The fault of low level civil servants?

Regarding the recent data leak:

The Conservatives say the crisis is down to "systemic" errors at HMRC - but the government insists it was the fault of low level civil servants.'


Rubbish - why was it possible for a low level civil servant to download the entire database in one go and burn it to CD? (i.e. the potential is there to steal it).

A low level civil servant should only be able to view a record at a time, and not export the records at all. This is trivial.

I still can't believe that they thought it'd be too expensive to drop sensitive fields.

It was too expensive...

Following the fiasco of losing the personal details of 25 million people it has emerged that the audit office did not request all of the information that was sent:

'the NAO wanted only limited child benefit records but was told in an e-mail from a senior business manager in March that to remove more sensitive information was too costly and complex.

Please correct me if I'm wrong, but this should be trivial for any well set up system. In the commercial 'filemaker' system, one can choose which records to export. If, as is more likely, the database was SQL, one could make a copy of the database and then drop unwanted tables, or fields. For anyone managing an IT system, this should have been trivial.

Someone who is responsible for decisions on such a large and costly database really should be able to manipulate that data easily.

For the record, the SQL syntax (after about 15 secs of research) is:

ALTER TABLE <table_name> DROP <field_name>

or even

DROP TABLE table_name

Methinks the 'it was too expensive' excuse is just so much baloney.

Some Links to finish off: NO2ID - Stop ID cards and the database state

Update: qwghlm has a post on this too.