The Risk Factor

I often wonder why government officials think your private information is their private information.

A news item that appeared on the UK Register website reveals that the NHS appears to be planning to share patient information with the social services, education and police. The controversy about patient privacy in the age of electronic health records is not new in the UK, and has been simmering over the past couple of years. Patients who are worried about their privacy can opt-out: I suspect many more will decide to now.

Give government the capability to gather information, and it will.

The US Department of Defense announced that it was shutting down its controversial Talon data gathering program.

Talon was established in 2002 by then-Deputy Defense Secretary Paul D. Wolfowitz as a way to collect and evaluate information about possible threats to U.S. servicemembers and defense civilians at stateside and overseas military installations. It is being closed because reporting to the system had declined significantly, and it was determined to no longer be of analytical value, said Army Col. Gary Keck, a Pentagon spokesman.

A reason for its shut down was noted in an article in Government Executive,

A June 2007 report by the Defense Department's inspector general found that counterintelligence officials "maintained TALON reports without determining whether information on organizations and individuals should be retained for law enforcement and force-protection purposes."

In addition, the article notes that:

To ensure a mechanism to document and examine potential threats, Assistant Defense Secretary Paul McHale plans to propose a new, streamlined reporting system that can better meet the Pentagon's needs, an agency press release said. In the interim, Defense Department officials will send information pertaining to protection concerns to the FBI's Web-based threat tracking system.

What a "streamlined reporting system" means hasn't been explained, but past history says don't place bets that it isn't going to resemble a data vacuum cleaner.

The Department of Homeland Security (DHS), after spending $42 million, has shut down its anti-terrorism data-mining tool Analysis, Dissemination, Visualization, Insight and Semantic Enhancement (ADVISE). Seems that it was being tested with information on real people rather than made-up data, which was against policy and probably the law.

According to the AP story, "ADVISE is not expected to be restarted," DHS spokesman Russ Knocke said. DHS' Science and Technology directorate "determined that new commercial products now offer similar functionality while costing significantly less to maintain than ADVISE."

ADVISE (I wonder how long and how much it cost to come up with that acronym) was supposed to, among other things, report on suspicious people going through customs. In a bit of multiple ironies, the London Guardian disclosed just the day before ADVISE was being closed, that the Metropolitan Police's Special Branch had been spying on George Orwell.

One report from 1942 noted that Orwell was a suspicious character because he dressed "in a bohemian fashion both at his office and in his leisure hours."

Hmm, I wonder if ADVISE was also data mining for people who fit the profile "bohemian fashion," "work hours"and "leisure hours" as a match for "suspicious person." If not, maybe the new, commercial data mining products can be set to be lookout for these characteristics - never know who you might catch.

And just think what Special Branch could have done with ADVISE back then.

A nice little column by consumer reporter David Lazarus in the LA Times today on privacy - or the lack thereof - when a person signs up for a bundled subscription package, e.g., voice, video and Internet services, from one company.

According to Lazarus, if you sign up for Time-Warner's package in California, for example, the privacy agreement states that the company can monitor watch you watch on television and who you call, but what sites you surf and things you buy. It also says that Time-Warner is going to keep that information as long as you are a subscriber and up to 15 additional years, supposedly for "tax purposes."

And one more thing - Time-Warner says that it can also monitor what you send in e-mails if you use their service.

Given all this information about what you're doing and thinking, you'd at least think its customer service would be better. Or maybe that is why it is rated poorly.

As reported in ComputerWeekly, a UK National Health Service (NHS) primary care trust admitted that some 50 staff members viewed the the electronic records of a celebrity who had been admitted into its care. At least it wasn't like what happened to a baseball player in New York a while ago, who had over 150 hospital staff looking at his records.

It has been been argued by electronic health record advocates that medical records are more secure because you will be able to tell who had access to them, therefore this would provide a deterrent to snoops, but as the report above notes, this may be less effective than proclaimed.

On the same day as this story hit (an interesting coincidence), the non-profit group called the E-Health Vulnerability Reporting Program (EHVRP) released their 15-month study assessing the security risks associated with electronic health record (EHR) systems. Quoting from its executive summary:

• In all cases, evaluated EHR system vulnerabilities could be identified using standard tools and techniques. Subsets of these vulnerabilities were exploited to gain control of the application and access to data to demonstrate the potential consequences.

