G7 Comes Out in Favor of Encryption Backdoors

This article is a repost promoting content originally published elsewhere. See more things Dan's reposted.

From a G7 meeting of interior ministers in Paris this month, an “outcome document“:

Encourage Internet companies to establish lawful access solutions for their products and services, including data that is encrypted, for law enforcement and competent authorities to access digital evidence, when it is removed or hosted on IT servers located abroad or encrypted, without imposing any particular technology and while ensuring that assistance requested from internet companies is underpinned by the rule law and due process protection. Some G7 countries highlight the importance of not prohibiting, limiting, or weakening encryption;

There is a weird belief amongst policy makers that hacking an encryption system’s key management system is fundamentally different than hacking the system’s encryption algorithm. The difference is only technical; the effect is the same. Both are ways of weakening encryption.

The G7’s proposal to encourage encryption backdoors demonstrates two unsurprising things about the politicians in attendance, including that:

  • They’re unwilling to attempt to force Internet companies to add backdoors (e.g. via legislation, fines, etc.), making their resolution functionally toothless, and
  • More-importantly: they continue to fail to understand what encryption is and how it works.

Somehow, then, this outcome document simultaneously manages to both go too-far (for a safe and secure cryptographic landscape for everyday users) and not-far-enough (for law enforcement agencies that are in favour of backdoors, despite their huge flaws, to actually gain any benefit). Worst of both worlds, then.

Needless to say, I favour not attempting to weaken encryption, because such measures (a) don’t work against foreign powers, terrorist groups, and hardened criminals and (b) do weaken the personal security of law-abiding citizens and companies (who can then become victims of the former group). “Backdoors”, however phrased, are a terrible idea.

I loved Schneier’s latest book, by the way. You should read it.

Mark Zuckerberg asks governments to help control internet content

This article is a repost promoting content originally published elsewhere. See more things Dan's reposted.

Mark Zuckerberg

Mark Zuckerberg says regulators and governments should play a more active role in controlling internet content.

In an op-ed published in the Washington Post, Facebook’s chief says the responsibility for monitoring harmful content is too great for firms alone.

He calls for new laws in four areas: “Harmful content, election integrity, privacy and data portability.”

It comes two weeks after a gunman used the site to livestream his attack on a mosque in Christchurch, New Zealand.

“Lawmakers often tell me we have too much power over speech, and frankly I agree,” Mr Zuckerberg writes, adding that Facebook was “creating an independent body so people can appeal our decisions” about what is posted and what is taken down.

An interesting move which puts Zuckerberg in a parallel position to Bruce Schneier, who’s recently (and especially in his latest book) stood in opposition to a significant number of computer security experts (many of whom are of the “crypto-anarchist” school of thought) also pushed for greater regulation on the Internet. My concern with both figureheads’ proposals comes from the inevitable difficulty in enforcing Internet-wide laws: given that many countries simply won’t enact, or won’t effectively enforce, legislation of the types that either Zuckerberg nor Schneier suggest, either (a) companies intending to engage in unethical behaviour will move to – and profit in – those countries, as we already see with identity thieves in Nigeria, hackers in Russia, and patent infringers in China… or else (b) countries that do agree on a common framework will be forced to curtail Internet communications with those countries, leading to a fragmented and ultimately less-free Internet.

Neither option is good, but I still back these proposals in principle. After all: we don’t enact other internationally-relevant laws (like the GDPR, for example) because we expect to achieve 100% compliance across the globe – we do so because they’re the right thing to do to protect individuals and economies from harm. Little by little, Internet legislation in general (possibly ignoring things like the frankly silly EU cookie regulation and parts of the controversial new EU directives on copyright) makes the Internet a safer place for citizens of Western countries. There are still a huge number of foreign threats like scammers and malware authors as as well as domestic lawbreakers, but increasing the accountability of large companies is, at this point, a far bigger concern.

German chat app slacking on hashing fined €20k

This article is a repost promoting content originally published elsewhere. See more things Dan's reposted.

German chat platform Knuddels.de (“Cuddles”) has been fined €20,000 for storing user passwords in plain text (no hash at all? Come on, people, it’s 2018).

The data of Knuddels users was copied and published by malefactors in July. In September, someone emailed the company warning them that user data had been published at Pastebin (only 8,000 members affected) and Mega.nz (a much bigger breach). The company duly notified its users and the Baden-Württemberg data protection authority.

Interesting stuff: this German region’s equivalent of the ICO applied a fine to this app for failing to hash passwords, describing them as personal information that was inadequately protected following their theft. That’s interesting because it sets a German, and to a lesser extend a European, precedent that plaintext passwords can be considered personal information and therefore allowing the (significant) weight of the GDPR to be applied to their misuse.

How My Stupid Bloody Name Finally Paid For Itself

Since changing my surname 11½ years ago to the frankly-silly (albeit very “me”) Q, I’ve faced all kinds of problems, from computer systems that don’t accept my name to a mocking from the Passport Office to getting banned from Facebook. I soon learned to work-around systems that insisted that surnames were at least two characters in length. This is a problem which exists mostly because programmers don’t understand how names work in the real world (or titles, for that matter, as I’ve also discovered).

