Comments on: The death of ID cards? http://www.johnredwoodsdiary.com/2007/11/21/the-death-of-id-cards/ Conservative Party Member of Parliament for Wokingham Fri, 21 Nov 2008 02:36:39 +0000 http://wordpress.org/?v=2.6.2 By: APL http://www.johnredwoodsdiary.com/2007/11/21/the-death-of-id-cards/#comment-12913 APL Fri, 23 Nov 2007 12:40:48 +0000 http://www.johnredwoodsdiary.com/2007/11/21/the-death-of-id-cards/#comment-12913 David Blunkett, the world renoun authority on Id and data security, has a letter in the Times today. http://www.timesonline.co.uk/tol/comment/letters/article2925102.ece Would you kindly check Mr. Blunkets entry in the register of members interests to see if he has any relationship with Entrust the data security company? There is a rumour that Mr Blunkett is in recipt of remuneration from Entrust, the US data security. If true do you think he should say so? Do you think he is really an impartial person to pronounce on IT security issues? Is he actually representing his constituents on this issue, or more likely (if there is a connection between Blunkett and Entrust) his own and the interests of Entrust? Reply: The Register shows him as Chairman of the International Advisory Committee of Entrust ( David Blunkett, the world renoun authority on Id and data security, has a letter in the Times today.

http://www.timesonline.co.uk/tol/comment/letters/article2925102.ece

Would you kindly check Mr. Blunkets entry in the register of members interests to see if he has any relationship with Entrust the data security company?

There is a rumour that Mr Blunkett is in recipt of remuneration from Entrust, the US data security. If true do you think he should say so? Do you think he is really an impartial person to pronounce on IT security issues?

Is he actually representing his constituents on this issue, or more likely (if there is a connection between Blunkett and Entrust) his own and the interests of Entrust?

Reply: The Register shows him as Chairman of the International Advisory Committee of Entrust (

]]> By: Steven_L http://www.johnredwoodsdiary.com/2007/11/21/the-death-of-id-cards/#comment-12790 Steven_L Thu, 22 Nov 2007 01:52:27 +0000 http://www.johnredwoodsdiary.com/2007/11/21/the-death-of-id-cards/#comment-12790 Having worked in many, many private sector call centres, including utilities and banks, and having worked in sensitive areas of the public sector, I thoroughly concur that the current data protection bureaucracy does not keep people's data safe. For a start the 'security questions' that private companies ask are not all that secure. Many set up password or pin numbers, but as soon as you say you have forgotten it they reset the password/pin number and revert to asking questions such as 'name', 'address', date of birth'. Considering it is usually irrate ex-partners and their cohorts that try to sabotage these things, it is next to useless. The public sector, in my experience, are even worse. They ask flimsy security questions (if any) before releasing personal information and unlike large private sector bureaucracies do not seem to have semi-secure system of passwords for dealing with each other. Then there is confidential waste. I can't remember ever been instructed on a company's (or public sector departments) confidential waste procedures as part of any basic data protection training anywhere. In fact when you raise this question in the ritual office clearout you can be seen as a 'troublemaker'. As for storing 25 million peoples personal details on a CD, not encrypting it, and losing it in the internal post, you couldn't make it up really could you? Having worked in many, many private sector call centres, including utilities and banks, and having worked in sensitive areas of the public sector, I thoroughly concur that the current data protection bureaucracy does not keep people’s data safe.

For a start the ’security questions’ that private companies ask are not all that secure. Many set up password or pin numbers, but as soon as you say you have forgotten it they reset the password/pin number and revert to asking questions such as ‘name’, ‘address’, date of birth’. Considering it is usually irrate ex-partners and their cohorts that try to sabotage these things, it is next to useless.

The public sector, in my experience, are even worse. They ask flimsy security questions (if any) before releasing personal information and unlike large private sector bureaucracies do not seem to have semi-secure system of passwords for dealing with each other.

Then there is confidential waste. I can’t remember ever been instructed on a company’s (or public sector departments) confidential waste procedures as part of any basic data protection training anywhere. In fact when you raise this question in the ritual office clearout you can be seen as a ‘troublemaker’.

As for storing 25 million peoples personal details on a CD, not encrypting it, and losing it in the internal post, you couldn’t make it up really could you?

]]> By: ID Card Hater http://www.johnredwoodsdiary.com/2007/11/21/the-death-of-id-cards/#comment-12729 ID Card Hater Wed, 21 Nov 2007 15:39:46 +0000 http://www.johnredwoodsdiary.com/2007/11/21/the-death-of-id-cards/#comment-12729 Mr Darling was on GMTV this morning (21 Nov) claiming that this debacle made the case for ID Cards even stronger than the casual tissue of lies that this government had previoulsy dreamed up. No surprise there then! Mr Darling was on GMTV this morning (21 Nov) claiming that this debacle made the case for ID Cards even stronger than the casual tissue of lies that this government had previoulsy dreamed up.

