional shock of the government fee changes in 2013, FutureLearn, merger of Maths Computing and Technology faculty with the Science Faculty (and other parallel faculty mergers), the roll out of apprenticeships, instigation of departmental silos, 

...and the single most destructive act of structural and strategic vandalism in the history of the OU, the closing of the English regional infrastructure ...

the disastrous group tuition policy and core systems replacement, endless resource intensive vanity projects, disappearing broken and failing support systems, the now, very, very difficult transition to a new associate lecturer contract and a host of other internal & external emergent effects of complex institutional change, staff tutors have continued to manage frontline teaching operations and other duties with immense professionalism and dedication.

But every element of the role has changed. A simple illustration being that whilst I managed 120 tutors and about 30 undergraduate courses in 1995, moving to its height of 157 tutors (with a little over 3000 students) on about 30 courses in the year 2000, in the South region of England, I now manage about 35 tutors, teaching about 75 groups of students (about 1500 students) on four undergraduate modules in different parts of the country. That on its face and on a typical spreadsheetable metric looks as though the operational management burden has been reduced, enormously. Yet, the per capita internal administrative load of managing each tutor and student has increased by several orders of magnitude in that time. And with the loss of, first, my secretary and latterly, with the closure of the regional centres in 2017, my terrific academic assistant, Nick Hook, the amount of time and energy I now expend in administrative gophering to feed the institutional bureaucratic beast with the voracious appetite, has shot up exponentially.

The management element of the role is not so much a director of teaching any more but a troubleshooting absorber of insanity. On the rare occasions I'm now asked what I do, that, in all seriousness, is what I say. I'm required to protect my staff and students from the worst excesses of what would otherwise hit them. It is a 7 day a week job, typically 9 to 12 hours a day. I get to the end of every week exhausted, with nothing measurable to show for it, nothing to please or boost the metrics of those higher up the organisational food chain, other than that my little corner of the OU universe has not collapsed that week. A single email, phone call or entry in an OU system can blow up my day, week or several months ahead.

25 years ago, the right information flowed to me, intelligently filtered to a useful form by my fantastic secretary (the role of the secretary being the most important organisational innovation of all time) and, usually, in timely fashion to enable careful evidence-based day-to-day operational and strategic decision making. Today, to my knowledge, staff tutors have to mine nearly 130 (one hundred and thirty) sources - OU and other information systems and/or websites - of raw data to construct the basic information to do our day-to-day jobs. How do I know it is 130? One of my colleagues went to the trouble of listing the ones she could think of on a spreadsheet. Unfortunately, many of the sources and links she carefully tracked down and identified get dated, information gets moved and you have to start from scratch when needing to find it.

25 years ago, I made tutor appointments by September, for course starts the following February. All undergraduate courses started in February and ran once a year. We had the time, space and resources to take those new tutors through several layers of induction, briefings and procedures on what it meant to be an OU tutor and the core values of the institution; and in the process enable them to have a humane integration into the OU community. Today because we continue to recruit students up until about ten days before course start, I can be appointing new tutors right up to the day the course starts. Some courses run multiple times a year and though our biggest group of students start in October, we now run modules starting in January, February, March, April, May, August, October and November. I run modules with October, February and April starts. For all of those starts the full force of the institutional administrative infrastructure grinds into gear.

Simple tasks that once took a 60 second phone call or email, can now take as long as hours, days or longer, involving multiple parties and parts of the University in the process. An administrator at HQ with a bright idea to make their own particular admin silo more efficient, can add several hours to my working week, requiring, at its simplest, the completion of a multipart form demanding administrative details I don't have, in order to get that silo to provide one or more of the transaction services I need to get something done.

One trivial recent example comes from the ongoing messy transition to the new associate lecturer contract. Someone in authority decided it would be a good idea to set a flag in each new tutor's file, in the OU's new SAP system, to note that the tutor had started work. Now it seems fair to note that the OU has survived over 50 years without this flag but it is now required that it be set before the University is prepared to pay these tutors. The setting of the flag in SAP SuccessFactors is a 17-step process and the OU offered training in how to do it. Who better to be chosen to set these flags than, you guessed it, your friendly staff tutors. So, we have a "solution" to a non-problem which involves "training" 380+ staff on academic salaries to push buttons in SAP SuccessFactors to keep HR files tidy. You have to wonder whether that is a sensible use of academic resources. Perhaps, the starter flag, if absolutely necessary, could be set, at a vastly lower institutional expense, by a handful of HR clerks. This as actually happened for the 2021 October starters, when staff tutors were denied the SAP system permissions to work through the 17-step flag setting.  

