UK government loses personal data on 25 million citizens

By EDRi · November 21, 2007

(Dieser Artikel ist auch in deutscher Sprache verfügbar)

British Prime Minister Gordon Brown had had to apologise to Parliament after
two computer discs containing the personal data of 25 million citizens were
lost in the post.

The disks contained the database on child benefit – a welfare payment made
to the families of all children in Britain. The data include children’s and
parents’ names, addresses and dates of birth, together with parents’
national insurance numbers and bank account details. The disks were not
encrypted but merely “password protected”. Britain’s most senior tax
official, the head of HM Revenue and Customs, has resigned.

The story has spread to a number of other systems that the government is
building to make ever more information on citizens available to ever more
public-sector workers. For example, there’s a plan to link up children’s
databases so that a child’s medical records, school records, police records
and social-work records can be available to workers who contact the child or
its parents; this was condemned as both unsafe and illegal by a November
2006 report by EDRI-member Foundation for Information Policy Research (FIPR)
for the Information Commissioner. There’s also a plan to build several
national medical record databases that will contain the records of tens of
millions of patients; a parliamentary health committee report urged that
patients be given the right to opt out.

The government brushed aside such complaints and kept on with its “database
state” programme. However, the current scandal has put privacy and data
protection at the centre of the political agenda.

Government security failure (20.11.2007)

Government security failure

Brown apologises for data blunder (21.11.2007),,2214566,00.html

Government under pressure over taxman’s giant blunder (21.11.2007)

Second-class and lost in the post (21.11.2007)

(contribution from Ross Anderson – EDRI-member FIPR – UK)