UK Visa applications halted over ID concerns

Online applications for some UK
visas have been suspended amid claims a security loophole left personal data
vulnerable to identity thieves.

Channel 4 News said IT systems covering India,
Russia and Nigeria
were affected and said up to 50,000 Indian travellers could have been exposed
to having personal details stolen.

Home addresses, dates of birth and passport numbers were all
said to be accessible for more than a year creating what the Tories dubbed a
“treasure trove for international terrorists”.

Data privacy watchdog the Information Commissioner demanded
a “full explanation” from the Foreign Office over the apparent breach
– which the programme said was first pointed out a year ago.

“The Information Commissioner's Office takes security
breaches very seriously. We will expect a full explanation from the Foreign
& Commonwealth Office to establish what and how this incident has
happened,” it told the programme.

The Foreign Office told Channel 4 the IT system was not
connected to the Government's own secure information system which is used to
process the applications.

Problems with the site were first reported to the firm and
the High Commissioner by Indian visa applicant Sanjib Mitra in April 2006 when
he found he could access other people's personal data.

Channel 4 was alerted after he discovered last week that it
was still possible, it said.

Shadow immigration minister Damian Green said: “It's
appalling and almost the most appalling thing is that it's not at all
surprising.

“This happens again and again and this probably is the
most serious because this will have been a treasure trove for international
terrorists, precisely the sort of people the Government keeps telling us its
new electronic systems and biometric visas and so on will keep out.”

 

There is such a striking similarity to the MTAS system
fiasco with this and other database hacks, that suspicions must be raised,
possibly to collusion in design and build, and bearing in mind that India,
Russia and Nigeria are top of the list in the global ID theft world, whether
there is any truth to the rumours that government is being deliberate in
releasing PII (Personally Identifiable Information) via the Internet to justify ID
Cards.

The questions that immediately need answering are:

 

  • Who
    built the system.
  • Who
    tested the system.
  • Was
    the system successfully security tested, including Penn testing.
  • Who
    signed it off and put it into service.
  • Is
    there any connection with MTAS (personnel, management, designers etc).
  • Have
    IDS been informed, and what instructions have they been given.
  • Have
    there been any checks to see who is in the UK
    with Visa’s issued during the period.
  • Have
    they checked with the authorities in India
    to see whether there is any duplication. i.e. person in the UK,
    but also in India, Russia and Nigeria?
  • Who
    was initially informed, and what did they do about it.
  • Who
    is ultimately responsible for the systems.
  • Following
    the first reporting, who was responsible for ensuring the loophole was
    closed.
  • Although
    the system was accessible for a year, how many previous years applications
    were visible during that period.
  • How
    many applications were successful from all data stored on that system, not
    just for the year that it was visible.
  • How
    is the data sent to the Government's own secure information system which
    is used to process the applications if it is not connected as stated by
    the FO.
  • Has
    the Foreign Office undertaken a risk analysis and has this been published.
  • Who
    in the Home Office is responsible for ensuring that no duplicate persons
    are in the UK.

 

If ever there was a case to end the ID cards programme, this
is coming pretty damn close to it. This time government heads must roll, or will ministers try to blame bloggers as Hewitt has done with MTAS.

When documents are issued overseas legitimately, UK ID cards
would protect us how?

 

These databases are ENABLERS OF ID FRAUD.

Say No to ID cards, Say No to the Database state.

 

Advertisements

About IanPJ

Ian Parker-Joseph, former Leader of the Libertarian Party UK, who currently heads PDPS Internet Hosting and the Personal Deed Poll Services company, has been an IT industry professional for over 20 years, providing Business Consulting, Programme and Project Management, specialising in the recovery of Projects that have failed in a process driven world. Ian’s experience is not limited to the UK, and he has successfully delivered projects in the Middle East, Africa, US, Russia, Poland, France and Germany. Working within different cultures, Ian has occupied high profile roles within multi-nationals such as Nortel and Cable & Wireless. These experiences have given Ian an excellent insight into world events, and the way that they can shape our own national future. His extensive overseas experiences have made him all too aware of how the UK interacts with its near neighbours, its place in the Commonwealth, and how our nation fits into the wider world. He is determined to rebuild many of the friendships and commercial relationships with other nations that have been sadly neglected over the years, and would like to see greater energy and food security in these countries, for the benefit of all. Ian is a vocal advocate of small government, individual freedom, low taxation and a minimum of regulation. Ian believes deeply and passionately in freedom and independence in all areas of life, and is now bringing his professional experiences to bear in the world of politics.
This entry was posted in Main Page. Bookmark the permalink.