It’s always been a bit of an inconvenience to have to do these things, but it’s never been a terrible burden: even when I fly internationally – which is probably the hardest part of having my name – I’ve learned the tricks I need to minimise how often I’m selected for an excessive amount of unwanted “special treatment”.

Airport
I plan to make my first trip to the USA since my name change, next year. Place bets now on how that’ll go.

This year, though, for the very first time, my (stupid bloody) unusual name paid for itself. And not just in the trivial ways I’m used to, like being able to spot my badge instantly on the registration table at conferences I go to or being able to fill out paper forms way faster than normal people. I mean in a concrete, financially-measurable way. Wanna hear?

So: I’ve a routine of checking my credit report with the major credit reference agencies every few years. I’ve been doing so since long before doing so became free (thanks GDPR); long even before I changed my name: it just feels like good personal data housekeeping, and it’s interesting to see what shows up.

Message to Equifax asking them to correct the details on my Credit Report.
It started out with the electoral roll. How did it end up like this? It was only the electoral roll. It was only the electoral roll.

And so I noticed that my credit report with Equifax said that I wasn’t on the electoral roll. Which I clearly am. Given that my credit report’s pretty glowing, I wasn’t too worried, but I thought I’d drop them an email and ask them to get it fixed: after all, sometimes lenders take this kind of thing into account. I wasn’t in any hurry, but then, it seems: neither were they –

  • 2 February 2016 – I originally contacted them
  • 18 February 2016 – they emailed to say that they were looking into it and that it was taking a while
  • 22 February 2016 – they emailed to say that they were still looking into it
  • 13 July 2016 – they emailed to say that they were still looking into it (which was a bit of a surprise, because after so long I’d almost forgotten that I’d even asked)
  • 14 July 2016 – they marked the issue as “closed”… wait, what?
Equifax close my request
Given that all they’d done for six months was email me occasionally to say that it was taking a while, it was a little insulting to then be told they’d solved it.

I wasn’t in a hurry, and 2017 was a bit of a crazy year for me (for Equifax too, as it happens), so I ignored it for a bit, and then picked up the trail right after the GDPR came into force. After all, they were storing personal information about me which was demonstrably incorrect and, continued to store and process it even after they’d been told that it was incorrect (it’d have been a violation of principle 4 of the DPA 1998, too, but the GDPR‘s got bigger teeth: if you’re going to sick the law on somebody, it’s better that it has bark and bite).

My message instructing Equifax to fix their damn data about me.
Throwing the book tip-of-the-day: don’t threaten, just explain what you require and under what legal basis you’re able to do so. Let lawyers do the tough stuff.

My anticipation was that my message of 13 July 2018 would get them to sit up and fix the issue. I’d assumed that it was probably related to my unusual name and that bugs in their software were preventing them from joining-the-dots between my credit report and the Electoral Roll. I’d also assumed that this nudge would have them either fix their software… or failing that, manually fix my data: that can’t be too hard, can it?

Apparently it can:

Equifax suggest that I change my name ON THE ELECTORAL ROLL to match my credit report, rather than the other way around.
You want me to make it my problem, Equifax, and you want me to change my name on the Electoral Roll to match the incorrect name you use to refer to me in your systems?

Equifax’s suggested solution to the problem on my credit report? Change my name on the Electoral Roll to match the (incorrect) name they store in their systems (to work around a limitation that prevents them from entering single-character surnames)!

At this point, they turned my send-a-complaint-once-every-few-years project into a a full blown rage. It’s one thing if you need me to be understanding of the time it can take to fix the problems in your computer systems – I routinely develop software for large and bureaucratic organisations, I know the drill! – but telling me that your bugs are my problems and telling me that I should lie to the government to work around them definitely isn’t okay.

Actually, Equifax: no. No no no no no. No.
Dear Equifax: No. No no no. No. Also, no. Now try again. Love Dan.

At this point, I was still expecting them to just fix the problem: if not the underlying technical issue then instead just hack a correction into my report. But clearly they considered this, worked out what it’d cost them to do so, and decided that it was probably cheaper to negotiate with me to pay me to go away.

Which it was.

This week, I accepted a three-figure sum from Equifax as compensation for the inconvenience of the problem with my credit report (which now also has a note of correction, not that my alleged absence from the Electoral Roll has ever caused my otherwise-fine report any trouble in the past anyway). Curiously, they didn’t attach any strings to the deal, such as not courting publicity, so it’s perfectly okay for me to tell you about the experience. Maybe you know somebody who’s similarly afflicted: that their “unusual” name means that a credit reference company can’t accurately report on all of their data. If so, perhaps you’d like to suggest that they take a look at their credit report too… just saying.

Cash!
You can pay for me to go away, but it takes more for me to shut up. (A lesson my parents learned early on.)

Apparently Equifax think it’s cheaper to pay each individual they annoy than it is to fix their database problems. I’ll bet that, in the long run, that isn’t true. But in the meantime, if they want to fund my recent trip to Cornwall, that’s fine by me.

