Tories: Centralised data creates 'honeypot' for fraud
Kable
Published: 29 Sep 2009 09:11 BST
The shadow justice minister has said a Conservative government would collect less personal data and have a minister in each department accountable for information security.
Eleanor Laing told a conference that the loss by HM Revenue & Customs of 25 million records in 2007 showed there is a need for more management accountability.
"We will therefore have a minister in each department responsible for operational data security, and a senior civil servant at director general level who will be appropriately qualified to industry standards," she told the Security for a Digital Britain conference in Nottingham on 24 September.
She claimed Conservative policies to abolish identity cards and ContactPoint and restrain DNA retention and access to communications data would provide fewer opportunities for data to be compromised.
Referring to polling data showing public worries about information security, she said: "Much of it is the government's doing by creating, through a command and control ideology whereby more and more personal information is collected and stored centrally, a 'honeypot effect' for online fraud."
"Government mumblings about creating a 'single point of truth on the citizen' will continue to put us all at risk," she added. "A shift from 'just in case' mass collection to minimal 'need to know' collection of personal information is imperative."
Read this
Data watchdog lacks bite for business lapses
Tory plans should include beefing up the information commissioner's powers against business breaches, says Alan Calder...
Laing acknowledged that the government had established some new structures to support data security, but claimed they do not fit well together.
"We already have the pieces of the jigsaw," she said, adding: "The current government does not currently know or seem particularly interested in, putting the pieces together to complete the picture.
"I would like you all to join me and my colleagues in putting together the jigsaw over the next few years."
Laing outlined a number of other Conservative plans. Among them is the establishment of a national security council to implement the results of a comprehensive security and defence review. The government's head of cybersecurity, Neil Thompson, would be given "the authority and the tools he needs" through this body, Laing said.
The information commissioner, whom the Tories plan to have funded directly by parliament rather than government, would consult with the private sector on data-security guidance, including the option of a voluntary kitemark.
She also said that the process for reporting data breaches or suspicious activity should be unified, citing Australia's High Tech Crime Centre and the US's Internet Crime Complaint Centre as good examples, and that the European Convention on Cybercrime — signed seven years ago by the UK — should be ratified.
Laing added that the UK should also join Nato's Co-operative Cyber Defence Centre of Excellence, which was founded after digital attacks on Estonia.
Did you find this article useful?
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
