Tuesday, November 20, 2007

A cataclysmic error

Today we heard Alistair Darling admit that
"Two computer discs holding the personal details of all families in the UK with a child under 16 have gone missing... with name, address, date of birth, National Insurance number and, where relevant, bank details of 25 million people."

For this, HMRC (Her Majesty's Revenue and Customs, the amalgam of the Inland Revenue and Customs and Excise) are to blame, and the chairman, Paul Gray, rightly resigned.

Thereafter, we had the usual covering of portions of anatomy with Darling blaming all and sundry at HMRC and the Financial Secretary to the Treasury, Jane Kennedy , stating on BBC's PM that it had no relevance to ID cards because the computer systems "would be more modern and single purpose unlike the HMRC's" completely ignoring the fact that the fault was entirely people-driven and unrelated to HMRC's computer system [Listen Again, Radio 4, PM Tuesday 20 November, about 28.20 mins in].

The chancellor defended the government's plans to introduce ID cards. He said that "without the protection of the scheme, information was more vulnerable than it should be."
He announced the usual investigation and plans to stop "this ever happening again".

The shadow chancellor told Darling to "get a grip" and described the incident as "catastrophic".

And they all missed the damn point. Again.

If this data is out there, in some criminal's hands, it's the most valuable data set ever lost in this country.

This is exactly the sort of personal data that enables criminals to claim successfully that they've forgotten "their" password. So that's seven and a half million bank accounts at risk. There's a bad start.

What is far worse is the opportunity for 25 million cases of "identity theft". 25,000,000 fraudulent ID cards. 25,000,000 fake passport applications.

This data isn't going to go away and no-one can change it [25 million applications for a change of name by deed-poll, anyone? Anyone know how to change your date of birth?].
This is a one-off irreversible loss of security for 25 million citizens.
If this data is in the hands of criminals, it's going to be on sale on various websites for the next forty years.

This is not a cock-up. It's not even an administrative catastrophe.

What this is is a cataclysmic failure by the state in its highest priority: the job of protecting its citizens.
Let no-one blame just the civil servants who boobed-they shouldn't have been in a position where this could happen. Let no-one blame just the chancellor-he's just one member of the cabinet which is collectively responsible for the largest loss of civil liberties and privacy we've seen outside the second world war.
This farce, this farrago, this most obscene of gross derelictions of duty should be a cause for wholesale sackings in the civil service and the dismissal of the government. It should be the cause of mass demonstrations outside Parliament. Oh sorry! Of course, that's illegal now.

Of course it won't be a cause of anything much. We'll all go along with it. We'll moan and wring our hands and think bitter thoughts for a few hours or days at the most and then we'll forget it.

Why? Because we don't expect any better from our politicians. We expect neither honesty nor competence, merely a bit of a show and the occasional simulation of contrition.


Anonymous said...

An obvious question - Why did the NAO need ALL of this data? Did they really need bank account and address details? The impact of this loss could have been minimized if only the minimum relevant information had been provided to NAO, not simply a complete extract of the 'master data' relating to parents and children.

Clovis Sangrail said...

Indeed, the NAO are partly to blame. Auditors always assume that everyone, up to and including the Almighty, should be answerable to them.