The new Open University associate lecturer contract could and should have been a real triumph for the OU. Casualisation of employment in the higher education sector in the UK has got completely out of control. To my and my colleagues' immeasurable pride, our unique and invaluable public service institution decided to buck that trend and provide security of employment to our teaching staff. Contracts that were renewed from module start to module start, if and only if the OU signed up enough students, have essentially become permanent. Actually, if we had stopped at that it would have been a triumph, in itself but it was decided to reform the way tutors are to be managed. Three years into the transition to the new contract the whole thing is a mess.

As I've said here before

Historically the OU turned a discredited education method - correspondence courses - into hugely effective supported open learning at a distance which, for over 40 years, has outstripped the personal support provided by most of the conventional university sector by a street. Through a combination of energy, novelty, creativity, mutual support, organisation, sense, care, goodwill, a following wind and the right people, we, by accident as much as by design, got a lot of the key structural things right in the early days -
  1. The course production module - multidisciplinary concentrated teams producing intensely peer reviewed, tailored, self-contained, high quality self-study print, audio, video, multimedia and networked course material 
  2. The central administrative infrastructure needed to support production and operation at scale, on everything from exams to summer schools and associated logistics 
  3. The regional administrative infrastructure - essentially front-end regional offices and operations - that put the OU in the local community and real people who cared in touch with the people who were our students; names and faces that students got to know and trust throughout their period of study.
  4. Above everything else, the foundation stone that the place is built on is the deep level of care and the goodwill of the staff and students.
Unparalleled care, dedication to duty and goodwill are at the heart of all public services from education to policing, the health services and beyond. Care, dedication to duty and goodwill, unfortunately are also things that cannot be easily measured or counted.

Care, dedication and goodwill are what associate lecturers have provided in spades. At the heart of those gifts and what has made them sustainable for generations, is the working relationship those tutors have with their staff tutors and other caring OU staff. I refuse to micromanage my tutors. Most of them have had the patience and resilience to stick with me for a very long time, the vast majority for more than 15 years. They are amazing, dedicated professionals I trust (and, I hope, support) to do the job to the highest standards. That trust is paid back in spades. My job is to point them in the right direction, support them when needed, get out of the way and shield them from prevailing operational insanities, as best I can.

In the run up to the closure of the regional centres that did such irreparable harm to the OU and in the aftermath, I sank into a deep depression. I've never told anyone that. I considered it the greatest failure of my professional career that I was unable to prevent those closures. During that period, thanks purely to my tutors, the talented AL services staff in Manchester and some other key colleagues, I was able to get through the day to day firefighting in front of my computer screen. I then slumped in an uncommunicative haze in front of the TV, for two or three hours every evening before going to bed, not sleeping and repeating the same cycle the next day. I couldn't talk to anyone or even read a book. 

I have the good fortune to be married to a saint and she saw me through it. But, though they never knew it, my OU friends were critical to me climbing out of that dark hole too.

Most of the management regime that enacted the regional closures are, thankfully, now history. One day I may be able to write a dispassionate account, but for now I retain a deep, simmering anger at the irretrievable harm caused by that action. To this day, I'm not sure whether the OU can begin to recover from that harm without some kind of truth and reconciliation process for the people who suffered through it.

The current senior management at the OU do not have a long institutional memory, relating to much or any of the story I've outlined in this essay. Vice Chancellors, their deputies and other OU executives are transient caretakers, often remote from the day to day operational reality of the complex, tightly coupled systems which keep the place afloat, and the impact that their decisions and actions have at that operational coalface. They have a duty to protect, preserve, nurture and defend the OU and its core values, and, upon their departure, leave this venerable university in more robust health than when they arrived.

