Missing: Police data, any answers

So far, what we know is disturbing: “A series of hard drive failures” has corrupted an enormous amount of Cayman Islands police data — 1.2 terabytes worth, roughly equivalent to 80 million copies of the editorial you’re reading.

The government’s computer services personnel have been unable to restore and retrieve all of those records, and recommend sending the spoiled equipment overseas for outside expert assistance. The records involved relate to the Royal Cayman Islands Police Service Joint Intelligence Unit, Marine Unit and the office of Police Commissioner David Baines. Backup drives, apparently, were also corrupted during the crash.

Even more disturbing is what we don’t know: What records, exactly, are missing? Precisely how, why and when did the “hard drive crash” occur? Who is responsible for the loss? Who, if anyone, can fix it? How much is this going to cost?

The most disturbing thing of all, perhaps, is that no one — in the police, ministry or civil service — seems to know anything at all, either. Or if they do know, they aren’t talking.

Certainly, nobody volunteered to disclose to the public the records loss when it happened, “apparently sometime in May,” according to Wednesday’s story in the Compass, which only learned about the situation via a Freedom of Information Law request for Marine Unit records that just happened to be among the corrupted files. Did the government only learn about the missing records at that time as well?

For many reasons, it behooves the government and police to be as honest, open and transparent about the corrupted files and missing records as possible.

English scientist Charles Babbage, often called the “father of computing,” wrote in 1832, “The errors which arise from the absence of facts are far more numerous and more durable than those which result from unsound reasoning respecting true data.”

While Mr. Babbage was specifically arguing for the importance of providing political economists with hard business statistics, his remark touches upon a fundamental facet of human behavior.

When the public isn’t being provided with facts, people begin to create their own. Imagination and speculation pose a far greater danger to collective society than would any responses to the truth. Fairly soon, talk of corrupted files may give way to talk of corruption and deliberations over deliberateness.

How can officials know so little about the missing records, or, alternatively, if they do know something, how can they justify not coming forward — or at least provide reasons why they can’t.

After all, depending on the specific files, the police records could very well contain information whose disclosure or loss (or even disclosure of loss) could jeopardize domestic, regional or international security.

Those officials who know, or should know, need to share answers with the people or publicly demand answers from others.

Right now, we don’t have many answers, but we have many questions:

  • When did the records go missing, when was the problem discovered, and why was there no announcement?
  • How did the backup drives also become corrupted? What was the retention policy for the records?
  • Do any of the missing records concern current or future prosecutions, or contain sensitive information from intelligence-gathering operations?
  • Can it be declared, with certainty, that none of the missing records relate to Operation Tempura and the continuing fallout from that ill-fated police probe orchestrated and executed by the U.K.?
0
0

3 COMMENTS

  1. Let’s assume for a moment that all of the required disaster recovery and backup procedures were in place and being followed as documented.

    If the above statement is true then is it logical to conclude that the data corruption was intentional and deliberate? If so, this would be a very disturbing situation with far-reaching consequences.

    The fact that potentially sensitive and critical data might be sent overseas where there is a greater possibility that it will be accessed by unknown individuals should also be of great concern to everyone.

    0

    0
  2. Let us assume, perhaps more realistically, that disaster recovery and backup procedures were either not in place to the required standard or were not followed judiciously, then those who are responsible for managing and implementing the protocols for data management have questions to be answered.
    If the data has to be shipped to the UK then it will be covered by the Data Protection Act 1998 and will be as safe as any. If it were to be sent to the USA, then the Cayman authorities would need to ensure that it was covered by the US Department of Commerce’s Safe Harbor Scheme.
    In terms of the Cayman Compass’ 4 questions, I see no reason why the first two cannot be answered. However, the third question is not connected with the actual issue – the potential loss of data – and are operational issues for those dealing with the court files / prosecution files / intelligence operations which is not the matter at hand. If there are issues these will come to light during the judicial processes they refer to, in the case of court/prosecutions files, and never in the case of intelligence operations.
    Question 4 is so value laden (ill-fated police probe orchestrated and executed by the UK) as to merit no answer whatsoever.
    Nice try Cayman Compass but perhaps you could confine yourselves to the very serious issue of data security.

    0

    0
  3. Wow.

    Makes me wonder how many other organizations out there that have mid or high level managers who are responsible for the data have either ignored this possibility or just haven’t had a failure yet. How much of this is just hidden?

    If your public sector you have FOI to adhere to. If you are in private industry you have legal discovery risks to ensure you have the data when you need it.

    To those IT staff in the middle, If you warned people they had a risk and were ignored I hope you have your bullet proof vests on.

    0

    0

Comments are closed.