• EHR vendors are either not disclosing or inadequately disclosing system vulnerabilities to customers, preventing organizations from appropriately managing risk or implementing compensating controls.

• No industry organization could be identified that has established guidelines or practices to appropriately mitigate and manage risks associated with ehealth systems.

• No industry organization could be identified that has the responsibility, charter or mission to address security vulnerabilities in ehealth systems.

The bottom-line: there is a lot more work to do to ensure EHR security and hence privacy.

The San Jose Mercury News (subscription may be required) reported that a US Department of Commerce agent used government computers to spy on the travel movements of his ex-girl friend at least 163 times between mid-2003 and mid-2004. He used the Treasury Enforcement Communications System (TECS) to perform his spying.

According to the US Internal Revenue Service website, "TECS is a computerized information system designed to identify individuals and businesses suspected of, or involved in violation of federal law. The TECS is also a communications system permitting message transmittal between Treasury law enforcement offices and other Federal, national, state, and local law enforcement agencies. The TECS provides access to the FBI’s National Crime Information Center (NCIC) and the National Law Enforcement Telecommunication Systems (NLETS) with the capability of communicating directly with state and local enforcement agencies. The NLETS provides direct access to state motor vehicle departments."

The agent faces up to five years in prison, a fine of $250,000 and a three-year term of supervised release. There is no word if his ex-girl friend is going to file stalking charges.

The Office of the Information and Privacy Commissioners of Alberta and Calgary, Canada, released a report today on the TJX data breach. Not surprising, the report found that TJX skimped on privacy safeguards. It appears that initial access into TJX computer systems was via the wireless local area networks at two of its US stores.

This coming Thursday, the 4th of October, will be the 50th anniversary of the launching of Prosteishiy Sputnik (or the Simplest Satellite) and the beginnings of the Space Age and Space Race. Only now is the fascinating back story detailing the events leading up to the launch coming out in the open.

For instance, the public was told that the object they were seeing as it twinkled across the night sky was Sputnik itself. However, the satellite weighing in at 184 pounds was too small to be seen with the naked eye. What people actually were looking at was the second stage of the booster rocket used to lift Sputnik into orbit. Interestingly, the Soviet leadership at the time did not at first realize the magnitude of their achievement until the Western governments and press made a big deal out of it.

Yesterday, Fairchild Semiconductor celebrated its 50th anniversary as well. Founded by Gordon Moore, Robert Noyce, C. Sheldon Roberts, Victor Grinich, Eugene Kleiner, Jean Hoerni and Julius Blank, and Jay Last with $3,500 of their own money, the company helped make Silicon Valley. Fairchild perfected the capability to mass produce transistors from a single wafer, whereas up to this point only one transistor could be produced per wafer. The company also created the monolithic integrated circuit and the planar transistor, which is still the the primary method for producing transistors today.

Moore and Noyce left 11 years later to start another company in the Valley, something called Intel.

According to today's Boston Globe (registration may be required), the Massachusetts Appeals Court upheld the accuracy of information received from automobile event data recorders (EDR) for use in court cases. Event data recorders, sometimes called car "black boxes," are devices installed in a motor vehicle to record technical vehicle and occupant information for a brief period of time (seconds, not minutes) before, during and after a crash, according to the National Highway Transportation Safety Association website.

An EDR may record (1) pre-crash vehicle dynamics and system status (e.g., wheel speed, engine rpm), (2) driver inputs (e.g., braking, acceleration), (3) vehicle crash signature, (4) restraint usage/deployment status, and (5) post-crash data such as the activation of an automatic collision notification (ACN) system. According to an article in Time magazine, some 64% of cars made today have EDRs, and about 33% of all cars on the road today have them installed.

In the Massachusetts case, a woman was sentenced to two years in prison after her GMC Yukon skidded on ice and hit a tree, killing her passenger in 2003. The woman claimed that she was traveling only 20 to 30 miles per hour when she lost control, but the car's recorder showed that she was traveling 58 m.p.h. in a 40 m.p.h. zone. Her lawyer appealed her case arguing that the EDR's information was not reliable or accurate.