It is a disappointing way to have to conclude my ramble through the history of staff tutordom in my OU lifetime, but the mess around the new AL contract transition is a very serious threat to their ability to fulfil that duty. Stress levels amongst staff tutors, AL services staff and curriculum managers are running very high. People have continued to work despite being ill, in some cases suffering severe Covid-19 infections, in order not to let their colleagues down. The implementation of the contract has become a long, slow, painful failure and a hazard to the health and welfare of staff at the leading edge of our critical teaching operations. It is past time for serious steps to be taken to address this.

A final message, then for staff tutors themselves. Staff tutors have, for decades, been the collective conscience and catalyst/engine of care and goodwill for the Open University, pushing the University to live up to its core values, in concrete ways, in all our operations. The thing about being a conscience is that it is institutionally criticial but it doesn't make you popular. The thing about care and goodwill is that they are the foundation of the OU's enormous contribution to the world but these are nebulous concepts, impossible to measure. Neither do they boost the metrics that higher education places so much importance in these days, so they often get neglected, lost or ignored. Nobody and I mean nobody but staff tutors understand the complex, demanding, intellectually engaging, esoteric, rewarding, variable, flexible, exhausting, frustrating, humane reality and nature of the role. It varies between faculties and departments, even between individuals. Nobody and I mean nobody understands or cares about the critical value of the staff tutor role to our teaching operations like you do. If the role, in all its richness and our unparalleled service to tutors and students are to survive into the future, you have to stand up for them... 

...and for yourselves.

*When the OU set up a business school, their equivalents insisted on being called not staff tutors but regional managers. Today the business school regional manager title has evolved to 'student experience manager' but in other faculties it remains staff tutor.

Tuesday, October 26, 2021

Covid security theatre, Guernsey style

My better half and I took a short break on the beautiful island of Alderney in September.

Before travelling visitors are obliged to set up a "Travel Tracker" account, administered by the States of Guernsey. Through your travel tracker account you fill in a long webform which demands an extensive collection of personal details, including Covid vaccination information. At one point I began to wonder when the  call for my inside leg measurement would appear.

Then within two days of travelling to Alderney you are obliged to pretty much go through most of the same process again, just in case, for example, you neglected to include your vaccination information on the first run though.  You can see the 49 slide description of the process in all its glory below.

 

On arrival on the day of travel you have to go through it all again, on your mobile phone, when the webform allows you to select "upcoming trips". Assuming your details pass inspection you get a blue screen pass to get let into Alderney.

One other feature of the form I didn't mention was that it invites travellers to pay £25 for a pack of covid lateral flow tests. I declined the offer, deciding to bring a pack of my own NHS lateral flow tests with me.

I also decided, given my clumsiness with mobile phone controls, to work my way through to the blue entry pass screen on the morning we were travelling. Expecting to be halted along the way, I was pleasantly surprised to get to the requisite screen without incident, though probably taking longer than the average teenager might have done. So far so good.

My wife on going through the form had decided to hand over the £25 for the tests, in the hope of avoiding any hassle over entry at the airport. She was to prove wiser than me and not for the first time.

The flight got us in on schedule and when the 16 passengers alighted from the 19 seater Dornier 228 Aurigny airline twin turboprop plane, we were greeted by a collection of people bedecked in surgical masks and plastic aprons, cheerily encouraging us all to connect to the FREE airport wifi. I already had my blue screen pass so initially didn't do so. One particularly insistent woman, who appeared to consider herself in charge, enthusiastically kept encouraging us to connect to the FREE airport wifi. She approached us. I paraphrase but the conversation went something like this:

Her: Have you connected to the airport wifi?

Me: I've got the entry pass. (I showed her the blue screen on the phone)

Her: That can't be right. Have you connected to the free wifi?

Me: No but I have gone through the arrival form and believe this is the requiste blue entry pass

Her: You have to connect to the wifi. That won't do. (She was getting significantly less agreeable at this point). You must connect to the wifi and fill in the form again. You must start again.

Another of the greeting squad, a young woman, then offered to help me fill in the form again, after I finally agreed to do so and proved to be slower than my original assailant was prepared to be patient about.

All around us, other members of the mask and aprons brigade were taking people's mobile phones and filling in the webform for them to access the entry blue screen, including ticking the boxes at various stages to say the phone owners were, without viewing them, agreeing to the site's terms and conditions.

