back to article ICO: Education ministry BROKE the Data Protection Act

The Department for Education broke the Data Protection Act after it exposed the email addresses, unencrypted passwords and sensitive answers of members of the public who filled in an online form about parental controls on the net, The Register can reveal. However - despite the breach - the Information Commissioner's Office has …


This topic is closed for new posts.
  1. Da Weezil

    This is precisely why the whole regulatory charade in this country needs replacing.

    Its a complete farce ICO.. ASA... OFCOM.... Phonepayplus... all USELESS and not fit for purpose.

    They may as well not exist. They are weak, ineffectual, inconsistent, in fcat they seem to be just window dressing to reassure the masses.

    Scrap the lot and put proper regulators with real powers - and an inclination to use them - in place.

  2. nuked

    I would love to know the detail of the mistake they made. I'm willing to bet it was something so elementary as to be utterly unreportable.

  3. James 100

    Someone really should have been fired for that, or at least properly punished (demotion, suspension, whatever). Remind me again how tolerant the government is when we in the real world break their rules?

    Moreover, why on earth was the *Education* department trying to butt in on telecomms regulation in the first place? Presumably because the people who know what they're doing are at least bright enough not to swallow Perry's half-baked crock plans for censorship-by-default under the lie that this is "opt-in", so she had to shop around for another department incompetent enough to try...

  4. Anonymous Coward
    Thumb Down

    " amount of personal information being compromised"

    Well they might have a point, I suppose, in relation to the contact details provided, but the breach was far more serious than that.

    This problem potentially revealed confidential submissions (assuming that confidentiality was requested) and, depending on the nature of those submissions, they may have been particularly sensitive.

    Worst for me, though, was the fact that people's submissions may have been edited by others (as I unfortunately did) and so their names may have gone against views that they did not hold.

    It was an appalling error that really warrants serious censure, even if the ICO aren't up for it.

  5. M.D.

    Building web pages for crisp packets

    If its anything like a typical Gov IT 'Project', here's how it went:

    Gov IT person to (incumbent) IT Services Supplier "hey, we want to do this, we'd like you to go away and, free-of-charge, come up with a project to deliver a web survey".

    IT Supplier Account Manager(s) "quick, grab anyone around who may have 5 minutes free to knock up a shiny architecture pic & a Power Point - but don't take any time as you can't charge for it and don't bring in additional resources as...we can't pay for it".

    10 days later...

    Gov IT Person to Suppliers "hmm. Your all rubbish but this option which costs 27p & a packet of crisps looks ok"

    IT Supplier Account Manager (thinks) "Brilliant, I can show I'm farming my customer & winning new Biz, only trouble is the Price I agreed will pay for about 4 hours (shared) of a team of 4....hmm, better cut back on the Web Dev, as I don't have one as part of the Account team at the moment".

    ....10 weeks later...

    IT supplier Account Manager "of course we had no budget to do the necessary software life cycle, least of all an integration/test cycle after all - you don't get much more than a hapless junior for 30 minutes for a packet of Salt & Vinegar Walkers these days y'know"

    Gov IT Person "Crickey! Ah well, shut it down: that was our last 27p and that pack of crisps was from my own lunch box - we're buggered until the new FY now"

    All: "Now, what do we tell the Public?"

    Yup. Been there, done that, got the broken mouse (what, you think someone can afford to give out T-shirts?!)

    1. Anonymous Coward
      Anonymous Coward

      Re: Building web pages for crisp packets

      Susprisingly accurate. I was in a department which wanted a new website designed, when it was delivered. It was not fit for use (a slow buggy mess). The department took the website and started hacking it themselves. IT in the government is truly awful and needs to change badly.

  6. Anonymous Coward
    Anonymous Coward

    One rule for them, one rule for the rest of us!

    1. Tony Paulazzo

      >One rule for them, one rule for the rest of us!<

      Literally: Privilege = Private Law in old Latin.

  7. The Mole

    Wide concequences

    Surely, given how many people reuse password, revealing both email addresses and passwords means that there is a good chance sensitive details have been made available indirectly or other serious harm could have occurred. If the password was for the email acount, or face book then you are almost certainly to find information on sexual orientation and quite possible religious views or health information.

  8. Anonymous Coward
    Anonymous Coward

    Lets see how this pans out

    Rich Taxpayer funded quango department let off the hook by ICO so they keep their bonuses and foreign jollies

    same week

    Poor Taxpayer centric and under funded NHS department has to cancel operations and lose staff to balance books

    Yes, the ICO is still working for the government good

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2021