25 February 2009

ID Card Database *Already* Breached

That's almost before it's come into existence:

The breaches of the Customer Information System (CIS), which is run by the Department of Work and Pensions, were revealed in a DWP memo to housing benefit and council tax benefit staff on 15 January.

CIS is designed to give local authorities access to citizens' data, including HMRC tax-credit information. In 2006, it was decided that the ID card project would use CIS for biographical information, to avoid having to create a new, monolithic database of the UK's inhabitants.

In the DWP memo, the government department said that desktop access to CIS had helped to "significantly improve service delivery" to citizens, but noted that a series of checks had identified that some local-authority staff were committing serious security breaches using the system.

What makes it even more risible is the following comment:

"The breaches were not necessarily someone purposely going on there and checking something they shouldn't," the DWP spokesperson said. "They could be inadvertently clicking on information."

Yes, that will be a good excuse, won't it: honest guv, I just inadvertently clicked on Gordon Brown's ID card information....

And then, of course, there is the canonical "white is black", "up is down", "bad is good" bit of spin:

The DWP's spokesperson did not respond to a request to describe how it might be possible to break these rules by inadvertently clicking on information in the CIS database, but did claim the number of breaches revealed in the memo showed the system was secure.

And presumably it will use the increasing number of breaches to prove the increasing security of the system in the future.


Anonymous said...

I just read your comment about Ryanair via Twitter - had to come here and ask if you know that one part of their website requires Silverpuk.. light to work?
Try viewing "Destinations" on their site.
It used to work all right with flash, but not since their recent deals with the devil himself.

Glyn Moody said...

No, I'd not seen that particular downgrade. All of a piece, though....