Hi all,

We’re going to be taking an extended break–far longer than Christmas hols. The CSIA is evaluating their options, so to speak, and will be deciding on whether or not to keep Blindside going at the end of Feb.

We’ll still be baby-sitting the site, so if you have comments on any IA issues (or on Blindside in general), put them on this post–maybe we’ll send an addendum over to CSIA.

We leave you with this. Symbolic of this shambolic year to date, really. 2007 should be remembered as the year we gave it away–it being data.

The personal details of three million learner drivers have been lost by the Government, ministers have admitted.

“Private information held on teenagers and other people taking the driving theory test - including their names, addresses and phone numbers - have gone missing from a company in America. Details of the people that sat the driving theory test between September 2004 and April 2007 were lost. In the latest such blunder by the Government, Ruth Kelly, the Transport Secretary, disclosed that the files held on a hard disc drive were lost at a facility in Iowa City last May. The Government faced questions about whether it has misplaced any more records and how many countries process personal details of Britons. Births, deaths and marriage records of millions of British citizens are at present being turned into digital files by a computer firm in India.”

“Miss Kelly was informed about the latest data loss - which experts say could expose millions to the threat of identity fraud - on Nov 28. Yet she admitted the fiasco only last night, on the eve of MPs’ Christmas break.”

Happy holidays to you all! We hope to see you in the New Year, refreshed and ready to continue our exploration of information and identity–we’ll turn into regular shrinks before we know it.

p.s. (You knew it had to happen, right?) “The beleaguered government agency at the centre of the child benefit records fiasco was embroiled in another personal data row last night after losing the pension details of more than 6,500 people. A data cartridge containing the information was misplaced by HM Revenue and Customs, which previously admitted losing two computer discs containing the entire child benefit database of 25 million people.”

“The pensions cartridge is not encrypted or password protected and contains the details of policy holders with Countrywide Assured plc, leaving them open to the threat of identity fraud. It holds their names, addresses, dates of birth, National Insurance numbers, a total valuation of their pension fund, the date of that valuation, the amount of their pension contributions and National Insurance rebates received. Their bank account details are not included.”

If what this Times commentator describes is true, somebody should go to jail. The rest of us should take note. As we may have mentioned one or two thousand times before, security technology and security procedures mean absolutely nothing if there is not an organisational commitment to the security of information.

That senior officers of Norwich Union and Avivia would protect their own data following news of the leak without informing their customers is quite simply disgusting. I personally will remember this when making my own banking decisions, especially as all concerned remain in post, for some unfathomable reason.

Hey Guv,

Just so you know, from what I’ve read (somebody please help me with the source–one of you must know) if you upgrade to WinZip 9.0 or above it comes with PGP encryption. If you then choose a password with 10 or more characters, you’ll probably be okay in regards to common criminals or the curious who come across your disc or file. Zip your files, communicate the password over the phone, send the disc by a trustworthy courier (or electronically), and this will work in the interim until you sort out something for the longer term. Oh–and don’t send more data than you need to.

Update: Ian Brown Says:
December 6th, 2007 at 9:59 am e
No. WinZip 9.0 contains AES (the recent US govt-approved Advanced Encryption Standard) which is secure *if* a password of adequate strength is used. A 10-character password does not qualify and could be guessed trivially by password cracking software. Key management is much harder than just using an appropriate cipher.

Tom Fuller Says:
December 6th, 2007 at 10:35 am e
Hi Ian,

Thanks for this.

How many characters should the password contain, and what proportion should be non-alphabetic–do you happen to know? I think that a lot of mid-level government staff would be able to use this information.

In related news,

“The Information Commissioner, Richard Thomas, said that a number of public bodies and private companies had contacted him over the fortnight since the HMRC incident was revealed to confess that they too had lost data.”

“Hundreds of people in police witness protection programmes have been put at risk by the loss of millions of child benefit records, The Daily Telegraph can reveal.”

Expect to see a lot more of this: “Now imagine that a company that you knew had just lost the details of 25 million of its customers, including some who are at risk of violence because of something they’d done for you in the past, was setting up a scheme to bring all of your biometric details together – every valuable confidential piece of information that identifies you as you – and was going to charge you £100 to join.

Want to sign up? No, me neither.

The National Identity Register is just that, a Government database to be used as the final authority for confirming identity. It will be shared with other Government agencies and even though it’s specifically prevented from holding some information (tax and medical records, for example), we’ve never had an electronic register of every British person before.”

When it comes to data warehousing, it’s becoming painfully evident that bigger is not always better.

Terrific conversation about the technology threats of 10 years hence with Marcus Ranum on the Bruce Schneier blog.

Insert Oscar Wilde quote here, if you wish: “A new fraud alert was issued by the government this weekend as it confirmed that it had lost another computer disc containing the personal financial details of 40,000 housing benefit claimants.”

…”In a separate incident, it was disclosed this weekend that another disc containing the bank details, salaries, National Insurance numbers and home addresses of more than 6,500 public sector workers has also been lost.”

Maybe we can send them all a letter of apology that also contains confidential information.

Seriously, it has to be clear now that the institutional governance mechanisms regarding the safeguarding of personal information have broken down, if indeed they were functional previously. This is all a flagrant violation of the Data Privacy Act. These are all, essentially, crimes.

