Well-Being Australia Chairman, Mark Tronson, is constantly surprised at how badly society treats such helpful people or the 'whistleblower'. (www.smh.com.au)
It was reported that private security consultant, Patrick Webster, found a flaw in the IT systems of a major superannuation company, resulting in the personal details of its 770,000 members being publicly exposed - including those of NSW Police officers, politicians and magistrates. By reporting this glitch, he thought he was doing a good deed.
However, to his astonishment, Patrick Webster received a knock on the door from a police officer and a legal letter from the superannuation firm threatening legal action. The company also disabled his own superannuation account, asked to check his computers and said he may be liable for any costs in fixing the breach.
"Can you believe it?" asks Mark Tronson.
Patrick Webster noticed that the URL contained the unique ID number for each account and so by tweaking the number in the URL, he was able to easily access other people's statements. To demonstrate the flaw to the company's IT staff, he wrote a script that cycled through each ID number and pulled down the relevant report to his computer. He confirmed that the vulnerability affected the firm's full customer database.
Mark Tronson was totally relieved when he read the rest of the article, where the NSW Police spokesman was reported to have said they were taking no further action, and they stated:
"There was no criminal offence committed and the company in question has been informed of the outcome. It was more a case of a civic-minded person reporting a potential security breach."
From his experience in ministry for 34 years, Mark Tronson has a fair idea what Patrick Webster has gone through. He says it is another clear example of 'whistleblowers' (or someone trying to help), who have been seeking to improve the society in which they live, have instead had their liberty, business, income, family, reputation, freedom and self-confidence, put at stake because they tried to do the right thing.
No ordinary Australian citizen can fight against a multi-million dollar company when its team of Silks (top barristers) come after you. For example, this superannuation fund has over 770,000 members and over $30 billion in funds under management. This is a company with deep pockets.
So, although Mark Tronson agrees that you should point out any untoward practices, including IT security issues, that you see; he warns that you need to be wary of confronting large organisations without thinking very carefully and maybe seeking legal advice of your own.
In the future, he says he would like to see something like a Statutory Authority where such people of good-will can report any problems they find in security matters concerning large organisations or Government departments – whether they are in the overarching realm of electronics or are found in some paper-based or telephone system.
There would still be room for such people to be financially rewarded for their searches and findings, but it would take the heat out of a situation as Patrick Webster found himself. In the meantime, although we do not have such a system, Mark Tronson advocates contacting the Ombudsman of your state if you find any such problems, before 'going it alone'.
The other side of the 'whistleblower' situation (or someone trying to help) is the obligations of the company or personnel to securely and accurately manage other peoples' accounts, even in small organisations such as a Church. Mark Tronson knows of Church congregation members who have moved to another Church when they have found inadequate or unsecure accounting procedures, perhaps where their tithes and offerings have not appeared to be handled in a transparent, fair and secure way.
If you are involved in this aspect of trust, Mark Tronson counsels, there is an obligation not only to conform with the 'letter' of the accounting and security laws, but also with the 'spiritual care' that the parishioners expect from respected Christians. He says there are now several Christian based organisations that assist in these endeavours.
Dr Mark Tronson is a Baptist minister (retired) who served as the Australian cricket team chaplain for 17 years (2000 ret) and established Life After Cricket in 2001. He was recognised by the Olympic Ministry Medal in 2009 presented by Carl Lewis Olympian of the Century. He has written 24 books, and enjoys writing. He is married to Delma, with four adult children and grand-children.
Mark Tronson's archive of articles can be viewed at www.pressserviceinternational.org/mark-tronson.html
