Kevin Allison is a Senior Editor for Signal. Based in Washington DC, he looks at how technology is reshaping global affairs. Kevin is also a Director in the Geo-Technology practice at Eurasia Group. Kevin holds degrees from the University of Missouri and from Harvard's Kennedy School of Government. He was also a Fulbright Scholar in Vienna, Austria and a 2015 Miller Journalism Fellow at the Santa Fe Institute. Prior to GZERO Media and Eurasia Group, Kevin was a journalist at Reuters and the Financial Times. He has lived in eight US states and has been an expat four times.
If you live in Singapore, you may have been feeling a bit creeped out this week. Last Friday, the government revealed that hackers broke into the country’s biggest public hospital network in June. The intruders were after details of Prime Minister Lee Hsien Loong’s drug prescriptions, but in the process, they stole private, non-medical information belonging to 1.5 million residents – about a quarter of Singapore’s population. It was the worst data breach in Singapore’s history, and a big setback for a country that has been investing heavily to transform itself into a “Smart Nation” where people can do everything from report potholes to manage their medical records online.
Beyond the immediate logistical, financial, and bureaucratic challenges, the incident highlights a broader dilemma facing countries around the world: digital technologies have the potential to revolutionize how governments administer public services, but aggregating citizens’ information into enormous databases also creates enormous new vulnerabilities. When governments fail to stop malicious hackers from exploiting those vulnerabilities, it erodes the basic contract between citizens and their leaders.
This issue has surfaced previously in public debates around India’s Aadhaar database. More than a billion people have signed up for the biometric ID program, which allows citizens to receive social benefits or open a bank account using their fingerprint. But some privacy and security experts worry that putting personal information about more than a billion citizens in one place – and making the Aadhaar ID a prerequisite for access to all kinds of public services – could leave the country vulnerable to massive identity theft or a disruptive cyberattack. Singapore’s experience shows that even a wealthy, well-run cybersecurity powerhouse may struggle to make the next digital leap without leaving its population exposed to new forms of digital harm.
In the wake of the hack, Singapore has disconnected the computers at its public healthcare centers from the internet. That may improve security, but it will also make it harder for doctors, nurses, and patients to benefit from the connected “Smart Nation” that Singapore is trying to build.