ICO warns of more 'datagate' breaches Richard Thomas, giving evidence to the House of Commons Justice Committee yesterday, warned that more government data could have gone missing. Thomas said that as a result of the HMRC scandal, "several departments have come to see us on a confessional basis, but none on anything like the scale of the HMRC loss". He said that …
Not that they're desperate you understand.
But here's an idea... I fill up a pair of CD-ROMs with random 0s and 1s, hand them over to Alistair Darling (I'll even spring for some fancy jewel cases). Bank £20,000 (but not in Northern Rock), and the government gets to reassure the public that the data was encrypted all along.
This isn't a Church. You can't get absolution by confessing your sins and saying a few Hail Marys. If protected personal data have been lost, the affected individuals should be contacted without delay, and the nature and extent of the losses made public.
Why are Civil Servants more protective of their own jobs than of the public they serve?
"if the missing child benefit discs did end up in the wrong hands then criminals could find details of people on witness protection programmes on the discs"
When I first heard of this story I almost felt like saying "I told you this would happen". But, for the HMRC to have let information out into the wild (surely the criminal fraternity must have that information, by now) which will quite literally put the lives of people at risk beggars even my cynical belief. Why the hell do HMRC even NEED that information? I am flabbergasted.
"...discs include the real and changed names of up to 350 people who have changed their identities after giving evidence against criminals..."
I've lost count of the number of different blunders that have occured.
1. 25million records put on to CD's
2. One set goes missing so ANOTHER set of CDs are resent.
3. Which feckless moron (i.e. manager that will remain blameless and free) decided to fuckabout with security policy and procedure to let PRIVATE DATA be extracted to untrackable/unauditable CD! Unauditable format sent to the Audit Office!!! Alarm Bells are ringing!
4. Why hasn't the Security Officer resigned in protest/shame after this shambles? Who is he; can we name and shame him and ensure that he never gets hired anywhere else (and any qualifications [CISSP] are revoked).
5. The NAO only required a subset of data - clean data free of Financial details; but HMRC thought that writing a slightly more complicated SQL statement would be too costly. (The old Mastercard ad with the word "priceless" could be fit in here somewhere).
6. As a result of the above, 7 million people's banking details are also on the Organized Crime market somewhere.
7. "Their names have been changed to protect the innocent"... Well... er... not really...
8. Nothing but Bullshit, Bollocks and Spin from the Government
9. No one has been held accountable (and nor will they be)
10. Some poor "Junior Tea-Boy" is blamed and has been effectively placed under house arrest.
11. No one has been nor will they be punished.
12. Instead, they say they want even MORE data and wrap the request in lies that "Biometrics will keep us all safe" from all the baddies out there! (And all the baddies on the inside can be trusted implicitly).
FECK, ARSE!
I agree with AC's comments above, apart from (4) sack the Security Officer. If the Security Officer has put in place an agreed policy that says "don't do this" and some halfwit goes and does it anyway, it's hardly their fault. However, if they put in place a policy saying "don't transfer data in this way" and then fail to provide an alternative, secure method for transferring data when *necessary*, then it *is* their fault and they should fall on their sword as well.
The Security Officer doesn't just write the Policy/Procedure. They are supposed to ensure that the guidelines are enforced and followed.
Given that they put the data on CD TWICE and posted it by unregistered post both times, I can say that the system was definitely broken.
I suppose I should have added a few extra points regarding the lack of Encryption of the Private Data (but if they can't be bothered with a simple SQL, they ain't gonna bother with encryption - and I doubt they even used covert channels to send the password/encryption key).
From everything that I read on El-Reg and elsewhere, this "burn-it-to-CD-and-post-it" procedure was common place in HMRC and not necessarily an anomaly. The Rule as opposed to the Exception.
The best that this Security Officer can say in his defence is that he was ignorant of these breaches (I believe it is the Iran-Contra reply: "Mister Chairman, I have no clear recollection of that...").
If the Security Officer was aware of the breaches (and he knew that they were condoned by management due to cost or laziness) then:
a) He should have raised the matter in writting to management.
b) Failing that (or perhaps at the same time), he should have raised the matter to the attention of the Information Commissioner and possibly the EU since it is also in breach of EU Data Privacy.
c) If it continued, then resigned in protest.
If he knew and was complicit in the management negligence then, personally, I think criminal charges ought to be brought to bare against him and the whole management team.
What I smell is that NuLabour's love of micromanaging government functions at the lowest level has eroded (even eradicated) civil servants' ability and desire to act autonomously and with gumption. Treat underlings like brainless robots and guess what? They act like brainless robots, complete with programming bugs. [Programming bugs = ignoring written protocols]
This observation segues off into a rant about the folly of passing endless laws and regulations against politicially unacceptable behavior, followed by a further rant pinning the blame for the dreadful state of the NHS on micromanagement by Cabinet ministers. However, I'll spare El Reg's readership and let them word their own rants on these points. Have fun, amigos!
"Why the hell do HMRC even NEED that information? I am flabbergasted."
Well HMRC's worry is not paying pensions or benefits to anyone with an incomplete national insurance record. If the, er... customer, suffers death by torture at the hands of some mobsters then that bureacratic problem is unaffected. File closed. But if people are allowed to live with two separate contriobution records or tax refernces, then who knows what the consequences for system integrity could be.
There is a common misconception, held even itr seems by some Home Secretaries, that witness protection is like in feature films (or America) - that you get a whole new identity, properly booked and referenced like an intelligence officer's cover.
Nope. You just get dumped the other end of the country with a grant to set you up in rented accomodation.
But don't worry. Your identity will be protected by your biometrics being on a database.
The thing is.. This should not have been down to some vague policy. It should have been physically impossible for this to happen!
Anybody remember the assurances that the various government departments who were supposed to be sharing the information linked to ID cards would only be able to access the relevant bits, and not the whole sum of all data for each individual? I'm hoping they will die a slow and unremarked death, but I still wouldn't put it past the gits to try and spin it into reality in some sneaky way.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
