Now we see what the response will be to future escapes of data should the NIR go online:
Nine sacked over National Identity Scheme breaches
Nine staff have been sacked from their local authority jobs for snooping on personal records of celebrities and personal acquaintances held on the core database of the government's National Identity Scheme.
They are among 34 council workers who illegally accessed the Customer Information System (CIS) database, which holds the biographical data of the population that will underpin the government's multi-billion-pound ID card programme.
The disclosures, obtained by Computer Weekly using the Freedom of Information Act, will add to calls for the government to come clean over the security of the National Identity Scheme.
The CIS database, run by the Department for Work and Pensions, stores up to 9,800 items of information on 92 million people, including sensitive data, such as ethnicity, relationship history, whether someone is being investigated for fraud and whether they have special needs.
Freedom of information requests by Computer Weekly, have uncovered a string of breaches by council workers:
- Cardiff and Glasgow councils sacked staff after they looked up celebrities' personal records
- Tonbridge and Bromley councils sacked workers for looking up their friends
- Brent sacked someone who looked at their girlfriend's details
- A worker at Torfaen was sacked for looking at his own details
But this may just be the tip of the iceberg. Many of the breaches were discovered after sample checks, raising concerns that other breaches may gone undetected.
Over 200,000 government officials have access to the database, including staff at 480 local authorities, and numerous government departments, including the Department of Work and Pensions, HM Revenue & Customs, and the Courts Service. The Child Support Agency uses the CIS to trace missing parents,
Gus Hosein, a management systems academic with the London School of Economics, said that breaches were inevitable.
"Human nature and the propensity of governments to abuse privacy means that the only real safeguard is to not collect this information in the first place," he said. "Create a central store and you will get abuse".
A DWP spokesman said, "The small number of incidents shows that the CIS security system is working and is protected by several different audit and monitoring controls, which actively manage and report attempts at unauthorised or inappropriate access."
In other breaches discovered by Computer Weekly, Exeter sacked someone for being unable to justify an access to the database. Hertsmere and Penwith (now part of Cornwall) councils sacked people for looking at records they shouldn't, but couldn't say what the records were.
Carmarthenshire Council disciplined a person who illegally used the CIS to look at the records in July 2008 of someone "known personally" to them, but refused to give details. Solihull took disciplinary action after a CIS breach in February 2008.
Peter Sommer, visiting professor at the London School of Economics Information Systems Integrity Group, said, "Any system in which you have a large number of users can never be secure. Instead of giving generalised assurances, the government should say explicitly what level of security failures they consider to be acceptable. Politically, that is a very awkward thing to say."
The government plans to extend use of the CIS, beyond its present community of DWP government partners and customers. Its next phase of development, called CISx (CIS cross-government), will give access to departments such as the Driver and Vehicle Licensing Agency.
This is not just the 'tip of the iceberg'. It is the beginning of the mass violations.
Imagine if this sort of thing was being done by every worker in the public sector. If it was discovered, would they sack literally hundreds of thousands of people who would be effectively irreplaceable?
The fact of the matter is that they would not sack them, but would instead, discipline them. And of course, such disciplinary action would not put the data back in the database.
How do the people who ordered the sacking of these workers know that copies of the data were not made? For all they know, screen-grabs of the entries were made and passed around at the pub for fun.
This is the danger we have been talking about for almost a decade; once the data is out, it can never be put back.
No matter what they say, no matter what assurances they give, they will never be able to secure data in databases. Period.
And here we go again:
ContactPoint database could put 11 million children at risk
Every child in England could be at risk because of security failings in the Government’s controversial children’s database, experts have claimed.
ContactPoint is designed to help protect England’s 11 million children by giving officials a single register of their names, ages and addresses as well as details of their schools, parents and GPs.
But the database is riddled with security failings so serious that “even a child” could steal sensitive information from it, according to Overtis Systems, the data safety specialists.
The £224m system has already been delayed three times over security fears, but 800 pilot workers are currently using it and 390,000 teachers, social workers and other professionals will have access by the end of the year.
Ongoing faults mean the system is vulnerable to viruses and spyware, and users could have their sessions “hijacked” while away from their computers, Overtis Systems said.
The size of the database makes it difficult to monitor suspicious activity and it remains so easy to copy the data that a child would be capable of doing it, the data security specialists also claimed.
“Why the government has created this security headache in the first place, particularly when their track record on data handling raises serious questions, is something of a mystery,” said Richard Walters, Product Director at Overtis Systems.
He also called on the Government to drop the details of millions of children from the system, leaving only information about those who have received social care services, and said biometric finger-vein devices should be used to verify the identity of authorised users.
ContactPoint was proposed in the wake of Victoria Climbié’s murder in 2000 as a way to help social care professionals safeguard children, and has become a central plank of Labour’s policy.
But critics claim the system places children at greater risk, with the Conservatives promising to scrap it if they come to power.
Tim Loughton, the shadow children’s minister, said: “It’s becoming horribly clear that ContactPoint will be about as secure as a paper bag.
“We have to pull the plug on this expensive and dangerous project before it places millions of vulnerable children in harm’s way.”
A spokesman for the Department of Children, Schools and Families accused Overtis Systems of a “PR stunt” and dismissed their concerns.
“ContactPoint has numerous security controls in place which include procedural user controls and the effective management of those controls,” she said.
The only problem with this article is the title. ContactPoint WILL put 11 million children at risk, and that is a FACT.
In the end, should all of these databases they are proposing go live, some dunderhead will have a eureka moment and say, “Why don’t we put all of this data into one system? it is insane to have replication across so many different databases…think of the savings we could make! The NIR should be sole database holding absolutely everything….make it so!”.