As has been widely reported, HM Revenue & Customs (HMRC) admitted having lost two CDs containing the personal and banking data of all child benefit claimants. This affected about 25 million people, putting them at risk of identify theft and fraud.
The Government intends to create numerous databases that will centralise information about our identity, education, social welfare and health. Although personalising our data may facilitate the provision of better services, there are significant privacy implications arising out of the consolidation of these databases: for example, health information about children is to be used to predict criminal behaviour.
The HMRC incident prompted the House of Commons Justice Committee to produce a report on the Protection of Private Data. The report made three recommendations: (i) data security breaches must be reported; (ii) there should be criminal sanctions against “data controllers” responsible for security breaches; and (iii) the Information Commissioner should have better funding and new powers of inspection and audit.
The report emphasised the urgent need to recognise the risks arising out of the sharing of personal data between government departments. Now that an unprecedented amount of information is being collected and maintained by the authorities, a debate about privacy and data protection is long overdue.