  |
 |
|
Research and retrieval of news articles by: SPECIAL NOTE TO ALL VISITORS: | ||
 |
|
ELECTIONS ONTARIO FAILS TO ENCRYPT DATA AFTER LOSING INFO ON 2.4 MILLION VOTERSSource: Toronto StarPosted on August 30, 2012 Four days after Elections Ontario discovered that two unencrypted memory sticks containing the personal information of millions of voters had vanished, the agency continued to use sticks without protective software, according to Ontario's information and privacy commissioner. Ann Cavoukian said during a news conference that she was "so deeply disturbed" by the findings in her investigation of Elections Ontario's "massive breach" last April, including the revelation that the agency replaced the two missing memory sticks with new ones and failed to enable encryption software despite the breach. "On what planet do you do the same thing again, do you not encrypt the data again? It's baffling to me," said Cavoukian, adding that Elections Ontario policy requires that information uploaded to memory sticks be encrypted. Ontario's chief electoral officer, Greg Essensa, publicly announced on July 17 - nearly three months after the breach - that personal information of voters in 20-25 electoral ridings across Ontario had been compromised. The memory sticks, which have yet to be located, contained personal information for up to 2.4 million voters. The information included voters' full names, home addresses, dates of birth, gender and whether they voted in the last provincial election. Both the privacy commissioner and the Ontario Provincial Police launched investigations into the breach. Cavoukian, who released results of her investigation Tuesday, said she was "astounded" by the systemic failures she found at Elections Ontario, including the fact that staff members had not been trained on the agency's security and privacy policies, even after the breach. "Frontline staff remained ill-informed of the meaning of encryption," she said. Cavoukian said the massive data breach has exposed Ontario voters to the possibility of identity theft or "other deceptive practices," and advised those in the affected electoral districts to remain on alert and monitor bank accounts for suspicious activity. The commissioner's report provided a list of recommendations for Elections Ontario to help prevent further breaches, including the appointment of a chief privacy officer and the development of a privacy training program for all staff members. "There's enormous value associated with this data," said Cavoukian. "It should be guarded like Fort Knox." Essensa was not available for comment Tuesday, but an Elections Ontario spokeswoman said the agency plans to review the privacy commissioner's report. Essensa has also made a public commitment to implement the recommendations put forward by the commissioner, she added. A province-wide class-action lawsuit regarding the loss of voters' personal information was launched against Elections Ontario shortly after its July 17 announcement.
E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Professional Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes. |
|
ALERT  WebTrust Is Your Best Defense Against Privacy Breaches. Get WebTrust Working For Your Site. |