In a couple of days we get our best chance for generations to promote a system of government based on consensus and agreement rather than minority ideologies. The No campaign has been so entirely based on lies and myths that many of its own leading members have disowned their methods. Even David Cameron seems to find their methods unpalatable, and many generally non-political people of all walks of life have spoken out against them.

But, because confrontational, partisan politics suits the mass media better than the constructive and collaborative (if slightly boring) approach the country needs, they're using their power to encourage people to stick with the same broken system of single-party dominance. If they succeed, we'll be stuck with the same old politics for decades. Please, get out there and vote Yes to AV on Thursday, encourage others to do the same, and help guarantee us a political system that works together for the whole of our society.

A "No" vote, or abstaining, isn't a vote for PR instead; it won't save us money, it isn't "simpler", and it won't "send a message" to Nick Clegg, or whoever the media have chosen as their scapegoat of the day. It'll just consolidate the status quo that so many of us are sick of, for generations more.

I made many of my arguments behind this position in a previous post, so take a look there if you're interested. This time, I'm just asking you to do something good for all of us.

In the UK, formal participation in the political process is pretty much limited to voting once every few years, so when I do get the chance to vote, I try and do so in as informed a manner as possible. I look at the policies of, usually, about 4 key parties, and decide which of them has policies I can most agree with, and which are likely to be best for the country. Given the sheer number of issues that can be in play, and the paucity of information provided, that can sometimes be tricky.

Then, once I’ve made up my mind, I go and vote; but I know that, because of our voting system, my vote will basically go into the pile marked “other” and have no effect on the two-horse race in my “safe” constituency. I have a choice of course; I can engage in what’s wryly referred to as “tactical voting”, where I discard my original voting intention, and decide which of the previously mentioned horses I dislike least. This, in the UK, is what’s known as voter choice.

In the Hitch Hiker’s Guide to the Galaxy, Douglas Adams provided us a pretty clear summary of why we keep voting for horses, or in his terminology, lizards:

‘On [that] world,” [said Ford], “the people are people. The leaders are lizards. The people hate the lizards and the lizards rule the people.’

‘Odd,’ said Arthur, ‘I thought you said it was a democracy?’

‘I did,’ said Ford, ‘It is.’

‘So,’ said Arthur, hoping he wasn’t sounding ridiculously obtuse, ‘why don’t the people get rid of the lizards?’

‘It honestly doesn’t occur to them,’ said Ford. ‘They’ve all got the vote, so they all pretty much assume that the government they’ve voted in more or less approximates to the government they want.’

‘You mean they actually vote for the lizards?’

‘Oh yes,’ said Ford with a shrug, ‘of course.’

‘But,’ said Arthur, going for the big one again, ‘why?’

‘Because if they didn’t vote for a lizard,’ said Ford, ‘the wrong lizard might get in.’

In homage to this exchange, the “Tactical Trap” inherent in First Past the Post voting is known to voting reformers worldwide as “Voting for the Wrong Lizard”.

Before looking at how we might vote for a human instead, it’s worth remembering what the effects of this situation are, beyond frustration; as most of the constituencies in this country are won on around 30-35% of the vote, almost two-thirds of the voters are un-needed (and effectively un-represented) by their MPs, who we cheerfully refer to as “our elected representatives”. And that’s ignoring the number of voters whose “tactical vote” is not to bother, because they believe it’ll have no effect. Elected they might be, but representative they are not.

The fact that MPs are only dependent on (and in effect, answerable to) only a small proportion of their electorate causes further problems. I said above that “formal participation in the political process is pretty much limited to voting once every few years”. You can of course participate informally, by writing to your MP. I’ve done so a few times, but it’s frequently a dispiriting experience. Because she only needs the support of her “core vote”, she disregards any policy that doesn’t appeal to that core, or that might upset it. Instead, I tend to get a letter back that adheres firmly to her party line. Because of FPTP, that core vote blocks me from interacting with my MP in any productive manner; she does not feel she needs to represent me.

These twin problems of the Tactical Trap and un-representative representatives are common throughout the country, and are, I strongly believe, a large part of why so many have become fed up of, and disengaged with, politics.

