Tuesday, December 04, 2007

The Information Society and Threats Thereof

The Information Society and Threats Thereof

By E.K.Bensah II


To the Guardian newspaper, it is "Discgate". To the rest of us, it is the loss of data of 25 million people—which included the name and date of every child; along with parent's national insurance numbers and bank details— by the UK's HM Revenue early last week, which is a serious wake-up call to aficionados of the information society who have come to believe that moving to an increasingly IT-related world is the way forward.


That the data was not encrypted and that a junior clerk is alleged to have botched his work brings into sharp relief two things: the need to fine-tune measures to protect important data, and a sensitisation of staff working with IT to the pitfalls inherent in the information society. Let's face it, sacking the clerk was to be expected, but it certainly does not bring back that data of 25 million people! What it does do, in my view, is remind us about the potential perils and pitfalls inherent in an information society.


The so-called Information Society, understandably, may represent yet another nebulous concept coined by the perceived behemoth of the UN. What it is, in effect, in my view, is a global society, where ICT tools--not just computers, but mobile phones; radios and whatnot –- serve as critical roles in our "development" --irrespective of where you may be.


This means, for example, that it is a society where mobile internet is a reality; where there is an always-on internet (broadband); where it is not just accessible, but relatively affordable for all; where Internet cafes are within the environs of major cities, hang-outs, and even the country-side, where life is that much quieter; and where blogging facilitates an openness unparalleled in the facilitation of the work of the fourth estate.

Given that Ghanaians are wont to over-do things, I believe in the same manner should Ghanaians pause to reflect over their role and responsibility in an ever-evolving information society.


Whether we like it or not, the information society is here to stay –and that necessarily is not a bad thing. It means that our access to information is increased and, better still, that access is to a plethora of information. To the degree that it makes or mars us is what we must grapple with, for the rapid explosion of mobile phones – both in urban and rural areas – while a positive development, calls for important safeguards of our privacy.


Already, we have become accustomed to going everywhere with a mobile phone—when we don't take it, most of us feel something is missing—and as we increasingly move towards a more sophisticated information society, where WAP-enabled mobile phones, PDAs, and smartphones become cheaper—and the norm, it behooves us to further pause and question not just the impact of such changes on our lives, work, and families, but how exposed it leaves us to attack by miscreants who can—and will—exploit our 24/7 access to our phones.


Without adequate regulation, we will see an information society running amuck, and where with our already-jammed and over-subscribed phone networks, personal information we input over our wap-enabled phones to access the Internet becomes cross-linked with other user's data.


A few months ago, I accessed my Yahoo mail through my mobile phone, only to see someone else's username, password, and email. I refreshed the page, but the person's username and password was all I saw. Rather naively, I selected "sign in", knowing that no-one else had been using my mobile –let alone access my Yahoo account online. In I went—to see that person's emails. I had to reset my phone before I was able to access my own account again. I failed to report it to my provider, believing it to be a one-off thing. What if it wasn't?


This, in my view, calls into question a need for, say, wap-enabled firewalls to prevent any personal data on our mobile phone getting out there. That one can even write a text message, and send it as an email, not only reflects how mobile phones have enhanced our convenience, but how we ought to be more responsible in how we comport ourselves online. We must all by now be familiar with the 419 emails, yet time and again, we hear stories of people having fallen foul of it. It's all about their choice and their responsibility—or lack thereof.


Mind your data

An attempt at a rules-based information society is one of the reasons why the first-ever Internet Governance Forum took place in Greece from 30 October to 2 November 2006. It might have gone unreported in mainstream media, but it certainly was an impactful event in the sense that it set the tone for how the information society could begin to be crafted and regulated.
In the UK, they have gone one concrete step further.


Recent data from the UK's data privacy watchdog – the Information Commissioner's Office (ICO) – indicates that 4.5 million web users aged between 14 and 21 years of age are cavalier in the way they give up information on the Internet, especially when visiting social networking sites, such as the very-popular Facebook, or Rupert Murdoch-owned MySpace.


Even search engines, such as Google, are receiving complaints that information associated with web searches made under an individual's name brings up expressions that these individuals made in their youth but, which could be detrimental to their career. To this end, the ICO has recently issued new guidance for young people using the Internet that they have made available on a website: http://www.ico.gov.uk/youngpeople.


Furthermore, in the light of the monumental blunder at HM Revenue and Customs, the British government has agreed to conduct what it calls "data security spot checks" across government departments, which is to be spearheaded by the Information Commissioner's Office; furthermore, data breaches of the magnitude of this loss will be made a criminal offence.


According to silicom.com, a UK-based site on IT that informs the business world on enhancing its work through technology, the Information Commissioner Richard Thomas who welcomed these new powers said in a statement that by making this data breach a criminal offence, it would "serve as a strong deterrent and would send a very strong signal that it is completely unacceptable to be cavalier with people's information."


Much closer to home, from West African Examination Council (WAEC) results to National Service placements online, Ghanaian data is already computerized and automatically made part of the information society, with attendant qualms over what happens with the data, notwithstanding.


With the imminent introduction of the National Identification Authority and its consequent issuance of ID cards for Ghanaians, the possibility of exposure and loss of our personal details will be more real than it is now where it is hidden among a maelstrom of papers at, say, the passport office.


Our reliance on ICT and its tools may be inevitable, but might we remember to complement it with traditional methods, which are deemed more reliable—lest we end up with a Ghanaian version of "Discgate"!