From yesterday's Guardian
Nine sacked for breaching core ID card database
Nine sacked for breaching core ID card database
The government must be quietly grateful to the distractions of August. Only Computer Weekly noticed that nine local authority workers have been sacked for accessing the personal records of celebrities, and their acquaintances held on the core database of the government's ID scheme.
This is a significant story because government ministers have always dismissed campaigners' claims that once all personal information is stored in a single database it will become vulnerable to abuse by those with access to the system. Ministers have repeatedly insisted that security will be absolute and that severe penalties will deter anyone tempted to read files illegally.
Not true. The magazine's website reported that the nine fired were among 34 people who illegally accessed information. Some were reprimanded, some resigned and some were sacked but none was prosecuted. Using a freedom of information request, Computer Weekly found that Cardiff and Glasgow Councils sacked people who had looked up celebrities in the customer information system (CIS) which is run by the Department of Work and Pensions (DWP) and contains 90 million records. Various other councils sacked people for looking up their friends, their own details and in one instance, a girlfriends.
The really important point is that these cases come from sample checks, this raises the prospect that the security of CIS is in fact much more regularly breached. "Over 200,000 government officials have access to the database," says the website, "including 480 local authorities, and numerous government departments, including the Department of Work and Pensions, HM Revenue & Customs, and the Courts Service. The Child Support Agency uses the CIS to trace missing parents."
This is a significant story because government ministers have always dismissed campaigners' claims that once all personal information is stored in a single database it will become vulnerable to abuse by those with access to the system. Ministers have repeatedly insisted that security will be absolute and that severe penalties will deter anyone tempted to read files illegally.
Not true. The magazine's website reported that the nine fired were among 34 people who illegally accessed information. Some were reprimanded, some resigned and some were sacked but none was prosecuted. Using a freedom of information request, Computer Weekly found that Cardiff and Glasgow Councils sacked people who had looked up celebrities in the customer information system (CIS) which is run by the Department of Work and Pensions (DWP) and contains 90 million records. Various other councils sacked people for looking up their friends, their own details and in one instance, a girlfriends.
The really important point is that these cases come from sample checks, this raises the prospect that the security of CIS is in fact much more regularly breached. "Over 200,000 government officials have access to the database," says the website, "including 480 local authorities, and numerous government departments, including the Department of Work and Pensions, HM Revenue & Customs, and the Courts Service. The Child Support Agency uses the CIS to trace missing parents."
Comment