Paul Gray, chairman of Her Majesty's Revenue and Customs, has left his post, apparently taking responsibility for a big data loss by his department. HMRC is refusing to comment ahead of statement in the Commons by Chancellor Alistair Darling at 3.30 this afternoon. The surprise departure is reportedly due to an operational …
Your time is up Darling
What with this and the Rock crisis, I'm off to Ladbrooks to bet Darling resigns this afternoon. What are the odds?
The usual political BS
The BBC says "Revenue and Customs says it does not believe the records - names, addresses, date of birth and bank accounts - have fallen into the wrong hands."
Translation "We lost all your personal data through gross negligence. Therefor we cannot make any meaningful assertions as to where it is. To make any statement indicating our belief about its whereabouts is clearly going to be utter shite. But we'll give it a go anyway, seeing as your all dumb."
At last! Responsibility
Are you sure that this guy actually works for a government department? I mean, don't they all go "It wasn't my fault and steps are now being taken to ensure that this won't happen again".
Anyways...if you have to take that many personal details home with you (can't think why, but anyways) - is it really beyond the wit of IT depts to ensure that local files are all encrypted?
odds on darling leaving are:
1.01:1 on betfair, which is as close to 1 as you can get there.
And I'm probably not the first to ask why the data was being transported on CDRoms by a courier?
The chosen fallguy's already walked the plank. Darling (and, for that matter, the Board of the IR) should follow immediately. But I bet they won't.
There's still a few more things Darling Alistair needs to take the fall for before he hands over to Ed Balls. It'll happen a month or so before or after the Spring 2008 Budget, either giving enough time for Ed to take the credit for some (illusionary) tax cuts, or to let the upset die down when there aren't any (illusionary or otherwise).
I find myself caught between two stools. Firstly, Paul Gray is in charge and rightly should resign over a cock-up this big. On the other hand, what we need is public servants who will take responsibility and resign when they fail, thus it's a great shame to see one such go. Perhaps he could be given Sir Ian Blair's job?
From frying pan into the fire.
The proposed Equity Fund buyout of Northern Rock with nothing for shareholders is hardly a ringing endorsement not to cause another run on its funds.....again. What are they thinking?
"It is perfectly safe to entrust your confidential data to the government"
How many times do you hear it said? Your DNA is safe. Your Oyster card data is safe. Your DVLA info safe.
How DUMB are we to believe them? This is proof that we shouldn't trust them.
Who says it's Darling's fault?
Most of the cockups that were highlighted last night on the BBC's Watchdog program were actually during Brown's tenureship. If anyone should resign from government it's Gordon Brown!
...Was a secure courier. it's standard practice and goes on all the time - and should be better then letting individuals transporting said data and leaving it on the train etc
Not encrypted though - that's Rule 101.
Well let's see
If one small "balls-up" (ie saying what was true but not politically expedient) by a Today Programme editor was enough to shunt Greg Dyke out of a job, surely this is more than enough to send Darling to the political wilderness? Inasmuch as New Labour has a political wilderness - Mandelson seems to be doing very well out of, thankyou.
He should spend 15 seconds in jail for every record lost.
That's 107 years.
Not in the wrong hands?
Bland assertions that the government "doesn't believe the data has fallen into the wrong hands" are utterly worthless. The fact is that the data is lost. They don't know WHO has it. The government either can't secure the data it has already (as here) or abuse it to gain additional revenue (as with selling census data to junk mailers). They expect us to trust them with the draconian National Identity Register and the ID card that accompanies it? I'd ask if they were mad if it weren't redundant to do so.
I wonder if the IT provider for the Child Benefit Systems will take the blame as it isn't one of the HMRC users who would be able to extract the data then lose it.
A government minister resign? You jest sir!
Yes Alistair Darling just happened to be in charge of the financial system during the worst bank run in a century and a bit, and yes he was involved in regulating the banking system, and yes he might have been involved in running the Revenue during this fiasco, and yes he knew more than a week ago and did nothing to inform the public, and yes as a Parliamentarian he should know the provisions of the DPA he helped create, and yes he's ludicrously well paid with fringe benefits to his fringe benefits - but does that mean he's meant to be responsible?
Why should Darling resign
surely it should be the person who oversaw the merger etc - i.e. Brown
If you have done nothing wrong
Then all you have to fear is incompetence in the Government bureaucracy – imagine if the data has be from the ID card scheme (well except it would be 80% wrong, but that is another reason to fear it)
Your Data is Safe With Us
Bring on ID Cards! Nothing to fear!
BIG cock up
Password protected was the words Darling used, no mention of encryption. Disks sent with TNT but NOT recorded or registered!!!! But this was done by a junior official and against HMRC best practice. Darling has admitted a probable breach of DPA, too dam right!
Heads really need to roll at HRMC this isn’t the first time.
