BY CARL BUSSJAEGER via TTAG
Alabama state Representative Proncey Robertson is pushing House Bill 39, the Alabama Uniform Concealed Carry Permit Act. It would create a centralized state database of concealed carry permits under the control of Alabama State Law Enforcement Agency.
Currently, permits are issued by the state’s county sheriffs who maintain their own records. The National Rifle Association is backing this bill as the bill would also provide for lifetime concealed carry permits.
Rep. Robertson claims this is a move to protect personal information.
“If they’re concerned about someone obtaining that information and using it on some overt way, it would be easy to get right now. If I put it (in) one system that’s password access and we’re monitoring every keystroke… that’s a secure system,” Robertson said.
I call that the “eggs in one basket” theory of computer security. As is, with permit information stored in local counties’ systems around the state, a single computer breach will only expose the permit holders in the affected county.
Centralizing all counties’ data in a single system means one hack would expose 750,000 people’s personal information. Ask the Department of Defense how that worked for it or, more recently, Louisiana.
I know…ask the New Zealand Police what happens when a centralized system is hacked.
If this were about security and disparate processes, the proper approach would be to set statewide security standards and a permit issuing process for counties to follow. Funding to help counties implement those standards could then be appropriated.
But this isn’t about that, really.
The goal here is simply to have one centralized list of gun-owning permit holders. All the better for thieves to target them. Or efficiently suspend suspend their permits. Or even — again turning to New Zealand — use the database to confiscate firearms after banning them.