[nSLUG] NS 4.7x [was: Add yourself to the nSLUG member blogs wiki page]

Jeff Warnica jeff at coherentnetworksolutions.com
Sun Jan 14 19:05:35 AST 2007


On Sun, 2007-01-14 at 09:10 -0400, gnwiii at gmail.com wrote:
> Public police, tax, and property records have also been used in
> identity theft. Typos in these records have caused some individuals
> real problems.
> 
> There is way to much personal data in public records, and very little
> real control over the security and integrity of these records.  I have
> had problems with propery tax record keeping in 2 different municipal
> governments in NS.   There is no federal or provincial oversight of
> these systems, and no federal oversight of provincial systems.


What you have to keep in mind is that public records are public.
Computerization of said records allows for both more efficient
legitimate and illegitimate use. But illegitimate use isnt made possible
because it was put on computers.


> It doesn't really matter what system is used to manage DMV records in
> NS. What does matter is that there is no public, transparent, system
> that offers assurances against data loss or leakage.  Can you get a
> record of all accesses to your data?  If there is leakage, will you be
> notified?
> If there is an error, can you get it fixed?

The question we first have to ask is if these records are a matter of
public record. If they are, then them leaking out doesn't matter. Then
the problem becomes using information available in public records as a
means of authentication. Consider SINs: If they were used just as a
unique identifier, rather then both as a unique identifier, and a token
to authorize its use, then all would be good.

> There have been a number of "clerical" errors resulting in prisoners
> being released early and automobile accident reports being "mislaid".
> Are these symptoms of widespread data management failures in
> governments?  The public has learned to expect erratic behaviour from
> computing systems, so are willing to overlook glitches that may be
> signs of real problems.

Or its possible they were just clerical errors. And for sure, they
happened pre-computers, too. If the computer gave erratic results all
the time, then it either wouldn't be used, or it would be used with some
verification. The problem is that the computer gives good results most
of the time, which leads to peons trusting them, and the peons being
"removed" from the data itself.

Electronic systems have different design constraints then do paper based
processes. Blindly turning paper into bits will inevitably lead to
problems. A bad paper system will most likely lead to a bad electronic
system. And a good paper system will most likely lead to a mediocre
electronic system.




!DSPAM:45aacc5f314911537413899!




More information about the nSLUG mailing list