Home NEWS EC erred in publishing voters’ details on Google Drive – IT Security Consultant

EC erred in publishing voters’ details on Google Drive – IT Security Consultant

4 min read
0
81

An IT security consultant, Prince Kpasra, believes the Electoral Commission (EC) erred in the manner in which it made basic data of registered voters public.

He said it was “very bad” that the EC made the names, ages and genders of prospective voters available on Google Drive on a polling station basis.

But Mr. Kpasra said the data should have protected by some further restrictions.

“The first thing is that, they should have put it on their website and restricted access, but they put it on a public cloud, which is Google, and allowed anybody who wanted to download the information to download it.”

The security consultant also said the manner the voter data was published constituted a fraud risk because of the easy access to names.

“There could be identity fraud where fraudster can use your ID number to register a SIM card.”

“Having all the information will make it easier for fraudsters to steal your identity for opening bank accounts and hacking social media,” Mr. Kpasra cited as an example.

He, however, did not cite a specific law the EC had breached.

What the law says

The Data Protection Act outlines for handing data and specifically, “special personal data.”

The law says a data controller may process special personal data in accordance with the Data Protection Act where “processing is necessary, or the data subject consents to the processing.”

Special personal data shall not be processed unless the processing is “necessary for the protection of the vital interests of the data subject where it is impossible for consent to be given by or on behalf of the data subject, the data controller cannot reasonably be expected to obtain the consent of the data subject, or (c) consent by or on behalf of the data subject has been unreasonably withheld.”

Special personal data shall not be processed when it does not involve the disclosure of the personal data to a third party without the consent of the data subject.

The C.I. 91, which regulates aspects of the EC’s activities, also says the voter data “shall be published in a manner determined by the commission.”

 

Source: citinewsroom.com

Load More Related Articles
Load More By Elinam
Load More In NEWS
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments

Check Also

Spanish man jailed for killing and eating his mother

A Spanish man has been sentenced to 15 years in prison after killing his mother and eating…