Yesterday it was announced that HM Revenue and Customs has lost two discs containing the names, addresses, bank details, dates of birth, and national insurance numbers of every family with a child under 16 years old.
That would include us then.
Apparently the discs containing the details of over 25 million people who receive child benefit were posted on the 18th of October to the National Audit Office and never arrived at the other end. They were sent via normal internal mail, without any form or recorded delivery or tracking placed on them.
Of course various people have resigned over the affair, and no doubt the responsible junior admin officer has been told to pack up their belongings and never darken the doors again. To be honest I feel sorry for them, I can quite easily imagine myself doing something equally incompetent. And anyway, if it’s anything like the internal mail at the NHS I imagine the discs will eventually turn up sometime in August of next year.
I’m not particularly upset over the issue. Even if some identity thieves do manage to get hold of the discs and empty our bank account any losses will be reimbursed. But it does highlight a very important point. As Liberal Democrat Vince Cable said:
After this disaster how can the public possibly have confidence in the vast centralised databases needed for the compulsory ID card scheme?
The answer is pretty simple. We can’t.
BBC News - UK’s families put on fraud alert
on Nov 21st, 2007 at 1:19 pm
We can’t and we never could, anyone who works with personal data knew that already. Just this morning I gave a CD with hundreds of patient details on it to a colleague in another department for sending off-site. I have no idea if it will be sent securely, and I know in hundreds of other organisations the same kinds of things are going on. A National ID scheme WOULD eventually get compromised.
Like someone else said this morning, we can change our bank accounts to protect ourselves from potential fraud when our details are compromised (even though our bank accounts won’t be the problem, it will be the bank accounts set up in our names by the fraudsters) , but we can’t change our NI numbers. What about when it’s something even more fundamental like a compulsory ID?
If we get anything positive out of this it will the proper wake-up call to the dangers of a compulsory ID schemes.
on Nov 21st, 2007 at 1:19 pm
My god I sound all grown-up. :-S
on Nov 21st, 2007 at 5:13 pm
Am still in shock about this…
Is horrendous but… well… to be honest… not really surprising.
It was only a matter of time.
I sound all bitter…
Vive la revolution!
on Nov 21st, 2007 at 6:32 pm
There is also a (poorly thought out) movement to bring national ID to the states.
I’m no conspiracy theorist, but have they never heard of Big Brother??
If we get National ID and y’all don’t, I’m moving over there. Make room!
on Nov 21st, 2007 at 6:36 pm
Its ok, I’m registered under a false name anyway.
Several times.
on Nov 21st, 2007 at 6:36 pm
Damn, I’ve just posted using my real name.
on Nov 21st, 2007 at 10:09 pm
Hmmm, that happens over here like every year. At least your people didn’t lose a disc containing nuclear technology secrets like someone did here last year. Here as in the US that is, not my house.
on Nov 23rd, 2007 at 9:14 pm
Data protection laws aren’t exactly geared to managing, well, data. We’ve just been told that the ten years of data stashed in a locked storage room which is itself behind a electronically carded door is in contravention because each box isn’t in a separate, lockable compartment. Though no-one is able to tell what size the compartments should be.
on Nov 28th, 2007 at 2:44 am
Something similar happened with tax data or something in Connecticut. It didn’t bother me much either. Information about us is all over the place anyway.
on Dec 1st, 2007 at 1:36 am
[...] enjoys a good old rant as much as the rest of [...]