Although not actually a cyber, One of the most debated issues in Israel in the last few years, has been the Biometric database. There are those who are opposing it, and those who are championing it, mostly over its security protocols and if they’re adequate or not.
Yesterday (Monday) there has been another development regarding the database’s security, when the Digital rights movement (DRM), a group that deals with privacy issues, equality issues and other such rights in the digital age, sent a letter to the Ministry of Law complaining that the Biometric database management Authority (BDMA) has been working without a head of information security official, as required. The DRM also asked the ministry to determine that this is a breach of law by the BDMA and so the test period of the database, currently going on, be stopped.
The complaint was made after The Head of BDMA, Gon Kamani, posted a message in LinkedIn which was in fact a wanted add for the role. The post said that the BDMA was searching for a new Head of Information security, but the DRM is claiming that there wasn’t anyone occupying the role.
Attorney Yehonatan Klinger, the DRM’s legal advisor, wrote in the letter that the Kamani had not acted upon his duties to do whatever he can to stop attacks and in the database. Klinger cited a letter sent on May 4th from Yogev shamni, the CTO of population and Immigration Authority (PIBA) to the DRM, that shows that until that date, no Head of Information security was working in the BDMA.
Doron Ofek, an information security specialist who’s opposing the database, said that “The entire activity of the BDMA is dealing with especially private information, with dangers it might leak. This is amateurish to say the least”.
The BDMA responded to the complaint saying that: “information security in the authority is dealt in many areas, and this activity will continue during the process of finding an information security person for the role in question. The authority is being supervised to make sure this matter is suitably being taken care of. Contrary to what was suggested, a head of information security was working in the authority till February 2014, and there is also an official in charge of the defense of privacy.”