Opinions of Monday, 7 February 2011

Columnist: Yeboah, L. Kojo

Attention! Ghana Embassies Worldwide

: You are entering dangerous Territory!!!

We, Ghanaians excel at two things: following fads and copying blindly. Whenever something gets the distinction of being labeled by whomever as “the latest” whatever “in town; ” we quickly put blinders on, play follow the leader and immerse ourselves in that ‘latest craze’ until the novelty passes. Our propensity to jump on the ‘copy blindly’ bandwagon is not limited to just the general populace, it extends to our public offices including our government.

The latest passengers to board the ‘copy, copy train’ are our Embassies and missions around the globe. Taking a cue from their American and British counterparts, our embassies in those two nations have begun processing data Online. The Ghana Embassy in the US has an Online “Registration of Ghanaian Citizens Abroad” form, while the London High Commission has posted a nine (9) step Passport Application Form on its Website. In this age of cloud computing where bank accounts are accessible from the Internet through mobile phones; our Embassies efforts at Internet Data processing would be commendable if done right.

Unfortunately, these have not been done right. The forms are not secure and therefore unsafe. Ghanaians in Great Britain and the United States of America are hereby cautioned: DO NOT PATRONIZE THESE FORMS YET. THEY ARE DANGEROUS! You risk exposing your most private personal identification information to worldwide crooks. Your identity can easily be stolen if you go online and fill these forms.

Although both Embassies’ forms are unsecure and unsafe, quality-wise, the difference between the two forms is as wide as the distance between day and night. The London High Commission did a yeoman’s job with its form. That form is well thought out and well designed. However, it looks uncannily like a photo copy of the United States DV 2011 Online Lottery Form. It has the same color; feel and the font size is very close. Anybody who completed the US DV Lottery form last year will be familiar with the High Commission’s form. Luckily, the United States cannot sue Ghana for copyright infringement.

The Ghana Mission in the USA’s “Registration of Ghanaian Citizens Abroad form” is dumb, plain and simple. The form is mediocre and embarrassing. It lacks interactivity and the ability to self check imputed data. It is ironic that our Embassy in USA, (the country that invented the Internet, the nation with the most computer savvy citizenry in the world) has jumped clueless with eyes closed into the high waters of the hacker infested World Wide Web.

What is interactivity and the ability to self check imputed data? The reader can think of the Internet form as an electronic version of the paper forms or questionnaires that we fill on routine basis in various offices. After filling a paper form, we usually hand it over to a person in the office to verify that it has been completed correctly. That instant verification or feedback is also essential when we complete an online form. A good electronic form has boxes with defined parameters. It does not (for example) allow the user to put numbers in the box that asks for a name (letters) or vice versa. It also does not allow boxes to be left blank. The dumb Embassy form allows any input anywhere including blank boxes.

What makes the Ghana High Commission in Britain’s thoughtfully designed form unsafe? It has no built in security requirement for Web Browsers to encrypt information. Dear reader, imagine being handed a top secret letter to transport in person from one corner of Ghana to another. You do not know the route to the destination but the letter contains your directions. You have been instructed to stop at various towns and have station masters (bookmen) read directions from the letter and point you to the next leg of the trip. How can the message of such a letter be kept secret? The main message should be written in a secret code known to only the sender and receiver. The directions can be written in English so people along the way can read and direct you. The Secret Code in Computer Language is called ENCRYPTION.

The Internet is a Worldwide maze of inter connected computers, servers and devices like routers and switches. When you send information to any Website on the Internet, that message leaves your computer and is directed by the various devices from server to server until it reaches the computer that hosts your target Website. Servers along the way can read and even store the message. If the message you are sending contains sensitive information, then a strong encryption is needed to keep it private.

