US govt: Treat personal data 'like toxic waste'

Summary:Computer scientists in the United States have advised organizations to be extremely cautious when handling information that can be used to identify individuals.

Organizations should treat personal information that can be used to identify individuals "like toxic waste", according to the U.S. federal agency that develops and promotes measurement, standards and technology in information systems.

Information which can be used or combined to identify individuals should be treated like a hazardous substance by those charged with looking after it, according to National Institute of Standards and Technology (NIST) senior supervisory computer scientist Tim Grance.

"If you have high-value personal identifiable information, it's like toxic waste," said Grance at the RSA security conference in San Francisco on Wednesday. "You don't put toxic waste in your car or on a laptop and carry it somewhere. Treat it like it's bad stuff."

Consequences of the loss of high-value information, such as bank details, names and addresses, can be severe, warned Grance. "Think of the impact to your organization of a breach," said Grance. "The consequences are quite real in and out of government. You're only a banana peel away from oblivion."

There have been a series of high-profile data losses by civil servants in the United States and the United Kingdom in the past year, including the loss of 25 million personal details by HM Revenue & Customs in the United Kingdom last autumn.

Grance said that civil servants should work out what information they have, decide what level of sensitivity applies, use technical means to identify records which can then be reconstituted at need and minimize data collection.

Hugo Teufel, chief privacy officer for the U.S. Department of Homeland Security, also speaking at the conference, said that civil servants needed to be educated about the risks of data compromise and how to prevent it.

"My answer is always: educate, educate, educate," said Teufel. "Whenever you have people together--or any carbon-based life forms--they make mistakes."

Topics: Big Data

About

Tom is a technology reporter for ZDNet.com, writing about all manner of security and open-source issues.Tom had various jobs after leaving university, including working for a company that hired out computers as props for films and television, and a role turning the entire back catalogue of a publisher into e-books.Tom eventually found tha... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.