That's why they didn't own up to it for ages. I imagine they've turned the offices upside down looking for the disks, let alone all the TNT vans and internal mail.Originally Posted by DavidJames
They should have looked in the stationery cupboard. Everyone knows that's where all the good stuff is kept.That's why they didn't own up to it for ages. I imagine they've turned the offices upside down looking for the disks, let alone all the TNT vans and internal mail.
Didn't even take 48 hours. Have heard at least two people (completely missing the point, of course) say that ID cards are the answer since only if your biometrics match those on the card could someone pretend to be you. Interviewer: but that's beside the point. Here are personal details of half the country which are out in the open; with the ID card database that might include information that could be used to blackmail people, threaten them, cause them problems, etc etc.
Answer: Ah, well, no human system is perfect.
It's like listening to 'Dr' Kent Hovind demonstrating his ignorance of evolutionary theory.
Realistically, I can't see any government now trying to implement ID cards - no matter how much they try to spin it. Even Blair / Campbell / Mandelson at their height would have problems with that type of spin.
The Government's going to be associated with "dodgy data" for a looong time now - and rightly so. They'd never push an ID cards bill through after this; it was unlikely before, it's near-impossible now.
It'll just die a death - it was doing so under Brown anyway, in fact.
So how much should I actually be worried since my data is probably among this lot?
If your "bank access" data (password or PIN) is related to any of the data that's been lost, then you should change it. For example, if your password is your child's name, or your PIN is your date of birth. In fact, you shouldn't have those as your password or PINs anyway, because they're too easy to guess.
Otherwise, I wouldn't stress too much on a personal level. And so far, if the worst comes to the worst and someone fraudulently empties your account, the banks have generally been pretty quick to reimburse you - in fact, they have to, according to the Banking Code.
Heh, they're welcome to my overdraft of course...
Here's hoping they take pity on me and put some money into my account.Heh, they're welcome to my overdraft of course...
Y'know, back in the days when we debated the National ID Register (it's not just the ID Cards bit) on this forum, I recall a few voices defending that scheme on the "If you've nothing to hide, you've nothing to fear" principle.
Where does that logic stand now, I wonder?
theres "logic" in the "you've nothing to hide" statement ?..really...where...point it out for me would you, there's a good chap
theres "logic" in the "you've nothing to hide" statement ?..really...where...point it out for me would you, there's a good chap
Indeed: since the first part of the statement is impossible (in a world where not everyone can be trusted or competent), it can't be logical at all. Mistaken use of the world 'logic' there, sorry Vulcan-smurf*
That's why they wear the white hats, you see - cf. Star Trek IV
A couple of relevant threads are:
http://www.cerocscotland.com/forum/c...-everyone.html
and
http://www.cerocscotland.com/forum/c...ead-water.html
The quote you're probably thinking of is:
I wonder if the people agreeing with that then (I didn't, and that was on July 7th 2005) would say the same now?
Surely Andy meant in terms of the "Big Brother" surveillance sense, which previously is what most anti-ID card arguements centred around? What's happened now engenders a different kind of fear totally.
How many commercial organisations have "lost" our data and we never get to know about it?
Said (most of) this before in another thread, apologies to the bored.
Michael Barrett used to host Nationwide. He went on to run his own production company; among their clients was one or more government departments. Their staff had to go through positive vetting.
Came a day and MB was told one of his female staff had failed the positive vetting. If she continued in his employ he would lose his government contracts. He made her redundant.
NOTE. If this was you, wouldn’t that probably be the end of the matter? You lose your job, no idea why.
Luckily for this young woman, her father was a retired Chief Constable. He instituted (presumable unauthorised) enquiries and this is what they found out.
Some time earlier, she had been on a ‘hippy holiday’ in Germany, travelling with some friends in her Volkswagen Beetle. At some point, in some place, somebody had seen one of her male companions and thought he looked like one of the members of the Baader-Meinhof gang. They reported him and the car he had been travelling in to the German police.
So she acquired an entry in some file, in some database: ‘possible links to terrorism’.
