« British government decides to encourage rape | Main | Truth Overtakes Fiction in Strangeness Department »

See also: "the ID card will make us safer"

Home Office coughs to five database breaches (from The Register).

Security at the British Home Office's Identity and Passport Service (IPS) database has been compromised four times, with individuals' data used inappropriately by Home Office employees and contractors. A fifth breach has hit a Prison Service database.
In three of the cases workers were able to access data they had no authority to use and in the fourth a worker who did have authority to access data used it inappropriately. The fifth case involves a worker accessing the Prison Service sentencing database, a Home Office spokesman said.

Do I have to repeat myself?

|


12 Comments

user-pic
1:

This is actually a more general problem: organizations which maintain sensitive databases they don't have a clue how to control or defend. Even if ID cards were banished from the Earh tomorrow, the database problem would still be here. I am, however, encouraged by the fact that in the Untied States (sic), the FBI has not been able to get their new database to work, after 2 tries and > $6E8 tossed in. They should have codenamed it "Rathole".

2:

Yes, you will have to repeat yourself. Often. Proper Nouns and unique identifiers are warm blankets to control addicts. As control addicts are controlled by their need to control, they will surround themselves with the cheap, fuzzy terrycloth Unique IDs announcing to the world: I Wear Armor!

/Bill Burroughs was a god among cockroaches. Of course, he was the god of cockroaches...

:)

3:

Sounds like your still on target with Halting State. Although it might be tempting to make it even more Orwellian...

4:

There is a reason why GP's handwriting is illegible (except to them). Its so that the inevitable spying on neighbours' health problems can't happen when the support staff are looking at the files. People always want to spy on their neighbour. The NIDDB etc. just makes that easier. These cases in the Home Office are just the tip of the iceburg for the current system. If ID cards ever happen it will make it even more so.

5:

I saw a newspaper report I think last week saying that there was now a countrywide (Scotland) network of licence plate recognition cameras on the main roads, that the police are using to track criminals.

I know someone who works in computer stuff and he's pretty sanguine about all the cameras and tracking systems, since he reckons it will be too hard to actually find teh real info they will want. He's gone a bit quiet since I pointed out that it will all be kept on file and used to shut you up if you stick your head above the parapet.

6:

Inland Revenue in NZ has disciplined staff who accessed tax records of famous taxpayers when they had no need to (just being nosy). Nice to know that governments sometimes try to look after such data properly.

user-pic
7:

What? not even a mention of people who emailed the link to you? :)

B>

8:

It's in The Reg, Bruce. Which I have been in the habit of reading daily ever since in launched (some of my friends write for it :)

9:

When a Limerick (Ireland) woman (who may have been on benefits, unsure) won several million on the Euromillions lottery, some civil servants were disciplined for looking up her records without reason. I was amazed they had built in that feature to the database accessing software at all.

user-pic
10:

And yet you took almost a day to post about it. Given the subject matter, I could only assume that since you hadn't written anything after a day, you weren't reading it :)

user-pic
11:

When I first heard about this on Radio 4 (2 days before The Register's story) I was amazed to hear DTI representatives and Home Office ministers denying the need for a California style Breach Law.

At least then a truer picture of how unsecurely corporate and public databases hold info will be made public. Perhaps having to inform people of each and every information breach will be so expensive they will actually take real steps to secure their data.

Then again perhaps this will eliminate hundreds of small businesses as they cannot afford the kind of security required. A conundrum?

user-pic
12:

It shouldn't eliminate small businesses any more than they've been eliminated by the security required to prevent people stealing the tens of thousands in cash they generate. They just use banks.