The younger woman got to the offer to pay £25 for the lateral flow tests and asked if I had paid the fee. I said no, that I had brought my own. The older woman who had been hovering disapprovingly in the background keeping a close watch on this clearly untrustworthy traveller, decided to assert herself again.

YOU MUST PAY THE £25. IT'S THE LAW. YOU MUST PAY.

She was quite agressive. This went on for a bit with her younger compatriot gently insisting, too, that payment of the £25 to buy a pack of Alderney's lateral flow tests was "the law".

It was a requirement to take a lateral flow test on the day of arrival and every two days thereafter for the duration of the stay. But I very much doubt that the law of the States of Guerney declares that travellers are required to pay £25 before being allowed entry.

In any case, the fuss was getting excessive so I agreed to pay the £25. Cue another round of slow tapping the phone keyboard to get the £25 paid. The young woman was left to deal with me on her own again, once her boisterous colleague had got the wretched low-life to agree to cough up. At one point she tried to take my phone as I was dealing with the payment but, that being step too far, I politely denied her permission to do so.

At this stage, having been first off the plane, my wife and I were the last of the passengers still in the airport and the welcoming committee were mostly packing up to head off. Mrs angry began to hover again and was not only irritating us at this stage but appeared to be intimidating her younger colleague to get these delinquents processed, so she could go about her business. The latter, in fairness, had been unwaveringly polite and helpful throughout.

Eventually the payment went through I got through the rest of the form and the blue entry screen pass, identical to the one I had showed upon getting off the plane, appeared again on my phone. The young woman led us to get our packs of lateral flow tests, I thanked her for her help and we were allowed through.

The episode left a bad taste in the mouth and spoiled the first evening of our holiday. But Alderney is an absolutely captivating place and the people there are largely terrific, so we did enjoy our stay.

Unsurprisingly, the long winded travel tracker entry form, along with the £25 entry fee extortion squad at the airport turned out to be a classic example of security theatre.

We were in Alderney from a Saturday evening until the following Thursday early afternoon. We did do lateral flow tests on the Saturday and then every second day after that; and thankfully stayed healthy and covid free. Nobody checked whether we had done the tests or not or what the results were. Nor were we asked to report them to anyone. In that four and a half days or so, you could count the number of people we saw on the island wearing masks in single figures, the number wearing masks indoors on the fingers of one hand; and there was no social distancing.

I repeatedly thought of Schneier's law - anyone, in this case probably some bureaucrat in Guernsey - can devise a security system so clever that they themselves are incapable of seeing its fundamental flaws. The bottom line is that anyone who considers the welcome regiment at Alderney Airport alone is going to keep Covid-19 off the island is sadly and seriously mistaken.

Monday, June 21, 2021

Sharon Horgan does the Coronavirus care homes maths

The BBC has finally had the guts to criticise the UK government handling of the pandemic.

Not BBC news operations which is as craven and as terrified of the Tory government as ever.

But BBC drama, in Dennis Kelly's excellent Together, with terrific performances from Sharon Horgan and James McAvoy.

Horgan's searing 9 minute monologue on the government's appalling incompetence and culpability in the killing of care home residents should be compulsory viewing. 

Horgan's unnamed character's mother dies, having contracted Covid-19 at her care home.

Hogan's avoidable care home tragedy dialogue starts 49 minutes and 51 seconds into the iPlayer version of Together

"I can't escape the feeling that my mother didn't die.

She was killed.

The problem is that people don't understand the word 'exponential'. They think it means 'a lot' or quite fastly, like you see it on TV, you know or in bad sci-fi movies. Good God this alien mass is growing exponentially. And you think: Yeah, that's a lot but, em,  it;s worth taking the time to understand the mathematics of exponential growth.

Right. So you, eh, you start with 1 and you double it, say, every 3 days... you, you you're doubling it every 3 days. So by the end of the first week you've got 4. 1 has become 4 in, in a week. And by the end of the 2nd week, you have 16. By the end of the 3rd week you have 128. And, as the month draws to a close, you have 512.

After just 4 weeks.

Ok. So that a lot more than 1 but, you know, no so much. But if you carry on, the 5th week gives you 2048. the 6th gives you 8192.

