Darling says 25m records 'lost'

A bit of a development on the story:

Letters are being sent to seven million families telling them the lost discs with their bank details on are "likely to still be on government property".

Police are continuing to search for the discs full of personal details which were lost by HM Revenue and Customs.

The revenue says investigations suggest the discs, with 25 million people's files on, are not in criminal hands.

Source: BBC News

Time will tell, but I feel fairly confident that - for now at least - this remains the case.

Originally posted by timeless test
There is nothing which is necessarily contrary to procedures in passing information to the National Audit Office even if they get more than they strictly require, the element of this fiasco which is worthy of criticism is the method by which the data was transferred and in the absence of any other information that does appear to have been the responsibility of the unnamed junior official.

What I find surprising and disingenuous is the sudden fervour which the Tories are displaying for NOT attempting to save public money.

the information you are referring to is protected under the data protection act,no junior official of 23 should have to capacity to download it in its entirety.

if the original request for information was followed,only the national insurance numbers and date of births would have been lost.if you send all the personal information because its cheaper,that database provides all the vital personal data such as band account,name, addresses etc of the individuals......

.....the difference between the two is enormous,NI and DOB are limited amounts of info and are nowhere near security risk as all of some ones personal data.

there is a culture throughout the british bureaucracies in which the populations data is treated with criminal disregard.
in the US such information is encrypted UNDER LAW.

lastly huge public data bases are routinely sent through the post on cds.because its cheap,is that right!???.

It's way more complicated than we're getting told.

Cost is a huge factor for every department. Because although every department uses computer networks, the maintenance of the hardware, software & databases is routinely carried out by private companies. Anything departments need "outside the norm" has to be paid for, whether it means shifting a few pc's around the office or a major data scan which has the potential to disrupt business workflow.

I can assure you. Data scans are not cheap. Top of my head I'd reckon if there were any change out of £25,000 for what the NAO actually required I'd be very surprised.

It's not just a press of the button and there's your information. The database has to be backed up at close of business ... typically 8pm ... in order not to lose that days activity. 25 million records. Hundreds of thousands of daily transactions/payments. Backing up can't be done instantly. And then "the system" has to generate the next days work for thousands of staff ... the amount of paperwork printed out is colossal.

So by maybe Midnight you might be able to initiate the scan for the NAO. And once that's done you have to get the database back online and checked to ensure it's functioning correctly and hasn't been corrupted during the scan itself. Tick tock tick tock - you've got staff coming into work from 7am onwards. And to do all this the private companies need their own staff working overnight at their data centres ... and at their backup data centres too in case anything goes wrong with the primary database. How much do you think one member of staff with the specialist skills required gets paid for an overnight shift ? A fortune.

So what do you do ? Authorise a huge amount of expenditure several times a year just to give the NAO a few bits & bobs ? Or do you give them a copy of the last available full scan and incur no expenditure whatsoever ? And do you start operating data encryption throughout government departments at huge expense or not ? If that's what you want .... great. But it'll cost you when it comes to your pay check at the end of the month.

Sure the civil servant concerned mucked up. The CD's ought never to have been sent through the internal mail in that way. All their guidelines tell them never to do that. And if such exceptions to data handling procedures were condoned by management it's their fault too.

Frankly civil servants are damned if they do and damned if they don't. Go over budget & they get slaughtered by the politicos ... screw up like this and they're left dangling. In a schadenfreude kinda way I was quite happy to see Darling squirm at the despatch box. Long overdue.

reply to post by Niall197


how come all the other industrialised nations with much larger populations can create computer databases that can filter information??.

have you seen the failure rate of uk government computer systems??,its catastrophic....

the answers once again,they hire the most cost effective contractors,not those who will deliver the best system.

this has nothing to do with the junior official.its about the system and those who impose it.

Originally posted by welivefortheson
[the information you are referring to is protected under the data protection act,no junior official of 23 should have to capacity to download it in its entirety.

There is, of course, nothing in the Data Protection Act which restricts the age of an individual who can handle sensitive data, indeed, that would in itself be illegal. I would suggest that very few people outside the HMRC in Newcastle know exactly which procedures were not followed correctly but the point at issue here is principally the transfer of the data.

if the original request for information was followed,only the national insurance numbers and date of births would have been lost.

Along with a significant amount of public money. I applaud the attempts of officials to save my money and am astonished that some self serving politicians are now criticising Government agencies for doing what they have been calling on them to do for years.

Let's not forget that it is the Tories that have gone into election after election claiming that they will be able to reduce taxes without cutting expenditure at the same time by cutting waste and over expenditure, a plan which most seasoned observers have consistently pointed out is utter fantasy.

huge public data bases are routinely sent through the post on cds.because its cheap,is that right!???.

No it's not right, or if it is the case then it is in breach of all the rules and procedures that we know about and administrators should be castigated for allowing it to happen if it does.

reply to post by welivefortheson


In the late 1980's the various welfare departments in the UK started developing their own systems - in house. This was in the days when the old DHSS still existed (yep, it's that long ago). This is before Windows & MS Office and all the other software we take for granted nowadays. And over the years bits have been added on here and there to take account of changing rules/regulations & ways of doing things.

But the core of the software is approaching 20 years old. Aye, of course they could migrate the whole lot onto brand new state of the art software and give staff the flexibility to punch a key and filter as required. But again it comes down to cost. You've got to weigh up in the balance potential savings - if any (probably none whatsoever) - versus the cost of the software & staff training requirements. And if the old software ain't broke, why fix it ?

I'll give you an example of cost. Moving a PC from one desk to another ... staff aren't allowed to do it no matter how straightforward. Engineers from private companies have to be booked in ... £150 ? Or a specialist keyboard for a staff member with a disability ... £200+ ?

Go check out the profits of EDS, Accenture & Capgemini. Capgemini are expected to make a £1.1 billion profit on their latest 10 year deal with the Inland Revenue for the NIRS2 system (national insurance contribution software).

www.computerworlduk.com...

The costs are staggering.

Originally posted by shanti23
Problem -> confidential data is easy to lose, criminals and terrorists will use this stolen data against you.

Solution -> implement draconian ID card scheme coupled to a national/international biometric database with total data awareness and intergovernmental sharing to prevent this from happening again.

Cynical? Paranoid? Reality?

Darn - never considered that angle on it before! Although they did raise quite the opposite point - that being that an ID card scheme would be just as vulnerable and contain far more details. It could even conceivably be used by a rogue state to produce a targeted biological weapon, if the database stored everyones DNA profile. Holy cow!!!

Originally posted by mirageofdeceit
Although they did raise quite the opposite point - that being that an ID card scheme would be just as vulnerable and contain far more details.

The key part of my post was the fact that the ID system would be linked to a BIOMETRIC database. The argument being that the 'lost' data would be ineffective without biometric confirmation.

They are simply preparing the ground and placing the subject into the collective mind of the public ready for implementation. The political stooge, Gordon Brown, is ready to take his fall and the other side of the 'democratic' coin is getting ready to assume control over the 'mess' and take the country in a 'nu' direction.

[edit on 24/11/07 by shanti23]