Lessons from the WikiLeaks melodrama
Published:Tuesday | January 4, 2011 | 12:00 AM
THE EDITOR, Sir:
In the aftermath of the sensational WikiLeaks disclosures, a pressing issue facing governments and organisations is how to ensure the protection of confidential and sensitive information from unauthorised disclosure in today's dynamic electronic environment.
The serious implications for record-keeping practices have been overlooked so far in the debate, on the rights and wrongs of WikiLeaks.
One of the most intriguing aspects of the WikiLeaks saga has been how so many confidential United States (US) documents came into the possession of WikiLeaks in the first place. After all, the US government has a well-developed document- and record- management programme, underpinned by the latest in information technology, to protect and safeguard information.
Ironically, it is the phenomenal development in computer technology which made the leaking of more than 250,000 diplomatic cables to WikiLeaks possible.
a whistle-blower's dream
According to Britain's Guardian newspaper, a US military Internet network links the State Department and other departments with United States missions around the world. A large number of persons have access to this database, and one of them, an army intelligence analyst, has been charged with leaking the cables to WikiLeaks.
In spite of the sophisticated database with passwords and other security features, everything hinges on the human element, as it is difficult to safeguard against a disgruntled employee. The same thing happens with print records. The big difference today is the sheer volume of information which can hold on small, portable electronic devices. Now, a new challenge has emerged - the ease with which they can be purloined and leaked.
The challenge facing organisations - and the founder of WikiLeaks has said that he intends to target documents from the banking sector next - is how to ensure the security of their records (especially those deemed confidential). More attention will have to be placed on the management of records throughout their life cycles. This includes taking decisions on issues such as their status (e.g., confidential or open); how long they should remain confidential; the categories of persons who should have access to them; the length of time they should be retained; and the persons with the authority to dispose of them.
Organisations should not panic and react by discouraging the creation of records, or by disposing of records indiscriminately without having proper systems in place to appraise their value, both for current administrative and long-term historical purposes.
However, governments and organisations should ensure that such systems have appropriate procedures and safeguards to prevent, among other things, the improper disclosure of information.
I am, etc.,
JOHN A. AARONS
UWI Archivist