And it’s led to a great cynicism from the major parties, too. Because, nationally, all they need to achieve is to be the largest party (although they’d prefer to get over 50% of seats, which isn’t usually much harder), they don’t even need to engage with every constituency to get into power. We have the curse of FPTP twice – once to elect the MP in the first place, and once to form the government from those MPs.

In fact, because of FPTP, safe seats and the futility of tactical voting, the parties generally only need to target 2% (yes, two percent) of the electorate at election time to achieve a swing that will put them in power. 65% of us may be unrepresented, but 98% of us are disregarded.

It might seem obvious that this situation, from the point of view of the electorate, needs to change, but it suits those in power quite fine. The same two parties have swapped power for nearly a century, with a rump made up of a handful of smaller parties who generally get little input into policy. To quote a member of the House of Lords I happened to hear speak recently,

“They know that the current system is the perfect one, because it’s chosen them”.

As it happens he was talking about unelected peers, but the same mentality applies to the majority parties’ view of the electoral system.

We need to move away from a system that is “perfect” for the incumbents to one that is at least a little more favourable to the electorate. But, since prevailing thought has been than a government voting for this would be “Turkeys voting for Christmas”, we’ve never had the chance previously.

But, this time, one of the turkeys blinked, and we’ve got a referendum on the Alternate Vote.

Now, to many people, a minor change in the voting system – after all, we keep our MPs, one per constituency, and an unelected upper house, might seem to be of interest only to academics and “political wonks”. And certainly, the No2AV campaign have been keen to support that view. After all, as noted above, the current system suits a lot of vested interests.

But does AV actually offer a significant benefit to voters over FPTP? Having taken a close look at it, and examined arguments for and against, I’m convinced it does.

Firstly, it solves the “Wrong Lizard” problem at a stroke. If your constituency has three humans to vote for, and two lizards (one of whom almost always gets in), you can give one or more of the humans your first (and second) choices, then list your least-loathed lizard last. That way, one of two things happen: either one of the humans gets in, because people can finally throw away the “tactical” desperation of always voting for a lizard, or your vote goes to your least-loathed lizard anyway. At worst, a lizard gets in, probably looking a bit more worried because they now know they aren’t a shoe-in, and need to be accepted by (if not actively preferred) by at least 50% of the electorate.

Of course, if you want to vote for a lizard, you still can. But as we’ve seen above, in the UK, most people don’t want the incumbent lizard.

Whoever is now in power, they know that they can no longer rely on their “core vote” as adequate to keep them in power; they need to engage with people for whom they might not be the first choice. Even if the incumbent is the same, the representation will be wider.

But, if the unnamed lizard planet above were to introduce AV, it wouldn’t always be the same incumbents. In the first AV vote, chances are than a certain minority of seats would go to humans. The cosy system of government would have been disrupted, and more people seeing this would realise that they had a choice in voting. In the next election, the minority of humans might become larger, or a majority.

Of course, talking about lizards and humans does make this look very “them and us”. But, while writing “squeezed out parties with a potentially wide base of support” and “traditional incumbent parties” is rather unwieldy, the meaning is much the same.

So, enough about lizards, and so long, Douglas Adams, and thanks for all the political analogies.

If AV delivers a broader base of more responsive government, why aren’t we using it yet in the UK? There are several answers to this.

The first I’ve covered above; the current rules suit those in power under the current rules, and their financial backers and supporters.

The second answer might be a bit more surprising: we are using AV in the UK; not for elections to the British parliament, but in local elections, Scottish elections, elections within political parties (both Labour and Lib Dems for a start, I’m not sure about the Tories). Even the House of Lords, the most stalwart opponents of electoral reform, use it internally to elect new hereditary peers. It’s also used in trade unions, charities, and numerous organisations; anywhere, really that wants the best system to elect responsive, widely supported representatives. And it’s used around the world, for elections of all levels up to parliamentary.

It’s not a new idea (it was invented in 1871), and it’s not untested. It just doesn’t suit some people’s agendas.

However, it’s possible to be opposed to a policy that doesn’t support you, and still have valid arguments; indeed, for that policy to be a bad one. So is AV a bad idea after all? In order to work that out, I’ve tried to look closely at several of the No campaign’s arguments.

