Hey IT Nerd! What Do You Think Of The Privacy Issues That Elections Ontario Have?

For those of you who don’t live in the Province of Ontario, there was a major privacy breach reported last week. Two USB drives with roughly 2.4 million voters names, birth dates, addresses, genders, and even if they voted or not disappeared without a trace. Here’s something that blows me away. This happened in April. We’re only finding out about it now. The risks for identity theft are through the roof.

So what do I think of this?  First of all, why would such sensitive data be on USB drives that anyone could access? That’s a huge problem in itself because data that sensitive should be someplace that is hard to get to. Second, if you must have this stuff on some sort of removable media, it should be encrypted. That way if it fall into the wrong hands, it’s useless. That brings me to my third point. Elections Ontario had policies to stop this from happening:

Elections Ontario stressed that protocol was not followed in this instance.

Its policies dictate that USB keys must be password protected and encrypted if they carry personal information, and that the keys must be in the custody of staff at all times.

In this particular case, two staff members, who were working in a warehouse in late April updating the permanent register of electors for Ontario, did not follow the the rules.

The two were supposed to secure the USB keys at the end of the work day, but failed to do so.

The next morning when they returned to work, the keys were gone.

Well, if you don’t follow your own rules, that’s a #epicfail. That has to change.

Here’s the bottom line. This data is likely being used for evil purposes as you read this. That is something that you can take to the bank. And that should scare voters in Ontario. It should also lead to laws that hold people and organizations accountable for stuff like this. By accountable, I mean fines and jail time. Make it hurt and stupidity such as this will stop.

Leave a Reply

%d bloggers like this: