26 or younger? Temple St Hospital has your DNA.

I’m surprised I haven’t seen any Facebook pwotest gwoups or Twatterfests about this subject. In a nutshell, a hospital in Dublin is storing a blood sample, name, address, date of birth, hospital of birth and test result from nearly every person born in Ireland since 1984.

That means if you’re under 26, there’s a good chance your DNA is in there: your health, any genetic diseases you might have, your behaviours and traits*, etc. Well, possibly. They had a couple of servers stolen in the 2007, so maybe it is there, maybe not. Sure it’s not all that important anyway, it’s just your entire personality*.

Is Mark Zuckerberg – the slimey douche, if you’ll pardon my Klatchian – ultimately right, do people really not give a shit about privacy any more? Are are people just too thick to realise the problems – current and future – that can result from this kind of thing?

Here’s two stories from Times Online with more details:

Hospital keeps secret DNA file: A DUBLIN hospital has built a database containing the DNA of almost every person born in the country since 1984 without their knowledge in an apparent breach of data protection laws.

The Children’s University hospital in Temple Street is under investigation by the Data Protection Commissioner (DPC) since The Sunday Times discovered it has a policy of indefinitely keeping blood samples taken to screen newborn babies for diseases.

Unknown to the DPC, the hospital has amassed 1,548,300 blood samples from “heel prick tests” on newborns which are sent to it for screening, creating, in effect, a secret national DNA database. The majority of hospitals act on implied or verbal consent and do not inform parents what happens to their child’s sample.

The blood samples are stored at room temperature on cards with information including the baby’s name, address, date of birth, hospital of birth and test result. The DPC said it was shocked at the discovery.

Records stolen from hospital that held secret DNA database: Two computer servers containing the records of almost 1m patients were stolen from the Children’s University hospital in Temple Street in 2007 and have never been recovered.

The data were far more than that lost on stolen bank laptops in recent years. The theft was investigated by the data protection commissioner (DPC) and the gardai after being reported by the Dublin hospital in February 2007. The organisations had decided that there was no need to inform the public, believing there was little chance of the thief being able to access the data.

Patients’ details, including names, date of birth and reason for admission are thought to have been included.

* To keep my wife happy: strictly speaking ‘behaviour’ is stretching it; and DNA probably accounts for about half of your personality, the other half being learned.

Homeopathy Users: Dumbest People On The Planet?

This is doing the rounds of homeopathy forums. Fiver says it was seeded by an “enemy” for a joke, and they’re watching the response open-mouthed…

There is a parliamentary ‘scientific committee’ which examines the scientific evidence for certain contentious problems, and the anti-homeopathy brigade have asked this committee to examine the evidence base for homeopathy.

[…]

So, as you can see, it’s a stitch-up. When the results of the enquiry are published, it is highly likely that they will find “there is no evidence for homeopathy.. .blah…blah. ..blah… and therefore we recommend that homeopathy be removed from the NHS”. As it’s a parliamentary committee, the government always takes thier conclusions seriously, and will probably implement them.

[…]

Anyway….we are not taking this lying down. We have decided to carry out an Intention Experiment, and we are doing this every day, at 9 p.m. GMT until 30th November, day when the committee makes its final deliberations.

PLEASE WILL YOU HELP IF YOU CAN? This involves 15 minutes of focussed, meditative, positive intention-making in order to support homeopathy and try to confound our enemies.

[…]

1. Choose a place away from electronic interference, mobiles, phones, TV etc. Add a plant, meditation music whatever helps you personally get into a meditative state.

2. Sit either in an upright chair or cross legged or similar

3. 1st 5 minutes: slow your breathing… in through your nose and out through your mouth for 15 seconds each minute, then

4.From 9:05 – 9:15 pm focus clearly on the statement below in whatever way suits you, see the Committee accepting Homeopathy works, or people being able to
have Homeopathy treatment on the NHS, feel positive and joyful, really see, hear, smell, sense (whichever way you imagine/visualize) the reality of it.

“We intend the outcome for the UK homeopathy evidence check to be wholly and fully in favour of homeopathy. We intend for the vast and thorough body of scientific data supporting the efficay of homeopathy to be seen, heard and recognised as valid, solid and scientific. This is so, and it is done”

Uri Geller must be pissing himself.

That bollard on Grand Parade

You know the one. Did you realise it was a cannon? It made perfect sense the minute I read this page on the excellent Cork Past and Present website by Cork City Libraries, but not before!

cannon_bollard_2009June (1)

Cork Past and Present: One of the most familiar pieces of street furniture in Cork is the old cannon gun made from cast iron which now serves as a bollard on the corner of the Grand Parade and Tuckey Street near Bishop Lucey Park. The cannon gun has been dated to the reign of George III of England who reigned from 1760 to 1820. It may have been used as a mooring post for boats in the days when a channel of the Lee flowed along the Grand Parade. In recent times it has been used to secure one end of a skipping rope as youngsters played on the refurbished Grand Parade. Tom Spalding in his book Cork City: a field guide to its street furniture claims that it may be the oldest piece of free-standing street furniture in Cork.