However, to be blunt, I've yet to find an argument rating FPTP over AV that's stood up to more than fairly basic scrutiny. This might be why we're also seeing an increasing number of ad-hominem attacks from the No campaign, variously name-calling the pro-AV campaign as "Foolish", "Fraudulent", or "Dishonest", without ever clearly (if at all) explaining why. Troubling behaviour from an organisation seeking to define the nature of future British elections.

Perhaps no-one’s told them that voters don’t like negative campaigning. Which is also something AV might help with as, rather than just knock down their key opponent, politicians seeking election under AV will have to show their own worth to a wider selection of the community. Two front-running candidates that spend too much energy attacking each other under AV will just ensure they both shed first-choice votes and sink below the required 50% support.

It's not just the tone of campaigning that FPTP distorts, either. Because it splits the votes of parties sharing common ground, it compels parties to minimise shared values (often shared by most voters, too) and instead concentrate on carving out as distinct a territory as possible, then try to pull voters into that territory, deforming and polarising the political landscape in the process. As AV does not force this sort of polarisation and confrontation, it allows parties to work in the common ground they share with voters and each other.

One argument that No2AV have made recently is that it’ll “Voting Yes will cost too much”. I’m not sure who decided that improving democratic accountability had to be cheap, but in any case the £250 million figure that’s being quoted as “the cost of voting yes” is absolute rubbish. It combines the cost of running the referendum, and the cost of campaigns for both sides (all of which arise whichever way the vote goes) with what appears to be a high estimate for the cost of electronic voting machines which might not be needed even if we did switch to AV voting; most locales using AV don’t use them.

Even the worst-case realistic figures for AV (if it costs any more) only seem to come out to two or three quid per voter. It’s certainly both cheaper and quicker than any form of multiple-round voting, while still having many of its benefits. Hence its alternate name of “Instant Run-off Voting”, as it emulates multiple run-off rounds of voting in turn.

The “need for electronic counting machines”, by the way, is a useful bit of misdirection for the No campaign, as it makes AV seem complicated and impenetrable. This is just a bit of scaremongering; AV (when not deliberately confused) is easy to understand; boiling down in our earlier example to “vote for the human you really want to win before the lizard you’ll accept”. AV elections can easily be counted by hand, too; they are in most countries where they occur. It just takes a marker pen and a bit of patience.

Alleged complexity of counting aside, the No campaign seems to have backed off from claiming straight out that “AV is too complex for British voters” when people started objecting to being painted as less capable than Australian, American, Irish, Scottish, Fijian (etc) voters.

The No campaign also want to have their argument both ways; as well as arguing it’s too large a change, they also claim (sometimes on the same page) that it’s far too small a reform for “true reformers” who should therefore vote against it. Given the options currently available for reform, this is a bit like saying you should refuse any lottery win that isn’t the jackpot. To add to the confusion, they then say that AV might lead to further changes later (surely, a benefit to the pro-reform voters they’re telling to block it), so that even anyone who does support minor change should vote against AV. So; it’s both too much and not enough reform; it’s a compromise and so should be refused.

The fact that they see compromise as something to be avoided may tell us something about the No campaign, and their preferred methods of government. They typically refer to “Government without Compromise” as “Strong Government” – but they don’t tell us quite why we need such a bull-headed, unresponsive leadership. One might think that we’d most need “strong” government in times of war, but of course in both the First and Second World Wars we switched to “National Unity Governments” as the real source of stability. Minor wars fought since then have not typically reflected so well on our leaders.

Another claim that seems to be gaining in popularity as all other No2AV arguments sink beneath the waves is that it violates the principle of “One man, one vote” (or more currently, “One Voter, One Vote” or OVOV). This argument works to some extent because people find votes emotive and hard to put a mathematical value on. The claim is that, if you get to switch your vote, you’re getting more voting power than some voting directly for the eventual winner.

But before we ask whether AV violates OVOV, are we sure FPTP really delivers it? Let’s look at how many votes it takes to elect an MP under the current system.

10,706,647 voters voted Conservative in the last election, returning 306 MPs, meaning 34,989 votes were required for a Conservative MP

8,604,358 voters voted in 258 Labour MPs, at 33,350 votes each. A slight discrepancy, but not too alarming.

