3 November 2008

Security Begins At Home (Office)

Well, it's happened again; though the Department of Work and Pensions says there's nothing to worry about, millions of private identities are on the loose - again.

This time, a data stick containing the passwords of people who used the UK Government's Gateway system for everything from tax returns to fine payments was found - wait for it - in a pub car park. Do you want to know how many times the identities of UK citizens have been lost since the amazing bungle that saw 25 million child benefit claimants' details lost in the post last year?

According to the Daily Mail, the Information Commissioner says it's 277. That's data loss incidents, not lost identities.

A couple of months ago, I tried calculating the number of identities government contractors have lost for an article I was writing. My estimate was that about half of us have had our details lost (some of us multiple times) by the very people who should know better - contractors cleared to work on or engaged in managing supposedly secure UK government systems. But are these systems even secure in any meaningful sense when it's clearly possible to simply copy live, sensitive data to a USB pen drive, slip it in your pocket and leave the building so to speak, or when it's possible to take a laptop containing such data home and leave it to be stolen from the back of your car overnight?

The concept of "secure" when applied to government data systems seems increasingly to be a nonsense. What the hell was someone doing with live data in a pub car park anyway? This leads me to a very grave question; one I'd seriously rather not be asking, but one that needs asking.

How long until someone reads the data they find on a lost USB stick or stolen laptop, and realises it's worth far more than simply punting the hardware around the pubs or on eBay? What happens when someone with serious terrorist intentions buys such data and picks YOUR identity at random to buy the equipment for an atrocity? How do you explain to the very nervous anti-terrorism officer screaming and pointing a loaded machine gun at you that you're an innocent, law-abiding dupe, and that it's the government itself that's ultimately responsible? The answer is, you can't.

The rate at which the government is haemorraging our identities is horrific: 277 data loss incidents divided by 12 months is an average of 23 incidents a month or about 5 a week. Under any circumstances, this is completely unacceptable. In such apparently dangerous times, it's deeply and criminally incompetent to the point of recidivism. It's getting to the point where I'm seriously beginning to fear that not only will politicians but the civil service itself lose the confidence of the British public. What happens then? I shudder to think what stupidity may pass for a solution, or what dangerous new influences the country may fall under as we look for a quick fix to a terrible mess.

Instead of our Home Secretary insisting that we, the poor sods who form the great mass of innocent potential terrorism victims, must be monitored ever closer, the state should be watching those whose job it is to keep us safe. Because no one in Whitehall seems to have figured out who those people are, I'll spell it out. They must begin with the people we have no choice but to trust with all our identities. Ultimately, that's themselves.

Stumble Upon Toolbar

It's the roof, silly...

Cannabis use in the UK has fallen since the drug was downgraded to Class C in January 2004 . That's not an opinion; it's a fact compiled by the Government itself. Illicit drug use in Britain is down across the board according to the British Crime Survey. But why would this apparent paradox be so?

Maybe, and this really is an opinion, all the people who were going to smoke dope anyway are still doing so, but those for whom the illegal status was the thrill failed to see it in such a glamorous light once downgraded. So, if downgrading shook out the market, why the hell is the UK government trying to reclassifying cannabis to class B again in January 2009? Does this sound sensible to you?

Apparently, the proposed reclassification is required because "skunk" - the powerful herbal variety of dope - is prevalent in the market and the Government want to be able to go after the farmers. Well... why don't they? After all, this is a government that's good at applying laws incorrectly. It recently applied the Anti-terrorism Act to seize Iceland's assets!

More properly, why not simply split out skunk from the more traditional and milder resinous form of the drug and reclassify it in isolation? Or split out skunk farming? After all, if it's genuinely cause and effect that downgrading led to lower use, surely putting all forms of dope back up to Class B will increase it's overall use again. I'm so confident of this happening, I'm actually thinking of putting £10 on at Ladbrokes. The problem is, it's so obvious, I doubt I'd get anything better than evens.

This muddle smacks (if you'll pardon the expression) of a man who on a Bank Holiday Sunday hears a dripping sound in his attic. He tells his neighbour that he plans to call a plumber out to fix the header tank. The neighbour looks into the attic and tells him he needs to fix the roof because that's the source of the leak, not the header tank. No, demands the householder: a plumber to fix the header tank is what he wants. In other words, only a fool begins with a conclusion, but it takes an even bigger fool to stick with it.

Stumble Upon Toolbar