Websites and Internet Forms that collect such sensitive information like Birth Certificate; Passport; Credit Card and Bank Account numbers always have built in security that requires Web Browsers to encrypt the information before transmission. When you log into a secure site, or complete a secure form online, your Browser usually displays a LOCKED PADLOCK symbol somewhere in the address window or at the bottom of the page. The Website’s address also changes from HTTP to HTTPS. The “S” denotes “SECURE.” Neither the Ghana Embassy in Britain or USA appears to have this security built in their Internet form. It is unfortunate that after all the fanfare, the High Commission in Britain has not seen it fit to secure the enormous personal identification information it is correcting from Ghanaians.

As mentioned above, our embassies in US and Britain are copying the latest “online thing” that their British and American counterparts are doing. What they fail to realize is that those countries do not allow their embassies around the world to individually collect and process sensitive information on privately hosted Websites. The British and the US governments owe and operate dedicated secure servers that process worldwide Visa Applications to their respective countries.

This system is known as common portal. The British common portal is maintained by the Home Office while the US system is maintained by the US Secretary of State. Visa Application or Citizens Registration Forms are hosted on those computers. The Embassies around the globe only display links to the forms. Thus when a Ghanaian Visa Applicant clicks on the link to apply for a US Visa from Accra, Ghana he/she is immediately directed to a fire walled US government server with very strong transmission encryption.
The Ghana government does not operate any common portal and our embassies are out the like Rambo, individually doing their own thing in the name of Ghana. Do these folks know what they are doing? No! Here is an example. The Ghana consulate in New York has a website www.ghanaconsulatenewyork.org but the contact email address listed is ghanaconsulate@aol.com. Why an AOL email account when the average computer savvy person knows that host servers allow domains as many as 255 free email accounts. Fellow Ghanaians, these folks are clueless and should be checked.

The High Commission in London says it will start processing all VISA APPLICATIONS to Ghana on their unsecure privately hosted Website in two weeks. This is reckless! The government of Ghana should nib this in the bud and stop the implementation. If that plan goes mandatory online as announced the Ghana government risk being sued. Basically the High commission will be telling people who want to travel to Ghana this: We want you to expose all your personal identification information to any computer crook (hacker) in the world or else you cannot get a visa to Ghana.

GHANAIANS IN BRITAIN CAN BYPASS THE BRITISH HIGH COMMISSION AND GET THEIR PASSPORT STRAIGHT FROM GHANA. IT MAY NOT BE THE RIGHT THING TO DO, BUT IT IS THE ONLY WISE CHOICE IF THEY WANT TO KEEP THEIR PERSONAL IDENTIFICATION INFORMATION PRIVATE AND SECURE. VISA APPLICANTS IN BRITAIN WON’T HAVE THAT LUXURY. THEY WILL BE EXPOSED! THE EMBASSY SHOULD AT LEAST ALLOW APPLICANTS WHO CHERISH AND VALUE THEIR PRIVACY TO DOWNLOAD AND SEND IN THE COMPLETED FORMS BY MAIL. IT DOES NOT MATTER IF THOSE FORMS WILL BE PROCESSED AT A SLOWER PACE.

FELLOW GHANAIANS, OUR EMBASSIES HAVE INNOCENTLY OR FOOLHARDILY ENTERED THE WORLD’S MOST DANGEROUS PLAY GROUND WITH INTERNET DATA COMPUTING. IN TYPICAL GHANAIAN FASHION, THEY ARE COPYING WITHOUT FULLY COMPREHENDING WHAT IS AT STAKE. THIS ILL RESPONSIBLE AND ILL REPREHENSIBLE ACTION THAT TREATS PRECIOUS PERSONAL IDENTIFICATION INFORMATION AS IF IT WAS A CARELESS TRIFLE MUST BE STOPPED! EMAIL THIS ARTICLE TO YOUR MP’S AND MEMBERS OF THE PRESS. OUR EMBASSIES ARE IN DANGEROUS TERRITORY!!
WRITTEN AND SUBMITTED BY L. KOJO YEBOAH, RALEIGH NC, USA