But then it goes downhill.

Almost as many people voted Liberal Democrat as Labour - 6,827,938 voters. But they only got 57 MPs each, at a cost of 119,788 each. That means a Liberal vote has an effective weight of about a quarter of that of one for either of the traditionally incumbent parties. And if you look at the Green vote, you find that 285,616 returned one MP – almost 10 times the cost of a Labour or Tory vote.

So, while FPTP claims to stand for “One Voter, One Vote”, if some of those votes are worth more than others, that’s a fairly hollow victory in terms of voter equality.

Of course, as we vote locally, not nationally, the actual power of a vote varies massively by location. Estimates are that votes in some regional areas are effectively 500 times more powerful than those in the safest seats – which is why that 2% of voters mentioned above gets all the attention in election campaigns.

It’s interesting to look at another No2AV argument here – that a person’s second choice shouldn’t be worth the same as someone else’s first choice. They say that some choices should be worth less than others. It seems that they’d like to build unfairness into the system. But people already cast second and third choice votes under FPTP, and they’re already counted the same as first choices. The difference is that, under FPTP, many people never get the chance to express their first choice vote (as they feel it’ll be wasted), and so no-one knows how many people are casting a vote that for them is second-best.

So, FPTP’s unbalanced, but does AV, in guaranteeing that everyone can cast the one vote they want to, suffer a potentially worse problem? Does it really give someone two (or more) votes? Well, it’s never (as far as I know) been tested by law in the UK, but a Michigan judge ruled in the US, where AV is known as “Multiple Preferential Voting”, that:

Under the 'M.P.V. System', however, no one person or voter has more than one effective vote for one office. No voter's vote can be counted more than once for the same candidate. In the final analysis, no voter is given greater weight in his or her vote over the vote of another voter, although to understand this does require a conceptual understanding of how the effect of a 'M.P.V. System' is like that of a run-off election. The form of majority preferential voting employed in the City of Ann Arbor's election of its Mayor does not violate the one-man, one-vote mandate nor does it deprive anyone of equal protection rights under the Michigan or United States Constitutions.

So, legally, and logically, AV fits “One Voter, One Voice” at least as well as FPTP.

To confirm this while avoiding the emotive maths of voting, let’s look at an equivalent (and familiar) example – with no lizards, I promise.

You’re in a pub, with a bunch of friends. You’ve just got there, so you don’t know what they serve, but you can guess that they’ll have at least the normal two bland lagers – which you don’t particularly like, but they beat a dry throat.

Someone stands up and says they’ll buy you a drink. What would you like?

A typical answer might be “A Green’s Cider if they’ve got one, otherwise a Gold Lager”.

This is an “alternate vote” for a drink. If the person offering to buy told you to stop being cheeky, they only offered to buy one drink, you’d probably think them a bit of a prat. Yet this is the logic that claims that AV gives “Cider lovers” two votes.

Having established that the person buying the drinks is a No2AV supporter, you have a conundrum. If they don’t have the cider you want, and you ask for it, you’ll get nothing; in the absence of the second round of voting which AV (much more quickly and cheaply) emulates, you’ll go thirsty. Otherwise, if you ask for the lager, and later realise much of the rest of the pub is drinking cider, you’ll feel (justifiably) hard done by.

FPTP isn’t good enough to choose a pint, although it might suit the big breweries. Why on earth should we choose it to elect politicians?

(Oh – PS: I forgot the “AV will let in fringe parties” canard. MPs have to be accepted by 50% of the community under AV – that’s not going to let the BNP in. In fact it's more likely than FPTP to keep them out, which is probably why they oppose it.)

An email I sent to 38 degrees today in response to https://secure.38degrees.org.uk/page/contribute/PR

Why is all the pressure for electoral reform being put on Nick Clegg? After all, he represents (due to the wonders of FPTP) less than 10% of the MPs who could affect this, and it's Brown or Cameron that could allow reform to go ahead, not him.

