Lee & White

Will it not end? Will we have to keep reading (almost on a daily basis now) about the security breaches involved concerning personal data?

Where is the fire this time? NHS Trusts in the UK, it would seem.

According to Reuters, nine National Health Service trusts have lost the records of hundreds of thousands of adults and children, in the latest embarrassing loss of data by official bodies.

Ever since the concern for data protection was augmented not too long ago by the UK government when it acknowledged it had lost CDs with the names and bank account details of 25 million people and exposing nearly half the population to possible fraud and identity theft, more and more news of failures to protect personal data by official bodies have been pouring in.

Yes, the government informed last week that one of its contractors had lost the detail of 3 million learner drivers! Now, how is this possible? How can it just be lost? What has happened to the compliance of strict procedures in protecting personal data? If this is happening within official bodies, how much more within companies and other organisations where almost no form of security procedure is adhered to concerning the protection of personal data? And whilst this is reported in the UK, where, mind you, they are much more strict about such matters, what is the situation like in other countries?

I shudder to think what is happening in Belgium, for instance - whereby about 97% of the companies (in a research in 2005) are not compliant to the Belgian Data Protection Law. To top it off, in a research in 2006, none of the non-profit organisations including the political parties were compliant either. And in Belgium, many cases do not make it to the headlines for some reason.

So, what do we do? Make more noise? Let this continue? If only those in power would start enforcing the sanctions and make examples of these organisations.

Microsoft has some serious thinking to do about its latest operating system - Vista. I'm sure we were all very excited when the eagerly awaited, glossy Vista was released early this year.

There is no doubt that Microsoft did an excellent job with the graphics and animations for Vista. However, is that all there is to Vista? A pretty image on your screen? It certainly does not do much if it is slow and hangs every few minutes. It would seem like Microsoft paid full concentration on visuals to make Vista trendy looking with its cool sidebar, and the animated switching between windows. However, they should have paid equal amount of attention to performance and efficiency.

With 30% of businesses (according to InformationWeek) having no plans to switch to Vista in the near future, will Microsoft re-engineer Vista? We hope so and soon too.

It is remarkable how far Christmas and New Year celebrations have been utilised for commercial gain. From selling ridiculous products under the pretext of Christmas gifts to spamming, Christmas has become nothing more than a time for advertising and marketing.

So what is Christmas spamming? Well, under the guise of sending you a Christmas and New Year wish through an email, these companies are actually trying to lure you into some new product or service. Yes, it is a commercial email and in many cases, there is no opportunity to unsubscribe from such emails and you might find yourself receiving it again in the following years if you don't put a stop to it instantly. A typical message would be something like:

"We at XABCX wish you a very Merry Christmas and a prosperous 2008!

By the way, do check our website http://www.xabcx.com as we are having some great promotions on VVVVV..."

Now, note that it is spam if you never asked or subscribed for such commercial emails. It is spam if you are not a customer of theirs and if you are a company, it is also spam if such goods/services offered are not similar to the ones in your company - meaning they are not intended for you. Oh and one more spam point. If the email is sent to your company at your personal email address, then that is spam too.

So, do look out for such emails and please, do your bit and get them to stop spamming! Happy Christmas and a great 2008 everyone!

It has happened again. It seems to be getting more and more frequent these days for organisations to lose or mishandle personal data belonging to employees, clients and/or suppliers. Proper security measures and procedures are not instituted or even if they are, these procedures are not complied with in the daily operations of the organisations.

It is a great shame that these companies cannot grasp the simple concept of privacy and its extreme importance. I cannot emphasize how vital the protection of personal data is. How many times must those advocating for privacy and the protection of personal data repeat the recurring problems that the world is facing with regard to such loose dissemination of personal information? Why can people not see the harm it is causing or likely to cause? Do you think it only happens to someone else and it is far-fetched to think it could happen to you?

Toyota Brussels is of no exception. It has joined the ever-growing pool of misfit companies with regard to the manner in which they handle personal data. The personal data of 2000 employees has gone missing. Great confidential information such as name, address, national number, date of birth and the names of partners and children of these 2000 members of staff.

According to spokesperson Etienne Plas, one of its employees took the CD with him and it was claimed to be stolen while using public transport on November 19. 'Of course, the disc should never have left our premises, but the employee was still young and inexperienced. We are taking the whole responsibility upon ourselves as a company, the man has hence not been fired.'

So, the mishap occurred on November 19. But when was this actually discovered by Toyota Brussels seeing that it is only out in the papers today, December 13? In the meantime, what has been happening to these personal data? Toyota Brussels says that the police and insurance companies have reassured the company that the chance of criminal abuse of the data is very small. It is confounding that they minimise the risk of abuse to make things not as bad as they seem. Everyday, personal data up for grabs are used by criminals for their benefit in every possible way - ranging from identity theft to kidnapping.

It is always the same sad story with these companies in Belgium. Never realising the risk, never understanding the consequences of failing to protect privacy. When such things happen in other EU member states such as the UK, the risk is not downplayed. It is emphasized repeatedly because the worst is possible. Yes, just take a look at one example from the UK's recent data loss which put 25 million people at risk of identity theft. At least they admit there is such a risk.

Toyota finds that the fact that the data is now up for grabs in the streets is very regrettable and apologises. But do you know what is truly regrettable Toyota? That you did not establish proper security measures and made sure they were followed through in the first place.