Government needs to put down tools, get together in a large room, and talk through the implications. To have three further incidents after what happened at HMRC is devastating–as devastating as the first incident, as it means there has been no response. (The third incident I refer to is the letter of appology sent out by HMRC which contained confidential information).

Perhaps it is time to revive TrainerNet–junior employees with trainers who hand carry data discs to the proper destination. But HM Government (as a whole, not as differing bodies) needs to come up with a data transmission protocol that protects our personal information from people who will steal it and injure our reputations, cost us money and time, and have a serious negative impact on our lives. That is what is at stake here. Government is seriously prejudicing the quality of life for half the population. What good are they doing that can overcome this?

It looks as if Galileo, the EU satellite project, will go forward. This means that there will be competition to the American GPS services, and an alternative to location and timing signals. It’s an expensive back-up, but it’s important to have a back-up.

MI5 has issued a warning to a host of companies and organisations that they are being hacked–quite possibly by the Chinese. As we reported this summer when it was Whitehall and the MoD getting hacked, it’s important to remember that the Red Army, blamed for so much of this, has a lot of private enterprise initiatives out there, and this may not be seeking military advantage (although they wouldn’t throw that away if it came to hand) but seeking straightforward competitive advantage over UK companies doing (or hoping to do) business in China.

Here’s how it’s painted on the CPNI website. “The UK is a high priority espionage target and a number of countries are actively seeking UK information and material to advance their own military, technological, political and economic interests.”

And look at it this way–UK information protection schemes obviously need the exercise. Better be tested and found wanting in a time of peace. In a weird way, maybe we should thank the Chinese for this–if we act on the lessons learned…

“A security breach affecting an unknown number of Canadian citizens came to light last week in the Canadian province of Newfoundland and Labrador when a consultant for the Provincial Public Health Laboratory took a laptop containing patient health information home. The consultant was contacted by a person who identified himself as a representative of a computer security company and who claimed that he was able to access to data on the laptop through the consultant’s home Internet connection.”

…”The exposed information includes names, Medical Care Plan numbers, age, sex, physician and test results for infectious diseases, including HIV and hepatitis.”

In a related news story…. “Trust is fundamental to the effective management of security and privacy in the public realm. Surprised? “Results from a ground-breaking pan-European study show that when it comes to security and identity in electronic public services, trust is a critical issue for European eGovernment. Given recent negative press stories about the security risks associated with personal data on social networking sites such as Facebook, and recent events in the UK where the personal details of some 25 million citizens appear to have been lost, this paper comes as a timely reminder about the need to manage trust and security effectively.” …”The cc:eGov study has identified exceptional good practice in Europe, for example in Estonia where an integrated ID card provides access to public and private services. However, the Estonian Government is rigorous and thorough in its protection of citizens’ data, to the extent where sustained cyber attacks on their systems earlier this year did not result in a breach of security. The trust of citizens was therefore reinforced.”

The iconoclastic Tim Worstall starts the ball rolling here, and refers us to Ben Goldacre’s Guardian column here: “But it’s not. The leak last week wasn’t because of unauthorised access, it couldn’t have been stopped with biometrics; it happened because of authorised access which was managed with a contemptible, cavalier incompetence. The damaging repercussions for 25 million people will not be ameliorated by biometrics.

So will biometrics prevent ID theft? Well, it might make it more difficult for you to prove your innocence. And once your fingerprints are stolen, they are harder to replace than your pin number. But here’s the final nail in the coffin. Your fingerprint data will be stored in your passport or ID card as a series of numbers, called the “minutiae template”. In the new biometric passport with its wireless chip, remember, all your data can be read and decrypted with a device near you, but not touching you.”

Ben Goldacre also has a piece here that refers to an academic paper enchantingly titled “Impact of Artificial “Gummy” Fingers on Fingerprint Systems” by Tsutomu Matsumoto, Hiroyuki Matsumoto, Koji Yamada, and Satoshi Hoshino of the University of Yokohama. “This paper reports that gummy fingers, namely artificial fingers that are easily made of cheap and readily available gelatin, were accepted by extremely high rates by 11 particular fingerprint devices with optical or capacitive sensors. We have used the molds, which we made by pressing our live fingers against them or by processing fingerprint images from prints on glass surfaces, etc. We describe how to make the molds, and then show that the gummy fingers, which are made with these molds, can fool the fingerprint devices.”

Here’s the story on the day after…

I have said this before on this blog. There are countries where a national identification card is completely non-controversial. There are possible benefits to society from a well run and properly managed system.

But in my heart of hearts I do not believe that this country’s government (and I do not distinguish between political party here) is capable of building and operating an ID management system at this point in time without disastrous consequences to information assurance.

From the Beeb: A hard drive containing sensitive information on one of Europe’s largest financial services groups has been purchased on an internet auction site for just a fiver.

Well, this is what happens when you follow links to related stories… Thanks to Chris for pointing out that this story was old enough to print on Gutenberg’s machine…

Chris R Says:
November 14th, 2007 at 1:11 pm e
Um, isn’t that story from June 2004?

Chris R Says:
November 14th, 2007 at 3:08 pm e
… one of the clues is the fact that the National Hi Tech Crime Unit no longer exists. http://www.nhtcu.org/