I voted for the Lib Dems and for Clegg, and I want PR. I was at the demonstration on Saturday. I wrote to him as a Lib Dem member on Friday to urge him to act in the best interests of both the country and party by sticking to Lib Dem core policies including Electoral Reform. But I'm finding it very odd that many people who didn't support the Lib Dems in the election now think that Nick is now beholden to them to fix an electoral system that's left his party a minnow among the old whales, particularly when they seem to be offering him no support in doing so; in fact, they offer little more than masked threats.

I'll back the promotion of PR in the national press, and I'll hit the streets again to support it. But I won't help promote the idea that this is somehow entirely Clegg's responsibility and that neither Cameron nor Brown have a responsibility to us. Clegg's got enough on his plate without being set up as a scapegoat for the failure of Labour or the Conservatives to finally reform our discredited electoral system.

While you're reading this, if you own an iPhone, go download the app and keep it on your phone until it's needed. It's free, and it's tiny.

And it's potentially extremely useful.

We live in an age of rapid information flow, but sometimes it seems that some organisations, particularly in local or national government, haven't quite got that memo yet - as my recent travails with the Post Office showed. MySociety is an organisation that exists to counter those delays, and help information flow freely to and from both local and national government. They, as volunteers, do a stunning job.

One of their sites (and they now have many) is "Fix My Street" site, designed as a convenient way to report minor (or major) problems with our roads. I'm sure we've all seen potholes, missing signs, broken streetlamps, and would have been quite happy to report them and get them fixed if we had the faintest clue how. The Fix My Street website is a good start, but you still have to remember the problem and get round to locating and reporting it when you get home.

Or, if you've got their new iPhone App on your phone ready, you can do it in-situ, have the phone's location services place you precisely, and take a picture of the problem while you're at it.

Reporting the problem is a two-step process; you provide basic information (enough to record the problem) in the application, and then receive an email with a confirmation link which takes you to a page where you can complete the process, adding a category and further detail. (Personally I'm not hugely keen on the two-step data entry, and I've given my feedback so we'll see whether any changes arise). The email confirmation step is common to pretty much all of MySociety's sites, as to be useful they *must* be kept nuisance-free.

Your report is then mailed to the right department of the right council (and that's the really useful bit!) to allow action to be taken. You can then see any other local issues reported and give feedback as to whether your own has been fixed. It's effectively crowdsourced bug reporting for towns and cities. And it's an excellent, if minor use of communications technology and mobile platforms.

Like I said; download it, install it, and forget it. It's tiny (0.1MB) and it'll sit on your phone and wait until it can help fix your town.

It's fashionable to suspect, in liberal circles, and even more fashionable to knowingly dismiss (in a "that doesn't happen here" sense), that "trouble" at protests is caused more by the police than the protesters.

We live in a democracy, and so we like to believe that that's not the case. And if it were, the free media would soon expose it.

But over the last few years I've seen the evidence mount up disturbingly that it's often true, and the media don't generally seem to talk about it (although they're not entirely mute).

We've seen the rather inept Agent Provocateur trying to incite Plane Stupid to extreme acts. It seems apparent that there are many more less unsubtle agents at work.

I've heard reliable reports from friends at the recent Climate Camp at Heathrow that the police acted heavy-handedly, including deliberately blocking exits and access to emergency vehicles, carefully blocking the TV cameras.

We've heard police, in their own words, "preparing for violence" at peaceful protests.

Today, there are further reports of police aggression at Gay Rights protests (http://snurl.com/57slr). Without wishing to be stereotypical, that's not really a group you picture attacking cops.

Something's gone decidedly wrong.

However, we're now entering the time when everything can be documented and shared worldwide fairly instantly. Text messages have moved on to mobile blogging and twitter with their global audience; worldwide distribution of photos and video (particularly with topical- and geo-tagging) is now possible, and is becoming faster and easier to achieve on the move. The time will come soon when we can see both sides of every protest in real time.

And that's a concept every protester may need to keep in mind these days. Governments (including the UK government) are passing laws to restrict the right to peaceful protest; an essential right which needs to be preserved. We may be at the state where we have to prove our innocence at protests by documenting it on the fly - and prove it not merely to the courts and politicians, but to those members of the public in whose eyes it has been degraded by violent minorities and police aggression.

