December 9, 2007

Could this be the way to defeat the National Pupil Database?

21st Century Eugenics

December 8, 2007

Apparently poverty makes you a bad parent:

Children as young as two are to be offered free nursery care in a government drive to intervene in the lives of disadvantaged children at the very earliest stages of their development.

The subsidised places, to be targeted at poorer parents, are part of a major overhaul of early-years learning that children’s secretary Ed Balls will present to the Commons next Tuesday.

I’d love to think that the Guardian is exaggerating, but experience tells me otherwise.

Data for free

December 7, 2007

Simon Jenkins in today’s Guardian:

The groups most eagerly awaiting the government’s ID computer are criminals and terrorists. The home secretary, Jacqui Smith, will supply them with detailed, supposedly confidential identification, including digitised biometrics, of every British citizen and visitor passing through immigration. …NHS hackers will be able to offer employers and insurance agents any patient’s full medical records. The government’s ContactPoint child database is about to go online at an annual cost of £41m. It will identify and locate all Britain’s 11 million children under 18, including those of celebrities. No opting out will be allowed and the base will be legally accessible to 330,000 officials – which means to everyone.

Contactpoint EDM

December 5, 2007

You might want to ask your MP to sign up to this Early Day Motion


Brooke, Annette

That this House notes the announcement by the Parliamentary Under-Secretary of State for Children, Schools and Families of the deferral of the implementation of ContactPoint to allow for an independent assessment of its security procedures by Deloitte and to address the changes to ContactPoint that potential system users have suggested, but regrets that this review will not extend to the design and content of ContactPoint; expresses concern over the safety implications of such a vast database containing potentially sensitive information in the light of security breaches at HM Revenue and Customs; further expresses concerns about the projected costs of ContactPoint; notes the conclusion of the House of Lords Select Committee on Merits of Statutory Instruments that the Government has not conclusively demonstrated that a universal database is a proportionate response to the problem being addressed; and therefore calls upon the Government to reconsider its decision to proceed.

Babes in the Wood

December 5, 2007

Plenty more to come apparently:

MPs have been warned further revelations of data security breaches are likely in the wake of the HM Revenue and Customs (HMRC) data blunder.
Information commissioner Richard Thomas said yesterday a string of private and public sector organisations have told him in recent weeks they have had problems with lost data.

Meanwhile we hear that the DWP recently wrote to all local authorities advising them to password-protect Housing Benefit data, regularly copied on to CD-Roms and sent by courier to Newcastle. What data are we talking about? It includes:

– Name
– Address
– NI Number
– Date of birth
– Ages of children
– Employment and housing status
– Any other benefits applied for/received
– Details of income
– Whether they have a partner
– Whether they are currently in prison
– Whether they have been referred to fraud investigators

The password that would allegedly guard this data was sent to every local authority in an unsecured, unencrypted email. It was the same password for each LA, and they were advised that they should use it on each occasion (pdf) that they submitted their Housing Benefit return.

The more that emerges about government data protection and security practices, the stronger the image grows of a bunch of rookie lab technicians at Porton Down, idly taking the rubber bungs out of stored test-tubes.

And on it goes…

December 2, 2007

I expect most people saw this, and now there’s even more:

The Department for Work and Pensions has suspended all “data exchanges” with local authorities because discs containing details of council tax and housing benefit claimants have been mislaid.

The loss of information, including national insurance numbers, names, addresses and birth dates, was confirmed in a confidential memo last week from the Local Government Association to councils.

At least 45,000 names and personal details are known to have gone missing from one council, with the DWP admitting last night that more authorities have lost discs.

Just what on earth has been going on? No doubt we’ll be told that the government has ‘learned lessons’ and it really won’t happen to Contactpoint/eCAF/NIR/NHS care records (insert any other national database name here). But ask yourself: if an electrician screwed up your re-wiring so badly that everyone got shocks, would you honestly let said electrician through your front door again?

What it indicates is a culture of corner-cutting and sloppiness that has rendered data protection meaningless. It also demonstrates perfectly that the greatest threat to data security comes from insiders. Not even malicious insiders, but ordinary people being careless.

No doubt if Contactpoint et al get off the ground, everyone will be Very Careful for a while, but ten years down the road, when it’s just another database and the public has stopped looking too closely, what’s the betting that the scenes of the last couple of weeks will be replayed over and over again?

Desperate stuff

December 1, 2007

This is getting pathetic:

Police have visited London rubbish tips in their hunt for missing computer discs containing personal details of 25 million people.

Maybe they could look out for my missing keys while they’re at it?