This is perhaps the most important lesson from the conviction of Nottingham speed-dealer and all-round bastard Colin Gunn. Gunn was a very modern crook; his graduation from cheque kiting to protection rackets and eventually major drug importing, his powerbase on a post-industrial bombed-out estate, his part-useful and part-suicidal persona fuelled by a paranoid gaggle of cocaine and steroids. (The Garda Siochana describe similar folk as "cocaine androids".) But what marks him out is the special attention he gave to subverting people with access to Big Databases.
To start with, he induced two cops to get him information from the HOLMES2 intelligence database about the police investigation into the murder of the parents of another crook who attempted to kill his son. This helped him to keep ahead of the Bill, and also to terrorise witnesses and detectives on the case. Astonishingly, a paper copy of his police file went missing and turned up in his possession.
But it wasn't just police leaks. John and Joan Stirland were located using information the Gunns obtained from another asset of theirs; this time, someone at BT with access to the billing records. One wonders what other sources he had, and for that matter, how many other 'roid-ridden scumbags have this kind of access. It is suggested that one of the bent coppers, Charles Fletcher, was deliberately planted in the police force. More politically, the animal-rights nuts are known to have had a source in the DVLA, and the West London jihadi cell that was caught with a ton of ammonium nitrate had been trying to recruit employees of National Grid-Transco and BT. (Update: In comments, Chris Williams reminds me that the PNC's non-traditional users include the Saudi Embassy. He also claims that having met me, he can confirm I'm not actually a sinister committee. The poor fool; how does he know he met all of them?)
I refer to my remarks back in October, 2004:
Better yet, the possibilities for an infiltrator in the development team who build the system would be literally without limit. They could set up back-door access to the database or even add extra fields of information hidden to other users. The biggest security system we build must, by definition, be the biggest security risk.
One of the many criticisms of the NIR and the ID card is quite simply that it's the biggest honeypot for information thieves on earth.