Information & Ethics committee  I think the banking idea is not a bad one. That is a highly regulated industry accustomed to things such as very intense audits, keeping paper trails, and doing everything by the book—hopefully. I think they are definitely a good industry to lean on; however, I would be very, ver

Information & Ethics committee  Yes, I would caution against allowing the segmented siloed databases to talk to each other. If you need data, get it from the person the data belongs to, because if the databases can talk to each other, the data doesn't really belong to that individual citizen; they're just an op

Information & Ethics committee  I think that if you mix and match administrators, that's basically the same thing as mixing and matching the databases. The administrators are just human, and humans want to eliminate work and make things as simple as possible, so that's where corners get cut.

Information & Ethics committee  An original seed of corruption in this whole problem is the concept of micro-targeting. There is something to be said for having an Internet and index and aggregated sources and all that stuff that is useful for looking things up. We've always had phone books and things of that n

Information & Ethics committee  I'd like to bring up the concept that data doesn't really go away. Companies can claim they've deleted it or say whatever the heck they want, but it has been rolled into other things by then. There are derivatives of it and they probably did keep some backups. I would focus mor

Information & Ethics committee  I believe it's healthiest to assume there has been a breach at all times, to make a system so segmented and resilient that even if there is a breach, you can find it, recover quickly and the damage will be minimal. I don't think you should put all your eggs in one basket. I belie

Information & Ethics committee  Absolutely not. I would not take the assurances in that regard on their own website to be the bare truth. If they're citing something that happened in 2007, that was 12 years ago. Has nobody tried to hack them since? Can they come up with no other examples? Something that happene

Information & Ethics committee  I guarantee they've been hacked since then. I'll guarantee it. They may not admit it, they may not know about it, but I'll guarantee it's happened.

Information & Ethics committee  I caution against using too many real-world metaphors to get people to understand the online world. There aren't very many good ones out there. To think about a website as a home or whatever the heck doesn't work for me. Yes, you will have to put government services online. You w

Information & Ethics committee  I recommend a model going forward that basically defines the terms in very strict ways. If something can be accessed without your permission, you are not the gatekeeper to it, you don't own it and you don't control it. If the government has a criminal record of person X, person X

Information & Ethics committee  I would leave you with a very bleak current outlook on it. Things need to change dramatically. Right now, things are 10 times worse than you think they are, and we need action. We need less talk and more action.

Information & Ethics committee  Everybody has breach fatigue because they see all of the data breaches in the news and everything. The number of data breaches that get mentioned in articles is abysmally small. The number of data breaches that actually occur and the amount of data being passed around, whether yo

Procedure and House Affairs committee  Hello, and thank you for inviting me to provide my thoughts and to answer questions on this very important and very interesting time we are in. The solution that I have worked out, I believe, is minimal on effort required and maximal on trust. I think that with a parliament-styl

Procedure and House Affairs committee  These comments are good for any similar commercial offering, not necessarily specific to Zoom but including Zoom. I would not do anything secret over Zoom or any other similar platform. You cannot be certain that there are not going to be adversaries listening or intercepting, or

Procedure and House Affairs committee  I absolutely still stand by that statement. The context was in a nationwide election with millions of people involved. If you're dealing with 200 to 300 elected officials, it is feasible to have them vote, and to confirm those votes, and to do so in a secure enough way that you c