Database System Can Be Defined

Database System can be defined as a collection of programs that can enable someone to store, modify, and extract information from a database. There are various types of Database Systems. These range from small systems that run on personal computers to big systems that run on mainframes.

How was the information gathered? How secured are they? Who are in control of these information? How can we be sure that it is going to be used according to the purposes it was supposed to? Several endless discussions can be made regarding its purpose, use, effectiveness in several fields, but one thing is certain that common people are the subjects of these systems and the biggest database system is handled by the most powerful agency that is the government.

This paper discusses how the regulating of these data should be focused on two main issues.

Maintaining the accuracy and legitimacy of how the information was gathered

Ensuring that only the right persons gain access to this information.

I. Validity of Data Gathered

Garbage In Garbage Out." Although database systems are designed to maintain accuracy and have numerous error trapping features to avoid human error, still these databases are created, used and maintained by humans. How can we be assured that person who inputted the information is competent enough or reliable enough? Or even if the system itself is secured how can we be sure that the information was gathered with accuracy and with the consent of the person involved?

Under the Data Protection Act 1998, a person has the right to see his/her personal information that is stored by businesses and organizations. This is referred to as the right of 'subject access'. It also regulates the way in which these organizations may use the personal information that each person supplies to them. In addition to this, affected invididuals can require these organizations to prevent their information from being used in direct marketing.

With the development of computers and digitization, it became feasible to reproduce personal information without any technical limitations. Modern technologies can allow governments and corporations to collect personal information cheaply, rapidly and massively and eventually be used for surveillance. This becomes a process that involves observation of a person's daily activities even without his consent. Monitoring his moves and taking account the way the person behaves. A subject who's aware of the fact that he/she is monitored may restrain him or herself from thoughts and actions that can possibly lead to his/her incrimination and violation of rights.

In addition to this, it is also highly possible that a person may be denied credit or job because of another person with the same name or through a mistake in identification (possibly with someone with a criminal record). These kinds of errors undermine the credibility and reliability of database systems. The increasing number of cases where the database established through surveillance is used to categorize citizens as being potential terrorists or pickpockets' results in a violation of human rights

The Data Protection Act of 1998 and the United Nations guidelines on computerized data files gives each person the right to decide how his/her personal information is being used by government and institutions. These laws also emphasize that obtaining such personal information and how it will be used should be made with the individual's knowledge and consent. Moreover, individuals also have the additional rights of viewing, correcting, and deleting the information pertaining to them. But do we really have access to all information that is being taken from us? We can never tell and we might end waking up one day being accused by actions we haven't taken or worst waking up with a different identity.

II. Security of the Data Gathered

Database Systems are designed and programmed by no less than humans. Securing these databases involves the protection against unauthorized disclosures, alteration and destruction. Security that focuses on stopping people without database access from having any form of access at all and stopping people with access to perform any data manipulation that are not part of their duties or not included in the main reasons of acquiring the data.

The Data Protection Act places restrictions on databases that contain personal and sensitive information. Although a database may be legal, it doesn't necessarily mean that the data will be used ethically. For example, the existence of hospital records is legal in itself. However, inadequate security may lead insurance companies to use this information to reject life insurance applications.

We need to consider several factors of security:

On the actual premises where the data is stored, on who can access the building or the room where the database runs and is accessed.

Levels of security of the actual persons who have access on the database

Security on persons who are knowledgeable of the actual platform the database is running from or the programming language it was based upon.