The media and public are rightly outraged by the Revenue and Custom’s loss of two CDs containing the personal details of 25 million people receiving child benefit.
But I feel the loss is relatively trivial compared with the potential harm of a similar data loss when the Government starts rolling out its pernicious ID card and associated databases next year.
It’s all very well for the Government to say the child benefit data should never have left the building it was contained in, and to point the finger at a “junior official”, but any system is only as strong as its weakest link.
If you don’t want valuable material to be lost, then you don’t store it all in one place, you do not allow anyone to access it individually without oversight, and you most definitely do not allow anyone to withdraw the material on their own.
The child benefit data only contains names, addresses, children’s names, dates of birth, bank account details and the like.
It does not allow direct access to bank accounts unless people have been foolish enough to choose their children’s names or dates of birth as their password.
It does not allow easy, direct impersonation of the individuals held on the child benefit system.
What the loss potentially does is give criminals access to sufficient data to begin identity theft, which is serious but not as serious as the harm that could be done by the Government’s National Identity Register, a linked group of three databases.
The NIR will contain 50 categories of identity information, including full name, all aliases and former names, date of birth, place of birth, gender, signature, all 10 fingerprints, a digitised facial scan, digitised iris scans, all present and former addresses in the UK and overseas, and more.
The Government promises there will be safeguards, but given the effectiveness of the safeguards on existing systems, such as the child benefits database, you have to wonder just how effective these will be.
This is especially the case as the NIR will be open to a much broader user group than child benefits database is.
The NIR will be available to up to “265 government departments and as many as 48,000 accredited private sector organisations”.
What’s more, the Government has known for some time that centralised databases are vulnerable to infiltration by criminal gangs involved in identity theft.
And as the child benefits CD fiasco shows, there’s also a serious risk of government officials taking shortcuts and losing the data.
Or perhaps even “losing” the data when in reality they’re taking it for criminal ends - in which case we might not know for weeks or even months that there has been a leak.
But it gets worse.
As the Guardian revealed yesterday, two-thirds of family doctors plan to to boycott the Government’s scheme to put the medical records of 50 million NHS patients on a national database.
Doctors fear the database will be open to abuse and hacking.
Even worse, you will not be asked if you want your information on the database as the Government says NHS patients have “implied consent”.
In other words, you will be on the database unless you specifically opt out.
The result is that much more personal information on you will soon be held in several enormous Government databases, including all your personal identification details and all your medical history.
So, by all means be concerned about the child benefits data loss, but be even more concerned about the potential for harm should the Government’s ID and NHS database plans come to fruition.
I initially used a hilarious juxtaposition from the Sun to illustrate this, but another Aberdeenshire blogger beat me to the punch so I’ll defer to him.
For a good laugh have a look at what Microshaft published first…
I have never seen why people don’t want identity cards………I can now!
Nice post and thanks for the link. Having just read some more it appears that basically all staff at the office where the “junior” worked at Customs and Excise could have lost the data. There is no knowing if someone has done this before and just handed out the data. Security appears to have been non-existent.
What is even more obnoxious about this scheme is that we are supposed to pay uprfront for the ID cards at over 100 apiece, regardless of ability to pay. They are of no value to us, certainly offer no protection from terrorists (either foreign or domestic), and, in fact, threaten our privacy/security - so why should they be forced down our throats?
Total control by government …. socialism gone mad ….. what is next ….. is the pink government going to move to a brighter reddish hue in time.
Fingerprints and all!
What will happen to foreign visitors, will they accept these draconian measures, will tourism be affected? Politicians, who needs them?
I for one, with family in the UK, would think very carefully before accepting such control by your government.