Consumer and privacy advocates have been opposite sides of the debate. According to the Time article, Public Citizen's Joan Claybrook "wants tougher rules compelling automakers to install EDRs in every car because objective crash data will lead to the design of safer cars and highways. Privacy activists want the government to prevent police and insurance companies from checking drivers' black boxes without permission. 'We have a surveillance monster growing in our midst," says Barry Steinhardt of the American Civil Liberties Union. 'These black boxes are going to get more sophisticated and take on new capabilities.' "

Like most technologies, once out of the bottle, they can't be put back in. And when its a question of public safety or privacy, privacy usually loses. The same will likely be true in the case of electronic medical records.

Today's Washington Post has an interesting article and some neat video on the new class of insect-sized robotic spy cameras, some looking like dragonflies. The CIA tried this 30 years ago, according to the article, but gave up: seems the insectothopter couldn't be controlled in a cross-wind.

The Defense Advanced Research Projects Agency (DARPA) is funding a Hybrid Insect Micro-Electro-Mechanical Systems Project, which "is aimed at developing tightly coupled machine-insect interfaces by placing micro-mechanical systems inside the insects during the early stages of metamorphosis."

Some protesters at the 2004 Republican National Convention in New York claim they saw what looked like a dragonfly-like object suspiciously hovering as if spying on them. Law enforcement claims to know nothing about it, and an entomologist says that it was probably just a dragonfly.

However, the entomologist also says dragonflies don't fly in packs. So, if you see a bunch of dragonflies just kind of hanging around ...

As many as 40 employees at Palisades Medical Center in North Bergen where actor George Clooney and a companion was taken after his motorcycle accident a few weeks back are being investigated for looking at his medical records, with over two dozen suspended without pay so far. It is probably a safe guess that at least one leaked Clooney's records to the press, since the media reported in detail on his injuries within "minutes" of his admittance.

The employees got to Clooney's medical records by accessing the hospital's computers. Let's hear it for computerized medical records - makes spying so easy.

As I noted a few weeks back, a celebrity's (reported to be ex-English football coach Sir Bobby Robson) medical records were looked at in a UK hospital.

A Palisade's hospital workers union spokesperson said, "It was inappropriate but they [the employees who sneaked a peak] are paying a steep price. But I don't even think George Clooney would want people to pay. Again, the apology to him for his privacy rights [is necessary], but I think in fact the hospital is overreacting."

"There are hospital obligations to have security systems so that a breach can't occur -- obviously that failed," she added. The spokesperson also tried to argue that since the employees (for the most part) only looked at Clooney's medical record and didn't disclose it (what, other than to friends and relatives?), it was a "no harm, no foul situation."

I hate to differ - I think they all need to be terminated. Or how about this as a compromise: a full public disclosure of the medical records (or better tax records - what's the difference?) of all those who sneaked a peak, and for fairness, let's include the union spokesperson since she thinks snooping does not rate a suspension, let alone a firing. That's a fair trade, right?

Furthermore to say that it's the hospital's fault for not having technology to keep prying eyes out is more than a bit self serving. In the UK incident, for example, those authorized to look at Robson's medical records simply gave access to those who did not. Technology doesn't prevent bad behavior or a lack of personal responsibility.

With attitudes expressed by this spokesperson, I would say that ensuring the privacy of electronic health records still have a long way to go.

The Boston Globe reported this morning that the data breach at TJX affected 94 million customers, more than twice the number TJX had admitted to previously. According to the article:

"The data breach affected about 65 million Visa account numbers and about 29 million MasterCard numbers ...A Visa official also put fraud losses to banks and other institutions that issued the cards at between $68 million and $83 million on Visa accounts alone."

TJX claims its costs of the breach will remain about $256 million - although, given past history, I wouldn't place any bets.

I wonder how long ago TJX knew these "new" numbers, but "forgot" to let its investors (or customers) know.

BTW, the original hacker(s) have still not been caught.

Having grown up in New England but now living in Virginia, it has been a mixed week for me in the world of sports. Boston College beat Virginia Tech last Thursday night in Blacksburg, Virginia, coming from 10 points behind in the last four minutes to win and keep their number 2 ranking in college football. Then yesterday afternoon, the New England Patriots crushed the Washington Redskins for their eighth win in a row to keep their perfect season hopes alive. (Oh yes, the Bosox won the World Series again last night - but at least they weren't playing the Washington Nationals.)

Anyway, it must be great to be a sports fan right now in New England, except maybe for some Patriot season ticket holders. You see, last year the Patriots sued StubHub! (which is owned by eBay and enables fans to buy and sell tickets to sporting, concert, theater and other live entertainment events, even those that are otherwise sold out) for its list of people who were using the site to resell their Patriot tickets. The Patriots allow season ticket holders to resell their tickets at face value on the team's website, but prohibit all other resales.

StubHub! fought hard against the lawsuit, claiming it violated customer privacy, was anti-competitive, etc., etc., but the company was recently ordered by a Massachusetts Superior Court judge to turn over to the Patriots the contact information of every person who used StubHub.com to sell, attempt to sell, buy, or attempt to buy a ticket to a Patriots home game from November 2002 to January 2007. It is estimated that 13,000 names have since been turned over.

The Patriots, have remained mum on what exactly they are going to do with the information now that they have it. However, the Massachusetts court judge said that the Patriots intended to use the identities of the purchasers and sellers not only for this case, but also for its own other allegedly legitimate uses, such as canceling season tickets of 'violators' or reporting to authorities those customers that they deem to be in violation of the Massachusetts anti-scalping law.

At this time, the Patriots will most likely make it deep into the NFL play-offs, and, if they continue to play as they have so far this season, they have a decent chance to repeat as Super Bowl champions.

I wonder if the Patriots are going to drop kick some of their season ticket holders before or after the playoffs.

The Principal Deputy Director of National Intelligence, Dr. Donald Kerr, thinks, "Too often, privacy has been equated with anonymity; and it’s an idea that is deeply rooted in American culture."

That's apparently no longer a valid or reasonable idea. "In our interconnected and wireless world, anonymity – or the appearance of anonymity – is quickly becoming a thing of the past. ... Protecting anonymity isn’t a fight that can be won."

In addition, "We need to move beyond the construct that equates anonymity with privacy and focus more on how we can protect essential privacy in this interconnected environment...Instead, privacy, I would offer, is a system of laws, rules, and customs with an infrastructure of Inspectors General, oversight committees, and privacy boards on which our intelligence community commitment is based and measured."

So privacy means faith in government bureaucracy.

Except, of course, when these privacy laws, rules and customs get in the way of safety. Then privacy must give way.

But not to worry for, "Our commitment to safety and privacy are nothing new to us and they are values that we must continue to protect as we learn to do our intelligence job better."

In other words, the intelligence community is committed to protecting us and our way of life - which just needs to change to make it easier for them to get information on us to protect us from - us?

Sounds logical to me.

More on this can be read here.

The British press (here and here) is reporting on Gordon Brown's government desire for building "Fortress Britain" after it "unveiled a succession of security measures at airports, railway stations, sports venues and other public places."

By summer 2009, the UK government wants every person entering or leaving Britain to provide 53 pieces of travel information, including credit card information, travel contact numbers of where you are staying, travel plans, email addresses, car registrations being used in travel, the number of pieces of luggage taken, baggage tag numbers, all changes to the travel itinerary, etc.

Furthermore, passengers will have the privilege of paying a fee to the travel organizations who are going to collect and send all of this information to the UK government, and a UK government surtax to pay for its use and storage. But what price is your security, eh?

The UK government hasn't decided (yet) to require that the travel information be provided three days before the intended date of travel, like the US is contemplating. It does appear, however, that both the US and Britain are in a competition to discouraging foreigners from visiting and their own citizens from leaving.

Given the amount of information planned to be captured and stored indefinitely via this scheme and all the others in Big Brother Britain, maybe the smart thing to do is to start buying stock in database, data storage, and business continuity management companies.

Reuters is reporting that the UK government Chancellor of the Exchequer Alistair Darling informed parliament that "two discs containing information on 25 million Britons had disappeared after being sent through HMRC's courier, Dutch mail and parcel company TNT NV, and a police investigation was underway."