Secret Billionaire: The Chuck Feeney Story

If you get a spare hour in front of a computer between now and May 26, this RTE documentary about Chuck Feeney is well worth watching. I rarely last more than 5 minutes watching video on a monitor, but this held my attention the entire way through. An incredible man.

Tesco Credit Card Security

An open letter to Tesco and the Financial Regulator.

CC: Financial Regulator, Dublin 2
CC: Tesco Ireland, Gresham House, Dun Laoghaire, Dublin
CC: Tesco Customer Service, PO Box 73, Baird Avenue, Dundee DD1 9NF
CC: Tesco Card Center, PO Box 5747, Southendon-Sea, SS 11 9AJ

RE: Tesco Credit Card Security Procedures

Sir/Madam,

I would like to file a formal complaint about Tesco Personal Finance security procedures for contacting customers by telephone. I have been contacted twice by their staff in recent weeks, and I was shocked by their call procedures in both cases.

The first time I was contacted, via a private number, the staff member wouldn’t introduce themselves or who they represent “for security reasons”. They then proceeded to ask me for personal information to authenticate myself to them. When I explained that there was absolutely no way I was going to authenticate myself to someone that is unwilling to authenticate themselves, they cited the Data Protection Act as justification. I hung up.

At this point I guessed it was Tesco Personal Finance that was contacting me, but there’s no way I could have been sure of this until it was confirmed by the second caller a week later, who at least had the courtesy to introduce themselves and the company. However they also asked me to authenticate myself, which I again refused to do. When I complained about the procedures they didn’t attempt to resolve the situation in any way, they simply cited chapter and verse back at me.

I understand why Tesco was trying to contact me; I received a letter about an overdue amount on my account and sent a cheque to bring it in order on the 31st of March. I accept that was my error and apologise to Tesco for the inconvenience, although in my defence I would add that I changed banks recently and simply had no way to pay the outstanding amount, as my previous account was closed automatically by my old bank before the new account was fully open.

I would also add that if Tesco had invested in just one Irish staff member to handle payments locally, or had invested in an online account management tool for Tesco credit cards, I would have been aware of the issue earlier and they would have received the payment already. I understand the service is outsourced, but Tesco can’t afford 50 or 100k for these simple features?

That’s neither here nor there though, my issue is with the security procedures. While I understand the need for these procedures, their implementation in this case is incompetent at best and dangerous at worst. Consumers are told every single day via various sources not to respond to hoax emails or phone calls, not to give authentications details to just anyone, yet here is Tesco ringing me out of the blue, on a private number, asking for my date of birth and mother’s maiden name.

Please change these procedures to protect Tesco customers, and the customers of other financial institutions whose senses may be dulled by these nonsensical security procedures. A security professional could and should be contacted to discuss the best way to go about it, but even someone like me with the most basic interest in security can suggest something better:

  1. The call shouldn’t come from a private number. The number doesn’t even have to work inbound, a simple recorded message can be used to authenticate.
  2. The staff member should introduce themselves by name.
  3. If allowed by data protection law, the company should be introduced. If this is an issue, tell them that their personal credit card provider is calling, but due to data protection law further details cannot be disclosed. I would be very surprised if the Data Protection Commissioner wouldn’t allow this, but they can and of course should be contacted to confirm this. Rest assured it won’t cost anything.
  4. It should be explained to the customer that the provider is trying to get in touch to discuss the details of the account, but for security reasons they need to initiate contact by calling the freephone number on the back of their card.
  5. Apologise for the inconvenience.

You can even automate this part of the procedure because no actual conversation will take place; not a bad idea in my opinion given the inability of Tesco’s staff to work off-script. Again though, I’m not a security expert, and one should be consulted. I’d strongly suggest Bruce Schneier of Counterpane Systems as one of the most respected experts in the industry.

But of course you should do your own research into this and not take my word for it, since I could be anybody; in much the same way that I don’t take the word of someone that rings me out of the blue. Seeing a pattern here? Please, do something about this idiocy. It’s dangerous.

This is an open letter, the full content will be published on my website at the following address:

http://verbo.se/tesco-credit-card-security/

All recipients are welcome to respond there or by email to [REMOVED] instead of in writing. If you would prefer that your response remain private, please make this clear in same. I reserve the right to post a summary of responses on my website.

Yours sincerely,
Adam Beecher

The Met Brother gets Bigger and Bigger

I don’t envy my sister in London, having to deal with the social problems this kind of idiocy propogates. The people responsible for commissioning and approving this should be forced to read 1984 a hundred times, Brazil style.

(Click for bigger.)

Via Boing Boing.

Blackout Ireland Avatars

Didn’t really fancy the one on the Blackout Ireland site, so I made one of my own for Foot.ie. a few size variants below.

If you haven’t been paying attention, this is happening in protest against Eircom’s capitulation to the Irish Recorded Music Association attempts to censor the Irish Internet. You can read more about the subject here.

Blackout Ireland 200x200px

Blackout Ireland Avatar 150x150px

blackout-ireland-100x100

blackout-ireland-75x75