The 7th

The 7th gives you 65,536.

The 8th gives you 262,144.

And if you go one week more, pretty much as near as dammit to the... to the, to the two calendar months from when this whole thing started, you get one million, forty eight thousand, five hundred and seventy six (1,048,576).

So the difference between the start of the 1st week and the end of the 1st week is 4.

And the difference between the start of the 9th week and the end of the 9th week is 786,432.

So, the same amount of days.

Hugely different numbers.

This isn't an illustration of coronavirus, by the way. This isn't what actually happened. You know we didn't quite go 9 weeks before the 1st lockdown. There wasn't just one person who brought it into the country. There was probly as many as 1,300 patient zeroes and this doesn't take into account, you know, pre-lockdown efforts to to battle the virus, track and trace, people changing behaviour.

Wha what actually happened is far more complex than what I've just done. What I...what I've just done is illustrate the word 'exponential' an' it and it doesn't mean 'quite fastly'. What is means is...what it means is timing matters.

I... it's said that if we'd locked down 1 week earlier, just 1 week, that we could have saved twenty thousand (20,000) lives. So it seems to me that the word exponential is not understood. But I've just explained it to you in...

[at this point she turns to McAvoy who provides a time check from his mobile phone]

... 1 minute 34 seconds.

And, you geddit... right? It's not that hard, is it?

In January 2020, the care provider, Alliance, contacted the Department of Health & Social Care and said "What should we be doing about this new coronavirus?" And they were told "Nothing. Don't do anything different." And they contacted them a week later and said "What should we what should we be doing now? I mean should we be, you know, should we be self isolating, should we be restricting visits from family and or friends? Should we should we like should we wear masks? And this time they weren't told nothing. This time they were told... well this time they weren't told anything. This time they weren't told anything at all.

And it wasn't until a month later...that they were...given guidance. This is, this is the end of February. Now an, an, and the guidance was that they... you do not need to wear masks and it remains very unlikely that people receiving care, in care homes, will become infected.

And I am gonna to... I'm gonna repeat that, I'm gonna repeat that advice for the Department of Health & Social Care: It remains very unlikely that people receiving care, in care homes, will become infected.

You can look that up. There'll still be links for it.

And this is...this is 1 week before our prime minister is walking around just boasting about shaking hands with coronavirus patients.

And then, the Imperial College points out that, if left unchecked, the the virus could kill half a million people and the government are, like,

Oh, Oh fuck...really?

Oh shit. Fuck.

And then, then the panic kicks in.

The NHS is going to be overwhelmed, we're, we're gonna be like Italy. Oh, please God, don't let us be like Italy and ministers order 15,000 hospital beds to be vacated.

And the the guidance given to hospitals is that it shouldn't take more than than 3 hours. So patients are taken out of hospitals and they're, they're dumped into care homes, and and and they're not being tested. Because and again I'm gonna quote here, that "Covid sufferers can be safely cared for in care homes."

So while the, while the the NHS, the burden on the NHS was being so hotly debated an, an, an wh while, you know, the fact that there was no, not enough PPE gear to go around. While all of that was being discussed, the care homes were given next to nothing. I mean, they were given dribs and drabs while the prices shot up.

And , and some local authorities threatened to withhold money from care homes, if they didn't take in confirmed coronavirus patients.

So they were sent into these places like biological warfare.

They, they were like, like, like blankets laced with smallpox.

I...in the 1st lockdown, it's said that 40% of the people who died from coronavirus were from care homes. 40%.

So you see, I can't escape the felling that my mother was killed.

And not by a car or a, or a, or a gun, or a knife, or a cricket bat or, even, the virus.

She was, she was killed by stupidity.

She was killed by dumb fuckery.

She was killed by someone looking at something, coming at them at the, at the speed of a freight train. And just being, like, Oh, let's just carry on shall we? Let's just ... you know, it's a, it's a bit, it's a bit fucking Dunkirk spirit. You know. A bit...bit stiff upper lip. Let's just carry on, old man.

