Don’t be too quick to laugh at the BNP’s database leak
November 19th, 2008The entire membership list of the BNP has been released by a disgruntled BNP member.
People all over the internets are laughing their heads off as they read about the teachers, lawyers and others who will now face the sack and lots of trouble for being a member of the BNP.
This is an example of the brainless bile being shot out:
this is so good!
18.11.2008 15:14Hi.
This link has some info :-
https://www.blogger.com/comment.g?blogID=32095749&postID=300681785381908982
Hopefully gangs of illegal immigrants will rape their families………..
interzoneman
BLOGDIAL and its readers are not easily distracted by propaganda however. We think, and think ahead.
This BNP database release is a perfect example of why you should NEVER collect and keep sensitive lists of personal details on a database. Let’s do a little substitution shall we?
Replace the phrase ‘BNP Database’ with the word ‘ContactPoint’.
It’s not so funny now is it?
This database leak of 12,802 names, addresses, email addresses and occupations is NOTHING compared to the size and scale of ContactPoint; and bear in mind that the ease with which ContactPoint could be released onto the internet is exactly the same for both the BNP list and ContactPoint.
The BNP database was accessible to only a hand full of people and it contained a small number of people. ContactPoint contains the names, addresses, telephone numbers and parental details of ELEVEN MILLION CHILDREN and it is accessible to ONE MILLION people via the internet.
When you bear those facts in mind, and then connect them with this BNP membership database leak and the real harm it is going to cause to each and every one of the people on that list, you begin to get a sense of the scale of the disaster that ContactPoint is. The same is true of course of the National Identity Register (NIR) which powers the proposed ID Card. ALL databases are subject to this risk; the size of the list is irrelevant and leaks are not something that can ever be prevented, and in any case, ContactPoint and the NIR are designed to be accessed (which means copied) easily.
The shock that everyone feels at this list being released, the strong nosey desire to see who is on it; this will be replicated on an unprecedented scale if the NIR and ContactPoint are rolled out. It would certainly create a huge demand and market for illicit access to both these databases.
There could not be a better example of why these government databases are a bad idea. Everyone should now understand that the people on the BNP list are in danger, forever, because they were on a list that was released once by a single disgruntled person.
If such a release were to happen to ContactPoint, all 11 million children in the UK would be put at similar risk.
Here is a scenario that you might not like to think about.
Imagine a disgruntled employee makes a copy of the ContactPoint database and then does not make it public but sells it secretly to a criminal gang. No one would ever know that the copy had been made. Out of the 11 million children, hundreds would be cherry picked for kidnapping, and no one would be able to connect these kidnappings to the covert release of ContactPoint. That criminal gang could operate for years off of the ContactPoint data without anyone knowing.
That is a far more horrible scenario is it not? Do you feel queasy?
And of course, piecemeal copying of ContactPoint is just as bad; with one million people granted access to it, printing off pages, saving screen grabs and just writing down details with a pencil and a piece of paper, these sorts of criminal activities could happen without a wholesale data breach.
ContactPoint and the NIR / ID Card must be scrapped and never proposed again. They are perfect recipes for irrevocable disaster.
UPDATE
Some people who can code have put together mashups of the postcode / address lines and Google maps:
That one has been taken down.
This one is anonymized:
http://www.bnpnearme.co.uk/
January 21st, 2010 at 12:59 pm
[…] http://irdial.com/blogdial/?p=1445 An official report admitted February’s incident had been a “serious breach of the duty to maintain confidential data securely”. […]