Losing contact with reality

[Dave Birch] When I first heard about the government’s “Children’s Index” project, I was quite scathing about it (perhaps a little over the top in one or two places) because I felt that the basic concept was so transparently flawed that the management consultants should have been sent away with a flea in their before it ever got near a gateway review. It looks as if it’s turn out to be an even bigger waste of a quarter of a billion pounds than even I had suspected. It’s been delayed yet again and who knows when, and it what cut-down form, it will ever be used. If it isn’t delayed indefinitely until it is quietly scrapped.

A fundamental flaw with the scheme (now known as ContactPoint) is the idea that you can give upwards of a third of a million people access to a system and expect its contents to remain secret in any kind of cost-effective way. And, of course, any sensible person would reason similarly:

If you allow large numbers of people access to sensitive data it’s never going to be secure. You can’t protect it. ContactPoint should simply never have been built.”

[From Database delayed: Critics fear children may be in danger | Education | The Guardian]

The dangers inherent in this kind of system, that collects sensitive data and then opens it up, do not need to be repeated. Nor are the restricted to the public sector. In today’s Korea Times I read that:

Two CDs, containing the private information of more than 11 million people (including politicians and government ministers) were found in pile of rubbish in Seoul. GS Caltex, the oil company from where the data had leaked, said that they took private information very seriously and only 12 employees were authorised to access the database.

They can’t keep the stuff safe with only 12 authorised users, so goodness knows how ContactPoint is going to keep it safe with 300,000 of them. It would only be a matter of time before some minor functionary in local government left a laptop on a train, or a management consultant analysing the data lost a USB key, or whatever, and the whole database would be exposed.

Subscribe to our newsletter

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

By accepting the Terms, you consent to Consult Hyperion communicating with you regarding our events, reports and services through our regular newsletter. You can unsubscribe anytime through our newsletters or by emailing us.
Verified by MonsterInsights