For several days Poland has been excited about the so-called ‘Wildstein’s list’. This journalist of ‘Rzeczpospolita’ stole from the Institute of National Remembrance (IPN) and made public the list containing almost 250 thousand names of so called ‘secret collaborators’ of the Security Service. We will not go into the moral and ethical aspects of the case (that’s what “political” websites are for). But let’s look at the whole affair from the point of view of a “computer scientist” and consider how technically possible it was to transfer such a large amount of data unnoticed. A five-person team from the Institute of National Remembrance is investigating the circumstances in which the publicist of ‘Rzeczpospolita’ obtained a list of 240,000 names of people whose files are kept by the Institute. The members of this commission do not want to give any information, including the former journalist of Rzeczpospolita (from which he has just been dismissed). The former journalist of “Rzeczpospolita” (from which he has just been dismissed) refuses to provide any information on how the list came into his possession. The results of the commission’s investigations will be known around February 10. So for now, we can only surmise how this happened.
The computer with the IPN database has been in the institution’s reading room since last fall. It can be accessed by all those who use the archive (i.e. journalists, historians, and those deemed wronged). Kieres claims that the lustration law makes it impossible to keep the data on “secret collaborators” secret.The head of the IPN also says that the list may not have been copied from a computer at all, but could have been printed out.
It is rather unlikely. A printout of 240,000 names, even on a high-speed printer, would take more than 12 hours and would have to be noticed, especially since, according to Jacek Żakowski, who received the list, it consists of 4131 pages. And such a printout requires filling the printer’s tray at least eight times. That cannot be done unnoticed either. Unless, of course, an IPN employee did it on Wildstein’s orders – without raising any suspicion.
It is not known what format the Institute’s database is in. Knowing the approach of government institutions to computerization, we can assume that it is saved in a Microsoft Excel file, or – even – it is not a database, but an MS Word or .PDF document. In Excel, a database with such a number of names takes from 12 to 20 MB, while a Word or Adobe file has a similar size. Contrary to Gazeta Wyborcza’s claim, it is possible to copy it onto floppy disks (it’s only 9 high-density disks). Perhaps the database file was copied to a USB Drive type device. The data so carried away could later be quietly printed at home.
At this point the question arises. Why was the database not protected against copying? Such protection (even in Excel) can do even a little skilled computer scientist. It was enough to establish such protection, eg. The computer would ask for the password when trying to copy or print and there would be no scandal. Professor Kieres claims to have received a memo from an IPN computer scientist that reads: “The list did not get out of the computer, which is in the reading room. The security system was correct.” If the IPN computer scientist knows his job as well as he knows the Polish language – one can assume that the security system was not correct. Unless someone from IPN copied those data to Wildstein. And there is no wonder for the computer scientist. He fights as much as he can to keep his warm job – and, as you can see, a job connected with little responsibility.
“I was considering whether to make the list public on the Internet. For various reasons I haven’t decided yet.” – Wildstein says. According to Deputy Speaker of the Sejm Tomasz Nałęcz, Wildstein, by taking the list out of the IPN, violated the IPN’s intellectual property rights under copyright law. Lawyers argue that the law on personal data protection was rather violated
Ombudsman Professor Andrzej Zoll believes that the list “perhaps should have been reserved for official use” and that the law may have been violated by its removal from IPN.
Deputy Prosecutor General Kazimierz Olejnik announced that the prosecutor’s office will deal with the case when it receives a report that a crime has been committed.
If it turns out that the IT specialists of the Institute of National Remembrance are guilty they will be dismissed, just like Wildstein. But – like the journalist – they will surely find a new job quickly. Those who ‘know a lot’ are in demand in our country shaken by scandals.
What is it like in other countries? Slovaks can look into the files of the communist security service. They can do this via the Internet. The Slovak Institute of National Remembrance made over 20,000 records available in November 2004. To protect against abuse, the interested party must first fill out an online questionnaire and only after it has been checked does he get access to his file. Bulgaria did this earlier – in March 2001.
Other “post-communist” countries (Germany, Czech Republic) disclosed data in a different – not network – way. In this way they avoided misunderstandings and scandals.
In my opinion, apart from other aspects of the matter, such data should be protected against copying. What do you think?