UK Government defends online services hub

The UK Government this week denied that its online system for verifying the identity of citizens trying to access public services suffers from "serious privacy and security shortcomings" and could be used by hackers to spy on the public. Researchers from University College London made the claims in a report on GOV.UK Verify, a hub which authenticates a user's identity before linking them with the service provider. In a statement, the Government said the hub only carries the user's name, address and date of birth and does not allow for mass surveillance.

ICO orders disclosure of reports on Immigration Removal Centres

The Home Office has been ordered to release self-audit reports on two immigration removal centres (IRCs) which has been the focus of reports about poor conditions and mistreatment of detainees, after a decision by the Information Commissioner's Office (ICO) last week. It follows a request made under the UK's freedom of information law, concerning the hours worked by the employees of private companies which ran Harmondsworth and Colnbrook IRCs at the time. The Home Office had refused the request on the grounds that it was "commercially sensitive", however the ICO rejected this.

Alleged data protection breach by political campaigners

Two activists allegedly broke data protection law when they used party membership lists to damage a rival candidate in the UK Liberal Democrats leadership contest, it emerged this week. The pair have been removed from Nigel Lamb's campaign team after calling up members to criticise the voting record of Tim Farron. The party is understood to be investigating the allegations.

Facebook pauses EU launch of its Moments app

Facebook's new Moments app, which uses facial recognition software to share pictures between connected accounts, was launched last week – but only in the US. European data protection law prohibits the use of such technology without users' consent, meaning the product could not be marketed in Europe. The company has been told it can make the product available once it has developed an opt-in function to offer users the opportunity to give their consent, but there is no indication of when this may be.

Polish flights grounded after hackers target air carrier

Ten flights were grounded last week after hackers broke into the systems of Flot, Poland's national airline. The cyber attack targeted flight plan software, causing delays and cancelations at Warsaw airport, according to Reuters news agency. Flot insisted it had state-of-the-art systems and had been able to prepare flight plans from its central operations centre. It commented that the hack showed all air carriers were vulnerable to cyber attack.

Uber's revised data privacy policy under fire

There were reports this week that the US Federal Trade Commission (FTC) is investigating a complaint of inappropriate use of customer data by the mobile taxi app Uber. In the complaint, the Electronic Privacy Information Center alleges that Uber's recently revised privacy policy allows it to collect information on a user's GPS location even when the app is not in use. Uber said it had no plans to use the data, even though the redrafted policy allows it to do so. The FTC declined to comment on specific investigations.