Mr. Rumley,
In your reply to Dr. Fellegi's earlier response, you raised a number of specific questions. I would like to provide you with additional information, which I trust will provide you reassurance of the security and privacy of your Census data.
Firstly, you asked if the source code was evaluated. Yes, the independent security audits did include a source code review. Infact, the code was independently reviewed on two separate occasions (including the final version in production), and the IT security company validated the code through both manual review and automated means, and concluded that there are no extraneous calls, trojan horses or outputs that could pose any risk to Census data.
Secondly, you asked how the internet could be considered extraneous to our confidential networks. The security layer of the application is in fact provided by the Government of Canada's Secure Channel, which has also been independently validated. The connection between Secure Channel and Statistics Canada's confidential network includes a series of firewalls as well as air-gap devices (mechanical switches that only allow the one-way transfer of data under our control), thus there is no physical or persistent connection with the Internet. The Census Internet system is also composed of separate zones or compartments each protected by firewalls. It would be extraordinarily difficult, if not impossible to gain unauthorized access to census information as multiple vulnerabilities in multiple layers would all have to be exploited simultaneously.
Thirdly, Statistics Canada has chosen to use PKI (Public Key Infrastructure), with 1024 bit encryption to protect data. The PKI encryption of data starts at the browser and goes all the way to the end server at Statistics Canada. This level of security is much higher than most of the on-line transactions on the web, which typically offer only 128 bit encryption. The data remains encrypted from the point of entry making the data impossible to read or access in the very unlikely event that it were compromised along the way.
Fourthly, no contractor is even remotely involved in the handling or processing of any confidential data. They do not have access to any of the questionnaires or the systems that contain confidential data. Thus even if they wanted to or were instructed to gain access to Census data, it would be impossible for them to do so. Statistics Canada has procured services from multi-national firms in the past, and has an unblemished record of protecting the privacy and confidentiality of confidential data, while leveraging on the investment and capacity of the private sector.
Lastly, you asked why a Census is required at all, and why we could not follow the example of some countries that do not conduct a traditional collection approach. The effective governance of a country requires a strong national statistical system, and there is no doubt that the data collected in the Census are vital. A number of countries have relied on a population register that compiles and tracks through administrative means important events in the lives of their citizens. Specific surveys are then conducted to supplement the register or to fill important gaps on a periodic basis. In Canada, we do not have such a population register and the current privacy environment would likely not support such an initiative. For the moment, the Census remains a unique and cost effective means to provide essential data for critical programs, while providing the necessary security safeguards.
In summary, I trust you will find this information helpful, and convey to you that Statistics Canada takes its obligation to protect the confidentiality of your Census information, and while adhering to all the procurement laws of the country, subjected itself to the highest scrutiny for contractor developed systems.
Yours Sincerely,
Anil Arora,
Director General
Census Manager
Note: my website
Stumble It!
---
My freedom is more important than your great idea.
– Anonymous
---
"Unthinking respect for authority is the greatest enemy of truth."
(Albert Einstein)
--------------<br />
http://www.claytopia.net
---
Clayton Rumley
--------------
http://www.claytopia.net
---
"We are all in this together somehow, some more than others somehow"
---
If there was ever a time for Canadians to become pushy - now is the time - for time is running out on this nation called Canada.
As they state in their press releases, Lockheed is supplying hardware, software, and PRINTING.
--------------<br />
http://www.claytopia.net
questions and you get an intelligent response... and then
you get mad about it.
Look at the response for a second. The guy (or girl, I
have no idea by the name alone) went through your issues
one by one and satisfied each one to a very high degree of
technical detail. They gave you the encryption style
(public key) and even the number of bits (1024) along with
a slew of other honest, helpful information.
The internet is a *perfect* venue for the collection of
census data because of it's very nature: it's cheap and
it's everywhere. You're worried about security? Of
course you are, because you clearly don't know anything
about the mechanics of the internet.
Communication is one-way: client->server. Once encryption
is established, data is sent from the single client to the
server and handled on that end. Even if someone wanted to
get their hands on this information, they'd have to hack
every desktop machine in Canada -- either that or crack
the mainframe which as the response stated has been
independently audited and checked for back doors.
You're worried about security. That's good. But this is
a simple process. It's much easier to bribe the people
handling the paper census than it is to hire a horde of
hackers to break into and make off with census data. Let
it go.
And stop giving this person a hard time. They gave up
part of their day to answer your concerns accurately and
honestly. Maybe you should show some gratitude?
If you really want to get pissed off about something, make
a point of the fact that Canada is giving Lockheed Martin
any money at all for something that could have been done
by someone with more political ethics.
Just stop ragging on the technical point because you
clearly don't know what you're talking about.
---
a man who feels the winds of change should build not a windbreak,
but a windmill.
- mao tse tung
"Unthinking respect for authority is the greatest enemy of truth."<br />
(Albert Einstein)
And I suppose you've had your personal piercer chip you too so that you don't have to carry your keys anymore? Since Mulroney trust and credibility are two things that have been severely squandered in Canada. In my opinion anyone that continues to trust technology to protect their privacy must have "The Glad Game" encripted on their grey matter. Either that or you depend on keeping the myth alive because your livlihood depends on it. There is a place for technology but this is not it.
---
"And those who were seen dancing were thought to be insane by those who could not hear the music." Friedrich Nietzsche
--------------<br />
http://www.claytopia.net
I think that in a day and time when we didn't have access to information from hundreds of sources, it could have been government worthy. Now, because our governments are corporate run I just see it as a great way to gather info for marketing targets and purposes. If we had independents for MPs, no provinces and municipal governments making most of our decisions all things would be known by all those that truly NEED the information without gathering it in this fashion. Things need to change and I am happy to help in that matter by objecting to a murdering machine doing the gathering and boycotting the census.
---
"And those who were seen dancing were thought to be insane by those who could not hear the music." Friedrich Nietzsche