Information society

Although in my current homeland the various excesses committed in the name of building a safer society are being revised, there was a curious and somewhat unexpected incident... An incident that showed just how precise the arguments against the gathering of personal information about vast numbers of people were.

There is a certain law firm in the UK, which few years ago began to send out tens of thousands of letters to people, letters that pointed out: they were sharing some copyrighted material on the net - and unless they want to avoid going to court, they should pay a certain fine to the law firm.

The claim by the latter firm (and one can find the same in certain parts of the much debated Digital Economy Bill) that the IP address of the person's connection identifies the person had a certain charming silliness that one can find in less inspired episodes of Bugs Bunny.

It is pointless to waste bandwidth here to describe just how charmingly silly this is, but the point is something else.

The very same law firm was amassing personal details about tens of thousands of people, information provided to them by a number of internet service providers. It so happens that the website of the firm had to be taken down after a cyber attack known as distributed denial of service. And when the website was put back, due to some other charming silliness, the entire server file directory was exposed apparently to the outside world.

People promptly downloaded email archives and... records of personal details about many, many people... who were accused by the firm that they shared X and Y copyrighted material.

Jacqui Smith wanted a society where pharmacies and other high street shops would have gathered biometric data about millions of people, sending these to other databases of the Home Office... for the purpose of then issuing biometric ID cards.

Isn't it interesting, that the above fiasco around the website of a law firm has now led to a direct question... a rhetorical one, which validates every word and every thought ever voiced about the former Government's wild plans (and excesses violating basic human rights) for a 'safer society'?

The rhetorical question is the following: based on the absolutely tragic (for many thousands of people) and laughable (for others) fiasco around the law firm's website, adding all the myriad incidents of the very Home Office losing and misplacing vast amounts of personal information about people... how can anybody in former, present or any future Government seriously think that gathering, storing, manipulating, sending of vital personal information about people can be in any way guaranteed not to fail fundamentally?

Especially when, as shown in the incident, there is no control, no safeguard whatsoever in place at the origin, along and at the end of the chain of information passing from some organisation to another.

There is the Data Protection Act. There is the Terrorism Act. There is the Copyright Act, in this particular case. There is the Digital Economy Bill.

These are all theoretical safeguards or, in the latter two cases, validations for certain actions to take place.

The practical reality is that there is zero security for anybody's highly sensitive personal information being exposed along one or more points in the chain.

In the specific incident, some internet service provider even admitted sending the information in unencrypted form...

It is time to revisit utopian legislation and so-called 'acts' and sections of those acts... and infuse some reality steeped deeply in basic human nature. And basic human stupidity. And its repeated results.