Can the government be trusted with your personal data?
“Woefully inadequate”, “a muddle-through ethos”, “a lack of awareness” – just some of the phrases used in scathing reports to describe data protection practices at the HM Revenue and Customs (HMRC).
The inquiries followed Britain’s biggest data loss scandal, when two discs containing child benefit records, including names, addresses and bank details, of some 25 million people, went missing after being put in the post by a junior employee.
The reports concluded that it wasn’t individuals who were to blame – some 30 were officials played some role in events leading to the loss of the discs – but institutional and systematic failures at Britain’s tax authority.
But the HMRC is not alone in such security breaches. A separate report into a stolen laptop containing the details of 600,000 potential recruits revealed similar failings at the Ministry of Defence. In all, four MoD computers had been stolen since 2004 and the report said the MoD was probably in breach of several principles set out in the Data Protection Act.
It concluded that a “serious security event of this nature was inevitable”. It added: “Generally, there is little awareness of the current, real, threat to information, and hence to the Department’s ability to deliver and support operational capability. Consequently, there can be little assurance that information is being effectively protected.”
The reports come days after a computer containing restricted information was stolen from the office of cabinet minister Hazel Blears and the government admitted that senior intelligence official had left a folder with top secret documents on a commuter train.
Unsurprisingly, the Conservatives have seized on the revelations as evidence of incompetence that showed the government could not be trusted with the public’s personal data. Shadow Chancellor George Osborne said there had been 12 “major” security breaches since the HMRC scandal.
“With a record like that, how on earth can they even consider proceeding with plans for a compulsory ID card for every citizen of the country,” Osborne told parliament.
Chancellor Alistair Darling and other ministers insist that lessons had been learned. But two further reports on data security for the Cabinet Office said the government had to adapt to a rapidly changing environment where masses of electronic data had to be stored and shared, and more still needed to be done.
“Looking forward, the challenges in this area are going to get harder rather than easier,” one said.
The government say better use of information means better services. But critics say
security breaches are not a price worth paying.
In light of the recent scandals, do you trust the government with your personal details?