Prof. Steffen SchmidtThe story datelined London, Nov. 21, 2007 opened this way:
The British government struggled Wednesday to explain its loss of computer disks containing detailed personal information on 25 million Britons, including an unknown number of bank account identifiers, in what analysts described as potentially the most significant privacy breach of the digital era. The New York Times, “Data Leak in Britain Affects 25 Million”, by ERIC PFANNER
The data was on two disks that were sent by private delivery service, TNT, unregistered. The disks were apparently protected by a password but the data was not encrypted and were sent by Her Majesty’s Revenue and Customs the tax collection agency to the National Audit Office, which monitors government spending.
It appears to me that the bureaucrats in the British government who handle such sensitive information in such an astounding volume, were never once told about identity theft and were not trained in handling such life changing information. This is not shocking to me at all since identity theft protection data handling has been cavalierly ignored by governments, by private companies and corporations as well as non-profits, clubs, social organizations, educational institutions, insurance, and health care providers.
According to the New York Times,
The data went astray in October, after two computer disks that contained information on families that receive government financial benefits for children were sent out from a government tax agency unregistered, via a private delivery service. The episode is one of three this year in which the agency improperly handled its vast archive of personal data, according to an account by the chancellor of the Exchequer — including the sending of a second set of disks when the first set did not arrive.
This data loss apparently contained personal information on 40 percent of the population of the country. The disks included people’s names, addresses, bank account numbers, and their national insurance numbers, the British equivalent of Social Security numbers. The disks also contained data on almost every child under 16 in Britain.
Experts said the information could allow crimes beyond identity theft. Some people use the name of a child or part of an address as a password on a bank account, so the combination of these details could allow someone to break their code.
Apparently the government also waited an ungodly time before informing banks so that they could put higher levels of security in place and monitor unusual activity on people’s accounts.
The British Prime Minister Gordon Brown apologized and the head of the tax agency resigned. Oh goody! That will calm the nerves of half of the population of Britain who are now faced with years of anxiety over their personal information.
Government Information Commissioner Richard Thomas said he was shocked at the scale of the security breach.
“It's almost certain that they have broken the data protection law. This is a shocking case. I'm at a loss to find out what happened in this situation,” he told BBC radio.
He also said his office had been issuing warnings about data protection to organizations for years.
“We've been all the time saying that the more you are collecting personal data, for understandable reasons, the more the risks increase and the more you must be aware of what can go wrong.” Globe and Mail
The irony is that in Europe it is illegal to collect and sell personal information of people but of course that does little to stop a “junior” staff member of the tax collection agency from sending disks with all this vital data. I find it mind boggling to begin with that a “junior” staff member would be allowed to even touch such data. I also find it criminally neglectful that so much vital information would all be aggregated in a single location.
What can we learn?
First of all, this example is proof positive that we need massive and highly intrusive data protection training for employees who handle such information.
Secondly, this tragedy demonstrated clearly that encryption is not an option but should be an absolutely required, mandated, and it’s omission a punishable offense.
Third, the case suggests that my computer and information geek friends need to develop a radical new best practice for data storage and management. I would suggest a system of distributed and disaggregated data storage, where filed are NOT all kept together on data bases and where piece of identity information for each file are also not stored together. The algorithms for managing this information would be written in such as way that when data is needed it seeks the required information, and then temporarily assembles the pieces of each persons record for specific use. When the operation is finished the assembled data evaporates and the encrypted system goes back to disaggregated storage.
One side effect of the data loss was to deal a blow to Britain’s plan to issue a national ID card.
Critics of Britain's plans for compulsory identity cards said on Wednesday the multi-billion pound scheme should be ditched after the data loss.
Opposition politicians and opponents said loss showed the government could not be trusted to bring in ID cards, which would involve one of the world's biggest IT schemes.
The Globe and Mail
http://www.theglobeandmail.com/servlet/story/RTGAM.20071121.wukdatalosss1121/BNStory/International/homeLabels: British, CIP, Dr. Politics, england, EU, Europe, identity theft, information, Iowa State University, ISU, mccoy, michael, NSF, Steffen Schmidt, UK