"The missing information contains details of all child benefit recipients: records for 25 million individuals and 7.25 million families," according to Darling. It was a "serious failure" he said - no kidding?

Hmm, let's see. The UK government desires every citizens' and travelers' DNA, every person's travel related details, has created a national registry of all children under 18, is developing a national ID card, etc., etc., and yet it can't guarantee basic protection to any of the information it collects.

Nice, very nice.

Details are now emerging on the lost confidential details of 25 million UK citizens. It appears that HM Revenue and Customs had established a practice of sending unencrypted data to the National Audit Office since March of 2007 to support its independent checks on the child benefit data, and would have likely continued if the CDs containing the information hadn't been lost in the mail last month.

Of course, the UK government is blaming the whole sorry affair on a "junior person" for not following procedures, that it wasn't an indication of a systemic failure (even though the same governmental agency had very similar security violations earlier this year), that an urgent review was being conducted to make sure it wouldn't happen again, that no one should panic (but do keep an eye on your bank account), yadda, yadda, yadda.

Prime Minister Gordon Brown told Parliament that, "I profoundly regret and apologise for the inconvenience caused"; the Chancellor of the Exchequer Alistair Darling said the episode was "catastrophic", "unprecedented" and "unforgiveable"; while the chairman of HM Revenue and Customs Paul Gray resigned, saying it was "a substantial operational failure." I do love British understatement, don't you?

Just to increase the sense of peace of mind of UK citizens, Richard Jeavons, director of IT implementation at the Department of Health admitted, when asked this week by a Commons Home Affairs Committee member about the security of the NHS Care Records Service database, i.e., "How confident are you that there won't be problems over [NHS] data and privacy?" responded that "You cannot stop the wicked doing wicked things with information and patient data..."

As a footnote, the UK government denied requests just last week from the Commons Health Select Committee to make information about NHS data security breaches public, saying that the information would, "add no value to the public understanding." I bet it wouldn't.

In regard to the massive loss of personal data by the UK government earlier this week, it has emerged that senior UK government officials had been repeatedly warned that sensitive data was at risk of being compromised months ago because of slack security procedures. However, even after being told this, officials insisted that the data protection approached being used were "fit for purpose" - i.e., acceptable. Shoe Number 1.

An almost exact replica of this problem happened in 2005 involving HM Revenue and Customs and UBS customers. At the time, HMRC said, "This is a one off incident in a single office which receives thousands of pieces of post per week. We are urgently reviewing our procedures to make sure this does not happen again." Yeah, right. Shoe Number 2.

Seems that senior officials at HM Revenue and Customs knowingly refused taking even minimum security measures to protect the data being sent to the NAO because it was seen as being too expensive to do so. Shoe Number 3.

These senior officials - not the "junior official" whom the government blamed for the mess (who in fact looks like an administrative clerk) - apparently also authorized the method of data security (password protection, not data encryption) and the means of getting the information to the NAO (on CD sent by unregistered post). The junior official was merely following orders. Shoe Number 4.

It has now come out that HM Revenue and Customs has had over 1,211 - yes, 1,211 - data protection breaches in the past year, but as I mentioned earlier - this was apparently seen as being perfectly acceptable. HMRC has refused to talk about them. Shoe Number 5.

A few more shoes hit the floor in the UK id scandal.

According to the London Telegraph, the cost to secure those missing CDs containing the personal details of 25 million UK citizens was a whopping £5,000. HM Revenue and Custom senior officials didn't want to spend that amount of money to filter out sensitive personal data because to do so would "overburden the business by asking them to run additional data scans/filters that may incur a cost to the department". The current estimated cost of mitigating the risk of losing the data may reach £200 million, even if no fraud is committed. Nove cost/benefit ration, don't you think.

The Chancellor of the Exchequer Alistair Darling claimed that senior HMRC managers were not informed for three weeks that the 2 CDs went missing. Yet, in fact, HMRC was told within 6 days of the CDs being sent that they were missing by their intended recipient, the National Audit Office (NAO). The children's chant of liar, liar, pants on fire seems most apropos here.

The BBC is now reporting that instead of just four CDs, there now appear to be six HMRC CDs containing UK citizen private information that are missing. No one should be surprised that this number steadily increases over the coming week.

