Oops we done it again oh and again......

#1
The Driver and Vehicle Licensing Agency in Northern Ireland has lost the personal details of 6,000 people. The data was on two discs and went missing after being sent to the agency's headquarters in Swansea. The DVA said the data was being provided in response to a safety recall by a number of manufacturers. The head of the agency said the information was not encrypted. It included details of 7,685 vehicles and more than 6,000 vehicle keepers.

http://news.bbc.co.uk/1/hi/northern_ireland/7138408.stm

And Again.....

Thousands of staff have had their personal details leaked after a Merseyside health care trust "accidentally" sent them out.
Trade union Unite is calling for an urgent investigation into why Sefton Primary Care Trust sent staff details out to four medical organisations.

The blunder includes dates of birth, National Insurance numbers, salary and pension details for all staff. The companies were bidding for services within the trust.

http://news.bbc.co.uk/1/hi/england/merseyside/7138426.stm
 
#2
the recent spate of these has me wondering wether it is actually a new phenomenon, or wether these gobment departments have just gotten lazy at covering up after their blunders.
 
#3
More likely it's just that when they were regularly losing 3.5" floppies, they didn't hold so much data so it wasn't such a biggie - and they were knackered or unformatted half the time anyway. Better data storage = bigger chance to cockup!
 
#5
What I know about the Data Protection Act can be written on a rabbit's turd, but can anyone explain why the following isn't done?

- organisations above a certain size should be legally obliged to designate a "data protection officer" who takes ultimate responsibility for corporate enforcement of the act

- should data go missing, in breach of the act, the designated officer is deemed to have committed a criminal offence (not civil as at present) - say a year inside/unlimited fine on conviction.

A two line amendment could go through both Houses of Parliament on a wet Thursday afternoon, would cause massive buttock-clenching within corporate Britain (who’ve been playing fast and loose with our data for years because they know they can get away with it) but would lead to a lightening-fast tightening of procedures as the bureaucrats dashed to cover their arses. Particularly after the Permanent Secretary of, say, MoD, was seen on national TV being carted off in handcuffs.
 
#6
annakey said:
What I know about the Data Protection Act can be written on a rabbit's turd, but can anyone explain why the following isn't done?
That would involve the government making many itself guilty of a criminal offence - hence a turkeys voting for Christmas scenario.

As far as I know the Information Commissioner has never taken action against any other government department, no matter how big the breach has been. gov.uk is quite happy policing itself and, usually, finding itself innocent of any wrongdoing.
 
#8
annakey said:
What I know about the Data Protection Act can be written on a rabbit's turd, but can anyone explain why the following isn't done?

- organisations above a certain size should be legally obliged to designate a "data protection officer" who takes ultimate responsibility for corporate enforcement of the act

- should data go missing, in breach of the act, the designated officer is deemed to have committed a criminal offence (not civil as at present) - say a year inside/unlimited fine on conviction.

A two line amendment could go through both Houses of Parliament on a wet Thursday afternoon, would cause massive buttock-clenching within corporate Britain (who’ve been playing fast and loose with our data for years because they know they can get away with it) but would lead to a lightening-fast tightening of procedures as the bureaucrats dashed to cover their arses. Particularly after the Permanent Secretary of, say, MoD, was seen on national TV being carted off in handcuffs.
The Act does demand the appointment of a Data Controller who responsible for the control and use of the data collected and stored. The Data controller can be fined to the statutory maximum, whatever that means, as well as any "....director, manager, secretary or similar officer of the body corporate..." deemed to have breeched the act. Most of the recent offensives seem to have breeched both principles 2 and 7 of the act.

The bad news is that the Act only allows the Information Commissioner to start legal procedings against a "Body Corporate". However, Sections 13 and 14 do allow compensation and the removal of data in cases of contravention by the Data controller.
y
 
#9
annakey said:
What I know about the Data Protection Act can be written on a rabbit's turd, but can anyone explain why the following isn't done?

