November 21, 2007 | Becky Hogge

HMRC fiasco: Government "not interested" in expert warnings

Professor Ross Anderson, UK computer security expert and Chair of the Foundation for Information Policy Research, appeared on Newsnight last night, to discuss the HMRC data loss fiasco. He labelled the fiasco "an accident waiting to happen", and calmly, methodically, indicted the Government for brushing aside the advice of security experts who have been warning them against the centralised, top-down approach they have been taking to electronic government.

I hope Professor Anderson will not object to my transcribing his words in full, and linking to the reports he mentioned and the government responses that have brushed aside expert concerns.

"But if we return to the matter in hand, I'm afraid that there is a policy issue here not an operational issue because the government has repeatedly, over the last few years brushed aside one lot of advice after another about the growing problems of privacy and safety with aggregating more and more data.

We wrote a report for the Information Commissioner in November last year pointing out that the proposed children's databases were both unsafe and illegal. That was brushed aside.

Lord Broers' House of Lords Science and Technology Committee reported earlier this year saying that the government needed to get its act together on personal internet security. A large part of that was Treasury responsibility, better regulation of online banking. That was brushed aside.

The Health Committee reported in September saying that people needed a right to opt out of the large central databases of personal medical information that the NHS is collecting. That was brushed aside.

Again and again and again these warnings have been made in different contexts by expert groups and the Government has not been interested."

Comments (4)

  1. The Open Rights Group : Blog Archive » HMRC “Datagate” verdict: further data loss “a distinct possibility”:
    Jun 25, 2008 at 04:41 PM

    [...] report A Surveillance Society?. Unfortunately, unless this Government can get over its addiction to large, centralised databases, data minimisation will be a distant [...]

  2. UK Government loses massive database: 1000 cries of “we told you so” ring forth < Richard’s Kingdom:
    Dec 02, 2007 at 11:09 PM

    [...] of access points. Such databases are IMPOSSIBLE to secure. The Government has been told this many times by eminent security experts, so why does it persist in putting forward ever grander (and riskier) [...]

  3. William:
    Nov 22, 2007 at 04:51 PM

    That's very useful; I'd never seen those responses together. I think the ORG wiki has a crucial role to play in coming months (go Glyn!)

  4. The Open Rights Group : Blog Archive » Write to your MP today: stop the Government’s privacy timebomb:
    Dec 14, 2007 at 04:29 PM

    [...] by Government Ministers or senior managers in the civil service. This might not be such a problem, were the Government to listen to the advice that has been readily offered by expert groups during the quest towards [...]