After Section 702 Reauthorization

This article is a repost promoting content originally published elsewhere. See more things Dan's reposted.

After Section 702 Reauthorization - Schneier on Security (schneier.com)

For over a decade, civil libertarians have been fighting government mass surveillance of innocent Americans over the Internet. We’ve just lost an important battle. On January 18, President Trump signed the renewal of Section 702, domestic mass surveillance became effectively a permanent part of US law. Section 702 was initially passed in 2008, as an…

When One Library Steals From Another

When I first started working at the Bodleian Libraries in 2011, their websites were looking… a little dated. I’d soon spend some time working with a vendor (whose premises mysteriously caught fire while I was there, freeing me up to spend my birthday in a bar) to develop a fresh, modern interface for our websites that, while not the be-all and end-all, was a huge leap forwards and has served us well for the last five years or so.

The Bodleian Libraries website as it appeared in 2011.
The colour scheme, the layout, the fact that it didn’t remotely work on mobiles… there was a lot wrong with the old design of the Bodleian Libraries’ websites.

Fast-forward a little: in about 2015 we noticed a few strange anomalies in our Google Analytics data. For some reason, web addresses were appearing that didn’t exist anywhere on our site! Most of these resulted from web visitors in Turkey, so we figured that some Turkish website had probably accidentally put our Google Analytics user ID number into their code rather than their own. We filtered out the erroneous data – there wasn’t much of it; the other website was clearly significantly less-popular than ours – and carried on. Sometimes we’d speculate about the identity of the other site, but mostly we didn’t even think about it.

Bodleian Library & Radcliffe Camera website
How a Bodleian Libraries’ website might appear today. Pay attention, now: there’ll be a spot-the-difference competition in a moment.

Earlier this year, there was a spike in the volume of the traffic we were having to filter-out, so I took the time to investigate more-thoroughly. I determined that the offending website belonged to the Library of Bilkent University, Turkey. I figured that some junior web developer there must have copy-pasted the Bodleian’s Google Analytics code and forgotten to change the user ID, so I went to the website to take a look… but I was in for an even bigger surprise.

Bilkent University Library website, as it appears today.
Hey, that looks… basically identical!

Whoah! The web design of a British university was completely ripped-off by a Turkish university! Mouth agape at the audacity, I clicked my way through several of their pages to try to understand what had happened. It seemed inconceivable that it could be a coincidence, but perhaps it was supposed to be more of an homage than a copy-paste job? Or perhaps they were ripped-off by an unscrupulous web designer? Or maybe it was somebody on the “inside”, like our vendor, acting unethically by re-selling the same custom design? I didn’t believe it could be any of those things, but I had to be sure. So I started digging…

Bodleian and Bilkent search boxes, side-by-side.
Our user research did indicate that putting the site and catalogue search tools like this was smart. Maybe they did the same research?

 

Bodleian and Bilkent menus side-by-side.
Menus are pretty common on many websites. They probably just had a similar idea.

 

Bodleian and Bilkent opening hours, side-by-side.
Tabs are a great way to show opening hours. Everybody knows that. And this is obviously just the a popular font.

 

Bodleian and Bilkent sliders, side-by-side.
Oh, you’ve got a slider too. With circles? And you’ve got an identical Javascript bug? Okay… now that’s a bit of a coincidence…

 

Bodleian and Bilkent content boxes, side-by-side.
Okay, I’m getting a mite suspicious now. Surely we didn’t independently come up with this particular bit of design?

 

Bodleian and Bilkent footers, side-by-side.
Well these are clearly different. Ours has a copyright notice, for example…

 

Copyright notice on Bilkent University Library's website.
Oh, you DO have a copyright notice. Hang on, wait: you’ve not only stolen our design but you’ve declared it to be open-source???

I was almost flattered as I played this spot-the-difference competition, until I saw the copyright notice: stealing our design was galling enough, but then relicensing it in such a way that they specifically encourage others to steal it too was another step entirely. Remember that we’re talking about an academic library, here: if anybody ought to have a handle on copyright law then it’s a library!

I took a dive into the source code to see if this really was, as it appeared to be, a copy-paste-and-change-the-name job (rather than “merely” a rip-off of the entire graphic design), and, sure enough…

HTML source code from Bilkent University Library.
In their HTML source code, you can see both the Bodleian’s Google Analytics code (which they failed to remove) but also their own. And a data- attribute related to a project I wrote and that means nothing to their site.

It looks like they’d just mirrored the site and done a search-and-replace for “Bodleian”, replacing it with “Bilkent”. Even the code’s spelling errors, comments, and indentation were intact. The CSS was especially telling (as well as being chock-full of redundant code relating to things that appear on our website but not on theirs)…

CSS code from Bilkent University.
The search-replace resulted in some icky grammar, like “the Bilkent” appearing in their code. And what’s this? That’s MY NAME in the middle of their source code!