- organisations above a certain size should be legally obliged to designate a "data protection officer" who takes ultimate responsibility for corporate enforcement of the act

- should data go missing, in breach of the act, the designated officer is deemed to have committed a criminal offence (not civil as at present) - say a year inside/unlimited fine on conviction.

A two line amendment could go through both Houses of Parliament on a wet Thursday afternoon, would cause massive buttock-clenching within corporate Britain (who’ve been playing fast and loose with our data for years because they know they can get away with it) but would lead to a lightening-fast tightening of procedures as the bureaucrats dashed to cover their arses. Particularly after the Permanent Secretary of, say, MoD, was seen on national TV being carted off in handcuffs.
for that to work, the responsibility would have to be with the CEO/chairman of the company. only they have the power, so only they can have the responsibility.

Ski.
 
#10
Kitmarlowe said:
annakey said:
What I know about the Data Protection Act can be written on a rabbit's turd, but can anyone explain why the following isn't done?

- organisations above a certain size should be legally obliged to designate a "data protection officer" who takes ultimate responsibility for corporate enforcement of the act

- should data go missing, in breach of the act, the designated officer is deemed to have committed a criminal offence (not civil as at present) - say a year inside/unlimited fine on conviction.

A two line amendment could go through both Houses of Parliament on a wet Thursday afternoon, would cause massive buttock-clenching within corporate Britain (who’ve been playing fast and loose with our data for years because they know they can get away with it) but would lead to a lightening-fast tightening of procedures as the bureaucrats dashed to cover their arses. Particularly after the Permanent Secretary of, say, MoD, was seen on national TV being carted off in handcuffs.
The Act does demand the appointment of a Data Controller who responsible for the control and use of the data collected and stored. The Data controller can be fined to the statutory maximum, whatever that means, as well as any "....director, manager, secretary or similar officer of the body corporate..." deemed to have breeched the act. Most of the recent offensives seem to have breeched both principles 2 and 7 of the act.

The bad news is that the Act only allows the Information Commissioner to start legal procedings against a "Body Corporate". However, Sections 13 and 14 do allow compensation and the removal of data in cases of contravention by the Data controller.
y
The Data Protection Act is the most puffed up piece of toothless legislation in the Country. Very few people or organisations have ever been prosecuted under the Act and when contested the Information Commissioner is obliged to back down as he does not have the resourses to take on large organisation. He has therefore contented himself on frying the odd little fish.

The reason these breaches are coming to light is that it is trendy to run such articles at the moment. This sort of data loss is going on all the time in business and Government.

There is very little control and no accountability.
 
#11
When Mr C0ck-up comes knocking, why do people open the door?
Why do people not learn from other's mistakes, do they simply not care?
These recent data leaks only go to show that the proposed ID card system cannot work. Any such system is only as good as the data that goes into it, with so many IDs floating around the criminal world now it will be flawed from the outset.
 
#13
Interesting. Thanks for the replies. It reminds me of the Health & Safety Exec, or the body responsible for enforcing the min wage, or those charged with prosecuting firms employing illegal immigrants: weak legislation + inadequate enforcement resources.

To be honest, a bit of me's pleased each time one of these stories break: a further stake is driven into the heart of ID Cards.
 
#14
annakey said:
Interesting. Thanks for the replies. It reminds me of the Health & Safety Exec, or the body responsible for enforcing the min wage, or those charged with prosecuting firms employing illegal immigrants: weak legislation + inadequate enforcement resources.

To be honest, a bit of me's pleased each time one of these stories break: a further stake is driven into the heart of ID Cards.
RAmen to that!

no data is secure. when the ID card database is 'lost' there will be no way to recover from it, as the criminals will know EVERYTHING about you.

The demonstrations when people realise what info the ID card scheme wants will make the poll tax demonstrations pale into insignificance.

Ski.
 
