A few questions that have crossed my mind following the great child benefit data snafu of 2007. As the BBC reports:
He blamed a junior official at HM Revenue and Customs’ offices in Washington, Tyne and Wear, who he said had broken rules by downloading the data to a disc, then sending it – unrecorded – by courier to the National Audit Office in London for auditing.
So here goes…
- How is it even possible, under security protocols, junior officials at HMRC to be able to query
SELECT * FROM TABLE child_benefit LEFT JOIN bank_details(or access archived copies) “just like that”.
- Although it’s reprehensible for such mass data trawling to be done by a junior member of staff, what does this also say about the reliability of TNT, who handle the (privatised) government internal mail service? What else have they lost recently?
- These discs were bound for the National Audit Office – aren’t audits generally meant to be on a sample of data and not the whole set? Just what did they want with all of that data anyway?
- The discs are “password protected” – note the careful wording – not “encrypted”. Does this mean they just used an Excel password? Why isn’t even the most basic encryption & key management being implemented as a matter of course?
Such is the aggregation of data, and so little are the controls on it – think how doctors, lawyers and accountants are so strictly legislated, under threat of professional disqualification, for abusing their clients’ confidentiality, compared to the rules for bureaucrats (both governmental and non-governmental) – that a breach this stupid, though not of this scale, was quite predictable. Hopefully, however, given the nature of the data, any potential abuse is most likely on a case-by-case basis and not systematic.
And some good may come out of it. In an information society we accumulate all kinds of data that is kept on us, and this is inevitable. What isn’t, is how that data is managed, how it is organised on our behalf, how we make sure different sets of personal data are kept separate and private, and only combined and revealed to others when it directly benefits us. The insane, blind stumble towards a Total Information Awareness society can be checked, and stopped, if we take a calm and sober look at how we got here and how to make sure it doesn’t happen again.
That said, I bet there’s a fucking massive run on the banks tomorrow morning. Plus ca change.