And my mother. My, my... mum"

At this point McAvoy's character intervenes and says: "I think that's it" Horgan's character, emotionally drained, continues a little longer:

"Do you, do you remember when we were supposed to lockdown and then we didn't. And then we came out and and they said, you know, don't go to, to, to clubs or, or, or restaurants, you know, unless you bloody well want to or something? That was when Spain an, an, an France and Lituania and Malaysia, they were all locking down."

McAvoy: "Is that it?"

Horgan: "Is that it?"

She then runs out of energy to go on any further. 

Only people whose loved ones died as a result of government Covid-19 negligence and incompetence can truly understand the pain of the loss and the added insult of the complete absence of accountability.

It really is time the mainstream media outfits like the BBC started behaving like a democracy enhancing 4th estate and poured some energy and resources into speaking truth to power and holding power to account.

Congratulations to Horgan, McAvoy, the writer Dennis Kelly, the production team and everyone involved, constructively, in bringing Together to air.

If BBC news remain too scared to do their job, then hopefully the drama side of the institution will continue to step up. Just a reminder, though, from the BBC's own editorial guidelines:

"The BBC is committed to achieving due accuracy in all its output...

The BBC must not knowingly and materially mislead its audiences. We should not distort known facts, present invented material as fact or otherwise undermine our audiences’ trust in our content...

The BBC is committed to achieving due impartiality in all its output...

It does not require absolute neutrality on every issue or detachment from fundamental democratic principles, such as the right to vote, freedom of expression and the rule of law...

We must always scrutinise arguments, question consensus and hold power to account with consistency and due impartiality..."

Thursday, May 27, 2021

Court of Appeal Declare Data Protection Act Immigration Exemption Unlawful

On Wednesday, 26 May, 2021, the UK Court of Appeal issued a decision in The Open Rights Group & Anor, R (On the Application Of) v The Secretary of State for the Home Department & Anor [2021] EWCA Civ 800 declaring the unconscionable immigration exemption in the 2018 Data Protection Act (Paragraph 4 of Part 1, Schedule 2) unlawful.

The case was brought by the Open Rights Group and the3million and supported by the ICO.

The result brought some cheer to a week in which the European Court of Human Rights effectively accepted, in the case of Big Brother Watch & others v UK, that mass surveillance was compatible with the European Convention on Human Rights. The thin edge of a substantial fundamental rights offending wedge. The sole exception, among the 18 judges was Portuguese justice, Paulo Pinto de Albuquerque who, in concluding his dissenting judgment, said:

59. This judgment fundamentally alters the existing balance in Europe between the right to respect for private life and public security interests, in that it admits non-targeted surveillance of the content of electronic communications and related communications data, and even worse, the exchange of data with third countries which do not have comparable protection to that of the Council of Europe States. This conclusion is all the more justified in view of the CJEU’s peremptory rejection of access on a generalised basis to the content of electronic communications , its manifest reluctance regarding general and indiscriminate retention of traffic and location data and its limitation of exchanges of data with foreign intelligence services which do not ensure a level of protection essentially equivalent to that guaranteed by the Charter of Fundamental Rights . On all these three counts, the Strasbourg Court lags behind the Luxembourg Court, which remains the lighthouse for privacy rights in Europe. 

60. For good or ill, and I believe for ill more than for good, with the present judgment the Strasbourg Court has just opened the gates for an electronic “Big Brother” in Europe. If this is the new normal that my learned colleagues in the majority want for Europe, I cannot join them, and this I say with a disenchanted heart, with the same consternation as that exuding from Gregorio Allegri’s Miserere mei, Deus."

I hope to get round to a more detailed assessment of the Big Brother Watch case another time but having been partly consoled by the thought that at least the immigration exemption was toast, a close reading of the Court of Appeal decision led to the unfortunate conclusion that it is still very much alive and kicking.

The short version of the story is that Lord Justices Warby, Singh and Underhill have indeed declared the immigration exemption unlawful but only on a technicality. Essentially the government didn't get all their legislative ducks in a row when passing the law and didn't follow the UK GDPR rules on how to implement a contemptible measure like this. The immigration exemption itself was not thrown out on principle. 

Basically, if the UK government want to implement something like the immigration exemption circumventing data protection rights, they have to do so according to specific GDPR Article 23 rules. They failed to follow the rules, so the exemption is unlawful. 