So I reached out to them with a tweet:

Tweet: Hey @KutphaneBilkent (Bilkent University Library): couldn't help but notice your website looks suspiciously like those of @bodleianlibs...?
My first tweet to Bilkent University Library contained a “spot the difference” competition.

I didn’t get any response, although I did attract a handful of Turkish followers on Twitter. Later, they changed their Twitter handle and I thought I’d take advantage of the then-new capability for longer tweets to have another go at getting their attention:

Tweet: I see you've changed your Twitter handle, @librarybilkent! Your site still looks like you've #stolen the #webdesign from @bodleianlibs, though (and changed the license to a #CreativeCommons one, although the fact you forgot to change the #GoogleAnalytics ID is a giveaway...).
This time, I was a little less-sarcastic and a little more-aggressive. Turns out that’s all that was needed.

Clearly this was what it took to make the difference. I received an email from the personal email account of somebody claiming to be Taner Korkmaz, Systems Librarian with Bilkent’s Technical Services team. He wrote (emphasis mine):

Dear Mr. Dan Q,

My name is Taner Korkmaz and I am the systems librarian at Bilkent. I am writing on behalf of Bilkent University Library, regarding your share about Bilkent on your Twitter account.

Firstly, I would like to explain that there is no any relation between your tweet and our library Twitter handle change. The librarian who is Twitter admin at Bilkent did not notice your first tweet. Another librarian took this job and decided to change the twitter handle because of the Turkish letters, abbreviations, English name requirement etc. The first name was @KutphaneBilkent (kutuphane means library in Turkish) which is not clear and not easy to understand. Now, it is @LibraryBilkent.

About 4 years ago, we decided to change our library website, (and therefore) we reviewed the appearance and utility of the web pages.

We appreciated the simplicity and clarity of the user interface of University of Oxford Bodlien Library & Radcliffe Camera, as an academic pioneer in many fields. As a not profit institution, we took advantage of your template by using CSS and HTML, and added our own original content.

We thought it would not create a problem the idea of using CSS codes since on the web page there isn’t any license notice or any restriction related to the content of the template, and since the licenses on the web pages are mainly more about content rather than templates.

The Library has its own Google Analytics and Search Console accounts and the related integrations for the web site statistical data tracking. We would like to point out that there is a misunderstanding regarding this issue.

In 2017, we started to work on creating a new web page and we will renew our current web page very soon.

Thank you in advance for your attention to this matter and apologies for possible inconveniences.

Yours sincerely,

Or to put it another way: they decided that our copyright notice only applied to our content and not our design and took a copy of the latter.

Do you remember when I pointed out earlier that librarians should be expected to know their way around copyright law? Sigh.

They’ve now started removing evidence of their copy-pasting such as the duplicate Google Analytics code fragment and the references to LibraryData, but you can still find the unmodified code via archive.org, if you like.

That probably ends my part in this little adventure, but I’ve passed everything on to the University of Oxford’s legal team in case any of them have anything to say about it. And now I’ve got a new story to tell where web developers get together over a pint: the story of the time that I made a website for a university… and a different university stole it!

Data-hucksters beware: online privacy is returning

This article is a repost promoting content originally published elsewhere. See more things Dan's reposted.

Next year, 25 May looks like being a significant date. That’s because it’s the day that the European Union’s general data protection regulation (GDPR) comes into force. This may not seem like a big deal to you, but it’s a date that is already keeping many corporate executives awake at night. And for those who are still sleeping soundly, perhaps it would be worth checking that their organisations are ready for what’s coming down the line.

First things first. Unlike much of the legislation that emerges from Brussels, the GDPR is a regulation rather than a directive. This means that it becomes law in all EU countries at the same time; a directive, in contrast, allows each country to decide how its requirements are to be incorporated in national laws…

TIL that the first ever speeding fine was given to Walter Arnold of Kent, UK, in January 1896. His speed: 8mph in a 2mph zone. He was caught by a policeman on a bicycle.

This link was originally posted to /r/todayilearned. See more things from Dan's Reddit account.

Walter Arnold of East Peckham, Kent, had the dubious honour of being the first person in Great Britain to be successfully charged with speeding on 28 January 1896. Travelling at approximately 8mph/12.87kph, he had exceeded the 2mph/3.22kph speed limit for towns. Fined one shilling and costs, Arnold had been caught by a policeman who had given chase on a bicycle.

Buying a House, Part 3

This blog post is the third in a series about buying our first house. If you haven’t already, you might like to read the first part. In the second post in the series, we’d put an offer on a house which had been accepted… but of course that’s still early days in the story of buying a house…

We hooked up with Truemans, a local solicitor, after discovering that getting our conveyancing services from a local solicitor is only marginally more-expensive than going with one of the online/phone/post based national ones, and you get the advantage of being able to drop in and harass them if things aren’t going as fast as you’d like. Truemans were helpful from day one, giving us a convenient checklist of all of the steps in the process of buying a house. I’m sure we could have got all the same information online, but by the time I was thinking about offers and acceptance and moving and mortgages and repayments and deposits and everything else, it was genuinely worth a little extra money just to have somebody say “next, this needs to happen,” in a reassuring voice.

