Tuesday, January 29, 2008

Data retention - "The innocent have nothing to fear" edition

The Economic Times of India has this worrying report:
MUMBAI: The wrongful arrest and the 50-day incarceration of an innocent software professional on charges he uploaded offensive pictures of Shivaji on Orkut were probably the result of a wrong internet timestamp and has raised concern over the over-dependence of police on Internet Protocol (IP) addresses as evidence in online crime, cyber experts said.

A couple of months ago, Lakshmana Kailash K was arrested, denied bail and given a taste of harsh prison life at Yerawada as the IP details given to police by his internet service provider, Bharti Airtel, matched his user identity. It later emerged that they had the wrong man. Police confirmed the faux pas and Mr Kailash was released. Now, the professional has sent legal notices to Bharti, police and government officials claiming damages for the agony he went through.

Sunil Phulari, the DCP with the cyber crime cell Pune said: "Nothing went wrong in the investigation. It was carried out according to the legal procedures. I cannot speak for Airtel."


  1. Great to see you keeping data retention on the radar so consistently. Definitely alarming reading.

  2. From Silicon Republic to-day (as if we didn't already know they were leaky...

    01.02.2008 - Nearly 100 notebook and desktop PCs have been lost or stolen from Irish government departments over the last five years, along with 14 BlackBerry smartphones and 11 portable media devices, says Ruairi Quinn, spokesperson on Education and Science for the Labour party.
    “[This] shows the need for a strong overall policy on data encryption and protection,” he added.

    These worrying findings came on the back of a series of Dáil questions which were tabled by Quinn earlier this week to question security practices among governmental departments.

    While this data loss is not on a par with the massive loss of private data containing information about 25 million child benefit recipients from the UK government in November 2007, the UK incident highlights the fact that increasingly confidential material about citizens, including names, addresses, dates of birth and bank details, are being stored by our Government

    “More and more confidential data about people is available to Government today, particularly in areas like Social Welfare and Health,” said Quinn.

    “This allows for better and more focused services to be delivered, but it also creates a risk that must be mitigated.

    Quinn suggested that all manner of computer devices should be encrypted and protected with strong, secure passwords.

    “We have seen from recent revelations in the UK that missing computer disks and laptops, some with confidential intelligence information, can cause distress for both Government and citizens,” he added.

    By Marie Boran