"29. The argument has been wide-ranging but I would suggest that, if my Lords agree, this appeal can and should be decided on the following short and straightforward basis. There presently exists no legislative measure that contains specific provisions in accordance with the mandatory requirements of Article 23(2) of the GDPR. In the absence of any such measure, the Immigration Exemption is an unauthorised derogation from the fundamental rights conferred by the GDPR, and therefore incompatible with the Regulation. For that reason, it is unlawful. The appeal succeeds on this aspect of Ground 2, and it is unnecessary to reach conclusions on the other issues raised."

For the Brexiters, btw, shouting we are no longer in the EU, the GDPR is indeed directly applicable in EU member states only and applied from 25 May 2018. The UK has exited the EU but the UK parliament decided to keep substantially the same law in place in the UK. As the appeal court judges say at paragraph 12,

"(1) Sections 2, 3 and 6 of the European Union (Withdrawal) Act 2018 (“EUWA”) provided for certain aspects of EU law to remain in force, as part of English law, notwithstanding withdrawal. This is known as “retained EU law”. The GDPR, DPA 2018, and relevant CJEU case-law pre-dating IP completion day all fell into this category. 

... 

” The Immigration Exemption is “pre-exit domestic legislation”. 

(3) A statutory instrument of 2019 made amendments to the GDPR and DPA 2018 with effect from IP completion day. 1 As a result the GDPR, as it applies domestically, is now known as “the UK GDPR”. But the UK GDPR has the same legal status today as the GDPR had before IP completion day. Article 23 is now in slightly amended terms, but the amendments are not material. In Article 23(1), references to “the Union” and “Member State” are deleted and the power to restrict is now conferred on the Secretary of State. There is no change to Article 23(2). The Immigration Exemption is unamended."

So, the judges were free to declare the immigration exemption incompatible with article 23 of the GDPR and article 23 of the UK GDPR and to strike it out.

In paragraphs 14 to 18 the judgment is not exactly complementary on Home Office activities in this area, referring to their extensive use of the immigration exemption to deny people access to their data in 10,823 cases, "authoritative reports that cast doubt on the accuracy and reliability of the Home Office decision-making in the arena of immigration and data protection"  and that "it is clear that the Immigration Exemption plays a significant role in practice as a brake on access to personal data".

When dealing with the original judge's decision approving the immigration exemption, the Court says he relied on UK domestic case law to side with the government and say they were not obliged to follow the black letter requirements of GDPR article 23. In other words he felt the technicalities of article 23 were irrelevant in this context.

The appeal court decided he got this wrong. A clear line of judgments from the Court of Justice of the European Union supports the Open Rights Group, the3million and the ICO argument that the government do have to follow the rules of article 23 if they want to ignore data protection rights in connection with immigration cases. In the Digital Rights Ireland (2014), Tele 2 & Watson (2016), EU-Canada PNR (2017), Privacy International and La Quadrature du Net (2018, decided on the same day), the CJEU was "alert to the risk of over-broad derogations from fundamental rights; requires any derogation from fundamental rights to be justified by proof of strict necessity; and does not consider that this, or the requirement of proportionality, can be satisfied unless the appropriate safeguards are built into the legislative measure."

The CJEU was aware that member states would make end runs around fundamental rights when they felt like it and wanted to set up some hurdles to negotiate if that was the aim. And the UK government's argument that we should not worry our little heads about them taking away the rights of people because, like, they can always try another law if they are worried, didn't pass muster with Lord Justice Warby and his two colleagues.

"48. As I have indicated, however, I would prefer to decide this case on a narrower basis. I do not believe Article 23 should be construed as merely requiring the state to provide a general legal framework that contains guarantees of necessity and proportionality, and other safeguards. That might be a legitimate interpretation of Article 23(1), if it stood alone. But our analysis must reflect the fact that when updating and strengthening EU data protection law in the GDPR the legislature chose to depart from the approach to derogation that it had adopted in Article 13 of the Data Protection Directive. It particularised the requirements of Article 23(1), at some length, and in some detail, in Article 23(2). It seems to me that the respondents’ argument fails to explain or account for this and, in the process, leaves Article 23(2) with no significant purpose or function. In one sense, Article 23(2) clearly does provide a checklist. But I do not consider it plausible that Article 23(2) was intended to amount to nothing more than a sort of high level aide-memoire to the state about the kinds of matters it should have in mind when deciding whether to derogate from fundamental rights, in pursuit of one of the specified aims. The checklist is cast in mandatory terms, and calls for “specific” provisions. Sir James’s submission that these “specific provisions” can be found in general principles of human rights or administrative law, or in existing Articles of the GDPR is unconvincing. Article 23(2) itself – on the face of it – requires them to be contained in “any legislative measure referred to in paragraph 1

