Data Loss

Up until Monday, we hadn't had any of our data lost by the government (as far as we knew). We shouldn't have been one of the 25 million lost due to being child benefit claimants, or one of the many other breaches. Some of the breaches are potentially very serious should it fall into the wrong hands, for example, the list of military applicants, of prison officers, or (and think of the children!) families with young kids.

However, Monica may have been among the three million lost on Mondays.

It does annoy slightly that they always call it 'lost', this can imply that the issue is that government no longer has the information. This isn't the problem - it's 'duplicated, then lost'. The issue is that people who shouldn't have the information ultimately acquire it.

Having the entire population on one big database is not a way to improve security. It's a big target for identity theft, and recent history shows that it cannot be kept totally secure.

Having said that, the 'losses' that have happened have been rather silly. Lots of data transported without strong encryption, often when there was no need to transport it. It shows a general carelessness that is not befitting anyone claiming to be worthy of trust with this data.

You can take this survey to find out how likely it is that the government has treated your information shoddily.

For more on the proposed ID card database, see the No2ID website, including this rundown of the issues.

The ORG data loss questionnaireYou hand over your personal details to councils, hospitals, employers and businesses all the time. But these institutions don’t always keep that data safe. In fact, since HMRC lost its entire database of child benefit claimants last year, high profile data losses have hit the headlines with worrying regularity. But how does this affect you and your family? Click here to find out how likely it is that a government department or corporate entity has been losing your data recently.

Industry and Government want to aggregate and share more and more of your personal data. Schemes like the National Identity Register, ContactPoint and the Intercept Modernisation Programme are just the tip of the iceberg. But data insecurity is inevitable if large datasets are stored centrally and accessed by hundreds of different people. Data loss can lead to identity fraud and harassment for anyone affected. It is also likely to further complicate or even threaten the lives of those who are fleeing abusive relationships or on witness protection schemes. And that’s without even getting into the debate about how data sharing and aggregation can change the relationship between citizen and state [.pdf].

Once you’ve taken the test, please share the link - http://www.openrightsgroup.org/dataloss/ - with friends. And if you learn of other incidents that should be added to the questionnaire, then please add them to our list of UK privacy debacles, which feeds into the questionnaire.

Thanks to Sam, Glyn, Casey and Rowan, the Open Rights Group volunteers who conceived and realised this project. Finally, please note that the application does not record users’ responses or IP address. In fact we don’t store any user data, which means there is no danger of us losing or leaking anyone’s personal information.