A 22-page form; each page is double-sided for added insanity.
This gargantuan beast is our mortgage application form. All of those pages are double-sided, by the way.

Meanwhile, we got on with filling out our mortgage application form. Our choice of lenders – which Stefan, who I’d mentioned in the last post, had filtered for us – was limited slightly by the fact that we wanted a mortgage for three people, not for one or two; but it wasn’t limited by as much as you might have thought. In practice, it was only the more-exotic mortgage types (e.g. Option ARMs, some varieties of interest-only mortgage) that we were restricted from, and these weren’t particularly appealing to us anyway. One downside of there being three of us, though, was that while our chosen lender had computerised their application process, the computerised version wasn’t able to handle more than two applicants, so we instead had to fill out a mammoth 22-page paper form in order to apply. At least it weeds out people who aren’t serious, I suppose.

A front door with a hole, boarded up with plywood.
The front door of our intended new home had recently sustained some… damage. That didn’t bode well.

I revisited the house to check out a few things from the outside: in particular, I was interested in the front door, which had apparently been broken during a… misunderstanding… by the current owners, who are in the middle of what seems like a complicated divorce. The estate agent had promised that it would be repaired before the sale, but when I went to visit I found that this hadn’t happened yet. Of course, now we had lawyers on our side, so it was a quick job to ask them to send a letter to the seller’s solicitor, setting the repair of the door as a condition upon which the sale was dependent.

A page from our Environmental Search, indicating some of the past uses of the land around the house we hope to buy.
The results of our Environmental Search were perhaps the most-interesting. But I’ll understand if you don’t think it’s as interesting as I do.

Our solicitors had also gotten started with the requisite local searches. One of the first things a conveyancing solicitor will do for you is do a little research to ensure that the property really is owned by the people who are selling it, that there’s no compulsory purchase order so that a motorway can be built through the middle of it, that it’s actually connected to mains water and sewers, that planning permission was correctly obtained for any work that’s been done on it, and that kind of thing. One of the first of these searches to produce results was the environmental search.

A map of the area around our new house, as it was about a century ago.
A map of the area around our new house, as it was about a century ago, unearthed by our convenient tame librarian.

One of the things that was revealed be the environmental search was that the area was at a significantly higher-than-average risk of subsidence, had the construction not been done in a particular way – using subsidence-proof bricks, or something, I guess? I theorised that this might be related to the infill activities that (the environmental search also reported) had gone on over the last hundred and fifty years. The house is near a major waterway, in an area that was probably once lower-lying and wetter, but many of the small ponds in the area were filled in in the early part of the 20th century (and then, of course, the area was developed as the suburbs of central Oxfordshire expanded, in the 1980s). Conveniently, we have a librarian on our house-buying team, and he was able to pull up a stack of old OS maps showing the area, and we were able to find our way around this now almost-unidentifiable landscape.

A map showing a field, hedgerows, water course and - highlighted in blue - a pond. The second highlighting in blue (bottom left) is a letter 'O', not a pond. I got carried away highlighting things, okay?
A map showing a field, hedgerows, water course and – highlighted in blue – a pond. The second highlighting in blue (bottom left) is a letter ‘O’, not a pond. I got carried away highlighting things, okay?

Sure enough, there were ponds there, once, but that’s as far as our research took us. Better, we thought, to just pass on the environmental search report to a qualified buildings surveyor, and have them tell us whether or not it was made out of subsidence-proof bricks or shifting-ready beams or whatever the hell it is that you do when you’re building a house to make it not go wonky. Seriously, I haven’t a clue, but I know that there are experts who do.

Three-panel diagram, showing a low-lying lake being pumped to allow house construction, but in the third panel - OH NOES! - the houses have gone lop-sided because without the water in it, the ground becomes unstable.
In this highly-realistic diagram, which wouldn’t look out of place in a geography textbook, houses go wonky because they’re built on ground that became more-compressible after it was drained. This is what I want to avoid.

Given that the house we’re looking at is relatively new, I don’t anticipate there being any problems (modern building regulations are a lot more stringent than their historical counterparts), but when you’re signing away six-figures, you learn to pay attention to these kinds of things.

Hopefully, the fourth blog post in this series will be about exchanging contracts and getting ready to move in to our new home: fingers crossed!

Jury Duty, Part 4

This is the last in a series of four blog posts about my experience of being called for jury duty in 2013.

And just like that, it was over. The courts service kept me “on the hook” for a day or two, but after that: when I called the answerphone from which I receive my instructions, I was told that I’d been cleared. My jury service was over.

Scene from 12 Angry Men. Henry Fonda explains his vote of "not guilty".
12 Angry Men is an awesome film. The behaviour of some of the characters would certainly be illegal in a contemporary UK case, so we certainly can’t consider them to be role models for a real jury, but it’s a great film nevertheless.

I filled in my expenses form. £5.71 for lunch (where do they get these numbers?) each day. 8.9 pence per mile cycled to and from the courthouse. Given that they give a mileage bonus to car shares, I wonder if they’d have given me a top-up if I’d have shared a tandem with another juror?

