March 18, 2011 - 9:48am
There is no such thing as a secure computer system. Today, the New York Times reports that SecurID, a company which "pioneered advanced cryptographic systems" has been the victim of a serious security breach. They are one of the international leaders in securing computer information, and even they are vulnerable to breach.
The ACLU's concern over the collection and storage of personal data is built upon just these sorts of events. In the wrong hands, our personal information can cause us all sorts of problems. Good public policy often depends on the collection and analysis of personal data, but government computer systems are never as secure as we would hope (or as government officials claim).
We believe that there are three things that will help us keep our personal data safe: personal data collection should be limited whenever possible, to avoid the creation of large targets for data thieves; subjects of data collection should be fully informed about why data are being collected and given the choice whether to participate; and our outdated privacy laws need to be updated, to take account of changes in technology and practice. The recent breach at SecurID is a reminder that technology is not going to solve the problem for us.
