Ministry of Defence | Defence News | MOD confirms loss of recruitment data

David Hansen ukcrypto at chiark.greenend.org.uk
Sun, 20 Jan 2008 13:20:13 -0000 

On 19 Jan 2008 at 23:01, Ian Batten wrote:

> > He is most probably a Personnel Security Officer doing security
> > clearance vetting work !!
> 
> On half a million punters?  At once?  That's quite a workload.  He  
> could do one a minute, working 24 hours a day, and be done by the  
> middle of next year.

I haven't checked your arithmetic, but I agree with the point. Such a 
person might have some details, though like the passport proposals if 
some prat asked me about my bank account I would tell them that it is 
none of their business. However, any details on a laptop should only be 
about a weeks worth at most, even better a day's worth. We do have 
encrypted communications these days, despite the best attempts of 
government to prevent them.


I note from <http://news.bbc.co.uk/1/hi/uk/7197628.stm> that, "We will 
require satisfactory answers from the MoD about their data protection 
practices and a firm assurance that steps have been taken to improve 
these practices before deciding on the appropriate action to take," [Mr 
Thomas] said.  Gosh, that will frighten the MOD. If they don't answer, 
or any answer is not "satisfactory", Mr Thomas will send them a piece 
of paper saying that their performance is not satisfactory. That will 
really make them change.


As an aside I have been dealing with this bod's office regarding 
criminals sending my company faxes offering their "services" to us 
regarding "debt collection", despite us being registered with the fax 
prevention scheme and instructing several of them not to spam us 
directly. I have even provided a witness statement about one bunch of 
criminals. It made precisely no difference to the activities of the 
criminals. That is when they take an interest, on other issues they 
can't even be bothered to look into things, for example they claim that 
because the Westminster bunch have concocted something they cannot 
challenge it or even look into it.

The UK Information Commissioner's Office is almost useless. The 
Scottish one is rather better, but has a sloping shoulders to anything 
that can be brushed off oonto the UK bod.


-- 
  David Hansen, Edinburgh 
 I will *always* explain revoked encryption keys, unless RIP prevents 
me   
http://www.opsi.gov.uk/acts/acts2000/00023--e.htm#54