Fears CIA may hack Scottish Census secrets


by Ben Borland

FEARS the Pentagon could use anti-terror laws to secretly hack into today’s Census data have led to unprecedented security being introduced by the Scottish Government.

The safeguards were installed amid concerns the US-owned defence and intelligence company carrying out the survey in Scotland could be forced to hand over sensitive information.

Under the Patriot Act, passed by George W Bush shortly after September 11, American firms are obliged to share secret information with the authorities in Washington if requested.

But at Holyrood earlier this month, Finance Secretary John Swinney admitted  counter-measures had been taken to “ensure that personal information collected in the Census could not leave Scotland and that the US Patriot Act could not catch that information”.

Duncan Macniven, the Registrar General for Scotland, who is in overall charge of today’s Census, has also raised concerns about so-called “sneak and peak” warrants. These allow US law enforcement agencies, including the FBI or the CIA, “secretly to enter a business, either physically or virtually, conduct a search and depart without taking any tangible evidence or leaving notice of their presence”.

In a report seen by the Scottish Sunday Express, Mr Macniven also admits “it is impossible to rule out any possibility the US Government” might want Scottish Census data.

The £18.6million contract was awarded three years ago to CACI UK, part of CACI International, one of the world’s largest defence and intelligence firms.

Mr Macniven says the company could be faced with an “invidious choice” between breaking US law and refusing a request under the Patriot Act, and breaking British law by forcing its London-based subsidiary to comply. The safeguards include a stricter contract designed to “minimise the role” of CACI UK, despite it being the main contractor.

In a further twist, CACI International was also involved in interrogating prisoners at the notorious Abu Ghraib prison in Iraq. One inmate has alleged its staff physically and mentally abused him, although this has never been proved and is “vehemently denied”.

However, the concerns have led to calls for a mass boycott of the Census – despite the threat of a £1,000 fine and a criminal record.

One protester yesterday suggested Scots could be refused a US visa or blacklisted by major airlines if the Census is accessed.

Richard Haley, from Scotland Against Criminalising Communities, said: “We all know by now how easy it can be to access even supposedly secure data – there are always loopholes.

“It seems very unlikely that the Registrar General for Scotland or the Scottish Government has succeeded in putting in technical safeguards to hold at bay a company whose business is IT in the worlds of intelligence and defence.

“The Census started as a simple head count but now contains a lot more information. It could be used in all kinds of areas, from anti-terrorism work to marketing.

“Information on things like your ethnicity, your religion or your job, is very like the kind of information used for profiling of air travellers.” The revised contract means CACI UK will no longer own and manage the Census computers, as originally planned, with Registrar General staff now controlling the secure IT base. Any CACI UK staff who do access the data will be strictly monitored to ensure it is “physically impossible” for them to remove anything.

In a statement, CACI said the allegations it had been involved in torture at Abu Ghraib were “totally unfounded and unproven”.

It added: “CACI UK does not provide services to the defence or intelligence sectors. In the UK, we remain absolutely committed to providing our government and commercial customers with the very best service. The quality and loyalty of our clients reflects the considerable capabilities and professionalism of all our employees.”

A statement from the General Register Office for Scotland (GROS) said: “GROS is aware of the Patriot Act and has made sure that personal details are protected from it by both UK law and the practical arrangements we have put in place to manage and control information.”




Published with thanks to Sunday Express Scotland