I heard the outcome of the trial second-hand, a few days later, on a local radio station. It somehow reminded me that the real world was connected to my time on a jury: something I’d sort-of forgotten at the time. Being pulled out from your daily routine and put onto jury duty feels sometimes surreal, and – like the blind spot in your eye that fills-in what you see with the colours around it – it’s hard to remember now that just last week I wasn’t just following my normal pattern. So when I heard about the result of a trial in which my ‘alter ego’ – Dan the juror! – took part, it was strangely jarring. For a moment, I said to myself: “Oh yeah; that happened.”

My jury service was a really interesting experience. I’d have appreciated less sitting around and being shuffled from place to place, and more-certainty about when I would and wouldn’t be needed, but that’s only a small issue. I got to see the wheels of justice turning from within the machine, and to take part in an important process of our society. And that’s great.

Jury Duty, Part 3

This is the third in a series of four blog posts about my experience of being called for jury duty in 2013.

My second day of jury duty was more-successful than the first, in that I was actually assigned to a case, rather than spending the better part of the day sitting around in a waiting room. I knew that this was likely (though not certain, on account of the nature of the randomisation process used, among other things: more on that later) because I’d called the “jury line” the previous night. I suspect this is common, but the other potential jurors and I were given a phone number to call “after around 3:45pm to 4pm” each day, letting us know whether we’d be needed for the following day.

Juror information sheet, providing details of court sitting times and the juror message system.
After calling a national-rate number, I got to listen to an answerphone reading out a series of juror numbers needed for the following day, listening out for mine.

The jury assembly area now only contained the people who’d been brought in, like me, for the upcoming case: a total of 15 of us. I was surprised at quite how many of the other potential jurors showed such negativity about being here: certainly, it’s inconvenient and the sitting-around is more than a little dull if (unlike me) you haven’t brought something to work on or to read, but is it so hard to see the good parts of serving on a jury, too? Personally, I was already glad of the opportunity: okay, the timing wasn’t great… with work commitments keeping me busy, as well as buying a house (more on that later!), working on my course, (finally) getting somewhere with my dad’s estate, and the tail end of a busy release cycle of Three Rings, I already had quite enough going on! But I’ve always been interested in the process of serving on a jury, and besides: I feel that it’s an important civic duty that one really ought to throw oneself at.

An emptier jury assembly area
Few people in the Jury Assembly Area.

If it were a job that you had to volunteer for, rather than being selected at random (and thankfully it isn’t! – can you imagine how awful our justice system would be if it were!), I’d have probably volunteered for it, at some point. Just not, perhaps, now. Ah well.

The jury officer advised us of the expected duration of the trial (up to two days), and made a note of each of our swearing-in choices: each juror could opt to swear an oath on the Bible, Koran, Japji Sahib, Gita, or to make an affirmation (incredibly the Wikipedia page on Jurors’ oaths lacked an entry for the United Kingdom until I added it, just now). In case they were they were empanelled onto a jury, the officer wanted to have the appropriate holy book and/or oath card ready to-hand: courtrooms, it turns out, are reasonably well-stocked with religious literature!

A court clerk shufles a deck of 15 slips of paper.
I get the impression that the earlier rounds of jury selection – from the electoral roll summons through to the assignment of jurors to cases – is randomised by computer, but the final selection of 12 is done by hand.

Once assembled, we were filed down to the courtroom, where a further randomisation process took place: a clerk for the court shuffled a deck of cards, and drew 12 at random, one at a time. From each, she read a name – having been referred to it so often lately, I had almost expected to continue to be referred to by my juror number, and had made sure that I knew it by heart – and each person thus chosen made their way to a seat in the jury benches. I was chosen sixth – I was on a jury! The people not chosen were sent back up to the assembly area, so that they could be called down to replace any of us (if our service was successfully challenged – for example, if it turned out that we personally knew the defendant), but were presumably dismissed after it became clear that this was not going to happen.

Then, each of our names were read out again, before each of us were sworn in. This, we were told, was the last chance for any challenge to be raised against us. About half of the jurors opted to affirm (including me: none of those scriptures have any special significance for me; and furthermore I’d like to think that I shouldn’t need to swear that I’m going to do the right thing to begin with); the other half had chosen to swear on the New Testament.

A poster in the Jury Assembly Area: "Who's who in the Crown Court?"
Our courtroom was quite a bit larger than the one depicted on this poster, which I found in the jury assembly room.

The trial itself went… pretty much like you’ve probably seen it in television dramas: the more-realistic ones, anyway. The prosecution explained the charges and presented evidence and witnesses, which were then cross-examined by the defence (and, ocassionally, re-examined by the prosecution). The defence produced their own evidence and witnesses – including the defendant, vice-versa. The judge interrupted from time to time to question witnesses himself, or to clarify points of law with the counsel or to explain proceedings to the jury.

