Local Councils Cannot ‘Guarantee’ Your Personal Data Is Safe

Privacy campaigners say citizens’ private information is not safe with local government following 4,236 separate data breaches by authorities between 2011 and 2014.

Big Brother Watch’s report, A Breach of Trust, has called for stiffer penalties – including prosecution for the most serious offences – and better training to prevent future breaches from occurring.

“Despite local councils being trusted with increasing amounts of our personal data, this report highlights that they are simply not able to say it is safe with them,” said Emma Carr, director of Big Brother Watch. “A number of examples show shockingly lax attitudes to protecting confidential information. For so many children and young people to have had their personal information compromised is deeply disturbing.”

Worrying trend

Freedom of Information requests show that during a three year period, local councils reported 401 instances of data loss or theft, 628 instances of incorrect or inappropriate data being shared on letters, emails and faxes and 197 mobile phones, PCs, tablets and USB sticks being lost or stolen – an astonishing 75 percent of which occurred in Glasgow.

The report also reveals that 5,293 letters were sent to the wrong address or contained personal information not intended for the recipient. This figure is larger than the overall number of breaches because many councils report a breach involving several people as a single instance.

More worryingly is that information about children occurred in 658 of the breaches, most notably during a breach at Lewisham Council where a social worker left papers on a train including sensitive information about ten children. Details included names, addresses, dates of birth and information related to registered sex offenders, police reports and child protection reports.

Tougher punishments

Another instance at Aberdeenshire City Council saw the theft of an unencrypted laptop containing the details of 200 schoolchildren, although this was recovered.

One in ten breaches resulted in disciplinary action, which resulted in 39 resignations, 50 dismissals and one court case, but Big Brother Watch recommends that custodial sentences should be introduced for the most serious of offences and those who commit them should be given criminal records.

It also calls for mandatory data protection training and reporting of breaches that contain information about a member of the public as well as standardised reporting systems and procedures.

“With only a tiny fraction of staff being disciplined or dismissed, this raises the question of how seriously local councils take protecting the privacy of the public,” continued Carr. “Far more could be done to prevent and deter data breaches from occurring. Better training, reporting procedures and harsher penalties available for the most serious of data breaches, including criminal records and custodial sentences are all required.  Until we see these policies implemented, the public will simply not be able to trust local councils with their data.”

TechWeekEurope has contacted the Information Commissioner’s Office (ICO), the body tasked with investigating and punishing such breaches, but had not received a response at the time of publication.

What do you know about ICO and its counterparts? Take our quiz!

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

View Comments

  • Did your investigation discover the percentage of loss caused by the private sector outsourcing of council services? This is all a symptom of the pressures local govt are facing with dramatically reduced budgets. Granted, leaving documents on a train is inexcusable, but a sign that HR are not driving the human element - data protection is far too often perceived as an IT issue, when the largest failures are actually in HR, lax vetting etc.

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

12 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

14 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

16 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

16 hours ago