We don't want another Rodney King situation, but we want the police to know they're answerable.

"Honest men have nothing to fear from the law" is a widely used dictum much loved by protagonists of the surveillance society, and by much of the less imaginative part of Middle England.

It is also, unfortunately, naïve and inaccurate. Pratchett refers to is as being "under review from the Axioms Appeal Board" in Men At Arms. The problem has several aspects; firstly that the agents of the law, not to mention the full range of overly conservative small-minded snoops, have very specific ideas of "honest people" and "suspicious" or "wholesome" behaviour. It is therefore incumbent on us not only to be honest, but to be staid, mainstream and "above reproach". There's long been an attitude of "don't ask, don't tell" towards anything risqué, to the extent that many widely-shared behaviours are expected to be hidden for the sake of hypocritical propriety.

The classic case of this has always been with regards to sexuality, particularly homosexuality in the US military, with the attitude of "you can die for us, but don't expect us to accept you". The attitude is also present, with less mortal consequences, in public life in the UK. It is widely known or assumed that many politicians or members of the judiciary have a non-mainstream (and entirely legal) sexuality that they dare not display for fear of being deemed inadequately wholesome, or hounded from office.

In a similar vein; I work for a publisher that counts among its portfolio magazines and sites which feature "glamour" photography of various types. The mainstream, while trying to look tolerant and modern, will generally accept that "tasteful glamour" is entirely socially acceptable, so why do we keep getting emails from former models who now need the pictures removed in case "it harms their career or credibility". Simply, because many of the public more small-minded and lest honest than it wishes to admit.

But what if we are really wholesome, law-abiding, upstanding and utterly boring? Surely we have nothing to hide then?

Well, no. I'm not going to publicly share my passwords, bank details, pin and so on; that much is obvious. I'm also not likely to share how much I drink, what sort of adult entertainment I may prefer, or what I do in the privacy of my own home. But there's another class of "semi-public" information I need to keep pretty private too, and that's just a nuisance.

I'm referring to the sort of information that banks and similar organisations use to "verify your identity" for security purposes. Your date of birth, for example. Letting the world know your exact age can be a security risk. So can sharing where you live; some banks seem to think that my postcode is secure and sekrit data. My place of birth and mother's name are verboten, which is a right pain if I want to do any sort of genealogical research (which it so happens that I do). My first school, favourite colour, pet's name... it goes on and on. Even which electricity supplier I use could be used to compromise my accounts. This is all information my friends at least should be able to know, and it should be harmless in any hands.

But it's not, because banks are inept, and (in part due to this) the public don't understand security. So we're grossly limited in the information we can make public. This matters, not only because it's terrible security (it's all "semi-secret" in the same sort of "don't ask, don't tell" mentality of "private" lifestyles, but because it compromises methods we might use to keep in touch with, and locate, old and new friends.

In one particular ideal world, I would be able to let any of my friends who "need to know" where I live, my phone numbers, what I was doing, my parent's names, my niece's date of birth, where I was at any given time, and where I was planning to go clubbing or holidaying next. The technology and use for all of these exists in the forms of Twitter, Dopplr, Fire Eagle and MyHeritage, but the use I can make of them is grossly limited by a combination of the world's broken security models and broken attitudes. Even where "friend-locking" exists, it's rendered useless by the mass of account management I'd need to do for everyone who might want to know, and the fact my friends would all need accounts (and I'd have to know which these accounts were) on all relevant sites. And most data I wouldn't want to have to lock anyway.

What's required may be difficult. The amount of data we'd like to share to make our lives easier and better connect with our friends (and find new like minds) is too wide for entirely traditional notions of privacy. Now, this may sound weird; like many liberals and techs I'm a privacy advocate. But the point is that we need to have a greater choice in privacy; not only in what we can keep secret from prying eyes if we wish to, but also what we can make public without risk of censure or security compromise if we want to.

We need a new attitude to "semi-public" data. We need banks to stop treating it as secure, and we need the wider public and our current and potential employers, leaders and neighbours to adopt a more honest and less censorious and hypocritical attitude to our behaviour. It may not be easy; in fact it almost certainly won't be. But we live in the information age, and if we can't, as a society, learn how to properly manage and use information, we'll be grossly limiting ourselves.