The trial spilled well into a second day, and I was personally amazed to see quite how much attention to detail was required of the legal advocates. Even evidence that at first seemed completely one-sided could be turned around: for example, some CCTV footage shown by the prosecution was examined by the defence (with the help of a witness) and demonstrated to potentially show something quite different from what first appeared to be the case. The adage that “the camera never lies” has never felt farther from the truth, to me, as the moment that I realised that what I was seeing in a courtroom could be interpreted in two distinctly different ways.

A courtroom scene, from the video Your Role As A Juror
This courtroom looks a lot like the one I served in, with the jury to the left of the judge and a similar layout to the position of the prosecution and defence teams, public gallery, and dock.

Eventually, we were dismissed to begin our deliberations, under instruction to return a unanimous verdict. I asked if any of the other jurors had done this before, and – when one said that she had – I suggested that she might like to be our chairwoman and forewoman (interestingly, the two don’t have to be the same person – you can have one person chair the deliberations, and another one completely return the verdict to the courtroom – but I imagine that it’s more-common that they are). She responded that no, she wouldn’t, and instead nominated me: I asked if anybody objected, and, when nobody did, accepted the role.

I can’t talk about the trial itself, as you know, but I can say that it took my jury a significant amount of time to come to our decision. A significant part of our trial was hinged upon the subjective interpretation of a key phrase in law. Without giving away the nature of the case, I can find an example elsewhere in law: often, you’ll find legislation that compares illegal acts to what “a reasonable person” would do – you know the kind of things I mean – and its easy to imagine how a carefully-presented case might leave the verdict dependent on the jury’s interpretation of what “reasonable” means. Well: our case didn’t involve the word “reasonable”, but there are plenty of other such words in law that are equally open-to-interpretation, and we had one of these to contend with.

Government guidance: "Even when the trial’s over you mustn’t discuss the case, even with family members."
Like I said, they’re serious about not talking about the specifics of the trial. This screenshot comes from the gov.uk guidance on jury service.

We spent several hours discussing the case, which is an incredibly exhausting experience, but eventually we came to a unanimous decision, and everybody seemed happy with our conclusion. As we left the court later, one of the other jurors told me that if she “was ever on trial, and she hadn’t done it, she’d want us as her jury”. I considered explaining that really, it doesn’t work like that, but I understood the sentiment: we’d all worked hard to come to an agreement of the truth buried in all of the evidence, and I was pleased to have worked alongside them all.

I stood in the courtroom to deliver our verdict, taking care not to make eye contact with the defendant in the dock nor with the group in the corner of the public gallery (whom I suspected to have been the alleged victim and their family). We waited around for the administration that followed, and then were excused.

The whole thing was a tiring but valuable experience. I can’t say it’s over yet; I’m still technically on-call to serve on a second jury, if I’m needed (but I’ve returned to work in the meantime, until I hear otherwise). But if nothing else of interest comes from my jury service, I feel like it’s been worthwhile: I’ve done my but to help ensure that a just and correct decision was made in a case that will have had great personal importance to several individuals and their families. I could have done with a little bit less of sitting around in waiting rooms, but I’ve still been less-unimpressed by the efficiency of the justice system than I was lead to believe that I would be by friends who’ve done jury duty before.

Jury Duty, Part 2

This is the second in a series of four blog posts about my experience of being called for jury duty in 2013. If you haven’t already, you might like to read the first.

I started my jury service this week, trotting along to the Oxford Crown Court on Tuesday morning, after the long weekend. As I’ve previously described, I can’t tell you anything about any case that I was assigned to (for similar reasons, I’ve got fewer photos than I might have liked), but I can tell you about my experience of being a juror.

Oxford Crown and County Court, on St. Aldates, Oxford.
The courthouse on the only sunny morning of the week. I parked my bike at the Probation Office opposite, on the first day, but got told off for using their racks and later had to park my bike elsewhere.

Getting into the courthouse is a little like getting through airport security: there’s a metal detector, and you have to turn over your bags to be searched. In my case, this took longer than most, becuase I’d brought with me a laptop computer, tablet computer, Kindle, textbooks, coursework, and paperwork relating to our efforts to buy a house (more on that, later), in addition to the usual keys, wallet, mobile phone, change, cycle helmet, gloves, etc. The metal detector seemed to be set to a rather under-enthusiastic sensitivity, though: it didn’t pick up on my metal belt buckle. Beyond this, I checked-in with reception, presenting my juror papers and driver’s license in order to prove my identity, before being ushered into a lift up to the jury assembly area.

Pictographs for: "if you want (to) look at (a) court room before you go (to ) your court hearing ask (a) member of staff please".
In order to improve universal comprehension, an entire board of signs in the crown court simultaneously use simplified English alongside pictographic representations of the words.

The jury assembly area is a comfortable but unexciting lounge, with chairs, tables, a handful of magazines, books, and jigsaws, a television (at a low volume), vending machines, lockers, and nearby toilets. Well-prepared for a wait, I started setting myself up a remote office, tethering myself an Internet connection and monopolising a bank of electrical sockets. After a while, a jury officer appeared and took a register, amid mutters from some of the other potential jurors that it was “like being at school”.

