Showing posts sorted by date for query "server in the sky". Sort by relevance Show all posts
Showing posts sorted by date for query "server in the sky". Sort by relevance Show all posts

Saturday, 24 May 2008

Warning, warning! Google Health may be injurious to your privacy

Now I'm sure that the good people at Google have no intention of harming a soul with their brand new product Google Health, a free online medical record storage facility.

However, before you plunge into another commitment to supply or store personal details on the world wide web, think of the implications of storing your most personal details out there in hyperspace.

Robert Merkl commenting at Core Economics last Tuesday gave us
one scenario:

I’d have to strongly disagree with your statement that there’s no extra privacy implications.
If your doctor gets broken into, maybe a few hundred medical records get stolen. If Google Health gets hacked, millions of health records get stolen.
Furthermore, because it’s all electronic, it’s in a much more easily searchable form.
Here’s a for-instance. Say you’re an intelligence agency, looking for somebody in a large organization to blackmail. With the old system, there’s no way in the world you could burgle every doctor every member in that organization has visited.
Now, let’s rerun our hypothetical with everybody’s medical records on Google Health. Your crack team of hackers breaks in and gets you full access. You do a search for STDs, abortions, mental illnesses, etc. etc. etc on the entire organization, until you find somebody to blackmail.
And, yes, in this case it is entirely plausible to imagine such a technically-adept attacker as an intelligence agency.
Back when I was in the CS department at Melbourne, there were some people doing work on computer security. You might want to consider having a chat to some of them at some point. You may never use internet banking again…

Google Health's own
privacy policy also gives pause for thought as it does not completely rule out selling-on some medical data from the site and handing personal data on to law enforcement agencies or third-parties etc:

Google will not sell, rent, or share your information (identified or de-identified) without your explicit consent, except in the limited situations described in the Google Privacy Policy, such as when Google believes it is required to do so by law.

The current Google Health
medical advisory board has some interesting CVs on it as well.
I'm not sure that having a history with RAND or Wal-mart, or indeed being a super accountant, is going to make me feel confident in this product.

One of the first entities to 'utilise' this new site will probably be that digital superspy,
Server in the Sky.

Monday, 21 January 2008

Server in the Sky? Oh (big) brother!

"THE FBI wants Australia to take part in an international database to be used to hunt down major criminals and terrorists.
A working group called the International Information Consortium has been formed by allies in the war against terror — the US, Australia, UK, Canada and New Zealand — to look into setting up the database.
The program, known as Server in the Sky, would involve the exchange of information about wanted criminals, including their biometric measurements (irises or palm prints) and fingerprints.---
Under the Server in the Sky program, the FBI wants to establish three categories of suspects — internationally recognised terrorists and felons; major felons and suspected terrorists; and those who are the subject of terrorist investigations or criminals with international links.
A pilot project for the program is expected to run later this year."
 
Given that the US Federal Bureau of Investigation, US Central Intelligence Agency, ASIO and the Australian Federal Police appear to be as paranoid now as they were during the Viet Nam War, one wonders just who would end up in the Australian section of such a data base.
Federal Home Affairs Minister Bob Debus should be very wary of accepting any American guidelines if the Rudd Government decides to go with this dubious invitation.
Especially as the FBI appears to see its own information gathering as a way of allowing employers to spy on employees.
 
The British reaction to Server in the Sky.
"The plan will make groups anxious to safeguard personal privacy question how much access to UK databases is granted to foreign law enforcement agencies. There will also be concern over security, particularly after embarrassing data losses within the UK, and accuracy: in one case, an arrest for a terror offence by US investigators used what turned out to be misidentified fingerprint matches.----------Although each participating country would manage and secure its own data, the sharing of personal data between countries is becoming an increasingly controversial area of police practice. There is political concern at Westminster about the public transparency of such cooperation."
The Guardian last week:
 
Media report on FBI aims and objectives.
"CLARKSBURG, W. Va. -- The FBI is embarking on a $1 billion effort to build the world's largest computer database of peoples' physical characteristics, a project that would give the government unprecedented abilities to identify individuals in the United States and abroad.
Digital images of faces, fingerprints and palm patterns are already flowing into FBI systems in a climate-controlled, secure basement here. Next month, the FBI intends to award a 10-year contract that would significantly expand the amount and kinds of biometric information it receives. And in the coming years, law enforcement authorities around the world will be able to rely on iris patterns, face-shape data, scars and perhaps even the unique ways people walk and talk, to solve crimes and identify criminals and terrorists. The FBI will also retain, upon request by employers, the fingerprints of employees who have undergone criminal background checks so the employers can be notified if employees have brushes with the law.-----------
The FBI's biometric database, which includes criminal history records, communicates with the Terrorist Screening Center's database of suspects and the National Crime Information Center database, which is the FBI's master criminal database of felons, fugitives and terrorism suspects."
The Washington Post December 2007 article: