Tom, I hear all the time about how such and such a website got hacked and the information leaked. I'm prior military, so I've been following the VA incident -- and that wasn't even web hosted. The reality is that hackers (or their bots, zombies, etc.) attempt intrusions on all websites every day. Given that, most websites will be hacked at one time or other. I have statistics, but I'll forgo them for now.
Given that most websites will be hacked, the real question is what we choose to put there. It wouldn't bother me (too much) if someone found out that I was a church member, my address, that I served a mission, or who's in my family. Those things are all a matter public record, anyway. It wouldn't bother me if someone found out how much tithing that I paid, either. If someone found out my credit card number, then Visa would cover my losses and issue me a new card number. So, that's not a permanent problem. However, YM / YW / Scouting records paint a much more personal account of the individual. They have things such as likes, dislikes, achievements, associations, other personal information, etc. If those things, coupled with name and address, fell into the wrong hands, then bad things could happen. Here is a sample article about kids and 'myspace.com' (http://www.msnbc.msn.com/id/7668788/). In the case of 'myspace.com', kids are voluntarily disclosing information that sets them up for stalking and the like. This has gotten so bad that public schools are starting to try to ban student's participation or to monitor them for inappropriate activity. I don't want to open a discussion as to whether that is good or bad, but the schools are, at least, trying to protect the children. If the church were to sponsor what would really amount to an online database of personally identifiable personal information of minor children, then they would be making themselves hugely liable if that information ever got out. Groups like the ACLU would have a heyday. The VA had to announce recently that ~2M soldiers' information was compromised. Imaging the PR and financial liability if the church had to make the same announcement. This possibility has to be weighed against the benefit of an online system vs. keeping those records by hand or in another non-centralized manner. I took a class at BYU that discussed things like "risk management" and "mitigating risk". Most of us glossed over that course in favor of building 'cool stuff'. As technologists, scientists, and engineers, we all have to pay more attention to the ramifications of technology than we do about the technology itself. So, to answer your question, if the church hosted a minor child information tracking website, then no I would still not be comfortable with that. I would opt out and my opting out would unfortunately hinder the utility of the overall system. Steve -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tom Welch Sent: Wednesday, June 07, 2006 7:29 AM To: LDS Open Source Software Subject: Re: [Ldsoss] Scout Tracking If the Church were to host the site, would that alleviate your concerns? Currently you can get a ward listing of all members in the ward, their address and phone numbers from the ward unit website. This would not be much different. Tom Steven H. McCown wrote: > I can appreciate all the fervor for a web-based app. However, > > 1) The church has said no websites. You can't get away with making the > "this is scouting and that is the church" distinction, anymore. > > 2) It is a legal problem to start posting information about minor children > to the Internet. That would have to be decided at Church HQ and not by the > local units. They don't even allow information to be posted into Family > Search about living people, they just insert a "LIVING" placeholder. Being > involved with security professionally, I would not give my consent. This is > a huge pitfall -- despite good intentions -- it would be wise not to fall > into it. > > Steve > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Dan Hanks > Sent: Tuesday, June 06, 2006 9:04 AM > To: LDS Open Source Software > Subject: Re: [Ldsoss] Scout Tracking > > On Tue, 6 Jun 2006, Tom Welch wrote: > > > Web-based would be great, but with the church's policy on non-official > websites, where does that put the local unit that would want to install > and use such a web-based app? > > -- Dan > > > _______________________________________________ > Ldsoss mailing list > [email protected] > http://lists.ldsoss.org/mailman/listinfo/ldsoss > > -- Tom Welch [EMAIL PROTECTED] (801) 240-1609 (858) 829-4614 - Cell ---------------------------------------------------------------------------- -- NOTICE: This email message is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. ---------------------------------------------------------------------------- -- _______________________________________________ Ldsoss mailing list [email protected] http://lists.ldsoss.org/mailman/listinfo/ldsoss _______________________________________________ Ldsoss mailing list [email protected] http://lists.ldsoss.org/mailman/listinfo/ldsoss
