Nine sacked for breaching core ID card database
Discussion
in the guardian today of all places...
surprised no one else has picked up on it today (ie mail)...
BAsically as soon as there is one catch all database, their will be massive incentive for people to access it for personal gain, selling off info to crims, etc
http://www.guardian.co.uk/commentisfree/henryporte...
this ID database is the biggest risk to personal data security possible
http://www.computerweekly.com/Articles/2009/08/04/...
B
surprised no one else has picked up on it today (ie mail)...
BAsically as soon as there is one catch all database, their will be massive incentive for people to access it for personal gain, selling off info to crims, etc
http://www.guardian.co.uk/commentisfree/henryporte...
this ID database is the biggest risk to personal data security possible
http://www.computerweekly.com/Articles/2009/08/04/...
B
Edited by BJWoods on Tuesday 18th August 09:08
yep, come to the uk, the organised crime gangs, destination of choice for identity theft...
let alone, foreign gov, terroists, petty snoopying, insurnce snooping, etc,etc
all in one place, yours for a small bribe to one of many hudreds of thousand of people with access..
or for a biiger bribe, someone with technical access, ie whichever consultancy has it this week, of course noe of it will evre be outsourced abroad, for cost control, willit. where data security/bribery may not (if possible) be even laxxer than here.
B
let alone, foreign gov, terroists, petty snoopying, insurnce snooping, etc,etc
all in one place, yours for a small bribe to one of many hudreds of thousand of people with access..
or for a biiger bribe, someone with technical access, ie whichever consultancy has it this week, of course noe of it will evre be outsourced abroad, for cost control, willit. where data security/bribery may not (if possible) be even laxxer than here.
B
Puggit said:
So how can I raise a FoI request to find out what data is stored about me, and who accessed it, and why?
If we all did this...
You dont need a FOI request.... by LAW you have a right to see any and all data that relates to you..... so if you want to see the content of the database that is about you... it is within your rights to do so... Wether the scumbags would let you see it is another question entireley...... would love to see someone try that and take it all the way to the european court of human fungus (rights)If we all did this...
Puggit said:
So how can I raise a FoI request to find out what data is stored about me, and who accessed it, and why?
If we all did this...
If you want to see information held on the DWP's CIS database, you will need to contact the DWP and ask for a copy of it, in your request you may want to mention that whilst you have every right to see what is held about you, you will make further requests under the FOI act if your initial request is refusedIf we all did this...
Your request can be sent into them via Email and they HAVE to respond to it in a timely fashion
Puggit said:
Eric Mc said:
What did they expect?
NOTHING can be 100% secure.
Yes, but inviting local council workers with nothing better to do then spend their time snooping in the database is a 100% sure-fire way of creating problems.NOTHING can be 100% secure.
When I worked for a very large credit card company everytime I accessed an account it was logged (or footprinted), so management could check at any time who's account I was looking at and why. They would also regularly audit my work to ensure I wasn't "snooping" around. Under the terms of my contract I could be fired for any inappropriate access.
Regular auditing combined with instant dismissal and the possibility of legal action would make such "snooping" unlikely IMO.
I'm still opposed to large centralised databases outside the NHS though.
nonuts said:
G_T said:
Regular auditing combined with instant dismissal and the possibility of legal action would make such "snooping" unlikely IMO.
You reckon that'll happen in the public sector?In my experience the public sector are amongst the biggest morons in our society. Trusting them with something this important is definately a very bad idea.
G_T said:
Puggit said:
Eric Mc said:
What did they expect?
NOTHING can be 100% secure.
Yes, but inviting local council workers with nothing better to do then spend their time snooping in the database is a 100% sure-fire way of creating problems.NOTHING can be 100% secure.
When I worked for a very large credit card company everytime I accessed an account it was logged (or footprinted), so management could check at any time who's account I was looking at and why. They would also regularly audit my work to ensure I wasn't "snooping" around. Under the terms of my contract I could be fired for any inappropriate access.
Regular auditing combined with instant dismissal and the possibility of legal action would make such "snooping" unlikely IMO.
I'm still opposed to large centralised databases outside the NHS though.
I used to work in the head office (data function) of a large UK highstreet bank. They had similar procedures to those ones you describe, where my actions would be logged and potentially scruitinsed with firing an option. There were also alert flags on high profile individuals which would immediately set 'alarm bells' ringing in another dept if any of us looked them up.
However this is only punishment after the incident has happened. The data would have escaped then and could no be retrieved. Criminal gangs would not find it hard to place people, or sufficiently bribe people already in place.
mrmr96 said:
You may well get questioned and if you can't provide a decent answer then you'll be sacked. Doesn't sound like there was anything to STOP you though?
I used to work in the head office (data function) of a large UK highstreet bank. They had similar procedures to those ones you describe, where my actions would be logged and potentially scruitinsed with firing an option. There were also alert flags on high profile individuals which would immediately set 'alarm bells' ringing in another dept if any of us looked them up.
However this is only punishment after the incident has happened. The data would have escaped then and could no be retrieved. Criminal gangs would not find it hard to place people, or sufficiently bribe people already in place.
But that's life though isn't it? You cannot prevent all crime whilst maintaining freewill and you can only prosecute after a crime has been committed. As Eric said, nothing is 100% secure.I used to work in the head office (data function) of a large UK highstreet bank. They had similar procedures to those ones you describe, where my actions would be logged and potentially scruitinsed with firing an option. There were also alert flags on high profile individuals which would immediately set 'alarm bells' ringing in another dept if any of us looked them up.
However this is only punishment after the incident has happened. The data would have escaped then and could no be retrieved. Criminal gangs would not find it hard to place people, or sufficiently bribe people already in place.
After the recent fk ups, I would like to think the system will be fairly secure but I fully expect leaks to happen. My point is that such leaks will hardly be common place. The EU legislation on data protection is very strict (as I'm sure you know!) and our government could be chastised if the EU commission felt they were not maintaining adequate security. The EU is supposedly already keeping a close eye on our Big Brother government.
I do still remain unconvinced that such a system is anything other than a waste of taxpayers money though.
Gassing Station | News, Politics & Economics | Top of Page | What's New | My Stuff