保护您的保密性是否是不可能的?
星期三, 2008年4月23日
由 Alexandra标记 |
个体也许珍惜他们的个人数据象社会保险和信用卡数字,但身分窃贼能买他们粗劣和散装网上。 信用卡数字可以为一样少许现在去象40分中的每一。 配比的名字、社会安全号、地址和出生日期根据安全专家花费了$2.00。
既使身分偷窃的发生到达破纪录,政府和私有机关继续收集记录相当数量个人,私有数据。
并且尽管所有规则,到位章程和软件创新保证信息不分成错误手,它和通常。
在过去月,国务院雇员为调查受到了处分通过总统候选人’护照文件,并且医院工作者充电以卖成千上万名患者的个人信息并且rifling通过顶面星耐心纪录。 并且在好莱坞一名私家侦探对星被指责贿赂警察和电话公司官员,因此他可能擦试他们的机要数据库。
然后有国税局。 一个星期在税天之前,它的总检查员警告在美国包含每个纳税人私有纳税申报的计算机系统是脆弱的对不悦的雇员和黑客。
问题,言安全专家,是世界的能力收集数据超过了它的能力保护它。
“许多组织和机关,政府和私有两个,是真正地擅长于收集数据,但没有实践,并且确定[他们是]很好安置和巩固的到位技术”,在华盛顿安全专家说吉姆竖琴师,在自由意志论者CATO学院。 “所以他们不应该浸洗入的人们能浸洗入数据库”。
如此什么是要做的一个讲究保密性人? 切开所有信用卡并且使用正义现金? 抛弃护照和外国旅行?
“公众在这个竞技场能有的唯一的真正的保护是否认政府信息在冠军”,资深立法忠告说Tim Sparapani,在美国公民自由联合。 “Despite all of the bells and whistles, the government has proven itself to be miserably poor at controlling and limiting access to the information that it’s gathered about the public.”
It’s not that the government doesn’t try. There are reams of regulations that people with access to confidential information are sworn to follow. Agencies such as the Department of Homeland Security have their own privacy offices that spawn their own committees which study and address both the regulatory and technological ways of protecting all the information that government has in its databases.
But as history has shown, there are the genuinely malicious among us, and even the most meticulous people can err. The recent dust-up over contract employees peering into the passport files of the presidential contenders was blamed on “imprudent curiosity.”
Still, two workers were fired and another was disciplined. The inspector general of the State Department is investigating the incidents. It includes a thorough “review of the internal control processes and other aspects of managing the passport data,” according to a spokesman for the inspector general. That should be completed by the end of May.
In the meantime, privacy experts like Mr. Harper see a “glimmer” of hope in the incident. First, that it was discovered, since many such incidents go unnoticed, security experts say. Second, that the State Department had digital “flags” on the files of prominent people that alerted superiors when their data were accessed by an unauthorized person.
Harper says such “flags” should be on everyone’s files, not just those of important people, so that the government can keep an accurate record, called an “audit log” on the files. “That’s a very small, but important, protection, and … it will be recognized soon enough as standard operating procedure,” he says. “If you hold personally identifiable data, then you’ll have audit logs so you can have records of who accessed it and when.”
Software experts are coming up with an array of such programs that could help protect the privacy of data. For instance, one allows a person to compare two different files — say a Federal Bureau of Investigation’s list of suspected criminals and a travel agent’s list of its customers. The program will sort the information in each and reveal data that both files have in common. That way either side can only see the information in the other file that matches their own. That’s also the only data that the person or institution comparing the information can see.
Other programs allow people to interact in cyberspace “pseudonomously,” in other words, using a different name. It’s similar to the way eBay and PayPal now work. But in this security-conscious world, there are drawbacks to such systems as well.
“It would be especially hard to get established in the post-9/11 environment where there’s this idea that you have to have control of the financial system in order to control terrorism,” says Harper.
