Tuesday, November 20, 2007

Crypto News from the UK

The BBC reports that animal rights activists are facing demands to reval their decryption keys under provisions of RIPA which came into force in October.

Meanwhile the Chancellor has admitted the loss of data disks containing details of 25 million child benefit claims, possibly the largest data breach to date. No doubt the folk at Emerge4nt Chaos will be having a field day.

Breach disclosure is like a fire alarm, it does no good at all unless you have an evacuation plan and preferably a fire brigade. But even the best fire alarm is a poor defense compared to effective building codes.

We have no shortage of technology, we need to develop the building codes.


Robert Doyle said...

Hi Phill

Jaw dropping isn't it.

One wonders whether the Director at the NAO with responsibility for audit interrogation techniques and policies will also fall on his/her sword?

In my days with them, there was strong pressure on clients on the lines of "we are the NAO - you must give us the data".

It will be interesting to see whether the NAO will voluntarily make disclosure on whether they are now DPA compliant as far as proportionality of requests is concerned.


Robert Doyle said...

The story is moving faster than I thought - someone has now briefed The Times (of London) that the NAO had not actually asked for the bank details - yet HMRC sent them - twice!