Why we cannot trust the Government with our data

The British Government has an appalling record with regard to mishandling it’s citizens private data. Yet it is hell-bent on forging ahead with the compulsory introduction of electronic identity cards.  But how bad is the problem? Well, our Government is losing and our confidential data all the time. The following is not a script for “Spooks” or some made-up conspiracy theory. This is fact. Moreover, these are just the cases the Government admits to. And only covers the last 12 months…

2008 November, Government UK Gateway passwords lost on memory stick in a pub car park

A memory stick – holding passwords for a government computer system – was found in the car park of a pub in Staffordshire. The Gateway website gives access to services including tax returns and child benefits. The memory stick was lost by an employee of a subcontractor called Atos Origin.

2008 October, Ministry of Defence “loses” details of 100,000 service personnel

A computer hard drive containing the personal details of about 100,000 of the Armed Forces was reported missing during an audit carried out by IT contractor EDS. It is thought to contain more than 1.5 million pieces of information, possibly unencrypted, including the details of 600,000 potential recruits, a small amount of information about bank details, passport numbers, addresses, dates of birth, driving licence details and telephone numbers. The Ministry of Defence police are investigating the disappearance but we don’t know whether it was lost or stolen.

2008 September. 5,000 justice staff personal details lost on portable hard drive

The government confirmed that a portable hard drive holding details of up to 5,000 employees of the justice system was lost in July 2007. The details of employees of the National Offender Management Service in England and Wales, including prison staff, were lost by a private firm, EDS. Officials only realised the data was missing in July of this year. Justice Secretary Jack Straw launched an inquiry.

2008 August. Data about 84,000 criminals lost on a memory stick

Home Office contractor PA Consulting admitted losing a computer memory stick containing information on all 84,000 prisoners in England and Wales. It also held personal details of about 10,000 prolific offenders. The Home Office suspended the transfer of all further data to the private firm pending the outcome of an investigation.

2008 July. Ministry of defence declares 121 memory sticks and 747 laptops lost or stolen

The Ministry of Defence confirmed that 121 computer memory sticks and more than twice as many laptops than previously thought have been lost or stolen in the past four years. Armed Forces Minister Bob Ainsworth gave a written statement to parliament saying 121 USB memory devices had gone astray – five of which contained secret data. And in a parliamentary written answer, Defence Secretary Des Browne said 747 laptops had been stolen – 400 more than originally reported. Of those, only 32 have been recovered so far.

2008 June. Secret terrorist documents left on train

A senior intelligence officer from the Cabinet Office was suspended after documents were left on the seat of commuter train from London Waterloo. A passenger later handed them to the BBC. The seven-page file, classified as “UK Top Secret”, contained a report entitled “Al-Qaeda Vulnerabilities” and an assessment of the state of Iraq’s security forces. Cabinet Minister Ed Miliband said there had been a “clear breach” of security rules, which forbid the removal of such documents from government premises. But Mr Miliband claimed national security was “not at risk”. Two inquiries – one by the Cabinet Office, the other by the Metropolitan Police – have been launched.

2008 April. Army Captain’s laptop left at McDonalds

An army captain’s laptop was taken from under his chair as he filled his face in a McDonald’s, near the Ministry of Defence’s Whitehall headquarters. The MoD said the data on the laptop was not sensitive, and was fully encrypted. This is the latest MoD laptop theft to be made public and it came after the government tightened the rules on employees taking computers out of work. Whitehall staff are now banned from taking unencrypted laptops or drives containing personal data outside secured office premises.

2008 January. Laptop containing details of military recruits stolen from car

A laptop computer belonging to a Royal Navy officer was stolen from car in Edgbaston, Birmingham. It contained the personal details of 600,000 people who had expressed an interest in, or applied to join, the Royal Navy, Royal Marines and the RAF. It contained data including passport numbers, National Insurance numbers and bank details. Defence Secretary Des Browne later admitted the inquiry into the loss of the Royal Navy officer’s laptop uncovered two similar thefts since 2005. At the time, Dr Liam Fox, shadow defence secretary, said 68 MoD laptops had been stolen in 2007, 66 in 2006, 40 in 2005 and 173 in 2004.

2007 December. Three million UK driving test candidates details lost in the USA

The details of three million candidates for the UK driving theory test went missing in the USA. Names, addresses and phone numbers – but no financial information – were among the details stored on a computer hard drive, which belonged to a contractor working for the Driving Standards Agency. The information was sent electronically to contractor Pearson Driving Assessments in Iowa and the hard drive was then sent to another state before being brought back to Iowa, where it went missing. Ministers said the information had been formatted specifically to meet the security requirements of Pearson Driving Assessments and was not “readily usable or accessible” by third parties.

2007 November. Two hard disks containing 25 million Child Benefit records lost

HM Revenue and Customs (HMRC) lost two computer discs containing the entire child benefit records, including the personal details of 25 million people – covering 7.25 million families overall. The two discs contained the names, addresses, dates of birth and bank account details of people who received child benefit. They also included National Insurance numbers. They were sent via internal mail from HMRC in Washington, north-east England, to the National Audit Office in London on 2007-10-18  by a junior official. But it never arrived.

Source: BBC

Now, I don’t know about you folks but I would not trust these people with my personal data. In fact I wouldn’t trust them to sit the right way on a toilet!

Honk! Honk!

