Another scandal in the home affairs department is coming to an end

Imants Vīksne schedule23.jūl 2021

In the context of the most recent scandal at the Information Center of the Ministry of the Interior and the disciplinary case against the head of the institution for dubious IT orders, it is worth recalling another unresolved problem related to this mysterious institution. The interior department still uses an IT solution developed in Russia, which hypothetically carries a high degree of vulnerability.

It should be immediately explained that the Ministry has been aware for a couple of years that the IT tool for document management developed in a country hostile to Latvia is considered a potential threat and should be abandoned. In early 2020, when this information came to light through Neatkarīgā, a major scandal broke out. The Ministry of Defense and the Internet security authority CERT issued public admonitions to the Ministry, however, the ДоксВижн software was not immediately disabled, and it turns out that this still has not been done in full. The abandonment of this IT solution, which is dangerous for the security of the country, is taking place gradually, and, as the Ministry of the Interior informs, the process is nearing completion. In April of this year, it was announced that the Interior sector is implementing a modern and Latvian-developed document management system Namejs, while ДоксВижн is still being used in parallel during the transition period until the 2nd quarter of 2022, but after that, it will be fully used solely as an archive of documents which won't be accessible from the outside world. Why this is important, Neatkarīgā has already explained in the publication “Ministry of the Interior violates digital security recommendations”.

A threat to sensitive documents

The program ДоксВижн is a technological solution for the organization of record-keeping and business processes - document circulation, archiving and communication. There are other record-keeping solutions, but the Ministry of the Interior has been using exactly this one since 2006 - created in the company ДоксВижн in the Russian Federation. The specific program is designed for the Russian government and runs the risk of granting someone external access. Simply put - to spy. And in that case, information important to the Latvian state may be available to a foreign, unfriendly state.

In Latvia, the Department of the Interior is the only one that uses the ДоксВижн program.

According to the procurement database, the latest updates in 2019 - for the next three-year period - were ordered precisely by the Information Center of the Ministry of the Interior. An institution that can be imaginatively compared to a modern KGB document storage, because it contains, among other things, information about the convictions, cooperation, sensitive news of all Latvians and, of course, also public figures.

Implementation of Namejs in the process

ДоксВижн was not updated and the system manufacturers were denied the necessary access to service the software. At least that's how it seems on the Latvian side. While the transition to the Latvian-made record-keeping software Namejs continues, the Ministry of the Interior continues to violate the recommendations jointly developed by the Constitutional Protection Bureau and the Defence Intelligence and Security Service regarding the procurement and use of information technologies:

"When assessing procurements of information technology products and services relevant to the functioning of the infrastructure, do not give preference to products and services whose countries of origin or host country have offensive cyber programs against NATO, the European Union and their member states (e.g., Russia, China, North Korea, Iran)." Russia's IT solution is unacceptable for Latvia's security, and it took several years for the Ministry of the Interior and its Information Center to admit it.

Will the first head roll?

The new scandal in the Information Center has nothing to do with the problems of ДоксВижн. This was confirmed to Neatkarīgā by Linda Curika, Adviser to the Minister of the Interior. A disciplinary case against the Head of the Information Center Līga Lapiņa was initiated for significant violations in two procurement procedures: “Purchase and installation of video cameras for four years” and “Development of safe technological tools and solutions for four years”. In the procurement, a negotiation procedure was chosen instead of an open tender, and the winning company KB Open is related to Signe Bole, the former parliamentary secretary of the ministry. In a recent interview with Neatkarīgā Interior Minister Marija Golubeva said that she did not come to the post with the aim of replacing the heads of institutions.