Private security experts say the best protections in place come from companies that have a financial stake in individuals’ private data, like banks and credit-card companies.
“They pay a lot of attention to protecting that information, not because of consumer privacy, but because banks don’t want to lose money: that’s what’s driving it, the big financial incentive,” says Avivah Litan, vice president of Gartner, a technology consulting firm in Stamford, Conn. “But with other information, like my passport file, what’s the incentive to fix my privacy? There isn’t one unless there’s a consumer revolution and that doesn’t look like [it’s] coming.”
That is one of the things prompting the ACLU to continue to fight government efforts to collect even more data on individuals, including the REAL ID Act. That requires states to issue standard driver’s licenses and give the federal government access to information about those licenses. Some government security experts want to combine those state files with the databases that DHS already keeps on Americans’ international travel, the State Department’s passport files, the Social Security’s E-Verify database, and the FBI’s criminal records. They argue that those combined files could then be mined to ferret out terrorists. But many privacy experts object, saying such information remains too vulnerable to attack.
“We believe the better way to ensure security is to do actual physical security checks, like screening all the bags that go in the belly of a plane and being sure weapons don’t get on,” says Mr. Sparapani. “Instead we have all of these data sets that are being created and collected by the government and all of which are vulnerable to hacking and malicious attack and being stolen by identity thieves and terrorists.”
Other security experts note that mining such databases can be very helpful in identifying fraud or other patterns of criminal behavior. But they, too, are wary of the privacy implications.
“There really are good reasons for analysts to look at lots of phone records and call detail if you’re putting it to the right use: You’re not going to find needles in a haystack without a lot of data aggregation and data mining,” says Ms. Litan. “But we’re always going to be behind the eight ball [on privacy], there’s a ton of data on all of us out there and a lot of unauthorized abuse of it. I’m not really sure what the solution is.”
See More:Big Brother USA NewsHave Your Say: Is It Impossible to Protect Your Privacy?
Please note, only selected comments will be published.
One Response to “Is It Impossible to Protect Your Privacy?”
-
Roger
Posted: Apr 23rd, 2008 at 4:18 am | Link to this
Free Newsletter
Loading ...Related News
- Terrorists benefit from US wiretaps?
- One out of ten trust government data security
- There’s is still time to fight data sharing
- Gov will have to ask permission for ID card information
- FBI Audit finds widespread Abuse in Data Collection
Latest Headlines
- Question for RINF Readers: Do You Want a Forum?
- Students Skip Class For Obama Event, Get Suspended
- Olympic protest movement turns its sights on to sponsors
- Gitmo Torture Orders Came From The Top
- Feds to require visitors’ fingerprints when they leave US
- Police: DNA database ready as early as next year
- Murdoch to buy New York rival
- Chertoff Says Fingerprints Aren’t ‘Personal Data’
- MEPs to keep audit of wage abuse secret
- DOD data: More forced to stay in Army
More Breaking News
Archive
Massive increase in fraud crimes should make the government and banks realise that their data protection and Chip and PIN systems are diverting rather than deterring fraud crimes.
This shows that fraud will continue to grow until they exploit KEY and PIN system described on website www.xwave.co.uk which will deter BOTH identity and card fraud by making signature and PIN systems reliable and foolproof.
Fake documents have made our signature system unreliable while skimmers and pin-hole cameras etc. have made PIN system unreliable. We have option to make signatures reliable by personalising them with ID stickers and option to use Card Key Code to make PIN system reliable to make use of stolen and skimmed cards meaningless. By ignoring to exploit this system banks are only letting fraud crimes grow.
ID KEY system will eliminate the need for us to protect our personal and card details since fraudsters will be deterred from misusing these stolen details.
Proposed ID KEY can be treated as a reliable international ID card because it will personalise signature and PIN number to only the right individuals in any country.
We hope that the government and banks will appreciate these details and exploit KEY and PIN system before it is too late to stop a fraud boom.