No surprise there then!

]]> By: APL http://www.johnredwoodsdiary.com/2007/11/21/the-death-of-id-cards/#comment-12724 APL Wed, 21 Nov 2007 15:16:51 +0000 http://www.johnredwoodsdiary.com/2007/11/21/the-death-of-id-cards/#comment-12724 Tony Makara: "Why was high grade encription not used instead of the post? I use it most days to check my bank account." Why wasn't high grade encryption used (full stop)? I mean it is not as if they have to buy it from Microsoft, very sophisticated public key encryption (Phil Zimmerman's PGP, God bless him!) has been avaliable FREE for at least ten or eleven years. This was the program the US government classified as munitions and tried to have Zimmerman prosecuted for making freely avaliable. For people who are serious about protecting their personal details the tools are avaliable and have been for quite some time. I have in the past had cause to correspond with the IR through their secure gateway. It all sounds very secure but all that money 'invested' in security has at a stroke been wasted. The rightfull guardian of an individuals privicy is that particular individual. The government is simply not to be trusted, if I didn't think they were malicious, I know they are incompetent. Tony Makara: “Why was high grade encription not used instead of the post? I use it most days to check my bank account.”

Why wasn’t high grade encryption used (full stop)?

I mean it is not as if they have to buy it from Microsoft, very sophisticated public key encryption (Phil Zimmerman’s PGP, God bless him!) has been avaliable FREE for at least ten or eleven years. This was the program the US government classified as munitions and tried to have Zimmerman prosecuted for making freely avaliable.

For people who are serious about protecting their personal details the tools are avaliable and have been for quite some time.

I have in the past had cause to correspond with the IR through their secure gateway. It all sounds very secure but all that money ‘invested’ in security has at a stroke been wasted.

The rightfull guardian of an individuals privicy is that particular individual. The government is simply not to be trusted, if I didn’t think they were malicious, I know they are incompetent.

]]> By: Bazman http://www.johnredwoodsdiary.com/2007/11/21/the-death-of-id-cards/#comment-12718 Bazman Wed, 21 Nov 2007 11:53:04 +0000 http://www.johnredwoodsdiary.com/2007/11/21/the-death-of-id-cards/#comment-12718 There will be some interesting Nigerian business propositions on the way for many people if the parcel is not found down the back of the seat in the van. Why was high grade encription not used instead of the post? I use it most days to check my bank account. Pure blundering at the highest and lowest levels. Oh no! Where's my Tesco card? There will be some interesting Nigerian business propositions on the way for many people if the parcel is not found down the back of the seat in the van.
Why was high grade encription not used instead of the post? I use it most days to check my bank account.
Pure blundering at the highest and lowest levels.
Oh no! Where’s my Tesco card?

]]> By: Tony Makara http://www.johnredwoodsdiary.com/2007/11/21/the-death-of-id-cards/#comment-12714 Tony Makara Wed, 21 Nov 2007 11:00:04 +0000 http://www.johnredwoodsdiary.com/2007/11/21/the-death-of-id-cards/#comment-12714 I could hardly believe my ears when yesterday on TV a junior spokeswoman, sent out to take the flak, said that the Labour governments loss of personal data enhanced the case for ID cards! After hearing this I began to wonder if these two discs might not have been lost 'On purpose' to strengthen the calls for more stringent ID? With this government anything is possible! I could hardly believe my ears when yesterday on TV a junior spokeswoman, sent out to take the flak, said that the Labour governments loss of personal data enhanced the case for ID cards! After hearing this I began to wonder if these two discs might not have been lost ‘On purpose’ to strengthen the calls for more stringent ID? With this government anything is possible!

]]> By: Simon_C http://www.johnredwoodsdiary.com/2007/11/21/the-death-of-id-cards/#comment-12707 Simon_C Wed, 21 Nov 2007 09:58:05 +0000 http://www.johnredwoodsdiary.com/2007/11/21/the-death-of-id-cards/#comment-12707 Here's hoping.... Here’s hoping….

]]> By: Brian Tomkinson http://www.johnredwoodsdiary.com/2007/11/21/the-death-of-id-cards/#comment-12704 Brian Tomkinson Wed, 21 Nov 2007 09:24:48 +0000 http://www.johnredwoodsdiary.com/2007/11/21/the-death-of-id-cards/#comment-12704 How do we know that similar breaches have not occurred in other government departments which hold personal details? It is highly likely that they have as there appears to be a complete lack of administrative competence throughout government. Reply: see my latest post. How do we know that similar breaches have not occurred in other government departments which hold personal details? It is highly likely that they have as there appears to be a complete lack of administrative competence throughout government.

Reply: see my latest post.

]]>