49. It may be that this wording is not to be read entirely literally; but it is remarkably specific and surely must be given some meaning. At any rate, in my judgment the better view, in the light of the CJEU jurisprudence, is that Article 23(2) requires any derogation to be effected by a “legislative measure” that is tailored to the derogation, legally enforceable, and contains provisions that are specific to the listed topics - to the extent these are relevant to the derogation in question - precise, and produce a reasonably foreseeable outcome. It can, I think, be said that this interpretation follows from the CJEU decision in La Quadrature. As I read that decision, the Court adopted and applied in the context of Article 23 of the GDPR the body of jurisprudence it had built up over the preceding years when dealing with Article 15 of the e-Privacy Directive and the Data Retention Directive. More generally, in this respect the Luxembourg jurisprudence and the language of Article 23(2) seem to me to be broadly if not precisely in step. The CJEU has repeatedly rejected submissions to the effect that domestic legislation should be held to pass muster on the basis that sufficient safeguards could be found elsewhere in the overall legal framework. The language of Article 23(2) seems to me to reflect the lines of reasoning enunciated in Digital Rights Ireland [54] and Tele2 [117-118], and the legislature may properly be considered to have intended an outcome on the same lines. 

50. The essence of the reasoning, as I see it, is that broad legal provisions, such as those that require a measure to be necessary and proportionate in pursuit of a legitimate aim, are insufficient to protect the individual against the risk of unlawful abrogation of fundamental rights. The legal framework will not provide the citizen with sufficient guarantees that any derogation will be strictly necessary and proportionate to the aim in view, unless the legislature has taken the time to direct its attention to the specific impacts which the derogation would have, to consider whether any tailored provisions are required and, if so, to lay them down with precision. This approach will tend to make the scope and operation of a derogation more transparent, improve the quality of decision-making, and facilitate review of its proportionality. To my mind the evidence to date as to the relevant decision-making tends to emphasise the importance of characteristics such as these." 

The good judge also takes comfort to note his conclusions "are consistent with paragraphs 45-46 of the Guidelines 10/2020 on restrictions under Article 23 GDPR published by the European Data Protection Board (“EDPB”)".It is clear that the immigration exemption in the Data Protection Act does not comply with GDPR article 23.

"The Exemption itself contains nothing, specific or otherwise, about any of the matters listed in Article 23(2). Even assuming, without deciding, that it is permissible for the “specific provisions” required by Article 23(2) to be contained in some separate legislative measure, there is no such measure."

What happens next remains to be seen. The Court has declared the immigration exemption unlawful but stopped short of striking it out, declaring the next steps the "subject of separate argument" for another day.

"55. The claim form seeks a declaration that the Immigration Exemption is incompatible with the Charter and the GDPR, and an order that it be disapplied, or alternatively a more limited form of declaration, specifying the conditions under which the Exemption might be lawfully applied. But at the conclusion of the hearing it was common ground that if we were in favour of the appellants the question of what relief should follow our decision would need to be the subject of separate argument...

56. The appropriate remedy in a case of incompatibility is a sensitive matter... Here, I have identified an omission that is, in principle, capable of remedy by measures that amend or supplement the existing provision. In the circumstances, I see merit in the cautious approach of both sides. I would defer a decision on relief, inviting further submissions on that issue in the light of these reasons."

The bottom line is that the reprehensible immigration exemption in the 2018 Data Protection Act is unlawful in its current form but it lives to fight another day. So, with the highest of plaudits due to the Open Rights Group and the3million for pursuing the case (and kudos to the ICO for supporting them), the knowledge that the exemption remains and the government essentially gets a license to reshape it, in a more legally acceptable form, is depressing.