The event of personal data of some 25 million people being "lost" on CDs is an outcome of deficient technical standards in terms of information systems design and therefore in operation. When developers and implementors apply adequate technical standards it would be physically impossible for such an event to take place.

Security strategies

According to the George Boole Institute, it is not as if the United Kingdom does not have some of the leading world experts in data security both in terms of their design and implementation of proven digital systems and involved in pushing out the leading edge of world innnovation in this area.

There is a tangible democratic decificit which seems to be widening which is tied to the degree to which professions, who should operate independently, quite often compromise standards through deference to the political paymaster in terms of the inclusion of political criteria in systems designs. This is how the leaving of "back doors" and "trap doors" into IT systems are left for "convenience" and which essentially demonstrate the extent to which the painstaking design effort into data security is simply wasted because of a lack of professional ethics.

According to the GBI, those working on the technical aspects of sensitive IT systems need to uphold standards and should not compromise stated objectives of data security.

Last year in a review of the National Audit Office's reporting on the National Health Service IT system the GBI stated that:

"If the technical specifications of the accepted final system are technically sub-optimal, attempting to assess value for money becomes an exercise in futility. Therefore a technical analysis is essential to evaluate the decision analysis applied in selecting the best option from a possible range of solutions to the issues being addressed."

The GBI was critical of what it called "Supplier monetary transfer schemes" whereby the government purposely softened the impacts of project delays on those responsible:

"Supplier monetary transfer schemes exist which operate like escrow accounts with payments being made once a promised output is delivered, even if behind schedule. Taking opportunity costs into account it is not rational to attempt to run supplier monetary transfer schemes which create recoverable fines as a basis upon which to state that this operates so as to incur no cost to the tax payer. Any delay, against the politically promised deadlines, represents a measurable opportunity cost of failure to deliver in project and political terms and this incurs real performance and financial costs on the public service and budget."

The GBI admits that:

"Large government projects are becoming notorious for being cash cows for developers, a waste of public resources and often failing to perform their public objectives."

Data security

Developers at SEEL, the Systems Engineering Economics Lab have become increasingly concerned about the government's political urge to centralize projects which amass sensitive personal data. This is becasue it is a well-established principle that the most secure data systems are not centralised but are highly fragmented with digital automation techniques making it impossible for anyone to mine the data let alone run off a copy onto a convenient CD. SEEL is one of the few private British high technology organizations dedicated exclusively to applied research and development. All commercial developments are spun off to separate operations. It would seem that an area of additional concern is the data management approaches being adopted in government systems. Hector McNeill, the Director of SEEL says that,

"A major constraint on modern IT systems efficiency and security is the so-called Structured Query Language (SQL) approach to databases which do not work well on massive amounts of data. Most of the current generation of IT systems developers learned their trade on well-known database structures where configurations make the database the predominant core. The term "data-centric" is often used as a characetrization of such approaches. This has led to increasing numbers, if not the majority, of IT professionals being wedded to the production of systems which can be easily compromised in terms of security. Since these professionals advise governments, governments end up accepting these standards even for highly sensitive data because they know no better. The bizarre outcome of this type of approach is that if one government department asks for santised data, that is data stripped of personal details, its preparation can be an involved process and it can be cheaper to send the full database. This is a reflection of the inappropriatness of modern database technology, just about all the intelligence is in the database structure not in the processing components so its IQ is pretty low."

"Part of the problem is that today many government departments and large corporate IT departments confuse proprietary standards established by well known large software companies, so-called solutions suppliers, as the best way to get something done. Since these systems are a variant on a theme they have become a global standard where everyone, including hackers and the larger criminal fraternities, know how they operate or can afford to pay experts far more than governments are prepared to pay to access them."

"Some governments have approached this from the standpoint of the "economy" of so-called "open standards" but here the compromise is even worse because the population of programmers and developers with knowledge in manipulating such systems is probably greater because the cost of entry to using such systems is so much lower. In security terms this all risks becoming a false economy."