This was just because she was the registered owner of a car in which someone had been travelling who had borne some small resemblance to a dodgy photo – printed in a newspaper/shown on the TV – of a member of a terrorist organisation.
If you don’t know what information is being reported and by whom, it’s a serious problem.
On a similar note, I have a client at the moment who is being subject to an allegation that he is one and the same person with a person who has an absolutely atrocious credit history. If the other side are successful my client stands to lose tens of thousands of pounds.
The other side’s allegations are almost wholly based on reports provided by Experian, Equifax and so forth. And yet examining the reports shows that they are a disgusting mess of detail, with no clue as to how information gets on there, and at least two entries which amount to allegations of criminal fraud and yet are clearly wrong. The credit reference agencies, of course, cannot explain where the data comes from because it’s “provided in confidence”. If you can show them the data is wrong, it will be corrected. But until these reports were obtained my client had no idea of what was being put on his credit reports.
“Nothing to fear”?
Really?
Amongst the many, many things I will never get around to is a film script idea. The "punchline" is the president of the USA being incarcerated as a subversive.
This comes about in an era of high political tension, with the cold war warming up. The computer systems of all of the security institutions are linked.
A small town sheriff demonstrates the system to the local mayor. He types in the Mayors name, and asks if he is suspected of any links to terrorist or insurgent organisations. The answer comes back that he is, and should be detained immediately. The Id checks hold up, the Mayor is detained. He is asked to cite referees to try and clear up the obvious error, but it transpires that they also have links to suspected terrorists, and also should be detained. The scenario spreads, and it is not too long before a few have the bright idea of getting the situation sorted by citing the president as a referee, and he too is accused. The high ups in the military don't like the president anyway, and take the opportunity to snatch power.
All of this arises because one software designer has assumed that no one would ask if X was suspected of having links to terrorist or insurgent organisations if they did not suspect them of having such links. A faster system updates the data before the slower one answers the question. Ask if they are suspected, and they become suspected.
Hmmm!
From Accountancy Age here
Senior HMRC official briefed before data loss
Emails between HMRC and NAO reveal that a senior tax official was briefed on the decision to send sensitive data to the NAO in the post
Written by Nicholas Neveling
Accountancy Age, 23 Nov 2007
A senior HM Revenue & Customs official was fully briefed on the decision to send the banking and NI details of 25 million child benefit recipients to the NAO, a series of emails has revealed.
An exchange of emails between the NAO and HMRC on the child benefit data issue, released yesterday, showed that a senior HMRC official had been copied in on an email from the NAO asking the taxman to strip out sensitive information from the data and send it 'as safely as possible'.
The HMRC declined the request on the grounds that sensitising the data would be too expensive.
'I must stress we must make use of data we hold and not over-burden the business by asking them to run additional data scans/filters that may incur a cost to the department,' the email from HMRC to the NAO revealed.
The email disclosures run contrary to the version of events put forward by Alistair Darling. The chancellor said it was a junior official who had sent the discs to the NAO, blatantly flouting HMRC procedure.
The emails, however, show that senior officials were fully informed and that cost cutting, rather then procedural error, resulted in the discs containing the data going missing.
What's ridiculous here is that it wouldn't have cost anything other than (literally) 5 minutes of time to encrypt the data.
or about that to select just the wanted data. In fact it may have been quicker and cheaper to select just the wanted data and blow it onto one CD, or even cheaper and quicker and more secure to send just the wanted data over a secure network.
That too, but in this context I'd say you should be encrypting the data as a matter of course - even if you think that you've sanitized the data already.
Yes, it's quite understandable. Basically, the HMRC guy was asked to to a chore, and did it in the most convenient (for him) way - which was just to do a copy & post. He didn't want to actually think about the chore, he just did the minimum possible.
Hell, we all do that.
But the scary thing is not what he did, or even that it got lost. The scary thing is that he could do it in the first place, and that there were no access controls on this data - I'm assuming this sort of thing was a fairly regular occurrence. And of course, we only know about it now because of the discs being lost.
Hmmm, I can't help notice a deafening lack of posts from ID-card supporters..
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
![$vboptions[bbtitle]](images/master_col.bmp)
Reply With Quote
Bookmarks