Those missing CDs - the reward
Dec. 6th, 2007 08:29 am![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
bunnI am amused to see that they are now offering a reward for those missing child benefit records.
Now is it me, or is that totally missing the point? If those discs turn up now, even if they are found stuffed down the back of a filing cabinet in the same building they came from, then surely the data must be considered compromised. Whether they are found or not, nobody can be sure where they have been in the interim or if they have been copied. Offering a reward for them at this stage - doesn't that demonstrate that the people in charge don't understand the basic concepts?
It's like the 'junior official' defence earlier. Sooner or later, everyone is sloppy or makes a mistake. These things happen, and occasionally, you get bitten on the bum. That's being human.
But blaming the entire fiasco on a 'junior official' - surely that makes the whole thing *worse*, not better? If the bad decision was made by an important busy someone with a high level of access, then you can at least understand how it got made. Tut tut. But if the decision to copy the data, fail to encrypt it, and send it in that way was made by someone junior, that makes the whole organisation and their systems look totally ramshackle.
If the decision was made by someone not very important who didn't really understand what they were doing, *why on earth did they have access*? Why were the systems set up so they could write all that stuff unencrypted to CD? That's not an excuse or a shifting the blame! That's making the whole business look 10x worse!
Oh yes, and that statement, referring to changes in 2006 - "We introduced at that stage more stringent rules. We set out to learn lessons in relation to security,". In 2006? What were you doing before that? That's last year, how long did you have computerised records before you realised that sending them about the place unencrypted with no tracking might be a bad move?
Still, with a bit of luck this blunder will have killed off that totally nuts identity card idea. I really hope so.
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
Date: 2007-12-06 09:57 am (UTC)Assuming, of course, that everyone has an ID card and uses it in every interaction they have with everyone else, and the system allows for flawless and immediate checking of unforgeable IDs by anyone anywhere anytime.
Any problems will only come if the IT people fail to do their jobs properly and so the superbly designed system isn't implemented well, or if the general public somehow get fail to understand it and so it gets mis-used. Neither of which would be the Government's fault.
no subject
Date: 2007-12-06 10:04 am (UTC)hahahaha...
no subject
Date: 2007-12-06 10:52 am (UTC)My new passport is still wrapped in its Bacofoil. I expect mockery at the airport tonight.
no subject
Date: 2007-12-06 11:30 am (UTC)The only way I can see ID card technology really working is if everyone was permanently in a little box with all their bodily fluids wired into it, like in the Matrix. Only, then, of course you wouldn't need a card...
In the far future, I predict that someone will invent hand-written, paper-based photo ID. It will be hailed as a technological marvel: an id system that can only be copied by someone who is physically in contact with the card! How secure we will be!
no subject
Date: 2007-12-06 04:37 pm (UTC)no subject
Date: 2007-12-06 06:31 pm (UTC)