One of those truisms about data handling, on which I have written from time to time, is that security breaches and data loss derive more usually from personal stupidity than from the failure of technology.
Caroline Flint, the Housing Minister notable more for the quality of her legs than the acuity of her mind, perfectly illustrated this recently, when she strode along Downing Street exposing not the famous thighs (that was the week before) but the front page of a confidential document which she was about to read to the Cabinet.
It did not help that the contents of the document, clearly visible in the photographs, showed that her soothing words about the housing market, made to the media a few days before, were rather more optimistic than those which the Cabinet were about to hear. Or to put it another way, we are all doomed.
In the scale of things, this came to seem unimportant over the next few days, when it became clear that the Government was doomed anyway and that one nearby householder, at least, may shortly be sending for the removals van. Ms Flint’s indiscretion will not come top of the list of the Government’s failures when the final account is drawn up.
Nevertheless, it is a copy-book example of how confidential information seeks out the weakest link in the fence which surrounds it. Millions are spent protecting confidential corporate information, client privacy, customer data and military secrets, only for someone, usually someone of no significance in the chain, to give it away by neglect or stupidity. The same often applies to the opposite – expensive schemes for document retention confounded by individuals who destroyed what should have been kept.
Both subjects came up at the IQPC Information Retention and e-Disclosure Management conference last week. One speaker mentioned some very low-tech ways of enforcing a litigation hold in her office – big notices stuck up by the shredders, for example. Someone else, rightly proud of his company’s investment in systems and processses to track every move of sensitive data within his building, told of disks left on the door-step by Government couriers.
It seems unlikely that Caroline Flint will leave any mark on political history, but she can be assured of longevity in the world of data security. It is pretty hard to think up interesting slides to illustrate this subject, and I am sure that the photograph above will appear often in lectures and conferences, as it did last week, as an example of how not to do it.