Filed Under: People, Political, legal and regulatory

Data sharing sounds good, but it is dangerous

Leave a Comment

[Dave Birch] It’s not appropriate to say where, but I recently happened to be in a seminar where I saw a member of the German parliament talk about the sharing of data between law enforcement agencies. He used the example of the Austrian and German police exchanging fingerprints and DNA samples and pointed out that cross-border searches had had “many thousand” hits (i.e., a fingerprint gathered at a German crime scene shows up in a search by Austrian police). He called for all EU27 countries to share this kind of data.

Naturally, we are all in favour of tracking down the perps (sorry, been thinking about Judge Dredd again — “I am the law”) across borders, but hold on. Am comfortable about my fingerprints, DNA and personal data being shared with, say, Swiss law enforcement agencies? I may be traducing them unfairly but I have no knowledge of the rigorous data protection and security enforcement procedures within the Swiss government. No, wait, I do…

According to a report from Reuters, sensitive information on counter-terrorism shared by several foreign governments was potentially compromised by a massive data theft at a Swiss intelligence agency. The data heist, according to what European national security sources told Reuters, was by an unnamed IT technician for the NDB, a Swiss intelligence agency.

[From Report: Swiss Spy Agency Warns Of Huge Data Leak from Insider | SecurityWeek.Com]

Even in the UK , with the most stringent data protection laws and ruthless enforcement, we find civil servants being disciplined all the time for unauthorised access to databases (and they are only the ones that are caught). Journalists, private investigators and criminals do not seem to have too much difficulty in getting access to personal data held by government departments and agencies as far as I can see.

Around 25 civil servants are being reprimanded each week at the Department of Work and Pensions for breaching rules governing its vast database, figures show.

[From Civil servants caught looking at private files in personal data breaches – Telegraph]

Still, at least the UK doesn’t have a national identity scheme with a database that stores everyone’s personal details in a structured and easily-accessible form…

Greek police have arrested a man on suspicion of stealing the personal data of roughly two thirds of the country’s population, police officials in Athens said on Tuesday. The 35-year old computer programmer was also suspected of attempting to sell the 9 million files containing identification card data, addresses, tax ID numbers and licence plate numbers.

[From Man arrested in Athens over ID theft of most of Greek population – thestar.com]

Sharing personal data to track down bad guys sounds like an Apple Pie policy (for UK readers: a Bread and Butter Pudding policy), one that you can’t possibly be against. The problem is, of course, that once the data genie is out of the bottle there’s no way of getting it back in again. I remember some of the discussions around TSB Encore project: once you’ve got a copy of my data, there’s no technological way for me to stop you doing anything you like with it (if there was, Hollywood would be using it). So it’s better not to share the data in the first place, except that doesn’t help us catch the bad guys.

I can understand why the Government wants more data sharing to improve the efficiency of public services but I can’t see how this isn’t going to end up in a Data Chernobyl unless we develop a more sophisticated approach to data sharing: encrypted storage, pattern-matching of encrypted data, pseudonymous identity infrastructure and all those other good things.

These are personal opinions and should not be misunderstood as representing the opinions of 
Consult Hyperion or any of its clients or suppliers

Please follow and like us:

One thought on “Data sharing sounds good, but it is dangerous”

  1. matslats@gmail.com' Matthew Slater says:

    You don’t consider the idea that government is the problem. That they are working with and for the criminals. This data is used to stamp out the competition and ensure they have a monopoly on organised crime. Let the petty criminals go. Serial killers bank robbers child abusers are utterly insignificant in the face of the crimes in the financial sector which the government is not pursuing

Leave a Reply

Your e-mail address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.