back to article Britain's Ministry of Defence fined £350K over Afghan interpreter BCC email blunder

Britain's data watchdog has issued the Ministry of Defence with a financial penalty of £350,000 for the BCC email blunder that exposed names and contact data of Afghan interpreters locked in the Taliban-controlled country. The potentially life-or-death breach happened in autumn 2021 following the complete withdrawal of UK and …

  1. Anonymous Coward
    Anonymous Coward

    How exactly does the government fining itself achieve anything?

    Surely incompetence of this order demands that heads roll; and new leadership brought in to address the underlying issues.

    Otherwise one can only expect a continuation of malpractice.

    1. elsergiovolador Silver badge

      The fine should have been distributed to the Afghan interpreters. Maybe they could pay the French smugglers for boat crossing if our inept government can't arrange the transport.

      1. Yet Another Anonymous coward Silver badge

        Also how do they collect the money from the Army ?

  2. Pascal Monett Silver badge
    Mushroom

    So BCC not good anymore ?

    I fail to see how using BCC is any more subject to human error than bulk email. It's when you're not using BCC and bunging everyone into SendTo that things are worse. That is what must have happened here. Instead of using BCC, they sent the mail out with addresses in the SendTo and probably got people killed. That fact will be on their conscience forever, fine or not.

    And who are you going to fine for the brilliant decision of not bringing along those fine Afghan people who helped you and stood by you but didn't have the proper paperwork done in the madness of a hasty withdrawal ? You could have gotten them out and bothered with the paperwork later, when they were safe, but noooo. You don't have your paperwork ? We thank you for your service during all these years, and wish you good luck with the Taliban. Next !

    1. SVD_NL Silver badge

      Re: So BCC not good anymore ?

      The government loves their paperwork

      The military gets aroused by paperwork

      The part of the government responsible for the military? good heavens...

    2. JessicaRabbit

      Re: So BCC not good anymore ?

      There's absolutely no mention of BCC in the linked to BBC article. Maybe someone has been experimenting with Chat-GPT...

    3. Frank Bitterlich

      Re: So BCC not good anymore ?

      Typically, in "BCC blunders", it is the failure of using BCC, and using the CC field instead, to copy-and-paste a bunch of email addresses into.

      Using BCC is unsafe because it is very easy to click into the wrong field to paste the addresses into, and thereby facilitates human error.

      A bulk email system typically does not even give you the chance to make such a mistake. That's why using BCC for mass emails is considered bad practice – for a long time actually.

  3. rafikiphoto

    Government agency fines government agency. We are all fined then reimbursed! Wow. Was nobody fired?

    1. sanmigueelbeer
      Coat

      Was nobody fired?

      No, just fined.

      1. elsergiovolador Silver badge

        They are fine.

  4. Doctor Syntax Silver badge

    It's instructive to compare this and the PSNI breaches with https://www.theregister.com/2023/12/12/us_air_force_discord_leaker/

    I can guess which one is going to lead to things being tightened up in practice.

  5. yetanotheraoc Silver badge

    better not

    "... were asked to ... tell the ARAP crew of their new contact details via a secure channel."

    Give the numpties another crack at it? Interpret this!

  6. t245t Silver badge

    Thumbnail pic associated with the email account :o

    Is the Ministry of Defence now hiring on special need people to perform security duties?

    "Staff .. were not given specific guidance about the security risks of sending group emails when communicating sensitive information,"

    You dumb fcüḳ, you don't send sensitive information by email, you dumb fcüḳ

  7. Mike 137 Silver badge

    The email???

    "The email urged the interpreters, somewhat ironically, not to put themselves or their families in danger."

    When will it finally sink in that email is not appropriate for sensitive communications. It does not inherently support end to end encryption (only some email clients might), so it is roughly the equivalent of sending a postcard written in pencil as it can be read and modified (as e.g. gmail does) in transit. So quite apart from the failure to use BCC, it was absolutely the wrong way to communicate this message to these people.

  8. Gene Cash Silver badge

    > Some interpreters were reportedly murdered

    > "The data disclosed, should it have fallen into the hands of the Taliban, could have resulted in a threat to life" said the ICO

    It sounds like it did, you incompetents.

  9. shazapont
    Facepalm

    A crazy new idea?!

    Here’s a suggestion.

    Make BCC the default when sending. Always.

    !

    (What The ***!!! Are we allowed to do that?! Sí…)

    — Shazza ‘Postman Pat’ DuPont —

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like