In the same BBC report, there is now a growing row between the UK government and the banks over who will pay for any fraud that might be committed. The UK government says that the banks are responsible in making their customers whole, and the banks naturally are saying, wait a minute, the government should be the ones paying since it caused the mess.

Anyone want to bet that the government will win in shifting its moral if not legal financial obligation to the banks, and the banks in turn will soon jack up their fees as an excuse to pay for "future fraud payouts," as well as play hardball with any customer who claims id theft?

In the wake of the great UK ID scandal comes another bit of slightly jarring news from the UK. It turns out that discrepancies, albeit small in number, have been discovered in the UK National Criminal Intelligence DNA Database. As reported by the London Telegraph, the errors include "incorrect spellings, dates, police crime codes and duplications that have left many records compromised."

With 30,000 or so DNA profiles being added in each month, errors are to be expected. The worry is that people (which in the future may include visitors to the UK) may be falsely arrested based on faulty information in the database. Again, while the statistical risk to any individual is very small, given the lack of trust in the current UK government because of its cavalier attitude towards protecting personal data and its reticence to talk about security problems, the perceived public risk looms large.

A number of UK computer science professors: Professor Ross Anderson, Dr Richard Clayton; Dr Ian Brown; Dr Brian Gladman; Professor Angela Sasse; and Dr. Martyn Thomas, wrote an open letter to Mr. Andrew Dismore MP, who is chair of the Joint Committee on Human Rights in the Commons calling into question the security and privacy of the planned UK ID cards. They write:

"The government, in response to the recent HMRC Child Benefit data breach, has asserted that personal information on the proposed National Identity Register (NIR) will be 'biometrically secured':

'The key thing about identity cards is, of course, that information is protected by personal biometric information. The problem at present is that, because we do not have that protection, information is much more vulnerable than it should be.' - The Chancellor, Hansard Column 1106, 20/11/07

'What we must ensure is that identity fraud is avoided, and the way to avoid identity fraud is to say that for passport information we will have the biometric support that is necessary, so that people can feel confident that their identity is protected.' - The Prime Minister, Hansard Column 1181, 21/11/07

These assertions are based on a fairy-tale view of the capabilities of the technology, and in addition, only deal with one aspect of the problems that this type of data breach causes."

In August, the Transportation Security Administration (TSA) proposed that passengers be requested to provide their full names, birth dates and genders when making airplane reservations. Many airlines are against the proposal, however, USA Today reported today. Airlines are unhappy at the prospect, not only because they view the proposal as invasive, confusing, and useless and would likely only serve to irritate passengers, but it will pose unacceptable costs to the airlines as they will once again have to reprogram their reservation systems to collect the information.

TSA is proposing that airlines and travel agents would be required to ask people reserving flights for their birth date, gender and full name. However, you would not be required to give the information. But if you don't, then you might be "more easily mistaken for a terrorist" - wink, wink - and "may be more likely to experience delays, be subjected to additional screening (or) be denied transport," nudge, nudge - or should I say, shove, shove.

Maybe the TSA and UK government ought to get together and just demand one set of data, including your resume, whom you dated in high school, who you first kissed, and the first person you had a crush on in grammar school.

TJX will pay as much as $40.9 million in a settlement with Visa and the bank that processes TJX's credit card payments over a massive breach of TJX customers' card data, according to an AP wire report.

The money will be used to help U.S. credit card issuers recover costs related to the breach. Issuers of at least 80% of eligible cards must accept the offer by Dec. 19 for the settlement to take effect. TJX's press release about the settlement is here.

As far as I know, the person or persons who hacked into TJX's database still have not been discovered.

ComputerWorld is reporting that Massachusetts is warning 150,000 members of its Prescription Advantage insurance program that their personal information may have been stolen.

According to the story, a lone identity thief was arrested in August who had been using information taken from the program in an attempted identity theft scheme. Massachusetts officials think that only a small number of identities were involved.

HM Revenue and Customs (HMRC) has finally officially admitted to six (as of now) significant data breaches in the last two years on top of the most recent one that saw the personal details of 25 million citizens go missing, the London Guardian reports.

The acting chairman of HMRC David Hartnett acknowledged that the numerous breaches "may well" indicate a systemic operational failure.

