Oops we done it again oh and again......

Discussion in 'The Intelligence Cell' started by ukdaytona, Dec 11, 2007.

Welcome to the Army Rumour Service, ARRSE

The UK's largest and busiest UNofficial military website.

The heart of the site is the forum area, including:

  1. The Driver and Vehicle Licensing Agency in Northern Ireland has lost the personal details of 6,000 people. The data was on two discs and went missing after being sent to the agency's headquarters in Swansea. The DVA said the data was being provided in response to a safety recall by a number of manufacturers. The head of the agency said the information was not encrypted. It included details of 7,685 vehicles and more than 6,000 vehicle keepers.


    And Again.....

    Thousands of staff have had their personal details leaked after a Merseyside health care trust "accidentally" sent them out.
    Trade union Unite is calling for an urgent investigation into why Sefton Primary Care Trust sent staff details out to four medical organisations.

    The blunder includes dates of birth, National Insurance numbers, salary and pension details for all staff. The companies were bidding for services within the trust.

  2. the recent spate of these has me wondering wether it is actually a new phenomenon, or wether these gobment departments have just gotten lazy at covering up after their blunders.
  3. More likely it's just that when they were regularly losing 3.5" floppies, they didn't hold so much data so it wasn't such a biggie - and they were knackered or unformatted half the time anyway. Better data storage = bigger chance to cockup!
  4. And the Government wants to hold even MORE details on each of us? Great! I feel safer already...
  5. What I know about the Data Protection Act can be written on a rabbit's turd, but can anyone explain why the following isn't done?

    - organisations above a certain size should be legally obliged to designate a "data protection officer" who takes ultimate responsibility for corporate enforcement of the act

    - should data go missing, in breach of the act, the designated officer is deemed to have committed a criminal offence (not civil as at present) - say a year inside/unlimited fine on conviction.

    A two line amendment could go through both Houses of Parliament on a wet Thursday afternoon, would cause massive buttock-clenching within corporate Britain (who’ve been playing fast and loose with our data for years because they know they can get away with it) but would lead to a lightening-fast tightening of procedures as the bureaucrats dashed to cover their arses. Particularly after the Permanent Secretary of, say, MoD, was seen on national TV being carted off in handcuffs.
  6. That would involve the government making many itself guilty of a criminal offence - hence a turkeys voting for Christmas scenario.

    As far as I know the Information Commissioner has never taken action against any other government department, no matter how big the breach has been. gov.uk is quite happy policing itself and, usually, finding itself innocent of any wrongdoing.
  7. The Act does demand the appointment of a Data Controller who responsible for the control and use of the data collected and stored. The Data controller can be fined to the statutory maximum, whatever that means, as well as any "....director, manager, secretary or similar officer of the body corporate..." deemed to have breeched the act. Most of the recent offensives seem to have breeched both principles 2 and 7 of the act.

    The bad news is that the Act only allows the Information Commissioner to start legal procedings against a "Body Corporate". However, Sections 13 and 14 do allow compensation and the removal of data in cases of contravention by the Data controller.
  8. for that to work, the responsibility would have to be with the CEO/chairman of the company. only they have the power, so only they can have the responsibility.

  9. The Data Protection Act is the most puffed up piece of toothless legislation in the Country. Very few people or organisations have ever been prosecuted under the Act and when contested the Information Commissioner is obliged to back down as he does not have the resourses to take on large organisation. He has therefore contented himself on frying the odd little fish.

    The reason these breaches are coming to light is that it is trendy to run such articles at the moment. This sort of data loss is going on all the time in business and Government.

    There is very little control and no accountability.
  10. When Mr C0ck-up comes knocking, why do people open the door?
    Why do people not learn from other's mistakes, do they simply not care?
    These recent data leaks only go to show that the proposed ID card system cannot work. Any such system is only as good as the data that goes into it, with so many IDs floating around the criminal world now it will be flawed from the outset.
  11. I believe one day they will implant RFID chips into newborn babies.

    Big Brother is watching.
  12. Interesting. Thanks for the replies. It reminds me of the Health & Safety Exec, or the body responsible for enforcing the min wage, or those charged with prosecuting firms employing illegal immigrants: weak legislation + inadequate enforcement resources.

    To be honest, a bit of me's pleased each time one of these stories break: a further stake is driven into the heart of ID Cards.
  13. RAmen to that!

    no data is secure. when the ID card database is 'lost' there will be no way to recover from it, as the criminals will know EVERYTHING about you.

    The demonstrations when people realise what info the ID card scheme wants will make the poll tax demonstrations pale into insignificance.

  14. Europe claims UK botched one third of Data Protection Directive:


    They're in the process of taking the whole bloody country to court :)