Will be a breaze...
The result shouldn't be too hard on HMRC, considering that the Met can shoot random Brazilian dudes and get away with it.
Will HMRC be forced to apologize again? The suspense is killing me.
Police complaints authority the Independent Police Complaints Commission (IPCC) is to investigate the loss of 25 million private records by Her Majesty's Revenue and Customs (HMRC). The loss of two CDs containing the UK's entire child benefit database is now being investigated by: the Metropolitan Police, an inquiry led by …
Ok I don't have kids so I hope that excludes me for the lost data but if I thought/knew my data had been lost like this I would be making for the bank to change my account and then of to the cop shop to file a complaint.
On the subject of changing bank account details. I would want to change the account number at the very least, possible move branch that way I get a new sort code as well. Do that for 7.25 milllion families and it's going to cost the bank as fortune and every one will want it like yesterday. Will HMGov offer compensation to the bank?
Oh and I used the "where's the IT angle" icon as obviously HMCR has no idea about IT in any shape or form.
If the 2 disks never actually were sent, but the office newbie entrusted with burning and sending the disks forgot to do it. Oldest excuse in the world: "I put it in the post - It didn't arrive? Oh OK, I'll burn two more and send them!"
So we could have hundreds of people looking for 2 disks that don't exist......
If the was a centralised database with correct access control there would have been no need to send anything.
OK, now I have said it I need to go and look for that nice asbestos suit (or some tools to appropriate the right to use the old nuclear shelter in the hill in front of my house).
You loser. Let's see anyone do a better job? Yes, that's exactly what most people in this country today want to happen, for AD to resign and let someone else do a (much) better job. If Alistair Darling is the best man for the job then lord help us all. And no, he can't avoid blame by not having been in the job for that long; he has said that there systems are ancient, so knowing that he should have initiated measures to look to update or replace archaic systems. That's the point of his job isn't it? Or is he only there to shore everything up and hope that it doesn't go tits-up on his watch?
He ultimately takes responsibility for everything under him. If this incident is symptomatic of general lack of responsibility for personal data in those working under him then it *is* his fault and he should resign.
As to doing a better job, I should imagine that pretty well anyone could. After all, if he's a Minister, that surely means he's failed at any proper job.
@William Donelson
Yes, we all know that ol' Eyebrows isn't *personally* to blame. But the Government, in general keep banging on about how they can be trusted with our personal data with regards to the National ID card database while time, and time, and time, and time again they demonstrate that they, absolutely, cannot be trusted any further than I could throw a number 9 bus.
And yes, I can, and do, do a *much* better job, as could a large number of other Reg readers whose jobs also involve secure/sensitive data.
Lets see, when was the last time that I had to burn information off onto a disk to give to someone else...probably about 3-4 years ago. Has no-one in any of these government departments heard about the fact you can now send information through the tubes that make up the internet (ok security not guaranteed). leased line anyone. Also I'm sure the army/police have pretty secure data transfer methods, that don't include bringing the data out in the real world. It was designed to run in a data network, why not just keep it there and transfer from one silo to another electronically. Digital data, digital transfer, encryption...where does "use the CD burner" come into it?
The point is if nobody resigns nobody cares if it happens again. The boss is there for exactly that reason in this sort of organization. What other role do you think he has?
Darling can serve no other purpose, what exactly are his expertise in the field? Or any politician in any field for that matter. We are not ruled by experts, it has always been this way, it'll never change. But the non-experts at the top must be punished for systemic failure.
Tony Blair, Ian Blair etc being unpunished does not bode well for the future of the organizations they manage. Profitable and well run organizations are characterized by the opposite, observe US investment banks recently.
It costs shed loads of cash. Is encrypted end to end and is the Government mandated method of moving sensitive information.
Part of the CPNI, the bit that was formerly NISCC, has produced some very good guidance on information security over the past few years. It would be nice to know that the Gov would pay some attention to it's own security geezers.
