Thursday, August 06, 2009
Questions over security of ID database
The report says that they are are among 34 council workers who illegally accessed the Customer Information System database, which holds the biographical data of the population that will underpin the government's multi-billion-pound ID card programme.
They also provide some details on the breaches by council workers:
- Cardiff and Glasgow councils sacked staff after they looked up celebrities' personal records
- Tonbridge and Bromley councils sacked workers for looking up their friends
- Brent sacked someone who looked at their girlfriend's details
- A worker at Torfaen was sacked for looking at his own details
What is especially worrying is that they say that this may just be the tip of the iceberg. Many of the breaches were discovered after sample checks, raising concerns that other breaches may gone undetected.
It seems that over 200,000 government officials have access to the database, including staff at 480 local authorities, and numerous government departments, including the Department of Work and Pensions, HM Revenue & Customs, and the Courts Service. The Child Support Agency uses the database to trace missing parents.
Clearly, this project amounts to more than just a collection of information to back up an ID card scheme. It is being used widely for a large number of applications and possibly being linked to other databases as well. With so many people having access to it there must be huge concerns about security and confidentiality. The Government needs to start providing more assurance on that aspect whilst at the same time being more open and transparent about how the data is being used.
A level of oversight to provide accountability is essential in my view. It cannot be right that this sort of database is administered from behind closed doors without those on it having the ability to check the information it holds on us and how it is being used.