Big Data Means Big Risk - Just Ask Sweden!
9 August 2017 09:02
You might not have heard about it, but the Swedish government is in a spot of bother at the moment, and it’s all down to, you guessed it, data security – or in this case the lack of it.
We all know of the serious implications of not properly protecting sensitive data, it can range from a loss in confidence in your brand or business to fines from regulatory bodies, but has a disregard for data protection ever caused a government to fall before?
Thanks to a botched outsourcing job, the ruling Social Democratic party, who heads up a weak, minority coalition, could potentially face a vote of no confidence when parliament returns in September, and it’s all down to Swedish citizen’s data not being properly protected.
It may seem difficult to believe, but this whole saga starts with driving licenses. The Swedish Transport Agency (STA) has to keep records of every car, boat and aeroplane in the country, and because some of the owners of these vehicles, for example, military personnel, spies or witnesses, need to have their identities protected, this data is covered by rules and regulations which state it can only be seen and altered by Swedish citizens who have been cleared by the security services.
In spite of this, in 2015, Maria Ågren, the then director general of the STA, ignored both the advice of her department and a series of complaints from both them and the security police, and allowed IBM to process this data in Serbia and elsewhere throughout Eastern Europe. Although the defence minister and interior minister knew about this in spring 2016, they decided against telling the prime minister until this January.
When the prime minister found out, Ågren was fired and fined, and it was hoped that the story would go away, but journalists from Stockholm paper Dagens Nyheter discovered the truth, resulting in two more ministers being sacked and leaving the government in peril.
The importance of data protection
Rules and regulations are in place for a reason: to ensure that the sensitive data we entrust to various organisations and bodies is protected. We rightly expect that the governments who come up with these regulations abide by them too, but in this case, it seems as though they thought they were above their own laws.
What this shows is the importance of not only following your company’s data protection policy, but also abiding by the rules and laws which govern data protection on a national, and sometimes even global scale.
If only those in charge at the transport agency had signed up to usecure, maybe they wouldn’t be in this mess!