Did everyone like Darling's comments that the National ID card scheme would be much safer, "Coz it uses biometrics, and shit" (I'm paraphrasing). Nice to have it confirmed that those in charge really do know SFA about data security.
If there was one central database then it wouldn't be the data that got left around but the access keys. Post-it notes with passwords on them, lending your tag to a colleague who's temporarily misplaced theirs, etc. There would be a field in everyone's record listing priority for putting against the wall and shooting in the event of a purge by the government of the day.
... The problem is the people and hence; the Processes and Procedures that govern them and their activities. And finally, the ACCOUNTA-FUCKIN-BILITY!
As with most of these types of failures there is non of the above.
FDE would be mandatory on all corporate/goverment laptops if that were the case. Anyone caught leaving their Laptops in Starbucks/airport/meeting room would be summarily executed (ok, atleast it should be a disciplinary offence)!
How can there not be a procedure in place to describe HOW data was to be transfered?!?! WTF kind of morons are running this country!
How can these same morons stand up in parliment and say that they can be trusted with ALL our ID card data! Given how little accountability there has been in this case; why should we expect anymore when the ID database becomes compromized/abused.
Has anyone in the Blair/Brown govt EVER resigned because they'd done a bad job?
Paris Hilton could organise this better!
...wasting more of my tax money on this please? How much is
the police investigation going to cost?
Yes I have kids, so chances are my details are on those disks, but
guess what? I'm not really that bothered. If, in the unlikely event
that it happens, my bank account gets emptied, I'll get the money
back anyway - just in case, here's a tip, don't leave ALL your money
in your current account.
So someone maybe has my address, woopie-do for them! It's all on
192.com anyhow thanks to the electronic electoral register.
Yes they should have encrypted the data, or not sent it by post or
whatever - but I bet more money gets wasted on investigating this and
chuffing about than gets stolen from people's bank accounts.
The media love to scare-monger and the opposition parties like to
score political points. It's a load of old balls, nobody's ID or
money will be stolen as a result of this.
PS. I did originally post my bank account number and sort code previously, but the El Reg moderators bounced the posting. And there's me thinking that what with all the effing, jeffing and personal attacks on here there was no moderation. Cheers Sarah ;o)
...wasting more of my tax money on this please? How much is
the police investigation going to cost?
Yes I have kids, so chances are my details are on those disks, but
guess what? I'm not really that bothered. If, in the unlikely event
that it happens, my bank account gets emptied, I'll get the money
back anyway - just in case, here's a tip, don't leave ALL your money
in your current account.
So someone maybe has my address, woopie-do for them! It's all on
192.com anyhow thanks to the electronic electoral register.
Yes they should have encrypted the data, or not sent it by post or
whatever - but I bet more money gets wasted on investigating this and
chuffing about than gets stolen from people's bank accounts.
The media love to scare-monger and the opposition parties like to
score political points. It's a load of old balls, nobody's ID or
money will be stolen as a result of this.
PS. I did originally post my bank account number and sort code previously, but the El Reg moderators bounced the posting. And there's me thinking that what with all the effing, jeffing and personal attacks on here there was no moderation. Cheers Sarah ;o)
> If, in the unlikely event that it happens, my bank account gets emptied, I'll get the money back anyway
You hope! The expression "Mineralogical Haemoglobin Extraction" comes to mind because the banks will argue that it wasn't their fault and they were not liable for the loss and obviously it's the Government who should foot the bill.
In the mean time if someone uses your information to take out loans or credit cards and then defaults on those it's *your* credit record which will end up screwed up. Sure, eventually you might get that fixed, but you're going to waste a lot of time doing so.
And the same goes for everyone else who may be affected.
PS
> I did originally post my bank account number and sort code previously, but the El Reg moderators bounced the posting. And there's me thinking that what with all the effing, jeffing and personal attacks on here there was no moderation
Yet they allow a duplicate post one minute after the original...!