Ged Carroll

Personal data risk

Published: (Updated: ) in ethics | 倫理 | 윤리학, legal | 合法的 | 법률학 | 法的, online | 線上 | 온라인으로 | オンライン, security | 保衛 | 정보 보안 | 情報セキュリティー by .

The estimated reading time for this post is 88 seconds

Kudos to Dave Farber of the Interesting People email list for flagging this on the use of personal data and The Washington Post for continuing to do good investigative journalism :Bahamas Firm Screens Personal Data To Assess Risk

What becomes apparent from Robert O’Harrow’s article is how commercial personal data is of more value than ‘government data’. Also that it flows freely to where it is most advantageous. In this case to skirt US privacy laws.

On the CAPP screening programme that is designed to keep US skies free of terrorists looking to do a 9/11 style attack.

The system has cost almost $100 million. But it has not been turned on because it sparked protests from lawmakers and civil liberties advocates, who said it intruded too deeply into the lives of ordinary Americans.

Lessons learned from the programme including legality were behind a former intelligence official replicating its function at a Bahamas based private company for risk assessment.

One of the first customers is information giant LexisNexis Group, one of the main contractors on the government system that was known until recently as the second generation of the Computer Assisted Passenger Pre-screening Program, or CAPPS II. The program is now known as Secure Flight.

And the why

“You can realize the CAPPS dream in the commercial world,” Thibeau said. “We live in a world where data can go anywhere and be warehoused anywhere.”

What this quote misses out is the challenge of oversight, even if the client was a government rather than a corporation. If this feels like the back story of some dystopian cyber punk drama, its pretty much what the likes of William Gibson and Neal Stephenson have envisage at one point or another.  More privacy related content here.