#16
SkiCarver said:
The demonstrations when people realise what info the ID card scheme wants will make the poll tax demonstrations pale into insignificance.
That's a highly accurate strategic assumption imo. It would be typical of the Brits just to let the politicians play their silly games, but then go bonkers once the Act's in place and the secret police start demanding people fill in forms on pain of fines/imprisonment.

The thing to do now is persuade the Tories to adopt ID Cards. There's still a deeply authoritarian wing of the Party skulking in golf clubs, calling Cameron a "pooftah," criticising Nignogs, saying “UKIP talks a lot of sense!” who'd adore ID cards. I'd be happy then for Brown to lose in 2009 and for the Tories to take the flack.
 
#18
annakey said:
The thing to do now is persuade the Tories to adopt ID Cards. There's still a deeply authoritarian wing of the Party skulking in golf clubs, calling Cameron a "pooftah," criticising Nignogs, saying “UKIP talks a lot of sense!” who'd adore ID cards..
Sure about that? For all their moral authoritarianism, the Purley Wing do believe in Little Englander, I-Know-My-Rights, small-state, detached cottage individualism.

It's the left that push unworkable, trust-us Grand Plans, not the right.
 
#19
Rumpelstiltskin said:
annakey said:
The thing to do now is persuade the Tories to adopt ID Cards. There's still a deeply authoritarian wing of the Party skulking in golf clubs, calling Cameron a "pooftah," criticising Nignogs, saying “UKIP talks a lot of sense!” who'd adore ID cards..
Sure about that? For all their moral authoritarianism, the Purley Wing do believe in Little Englander, I-Know-My-Rights, small-state, detached cottage individualism.

It's the left that push unworkable, trust-us Grand Plans, not the right.
I have a sneaking suspicion that you're both right. They believe to the depths of their soul in liberal individualism, but only for them and those like them. Anyone who can be dismissed with a label gets the end of the stick cleaned under an NHS contract.
 
#20
Rumpelstiltskin said:
annakey said:
The thing to do now is persuade the Tories to adopt ID Cards. There's still a deeply authoritarian wing of the Party skulking in golf clubs, calling Cameron a "pooftah," criticising Nignogs, saying “UKIP talks a lot of sense!” who'd adore ID cards..
Sure about that?
To be honest, no. To be certain I'd want to look at raw opinion poll data, which I believe, at present, is all over the shop.


Rumpelstiltskin said:
For all their moral authoritarianism, the Purley Wing do believe in Little Englander, I-Know-My-Rights, small-state, detached cottage individualism.
I agree. The main problems are:

a) immigration. If ID cards were sold by the right as an immigration-control measure, the gov would be laughing. Labour, politically, can't really do that with any force. The Tories could. It’s one reason why Purley Man became so angry with Cameron before Brown, idiotically, united the Party with his early election games: they want Cameron to bash Johnny Foreigner.

b) "I've nothing to hide so have nothing to fear". Some silly Tories still say that, not realising (because they're silly, or perhaps "naive" is a better word) that there's now so much legislation on the statute book everyone's done something illegal. You only have to dig deep enough to find it. The data-trail left by ID Cards would provide the spade. The legislation's framed specifically to give the state full access to that trail. And the trail will, of course, get leaked, lost or stolen by criminals.

Rumpelstiltskin said:
It's the left that push unworkable, trust-us Grand Plans, not the right.
I partly agree. Some on the British left are shameful on individual freedom. They should be exposed and laughed at whenever possible. Give me a nice, crusty, harrumphing Tory individualist any day, compared to a bullying Trot or anarchist. I see Purley Man and bullying anarchist as cut from the same cloth. But there's plenty of room for common cause between the libertarian right, who are well represented on ARSSE :lol: and libertarian socialists.

It’s one reason why SkiCarver’s spot on imo. Similar common cause was made over the poll tax, plus all shades of opinion in between. It’s a virtually unbeatable coalition (and scares the gov sh$tless).
 

Similar threads

Latest Threads