For posterity sake here is my totally lukewarm take.
Of course nobody trusts Dominic Cummings when his puppet Prime Minister starts pushing for more data collection. He is starting to seem like a one trick pony — god knows he hasn’t shown himself as a genius tactician so far — and that trick is squeezing every drop of manipulation possible out of whatever personal data he can get his hands on. The fact that it was being requested via a memo that made it sound like orders for a SAS black ops squad certainly didn’t help.
Of course Buzzfeed totally over-egged their ‘exclusive’ about the leaked memo that started all this furore. They are BUZZFEED (that isn’t to say they don’t do some great journalism but they are in the clickbait game by default.)
Of course Carole Cadwalladr stepped in to stir the pot. She has done some incredibly important investigative work around Facebook–Cambridge Analytica and I admire her persistence and her writing. That said she is prone to be a bit binary about these things and this is potentially another story to support her overall narrative. I am also not entirely sure she understands the technology at the heart of the issues she writes about.
So anyway I understand why people are nervous — there are a lot of concerning key words in this storyline and experiences of the last few years mean people have every right to be worried. We also all know there is a General Election on the horizon.
But, and it is a Yokozuna Hakuho sized butt, there is other important context.
The majority of this memo seems to be talking about joining up the Google Analytics across the GOV.UK — which while it looks coherent is actually a mish-mash of services, products and platforms run by different teams (not just GDS). This has been something discussed as long as I can remember — I suspect the reason it is such a priority for Mr Cummings now is that he can’t believe it isn’t there. He probably imagined this was long since implemented.
(Now actually I have a few concerns about Google Analytics at scale but that is another story in this context!).
The teams at GDS are passionate about supporting their users and part of this is protecting personal data. Nobody takes this lightly and if there was someone who did it would soon be rooted out.
Just look at the Service Standard;
9. Create a secure service which protects users’ privacy
Nobody at any Gov Digital team is risking issues with GDPR. If anything everybody is leaning a bit hard on the risk averse side of things.
It is my totally unproven hypothesis that there are more members of the Open Rights Group per employee at GDS than any other employer in the UK.
So in summary distrust Cummings of course but trust the broader checks and balances in place and the people at GDS. If you want to worry about something I’d be looking a bit closer at the Boris Q&As on Facebook!