Global political and economic theory explained by two cows…

Variants of this have been doing the rounds for some years now. This is my updated version, especially for all those good, quiet, little geese out there in Internetland who are permanently baffled by human politics & economics…

Socialism

You have 2 cows.

You give one to your neighbour.

Communism

You have 2 cows.

The State takes both and gives you some milk.

Fascism

You have 2 cows.

The State takes both and sells you some milk.

Nazism

You have 2 cows.

The State takes both and shoots you.

Bureaucracy

You have 2 cows.

The State takes both, shoots one, milks the other, and then throws the milk away.

Conventional Capitalism

You have two cows.

You sell one and buy a bull.

Your herd multiplies and the economy grows.

You sell them and retire on the income.

Enron-style Venture Capitalism

You have two cows.

You sell three of them to your publicly listed company, using letters of credit opened by your brother-in-law at the bank.

Then you execute a debt/equity swap with an associated general offer so that you get all four cows back, with a tax exemption for five cows.

The milk rights of the six cows are transferred via an intermediary to a company in the Cayman Islands.

This company is secretly owned by the majority shareholder.

He sells the rights to all seven cows back to your listed company.

The annual report says the company owns eight cows, with an option buy one more.

You sell one cow to buy a new President of the United States, leaving you with nine cows.

Obviously no balance sheet is provided because it has been shredded.

The taxpaying public then buys your bull.

American corporation

You have two cows.

You sell one, and force the other to produce the milk of four cows.

Later, you hire an expensive consultant to analyse why the cow has dropped dead.

French corporation

You have two cows.

You go on strike, organize a riot and block the roads, because you think you deserve three cows.

Japanese corporation

You have two cows.

You redesign them so they are one-tenth the size of an ordinary cow and produce twenty times the milk.

You then create a clever cow cartoon image called ‘Cowkimon‘ and merchandise it ruthlessly worldwide.

German corporation

You have two cows.

You genetically re-engineer them so they live for 100 years, eat once a month, and milk themselves.

Italian corporation

You have two cows but you don’t know where they are.

You decide to have lunch.

Russian corporation

You have two cows.

You count them and learn you have five cows.

You count them again and find you have 42 cows.

You count them again and discover that you only have 2 cows after all.

You stop counting cows and open another bottle of vodka.

Swiss corporation

You have 5000 cows. None of them belong to you.

You charge the owners for storing them.

Dutch corporation

You have two cows.

You want to make them happy.

You let them smoke some grass.

Chinese corporation

You have two cows.

You have 300 people milking them.

You claim that you have full employment and high bovine productivity.

You arrest all journalists who report anything different.

Indian corporation

You have two cows.

You worship them.

Iraqi corporation

Everyone thinks you have lots of cows.

You tell them that you have none.

No-one believes you, so the Americans bomb the crap out of you and invade your country.

You still have no cows, but at least now you are part of a democracy!

Australian corporation

You have two cows.

Business seems pretty good.

It’s a nice day.

You close the office early and go for a few beers to celebrate.

Hungarian corporation

You have two cows.

They both become very depressed and commit suicide.

New Zealand corporation

You have two cows.

The one on the left looks very attractive.

British corporation

You have two cows.

Both are mad.

Surrealism

i.e. corporate policy after a hectic team-building weekend in Amsterdam…

You have two giraffes.

The government requires you to take harmonica lessons.

Honk! Honk!

UK Government’s dubious DNA collection plan twarted by European Court

Seems likely that UK police forces will have to delete the DNA records of hundreds of thousands of innocent people – all of whom have no criminal convictions. The European Court of Human Rights in Strasbourg ruled today that retaining this data breaches human rights law. The Court said that keeping innocent people’s DNA records on a criminal database breaches Article Eight of the Human Rights Convention, covering the right to of privacy and family life. Apparently the British Government has until 2009 March to decide what it is going to do. Currently, UK Police forces keep a staggering 4 million people’s DNA patterns on computer.

Of course some sceptical observers believe that police will keep the data anyway and threaten any whistle-blowers with prosecution under data-protection / secrecy / privacy laws. And if the coppers cock it up, get caught-out and the 5hit really hits the fan, then the Government will deny all knowledge and the whole thing will be blamed on (yet another) computer error.

Obviously no one wants rapists and criminals wandering the streets. However, I doubt that collecting lots of innocent people’s DNA would ever significantly reduce their numbers. Moreover, it seems to me that our biggest threat is not the criminal, or the terrorist. It is in fact our own Government.

Our Government has conned us into accepting curtailment of our civil liberties as part of its war on terror, involved us in an illegal and hugely expensive war in Iraq, based almost entirely on falsified evidence and it has repeatedly proved itself incapable of handling our sensitive personal data in a safe and responsible manner.

Now this Government is trying to force us to carry electronic ID cards, supported by the same incompetent private companies behind so many of its other expensive IT failures. Worse, these cards will not merely carry biometric and other sensitive data that we will not be able to access ourselves (unless we hack them), the cards will also be enable the authorities to identify us remotely as we walk through public places.

Of course, there are some that argue that if the Government mismanages ID cards in the same way it has mismanaged so many other publicly-funded IT projects, then these ID cards would actually be quite a boon for criminals and terrorists. If these cards are hacked, cracked or cloned then your personal information and even your personal identity could be available on the black market to the highest bidder, in a highly credible format.

Seriously scary stuff IMHO.

Honk! Honk!