I've commented a few times on just how bad customer authentication is in the UK's banks, but hadn't got around to blogging about it. Now that the UK government's managed to achieve one of the greatest confidential leaks of modern history, it might be worth doing so.

So, for those outside the UK, or who might, for other reasons, not have heard about this story:

Two computer discs holding the personal details of all families in the UK with a child under 16 have gone missing.

The Child Benefit data on them includes name, address, date of birth, National Insurance number and, where relevant, bank details of 25m people.

From http://news.bbc.co.uk/1/hi/uk_politics/7103566.stm


Now, NI numbers (approximately equivalent to US Social Security numbers, although much less widely used or risky) are definitely sensitive data. Bank account numbers, while not an explicit risk by themselves, become a very useful target for identity theft when coupled with, for example, full names, dates of birth and addresses. The extra security information you tend to need are your Mother's maiden name and some sort of signature or PIN. Online and phone banking systems sometimes only ask you for two digits of passcode (sometimes from as few as four) to gain full access. And, to start a standing order, or direct debit, little more than the above data seems to be required.

There also seems to be an incredible superstition held by banks that your mother's maiden name and your date of birth (and sometimes place of birth) are mysterious and unknowable. One has to assume from this that banking security experts are lonely people whose friends never remember their birthdays, and to whom they never talk about themselves. In particular, none of them are amateur genealogists, as their insistence on making such family data dangerous to share is a downright nuisance to anyone wishing to trace their family tree.

These data are, frankly, not secure, and nor should they have to be. Part of the essence of a good password is that it is hard to guess. Another is that it can be changed when required. A third is that it has no external meaning. Personally fixed data like this are therefore about the worst things you can use as a password.

A signature's not much better, as the growth of chip-and-pin cards attest. They are (comparatively) easy to copy, and no-one ever really checks them anyway.

And these authenticators are only useful if they're fully checked anyway. Often enough banks staff and so on seem to assume that, if you ask for something belonging to someone, then you must be that person. Defence against social engineering is shoddy at best, and staff, if they follow procedures at all, just tend to go through the motions without understanding what they're doing or why they're doing it. There needs to be a wholesale revision of the methods of, and approach to, data security in this country.

But, as yet, the data that's escaped should not be enough to access bank accounts without either serious extra work, extremely braze social engineering, or guessing of passwords. As in, it's hard - not impossible.

Of course, since many people use their children's names or birthdates as passwords (remember War Games?), that may not be so difficult.

The highest risk at the moment seems to be that of extremely convincing phishing attacks. Currently my various banks authenticate emails by addressing them to my full real name, and including some part of my account number, or my postcode.

In fact I'd also expect an opportunist wave of unsophisticated "To protect your data after this leak" phishing - which doesn't even require the data to be in bad guys' hands.

But, do the bad guys have it? The police and government "reassure" us that "There is no evidence that this data has fallen into criminal hands". This is one of the most astounding pieces of weaselling that either party has ever acheived. One might also ask, since no-one knows where the data is (and recall that, even encrypted, it can be infinitely duplicated), what evidence there is that it has *not* fallen into criminal hands.

There's also considerable doubt about the security measures placed on the data - according to government sources it was "password protected but not encrypted" - which is complete nonsense, and therefore probably wrong. If the data is not encrypted, it should all be assumed to be in the wrong hands. If weak encryption was used, data criminals have large enough botnets of infected, hijacked machines to make short work of it. If strong encryption was used - and given the complete lack of other security considerations taken, this seems unlikely - then perhaps we are more justified in just crossing our fingers and hoping for the best.

And that's what most people seem to be doing anyway, taking the approach that "nothing bad will happen to them". This might be pure fatalism; it may be trust of government (and bank) weaselling, or it might just be a complete unawareness of what can be done - as noted above, most of this data cannot be changed. I suspect that, under these circumstances, I'd be strongly considering changing bank, or at least getting them to re-assign my account number - which would admittedly be a massive nuisance. We have to give our bank details to so many people that re-providing it would be as complex as changing address when moving house - more so in fact, as there would be no realistic possibility of assisted notification or redirection services without further compromising security.