Friday, November 07, 2008

PM admits data insecure

Following the latest UK government data loss debacle, the passwords to the tax details of 12 million found on a memory stick in a pub carpark, the Prime Minister admitted during his recent visit to the Gulf that "It is important to recognise we cannot promise that every single item of information will always be safe because mistakes are made by human beings".

It's a start. He needs to understand also that these big databases he's building will be subject to technical failure and attack by people with malign intent.

Systematically and cynically dismissing, ignoring and denigrating the concerns of people who really understand these systems, Mr Brown, his predecessor, Mr Blair, and a long line of incumbents in the Home Office and other cabinet posts have been repeatedly assuring us, for years, that the mountain of personal information we will be compelled to hand over to the government, to feed their ID card and other database schemes, will be secure. Now the Prime Minister blandly slips it into a statement in Qatar, the day before the US presidential election, that hey, people make mistakes, so don't sweat it, or words to that effect.

To continue to deploy these systems in the absolute knowledge that they are completely insecure is not just a negligent derogation of duty on the part of the government, it is criminal. The folk at NO2ID have come up with a nice soundbite in response to the PM's admission:

"The only cure to the problem of data loss is for the government to stop collecting so much personal data. You can't protect it. So don't collect it."

No comments: