21 November 2007
A few questions that have crossed my mind following the great child benefit data snafu of 2007. As the BBC reports:
He blamed a junior official at HM Revenue and Customs’ offices in Washington, Tyne and Wear, who he said had broken rules by downloading the data to a disc, then sending it – unrecorded – by courier to the National Audit Office in London for auditing.
So here goes…
- How is it even possible, under security protocols, junior officials at HMRC to be able to query
SELECT * FROM TABLE child_benefit LEFT JOIN bank_details (or access archived copies) “just like that”.
- Although it’s reprehensible for such mass data trawling to be done by a junior member of staff, what does this also say about the reliability of TNT, who handle the (privatised) government internal mail service? What else have they lost recently?
- These discs were bound for the National Audit Office – aren’t audits generally meant to be on a sample of data and not the whole set? Just what did they want with all of that data anyway?
- The discs are “password protected” – note the careful wording – not “encrypted”. Does this mean they just used an Excel password? Why isn’t even the most basic encryption & key management being implemented as a matter of course?
Such is the aggregation of data, and so little are the controls on it – think how doctors, lawyers and accountants are so strictly legislated, under threat of professional disqualification, for abusing their clients’ confidentiality, compared to the rules for bureaucrats (both governmental and non-governmental) – that a breach this stupid, though not of this scale, was quite predictable. Hopefully, however, given the nature of the data, any potential abuse is most likely on a case-by-case basis and not systematic.
And some good may come out of it. In an information society we accumulate all kinds of data that is kept on us, and this is inevitable. What isn’t, is how that data is managed, how it is organised on our behalf, how we make sure different sets of personal data are kept separate and private, and only combined and revealed to others when it directly benefits us. The insane, blind stumble towards a Total Information Awareness society can be checked, and stopped, if we take a calm and sober look at how we got here and how to make sure it doesn’t happen again.
That said, I bet there’s a fucking massive run on the banks tomorrow morning. Plus ca change.
13 November 2007
I don’t normally plug the stuff I do at work too much here, but on this occasion it’s a project I’ve been really well involved with for several months, so what the hell. For the past couple of months as a blog & social media expert I’ve been working closely with Eurostar, editing & adminning their dedicated blog & Flickr photostream as they cover their move to St Pancras International station. At first I was a bit shy from plugging it, but now that the project’s matured and has a good body of content under its belt, and given the praise it’s received, I think now’s the time to be a bit more bold about it – it’s a piece of work I am very proud of and, I hope, a case of a company getting blogging “right”. Today’s the last day Eurostar will be at Waterloo International before they move overnight to St Pancras, and as I’m off to take photos and blog the station’s closure, I thought now might be a good time to tell you to go take a look at it.
7 November 2007
I’d linklogged already, but I now feel compelled to comment on this story – Camelot have had to withdraw winter-themed scratchcards because players cannot understand how negative numbers work. doctorvee, among many others, despairs of her intellect:
HOLY SHIT! This is how bad standards of numeracy have become. Unbelievable.
This woman’s poor numeracy is not in doubt, but staggeringly enough, that’s not the real problem here. The problem is what one unfortunate customer said:
“I phoned Camelot and they fobbed me off with some story that -6 is higher – not lower – than -8 but I’m not having it.” [emphasis mine]
It’s the bits I’ve highlighted that really irk me – the sheer bloody-mindedness that illustrates a mentality along the lines of “well, if the laws of arithmetic don’t agree with my own intuition, then I’m going to bloody well complain until they fix it”. It’s not ignorance or stupidity that’s the real problem here, but the stubborn self-conviction that goes with it – the inability or unwillingness for people to ever now say “I don’t understand” or “I don’t know”.
And it’s not only scratchcards that this problem surrounds – virtually every major issue today, from the Iraq war to global warming to immigration, is characterised by people (on both sides) who will never even entertain the possibility they might be wrong, let alone admit to it. In the good old days stuck-in-the-mud irrationality and delusion was usually rooted in ideology or religion (“if Lenin/Smith/Jesus says so, it must be right”), but they are by and large absence from most aspects of modern life – which has created a vacuum into which some weird, fucked-up cult personality of the self (“if I say so, it must be right”) has entered. Add to that a culture where any grievance, no matter how petty, must always be redressed or avenged and it creates a terrifying vision of the future.
Of course, I could be totally wrong about this…