HMRC and Data Protection

Well, a branch of the UK government has shown it can’t look after personal data of it’s citizens.  Firstly, why haven’t HMRC been prosecuted under the Data Protection Act – after all, they clearly didn’t take steps to protect personal data – specifically, sending 2 CD’s (yes, ordinary CD’s) with the personal data of every parent and child in the UK via an un-recording delivery service run by a 3rd party company, without taking any basic data security precautions at all.

There needs to be a public enquiry which will answer the following questions:

  • Who was responsible for this gross act of negligence, and when will they lose their job?
  • Why does a government department post CD’s of data from one office to another – is their IT network not up to the job of transferring it securely?
  • Why, if the government needs to send information by disc, is the data not encrypted?
  • Can the government be trusted with any personal data of it’s citizens (I’m thinking passport records etc)?
  • When will the government be scrapping the proposed ID card and vehicle tracaking schemes (or “Road Charging” as they call it) – as clearly our data isn’t safe with them
  • When will HMRC be prosecuted under Data Protection laws?

If your bank screwed up in such a massive fashion, most people would vote with their feet and take their business elsewhere – as we can’t do that with our incompetent government, lets have a general election now, and show them what we think of them.