[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Data leak in Estonia




The following are some news clips from Baltic News Service about a scandal
in Estonia, where some government and private databases were sold on black
market on CD-ROM disks. This brings up an interesting question, who should
own information like police and IRS databases, and is it illegal to copy
such information once it is available.

Juri Kaljundi
[email protected]

---

SECRET INFO IS SOLD ON BLACK MARKET, ESTONIAN POLICE SAY
   
   TALLINN, Nov 09, BNS - Classified information of important state
   institutions is available on the black market, according to Estonian 
   security police and central criminal police officials.
     
   A database containing information on hundreds of thousands of people,
   collected by the Tax Department, Estonian Mobile Telephone and
   Radiolinja companies, the Social Affairs Ministry and several other
   state agencies and large companies, has hit the black market, the
   Eesti Paevaleht daily reported on Saturday. Supposedly, also Customs
   Department and national car registry databases have been secretly
   copied.
       
   The CD-ROM with the confidential informations costs about 50,000    
   kroons, according to the daily.
     
   Security Police Director General Juri Pihl and acting deputy director
   of the central criminal police, Andres Anvelt, confirmed that numerous
   institutional databases are available on the black market.
 
   Anvelt said he had happened to see a pirate copy of the buildings 
   registry showing all transactions with buildings and their owners.
   "I've also heard that information on who owns which telephone number
   has leaked from mobile telephone companies," he added.
 
   Pihl said security police would investigate information leaks only
   when they concerned security police itself. Looking into database
   thefts is not directly the province of security police, he said.
 
   Such a secret database is a powerful weapon in the hands of organized
   crime, the daily said.
 
   Criminals have managed to take advantage of the insufficient
   protection of electronic databases and are sometimes better informed
   than the police, Anvelt confessed.

Baltic News Service

---

ESTONIAN COMMITEE CLAIMS IT HAS NO INFORMATION ON DATABASES ON BLACK
MARKET
   
   TALLINN, Nov 11, BNS - Chairman of the Estonian parliament's security
   police committee, Vahur Glaase, said he had not enough information on
   allegedly illicit trafficking in classified databases. 
   
   "I have too little information to draw any conclusions," chairman of
   the parliamentary committee controlling the activity of the Estonian
   security police told BNS.
  
   The Eesti Paevaleht daily Saturday claimed that a database containing
   information of the taxation department, the Eesti Mobiiltelefon and 
   Radiolinja mobile telephone companies, the social affairs ministry and
   some other agencies and companies on hundreds of thousands of people
   had arrived on the Estonian black market. Presumably, the illegally 
   copied database also contains data of the customs department and the
   motor vehicles registration center.
     
   Glaase said that while a large proportion of the official information
   is open to the public, the publication of a classified telephone
   number is a crime.
  
   "This seems to smack of misprision, and police must start
   investigating it when an application is filed," Glaase said.
     
   According to the Eesti Paevaleht report a CD-ROM with the illegal
   database costs about 50,000 kroons. The paper claimed that the pirated
   information is a powerful weapon in the hands of criminals.
       
   Security police general director Juri Pihl and central criminal police
   acting assistant director Andres Anvelt confirmed there was
   black-market traffic in many institutions' databases.
       
   Pihl said that the security police would launch an inquiry into the
   information leak if it also concerned the security police. He said
   investigation of database theft was not an immediate task of the
   security police.
 
   According to the criminal code, the potential punishment for
   destroying or manipulating with other people's electronically recorded
   information is punishable with a prison sentence for a term of up to
   one year.

Baltic News Service
   
---
   
ESTONIAN CABINET EXPRESSES SHOCK AT GOVERNMENT DATA LEAK
   
   TALLINN, Nov 12, BNS - The Estonian Cabinet is shocked by the
   appearance on the black market of government information, foreign
   minister and acting prime minister Siim Kallas said.
   
   "It is a complicated problem and the Cabinet is shocked by it," Kallas
   told reporters on Tuesday.
   
   Kallas said Interior Minister Mart Rask had known about the
   information leak since two months ago. "Investigation of the leak has
   started at the Interior Ministry and by today criminal proceedings  
   have been taken in the first case," Kallas said.
     
   Kallas said that in the nearest future the Cabinet would adopt a
   decision obliging state institutions to protect the information at
   their disposal. "The security systems and leaking connections must be 
   checked," he said.
     
   The acting prime minister said that it was important to establish how,
   by which channels and through whom the information came to the black
   market.

Baltic News Service

---

ESTONIAN POLICE QUESTION FIRST PEOPLE IN DATABASES LEAK CASE
   
   TALLINN, Nov 13, BNS - Estonian police Tuesday questioned several  
   people in connection with criminal action brought in the databases
   leak case.
   
   An interview with an alleged author of the black market databases,
   Imre Perli, has been scheduled for Wednesday.
   
   Tallinn police deputy prefect Peeter Sults told BNS that investigators
   had contacted Perli by telephone and he had promised to come for an
   interview.
       
   "Perli is not a suspect," Sults said. "Criminal action was brought 
   concerning the fact of the leak, not any concrete person."
       
   Sults said the perons interviewed were connected with institutions
   from which information had allegedly leaked out.
     
   The Tallinn criminal police brought criminal action in the classified
   information leak case on Tuesday. The action was taken concerning
   violations of regulations of government register keeping or of the use
   of the information contained in such registers. The punishment
   stipulated for this in the criminal code is a fine or a prison  
   sentence for a term of up to two years.
     
   The press has claimed that most of the classified databases were
   compiled by Perli, until September an Eesti Mobiiltelefon mobile
   telephone company employee. He may also have compiled the motor
   vehicles register database by which car owners can be established.
   
   Databases containing thousands of mobile and ordinary telephone  
   numbers, traffic offences, as well as data of the motor vehicles and
   companies registers are currently being offered for sale in Estonia.
   Such databases are of high value for organized crime.

Baltic News Service