Share

Related Links

  • Overtis
  • Reed Exhibitions Ltd is not responsible for the content of external websites.

Related Stories

Top 5 Stories

News

WikiLeaks Swiss banker on trial for allegedly leaking private data

20 January 2011

Hard on the heels of publicly handing over disks that contained a variety of information on wealthy Swiss bank clients to WikiLeaks on Monday, the former Swiss banker Rudolf Elmer has admitted in a Swiss court that he sent the data to tax authorities.

In the potentially precedent-setting case, Elmer has admitted sending the data and therefore breaching bank security rules, but he denied blackmail and making a bomb threat against a bank chief.

According to the Reuters newswire, Elmer first came to public notice some three years ago when he passed on details of Swiss banking clients to WikiLeaks.

The newswire says that he passed on the data after Swiss authorities apparently "failed to act on data he said showed Baer, his former employer, helped clients dodge taxes."

"The ethics of business leadership on both sides of the Atlantic have disappointed me", Elmer is reported to have said in court yesterday, adding that he wanted to "expose illegal activity in the Cayman Islands."

The case has drawn interest from the IT security community, with Ed Macnair, the CEO of activity management specialist Overtis, noting that he and his team have seen a growing shift towards security that focuses on behaviour, so as to avoid situations like the Baer banking data leak case.

Overtis says that news of Elmer's trial follows closely on the US government's information assurance memorandum, which advises agencies to implement insider threat programmes in the wake of the WikiLeaks revelations.

The memorandum, says Macnair, includes the following questions:

  • How does your agency ensure that procedures are in place to prevent classified information in removable media and other media (e.g. back-up tapes,etc.) is not removed from official premises without proper authorization?'
  • What if anything have you implemented to detect behavioural changes in cleared employees who do not have access to automated systems?'

Macnair said that, whether you view him as a whistleblower or a renegade, from an information security perspective, Elmer's case is yet another example of a trusted employee storing customer information to removable media and passing it to a third party.

"There is a growing recognition that employees with privileged access to data may become less trustworthy over time and so security should be user-centric", he said.

"The only way to stay on top of your data governance is to put security in between your users and your data, so that policies are consistently enforced", he added.

This article is featured in:
Compliance and Policy  •  Data Loss

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×