Jurors in a jury room, at Oxford Crown Court.
Jurors in a jury assembly area. They’re not as tightly-packed as they look: there’s space around the corner for more of them – they’re crammed into this area so that they can see the screen to watch an imminent screening of an instructional DVD.

There was some confusion about whether some of the potential jurors were supposed to be here at all (or had finished their service in the previous week), and about whether some others who were supposed to be present had arrived at all (and were perhaps hiding in the toilet or had disappeared down the corridor to the hot drinks dispenser), and the official had to excuse herself for a while to sort everything out. This gave us another extended period of sitting around doing nothing, which I quickly came to discover is an integral part of the experience of being a juror. Eventually, though, she returned and played for us a (slightly patronising) DVD, explaining our duties as jurors, before describing to us the process of selection and panelling, claiming expenses, and so on, and answering questions from the potential jurors present.

Still frame from "Your role as a juror".
Click through to watch “Your role as a juror”, the Ministry of Justice’s explanatory video on the role of a juror (the content is identical to the DVD we were shown).

A random selection done somewhere behind the scenes had apparently resulted in my being assigned to a case that afternoon, which I hung around for. But for some reason, that case never happened – it just got cancelled, and I got sent home. Later – in accordance with my instructions pack – I phoned a special answerphone line I’d been given and listened, in a numbers station-like way, for my juror number to be called for the following day. It came up, with an instruction that I’d been selected for a case starting the following morning. There was still every chance that I might not actually be selected for the jury, owing to the complicated multi-step randomisation process (as well as the usual factors that I could be disqualified by knowing somebody involved with the case, or the case not being heard that day at all), but this was still an exciting step forwards after spending most of a day sat in a waiting room for nothing to happen.

But that can wait for the next blog post in the series.

Jury Duty, Part 1

This is the first in a series of four blog posts about my experience of being called for jury duty in 2013.

Last month I was working from home one day, when I heard the postman drop off an unusually-loud stack of mail through our letterbox. Anticipating that one of them might have been a Graze box – and feeling the need for a little bit of a snack to keep my brain going – I wandered downstairs to take a look. There, among some other letters, I found a windowed envelope containing a pink letter: a Jury Summons.

My Jury Summons, showing my juror number and instructions on what a Jury Summons means. Parts are censored to protect my address and details that could make it possible for somebody to impersonate me as a juror.
For some reason, the Jury Central Summoning Bureau print their letters onto pink paper. It makes them stand out, I suppose.

Responses from people I’ve told about it have been mixed: some have been positive (“that sounds really interesting”); some have been negative (“isn’t there any way you can get out of it?”); others still have been curious (“you must tell us all about it!”). Personally, I’m pretty keen: it seems to me that jury duty’s an important civic duty, and I’m genuinely interested in the process. If it were a role that one volunteered for – and clearly it shouldn’t be, for reasons that ought to be obvious – then I’d volunteer for and give it a go, at least once: however, I wouldn’t necessarily volunteer for it now, when my work and life is so busy already!

Oxford Combined Courts: the Crown Court on the left, and the County Court on the right.
Looks like I’m going to get familiar with Oxford Crown Court. First question: where’s the nearest place to safely park my bike?

I’ve spoken to people who’ve done jury service before, and a reasonable number of them said that they found the experience boring. From the sounds of things, there’re liable to be extended periods of sitting around, waiting to be (possibly) assigned to a trial. On the up-side, though, it seems likely that I’ll be allowed to use a portable computer in the waiting area – though obviously not in the courtroom or jury areas – so I might at least be able to get a little work done and simultaneously stave off boredom during any period that I’m not assigned to a case.

A wider view of the Oxford Court buildings.
See: no cycle parking anywhere! They’re not completely cycle-hostile, though: they have offered to pay me 9.6p per mile for biking in each day.

It’s the people who’ve expressed an interest in the process for whom I’ve decided to blog about my experience. Of course, I won’t be able to share anything at all about any case I’m assigned to or about the other jurors who served on them, but I can certainly share my experience of being a juror. Perhaps if you’re called to a jury at some point, it’ll give you some idea what to expect.

A Broken Oath

As part of the ongoing challenges that came about as part of the problems with my dad’s Will, I was required the other week to find myself a local solicitor so that they could witness me affirm a statement (or swear an oath, for those of you who are that-way inclined). Sounds easy, right?

A close-up of my dad's Will, showing where it was clearly re-stapled.
One of the more-significant issues with my dad’s Will was that it was re-stapled sometime after it was signed. This was probably legitimate, but it quickly makes it look like it’s a forgery.

Well: it turns out that the solicitor I chose did it wrong. How is it even possible to incorrectly witness an affirmation? I wouldn’t have thought it so. But apparently they did. So now I have to hunt down the same solicitor and try again. It has to be the same one “because they did it partially right”, or else I have to start the current part of the process all over again. But moreover, I’ll be visiting the same solicitor because I want my damn money back!

I’ll spare you the nitty-gritty. Suffice to say that this is a surprising annoyance in an already all-too-drawn-out process. It’s enough to make you swear. Curse words, I mean: not an oath.