I wonder how many data breaches it would take over a two year period to indicate that it truly does mean a systemic failure exists? Especially after Hartnett explained that after a major data breach in 2006 - that no one in HMRC bothered to tell the public about - more stringent rules were introduced that obviously failed. The HMRC seems to me to have set a pretty high risk threshold.

Another interesting snippet is that the London Telegraph is reporting that the lost HMRC data discs contain the real and new names of hundreds of people in police witness protection programs. A senior police source told the Telegraph that, "This is disastrous. People's lives could be in danger. It makes a mockery of the witness protection programme."

One more bit of information to ponder is that ComputerWeekly says that insurance broker Jardine Lloyd Thompson estimates that the cost of a similar data breach (as the latest one by the HMRC) to a public company would be around £4 billion. No wonder the UK government is trying to pawn off the costs to the banks.

Last week, Forbes reported that Prime Minister Gordon Brown disagreed with the acting chairman of the HM Revenue and Customs (HMRC) David Hartnett's portrayal that the numerous HMRC data breaches over the past few years "may well" indicate a systemic operational failure.

"I don't accept that that is what the chairman ...said," said Brown.

Okay, I guess he didn't say it.

Over the weekend, the Sunday Telegraph published a story that said senior HMRC officials were warned by auditors in March 2004 that, ".. letting junior staff have access to the entire system was a recipe for disaster." The auditors also said, "... mistakes would not be detected and that the system was open to fraud."

Hmm, again I am left to wonder what actually does constitute a systemic operational failure in the eyes of senior UK government officials?

It is being reported by CTV.CA that private medical information on 140 British Columbia and 480 New Brunswick residents contained on four unencrypted magnetic tapes disappeared. Information on the tapes includes names, Medical Services Plan numbers, birth dates and possibly some description of services rendered and the costs of those services.

The information was "misplaced" on October 5, but New Brunswick medicare authorities were not made aware of the loss until Oct. 25. The province's director of medicare operations did not know about the vanished information until Nov. 29.

B.C. Information and Privacy Commissioner David Loukidelis who is investigating the loss said that he was "appalled that health information is being transmitted in such an insecure way."

UK Prime Minister Gordon Brown was asked MP Edward Leigh during a meeting with the Parliamentary IT body Pitcom about the IT security issues at HM Revenue and Customs (HMRC) and whether they represented a systemic failure. According to the Register, Brown said there was a difference between rules not being followed and failure of procedures and systems. (True, but irrelevant.)

Brown also added that no one had lost any money.

Right then, no harm, no foul. Play on!

The Driver and Vehicle Agency in Coleraine, Co Derry has admitted Tuesday that two unencrypted computer discs containing the names and addresses of over 6 000 motorists in Northern Ireland have been lost in the post.

Separately, the HM Prison Service disclosed that confidential personal details of dozens of prisoners intended to be sent to Norfolk police were instead delivered to a private company. The letters gave names, criminal histories and addresses of more than 40 serious offenders that were being released - including pedophiles.

Similarly, the National Health Service (NHS) that Sefton Primary Care Trust has sent thousands of staff records to four private companies by mistake. The personal details included dates of birth, national insurance numbers, pensions and salary details.

Then yesterday, the NHS also confirmed that a computer disc containing the names, dates of birth and addresses of 160,000 children data was sent to St Leonard's Hospital in Hackney but failed to reach the right department - even though it was signed for by hospital staff. At least in this case, the data was encrypted using a 256 bit cipher.

The Guardian newspaper is reporting today that there is an official HM Revenue and Customs (HMRC) manual describing official, strict instructions on how to share confidential information with other government departments. Unfortunately, the information contained within the manual was thought to be too sensitive to share will the staff at HMRC so instead only a few senior civil servants had access to it.

As you may recall, when the loss of the data was first announced by the UK government, it blamed junior civil servants for not following the rules. Now it appears the junior staff are not trusted with knowing what the rules are, but they will be help liable if they violate them. Sounds a little Kafkaesque.

The Guardian also reports that it has cost £2m in postage alone to send letters warning those whose data was lost that they should consider changing their bank passwords and pin numbers to prevent fraud.