"Rather than build systems around a central data structure or database it is preferable to build secure IT systems around logical process standards. This makes each system unique and therefore more secure whilst allowing some tasks which cannot compromimse security to "interwork" with any system in existence, including MiscroSoft Windows-based applications." In terms of promosing avenues, McNeill explained that,

"One of the database approaches we have found which lends itself to secure data management and, incidentally in which all data is santized at all times because there are no clearly defined data sets, is the Plasma database developed under the Seel-Telesis® R&D programme.

Please note that sections of this article have been withdrawn at the request of the new beneficial owner of the Plasma Database as explained in the box below right:

Plasma Database Plamsa Database I (PDBI) - rights transfer On 5th May, 2008, the Plasma Database (PDBI) work output to date was acquired for commercial development and application. Part of the acquisition agreement was that SEEL will continue to develop of Plasma Database I with all development work output, including reports, being the property of the new beneficial owner. The commercial publicity, press releases and applications sales to end users, including OEM modes, for the the Plasma Database will be the exclusive preserve of the beneficiary owner. PDBII SEEL has initiated an applied development initiative on a second generation Plasma Database (PDBII) and the output of this programme remains with SEEL. If the commercial development is not advanced by Navatec, Navatec Voyager or SEEL, then the beneficiary owner of PDBI has the first refusal on commercial development.

Plasma sites concerned cannot be accessed with conventional browsers, in fact all commercially available browsers cannot even "see" access points and standard "calls" do not receive any response. The system only responds to our own automated interfaces built using Virtual Client Technology a system wholly developed under the Seel-Telesis® R&D Programme."

He added,

"Plasma data is never at the client end and in most security operations copying of data sets is impossible. A network oversight system, Navatrac, detects any attempted abuse, that is someone trying to do something which normal operators know is not possible or allowed, by recording the event and identifying the offending components, inacapcitating the interface and throwing the "link" to what we call a "the scrapyard". Plasma is not about a database as such it is about data security and only our own processors can access, convert and process this data. On the other hand, almost all SQL and conventional database structures are very easy to read and decrypt. Today conventional Internet search engines mine server data held in SQL datbases as a matter of course."

McNeill agrees that such events constitute signs of a widening democratic decifit created by professional and technical incompetence.

"It is not only systems designers and implementers who fail but so do those charged with responsible management of information within the public sector. This level of decadence can normally be traced to the motivations and inappropriate proclivities of politicians who know no better than to look to the interests of their political party at the expense of the individual freedom of the people of this country."

Richard Jeavons, the NHS IT implementation director who seeks to place the records of 50 million patients on a database stated that,

"you cannot stop the wicked doing wicked things"

when referring to data protection before the Commons Home Affairs Committee. McNeill feel this sounds somewhat hapless but qualified his position by saying:

"If by this it is meant that data can not always be protected, then the NHS project should be terminated or radically changed. Mr. Jeavons does not seem to have been asked if he was just making an obvious point that the wicked try and do wicked things but that the data is and will be safe. But all of this is somewhat qualitative. Gordon Brown, I understand, will authorise Richard Thomas, the Information Commissioner, to carry out spot checks on the databases held by public sector organisations. But to what end? He is right to state that the government will do everything in their power to ensure data is safe. But all of this action is around a topic poorly understood by the government degenerates into assertion and leaps of faith. The level of security lies fundamentally in the hands of the system designers, the specifications, levels of dedicated and faithful implementation and responsibilities exercised in operations. If the system has an inappropriate design then the wrong designers have been employed and they will proffer advice which will be biased towards the maintenace of the implemented product. This sustains an unacceptable risk and its reduction does not lie effectively in the hands of the government. Naive enthusiasm and faith in large IT projects handling such sensitive data roles only represents a security risk going beyond ID fraud but encompasses serious considerations related to terrorism and political intelligence; this ia a time bomb."

McNeill added that,

"the first responsibility of governance is to the upholding and defence of individual freedom of the citizens of this country. Failing to safeguard and losing or giving away personal data on such a scale compromises our personal feedom to an unacceptable degree",

We are preparing a follow up article on IT project management techniques which ensure systems security and data protection based on additional inputs we received in researching this article.