Forgot your password?
typodupeerror
Privacy Data Storage Databases Government Programming Software IT News

UK Gov't Lost Personal Data On 4M People In One Year 163

Posted by timothy
from the of-which-they-are-aware dept.
An anonymous reader writes "The U.K. government has lost the personal information of up to four million citizens in one year alone. The astonishing figures, calculated by the BBC, added up as Whitehall departments slowly released their annual reports for the year to April. And the trend has not stopped — in the latest revelation, HM Revenue Customs, which infamously lost the details of 25 million child benefits claimants last November on two unencrypted discs, experienced 1,993 data breaches between 1 October last year and 24 June." (More below.)
"Earlier this week, the Ministry of Justice admitted it had lost 45,000 people's details throughout the year, on laptops, external security devices and paper, and that 30,000 of them had not been notified. Before that, the Home Office announced it had lost the data of 3,000 seasonal agricultural workers on two unencrypted CDs. In May, the Department for Transport lost the data of three million learner drivers. Other data losses occurred at the Foreign Office, which lost 190 people's data in five incidents. In January, the Ministry of Defence said it had lost a laptop containing the details of 620,000 recruits and potential recruits, and some information on 450,000 referees for job applicants. The Liberal Democrats have called for 'data guardians' to be appointed to monitor the government's handling of information."
This discussion has been archived. No new comments can be posted.

UK Gov't Lost Personal Data On 4M People In One Year

Comments Filter:
  • by TechMouse (1096513) on Friday August 22, 2008 @05:04AM (#24702387)

    The UK civil service is a joke - and I say this having had many friends and family work in all branches from local government, through the NHS right up the houses of parliament.

    Once you're a permanent employee it's near impossible to get fired for incompetence, but if you're actually good at your job they will let you quit and train up someone else rather than give you a pay rise or promotion. You can imagine the environment of operational excellence this fosters.

    The biggest problem is that they aren't subject to the normal pressures of industry. I've been mucked about an insane amount by various different local authorities with respect to council tax. If I get mucked about by a private company I can just vote with my feet and take my business elsewhere. If I stop paying my council tax there are legal consequences.

    You can vote for your councillors, but you can't vote for their staff and they're the people who do the vast majority of the work.

  • by kaos07 (1113443) on Friday August 22, 2008 @05:07AM (#24702401)

    Good work Slashdot.

    I submitted this story hours ago and not even a mention of the recent case in this non-article.

    http://yro.slashdot.org/firehose.pl?op=view&id=837685 [slashdot.org]

  • by thermian (1267986) on Friday August 22, 2008 @05:07AM (#24702405)

    The UK has all but handed over the handling of citizens data to lowest bidder IT companies.

    I've experienced this first hand. I worked in a hospital where total access to everything on the hospitals network was available without even typing in a password if you used certain machines which were 'configured for ease of use'. You'd think those machines weren't reachable by member of the public, or externally, but you'd be wrong.

    They aren't unique either.

  • Re:Encryption (Score:3, Informative)

    by xaxa (988988) on Friday August 22, 2008 @05:37AM (#24702559)

    If what I half-heard on the radio last night was correct then the data *was* encrypted -- the government encrypted it when it gave it to the contractor. Then the contractor unencrypted it, dumped it onto a USB stick and lost that.

    Time to press charges against the contractor (under the Data Protection Act, presumably).

  • Re:4000000? (Score:1, Informative)

    by Anonymous Coward on Friday August 22, 2008 @05:58AM (#24702669)
    1) Data Protection Act 1998 2) Data Protection Act 1998 3) Data Protection Act 1998 5) Data Protection Act 1998 4 and 6 sound like good ideas that need to be implemented though.
  • by petes_PoV (912422) on Friday August 22, 2008 @06:25AM (#24702809)
    They govt. also lost 25 million Child benefit records. Though it's possible/likely that there were some duplicates in all this - given that the UK population is "only" 61 million, that's still nearly half the people who live in the UK have had some personal data lost by the government
  • by Anonymous Coward on Friday August 22, 2008 @06:25AM (#24702811)

    I would have moderated this, but there wasn't a "Whiny little bitch" option.

  • Data Protection (Score:3, Informative)

    by PinkyDead (862370) on Friday August 22, 2008 @07:41AM (#24703197) Journal

    It's all well and good to poke fun at the British Government for their consistent negligence. But the only reason this is being reported is because of the data protection laws in the UK - which basically means that if you lose someone's data, there is someone going to come down hard on you and that they have the legal capacity to do it.

    Data protection, however, is not ubiquitous - so before railing hard on these guys, ask yourself if you're protected and is there someone looking after your interests? If not, then you're data could be being lost on a daily basis without you ever having any knowledge of it - and with no recourse even if you did.

  • Only 4 million? (Score:3, Informative)

    by Anonymous Brave Guy (457657) on Friday August 22, 2008 @08:45AM (#24703771)

    I'm still trying to figure this 4 million figure out. The child benefit leak alone lost personal details relating to 25 million people, and that was in October 2007 so still comfortably within a year of today. There have since been numerous other leaks, with anywhere from a few hundred to many thousand people involved. Much of the information has been highly sensitive: not just names and addresses, but classified national security information, information about criminal records, information about people applying for sensitive jobs and who has been asked to vouch for them, etc.

    This whole affair is somewhat ironic for me. I have long argued against the database state and national ID cards on the basis that not only do such measures present obvious civil liberties concerns and potential for abuse, but more seriously they will be operated primarily by bored, low-paid civil servants who type thousands of names, address and so on every day into software developed by a government and contractors with a near 100% record of project failure, making accidental mistakes (which will inevitably require vastly disproportionate effort by the victim to fix) a much bigger danger to the average citizen than malicious attacks. I am reassured that the media and thus the public are finally starting to realise this. Better late than never!

    Incidentally, as a point of general interest, there are now more than 61 million people living in the UK. According to statistics released yesterday by the ONS, the count is rising by about 1 million every three years, due partly to long-term migration, and partly to an increase in child birth (much of which is due to earlier migrants starting to have children).

Prediction is very difficult, especially of the future. - Niels Bohr

Working...