Chicklet - Add to Google Homepage

Add to Google Reader or Homepage

Sunday, September 6, 2009

Nandan babu and my finger print... (Part 2/2)

Part 1 of this article is available @
(http://ragsgopalan.blogspot.com/2009/09/nandan-babu-and-my-finger-print-part-12.html)

The issues in India are well known to us, but if you think that security issues in matured countries are hunky-dory then consider the following stats (from a study from PWC and CIO magazine):

  1. Western companies continue to struggle with the constant updating of security and privacy laws. The study reports 1 out every 5 companies are not compliant with various state security breach notification laws. That number rises to almost thirty five percent that are noncompliant with the Sarbanas-Oxley law.
  2. Forty percent of the respondents report non-compliance with HIPAA.
  3. Fifty percent of the Australian organizations are not fully compliant with Australian Privacy Legislation.
  4. Forty two percent of French organizations did not meet compliance with CNIL (Independent French administrative authority on data privacy).
  5. Thirty one percent of the United Kingdom based organizations did not meet compliance with Data Protection Act.
  6. The number is about forty-five percent with other European Nations and about thirty percent with Canadian companies.
  7. The financial services industry encrypts data during transmission only sixty eight percent of the time. Only forty three percent of the companies’ encrypted stored data and forty two percent of the companies kept accurate inventory of user related data.
  8. Security policies reveal that more than half of the companies within financial services industry do not address adequate data protection, disclosure and destruction.
  9. Data breaches are common in governmental agencies as well as in businesses.(Holmes, 2006) In April 2007, the U.S. Department of Agriculture (USDA) reported that thousands of social security numbers of loan recipients were publicly available from a database maintained on the USDA website.
  10. In August 2006, the Veterans Administration admitted to losing a considerable amount of patient insurance claim data. Major universities report unknowingly exposing student or faculty data including addresses, social security numbers and tax information.

The concerns I have are simply summarized as this:

    1. Data Privacy management is a global headache and so is the "ID theft" industry.
    2. Awareness about Information security and data privacy is low among 99.99%+ of our citizens. I don’t think for the next 25 years this shall improve significantly.
    3. Country is weak in defining and legalizing privacy laws. I am not sure how many of us know what our legal rights are in traffic laws and forget the awareness on data privacy laws.
    4. A culture of corruption as a way of life, poor data inputs from multiple sources certainly question the accuracy and validity of these IDs.
    5. India’s legal system sucks!
    6. Above all Chalta hai attitude and discipline in process adherence are mutually exclusive and what is the quality we are born with or nurtured with can be guessed without a clue.

Given the above situation I am not sure if we are jumping the gun for a idealistic solution instead of a more practical solution. The implementation of such a huge and critical project requires maturity at key stratas of the society and government.


Till then our finger prints shall be in a national data center which i am not sure is secured enough legally and operationally.


Till then my personal, biometric data - my finger print is at the mercy of our Nandan Babu's wisdom and our government's inefficiency !!!


Nandan Babu Jahaan !
Mera finger print vahaan, (phir bhi)
Mera Bharat Mahan!

Happy reading !!

No comments:

Post a Comment