Two section chiefs of the Enrollment Division of the Ministry of Health and Welfare’s National Health Insurance Administration (NHIA) and one former NHIA secretary-general have been accused of inappropriately accessing the personal data of insured people over a period of 13 years.
The Taipei District Prosecutors’ Office has opened an investigation focused on the offenses of accessing and gathering national intelligence information, on the grounds that the personal data in question involves “intelligence agency personnel” such as military, police, investigation officials and immigration officers.
The ease with which NHIA staff could use their positions to snoop on the information of insured people from 2009 to last year has caused great alarm. If someone had not reported their activities, they could have continued acting as “moles,” and therefore the NHIA’s internal control mechanism for information security failed.
Furthermore, the group of people whose data were allegedly collected suggests the emergence of a serious national security problem.
Following these revelations, the NHIA, which bears the main responsibility, set up a special team to carry out an internal administrative investigation.
At first, it said that only two people were involved, and that they had accessed more than 160,000 items of personal information, while denying claims that “tens of thousands of sensitive data had been leaked” and it had been happening for 13 years.
However, the NHIA said that one of the staff members looked up more than 110,000 items in 2018, which the NHIA said was “abnormal.”
The prosecutors are trying to determine whether there has been any illegal activity, such as leaking personal information about intelligence officers and passing it on to China or other foreign powers.
However, the alleged activity has been occurring for a long time, so if there were any such “leaks or deliveries,” the perpetrators might have taken steps to conceal them.
The persons under investigation have in court denied that they had any intention of gathering or leaking the personal data of intelligence personnel or members of the public.
However, if it can be shown that intelligence personnel were targeted, the motive would have been abnormal, and the case cannot be handled only in terms of whether ordinary personal data had been leaked.
National security officers are concerned that the National Health Insurance data include not only medical records, but also personal data and photographs, so if this information were to get into the hands of China’s state security agencies, the identities of Taiwan’s intelligence personnel could be exposed.
Such concerns are not exaggerated. Opposition legislators recently revealed that the household registration data of people living in Taiwan are suspected to have been hacked and put on sale in foreign forums.
Such data could include detailed personal information such as names, identity card numbers, addresses, birth dates, marital status and family relationships.
The Ministry of the Interior, which is in charge of household registration data, only said that the household registration system, conscription information system and the government’s backbone network had not been hacked or leaked.
However, prosecutors are investigating whether any such information has been leaked through other channels, which suggests that personal information had indeed been leaked, but it is not yet known through which channel. This makes the problem even more serious.
The government needs to take stronger action to prevent national security leaks. Digital transformation is important, but without even the most basic information security, shouting slogans such as “cybersecurity is national security” is just hot air.
Former US deputy national security adviser Matthew Pottinger, who visited Taiwan last week, knows a lot about “united front” influence operations of the Chinese Communist Party (CCP).
Pottinger once said that “assembling dossiers has always been a feature of Leninist regimes.”
China’s purpose in gathering and using such large quantities of information is to apply it in a carrot-and-stick approach to “co-opt or bully people — and even nations — into a particular frame of mind that’s conducive to Beijing’s grand ambitions,” he said.
Two years ago, foreign media revealed that Chinese company Shenzhen Zhenhua Data Information Technology Co had created a database of information about politicians, judges, military and civilian personnel, technology experts and entrepreneurs from many countries, and that it sold this information to the CCP’s state security apparatus.
Zhenhua Data is not the only company of its type. Regardless of whether Beijing has tight control within China or is expanding its authoritarianism abroad, holding a large amount of personal information allows it to more easily manipulate people’s minds through threats, smears, divisions and other means.
Network hacking attacks have become an everyday occurrence, so failure to keep one’s guard up can cause damage that is difficult or impossible to repair.
China is using military means to pressure Taiwan toward unification, so the government needs to improve its information security, especially for key departments. If not, Taiwan would be leaving the door open for autocrats to gather huge amounts of information.
War games recently conducted by Washington-based US think tank the Center for Strategic and International Studies showed that if the China’s People’s Liberation Army (PLA) were to invade Taiwan by force in 2026 and the US military gave significant assistance to Taiwan, the PLA would be unlikely to win.
However, Taiwanese military experts warn that this projection does not include factors such as CCP infiltration and the help that China might receive from within Taiwan.
If the national security system is not reformed, the PLA might not even need to launch a full-scale invasion, as its sleepers in Taiwan could change sides overnight.
This is not alarmist talk. Taiwan is becoming a playground for communist spies. Some serious cases of CCP espionage have only come to light thanks to US intelligence, and the nation’s counterintelligence capabilities are clearly inadequate.
To make matters worse, even in cases where Chinese spies have been detected, and after prosecutors have worked hard to collect evidence and indict the accused, they often receive light sentences.
Light penalties for serious offenses mean that offenders pay a low price for the crimes, and they are thus ineffective deterrence mechanisms.
On Tuesday last week, the Taipei District Court tried the case of a retired air force major general and army lieutenant colonel who were recruited by a Hong Kong businessman to spy for China and develop a network in Taiwan. The evidence was clear, but because the two men confessed, the court gave them suspended sentences.
On Wednesday last week, Judicial Yuan President Hsu Tzong-li (許宗力) said that although China has been holding frequent military exercises around Taiwan, Taiwanese seem to have grown numb. Comparing this situation to “a frog slowly boiling in a pot of water,” Hsu said it is very worrying, and everyone should have a sense of crisis.
Speaking at the same event, Minister of Justice Tsai Ching-hsiang (蔡清祥) said that judicial officials must recognize the special nature and potential harm of national security cases, and should not treat them as ordinary criminal cases.
It was unprecedented that two leading figures would make such appeals to judicial officials at an academic seminar marking Judicial Day.
While people expect the judiciary to impose heavy penalties on spies, and strictly guard the defense line of national security, the opposite is often the case.
Is this a lack of personal crisis awareness, or is there a deeper national security problem? In view of the CCP’s pervasive infiltration, this question warrants serious attention.
Translated by Julian Clegg
Source: Taipei Times - Editorials 2023/01/17
< Prev | Next > |
---|