About The Blog

Debate at the intersection of business, technology and culture in the world of digital identity, both commercial and government, a blog born from the Digital Identity Forum in London and sponsored by Consult Hyperion

Advertisers

Technorati

  • Add to
Technorati Favorites

License

  • Creative Commons

    Attribution Non-Commercial Share Alike

    This work is licensed under a Creative Commons Attribution - Noncommercial - Share Alike 2.0 UK: England & Wales License.

    Please note that by replying in this Forum you agree to license your comments in the same way. Your comments may be edited and used but will always be attributed.

« PayPal's pal | Main | Age vs. identities »

ID fraud is now actually a crime

By davebirch posted Jan 30 2007 at 6:15 PM

[Dave Birch] There has been a change in the law in the U.K. so that ID fraud is now a crime.  Hurrah!  Now the the act of ID fraud will be classed as a criminal offence even if a victim does not report a crime.  So, if you log on to a computer system using someone else's smart card and PIN (for example) then it's a crime.

Technorati Tags: , ,

Of course, you wouldn't expect people to log on to computers using someone else's tamper-resistant smart card and their PIN.  Oh wait... according to today's Metro, the South Warwickshire NHS Trust has decided to allow its staff to log on to the new NHS patient record system (which is going to store the medical records of everyone in the UK) by sharing their supervisor's smart card and PIN.  Basically, instead of the members of staff using their expensive, personalised digital identities with attendant access rights, they just stick the supervisor's card in the machine, put the supervisor's PIN in, and then leave the card in the machine until the end of the shift.  The head of IT there says it's OK but, as the British Medical Association (the doctor's trade union) is complaining, this doesn't just subvert the security of the overall system it also destroys the audit trail of who accessed what information.  Given that the front page of the paper is about record negligence settlements by the NHS, I bet lawyers are reading up about smart cards with enthusiasm.

By the way, check this page out.

This is a lesson that cannot be reinforced strongly enough. There's no point in designing a digital identity system that works in Powerpoint but has no connection with the real world.

My opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public.
[posted with ecto]

Comments

I NEED HELP I AM A VICTIM OF IDENTITI THEFT AND I DON'T KNOW HOW OR WERE I CAN WRITE OR ASK FOR HELP SO IF SOME ONE PLEASE CAN HELP ME . PLEASE LET ME KNOW
THANK YOU VERY MUCH

The comments to this entry are closed.