More importantly, if bank details have been compromised and money has been fraudulently taken from folks bank accounts who is liable for that money?
For the want of a nail the kingdom was lost
According to Alistair (Oh!) Darling, the CDs were sent by TNT, unregistered, unrecorded.
If they'd used Royal Mail it'd have cost an extra 94p for recorded, signed-for delivery.
believe nothing until it is officially denied
So now, Darling, exactly where are these "not the wrong hands" into which the agency data has fallen, and how much do they want for it's guaranteed unmolested return. Be honest now, Darling, unless you know where the data (and all subsequent copies) have gone and can confirm that every external trace of that information has been destroyed then it is nothing short of a bare-faced lie to say anything other than, "the data is LOST" and by definition, "all of the information contained therein is AT RISK", not least of all from the incompetent manager who ran the system within which this delicate information could become lost, don't you think, Darling?
How can you justify the claim that losing the birth records and account details of over 15000 financially vulnerable individuals constitutes anything other than a completely unacceptable collapse of the very last pathetic vestiges of competence within our grotesque parody of a politically sound and democratic governing structure, Darling?, Brown?, B-Liar?
Maybe we need a shiny "Flaming Scientist" icon for me and a small steamy brown one for "political comment.
From the talk of unencrypted and "Password Protected" it sounds like some muppet at HMRC used a password protected zip file.
..the 10 percent of complaints about police to Independent Police Complaints Commission. That does leave 90 percent 'lost' although I dare say those records of complainants are kept more securely?
Nothing to hide, nothing to fear
Hopefully this cock-up will make a few of the "Nothing to fear, nothing to hide" ID card sheep change their minds......
On the other hand, sheep aren't known for their intelligence and independent thinking.
25m records now
Does that mean one record per family, which must equate to practically every family in the country!
This 'government' is not fit for purpose >-|
for a while there I was worried that immigrants were taking over England. Now I realise it's the retirees from the Ealing Comedies. I feel much better.
Interesting question Dave!!
Most people assume that they will have any funds fraudulently removed from their account returned. This is the situation in a majority of cases however how much longer will the banks put up with this loss from their bottom line? Not long in the case of TK Max. El Reg reported that a number of banks have taken the retailer to court as the losses and costs associated with the breach and clearing up of the untidy mess are an incumberence upon the banks. They rightly are asking the question "why should we carry the cost?". However the skeptics out there may very well ask the question whether the banks carry the burden of this security breach ultimately or whether the banks customers do through higher charges!!
People just don't understand how the government works. Gordon Brown presided over, amongst other cock-ups, the horrific Child Tax Credit fiasco in which he failed to realise that if you give a poor person money, they'll spend it, not to mention ladling yet more taxes on the public just as Eastern European countries are preparing to overtake us economically by lowering and simplifying their tax systems. His reward was to become Prime Minister.
By this logic, Darling is well on the way to being made King of the Universe.
Is this a new loss of data on CD...
...or the fallout from the one reported a couple of weeks ago, which was, IIRC HMRC -> [some Building Society - Nationwide?
I don't understand the whole "the heads at the top must roll" attitude. How is it the chairmans or chancellor's fault that staff can't follow the rules? The only thing I can see they are guilty of is not providing the organisation with the right tools and an understanding of the impact of not following the rules.
Whilst this is a major cluster f**k, this was some run-of-the-mill junior official who can't think outside their own little world. It was sent through the "internal" post (according to reports) which most staff in organisations like this believe is secure. It was against the rules to send data like this. The minion decided (either because they didn't give a crap or that they just needed to get the job done), to send the CD's contrary to the regulations. Of course, they may not have even known about the rules as staff handbooks in place like this a crazy.
If HMRC is anything like the other government departments I have experienced, they probably have no facility at user level to encrypt files. Many places used to have a WinZip client when they were running Windows 2000, allowing at least a basic level of encryption. Now that most organisations have moved to XP, they just include the "Send to compressed (zipped) folder" option built into the OS which has no facility for setting encryption.
Plus there is no (that I know of) cross government file share that a gig or so of data could be shared over. Thus insecure CD's sent through the "internal" mail system.
Stupid it was but easy to understand happening when a low level person is asked by a manager to do a job without the right tools or knowledge.
Resignation? Surely not!
Look... it only happened once, therefore it is not a systemic failure ---- so where's the need to resign?
Or could it be there is actually more integrity in our Inland Revenue than in our Met police force?
Has anyone considered the more sinister interpretation of these events, i.e. that the junior employee is actually a member of an organised crime gang? Maybe he/she got that job specifically to steal as much personal and bank information as possible? Has anyone checked his house for the CDs?
re: Hang on
I have no problem with the low level person making a mistake - what is frightening is that low level person had access to all of this data in such a way they could do this job they were unqualified to do - that to me is a major failing in management, which is why heads need to roll
So unlike his spineless masters - the head resigned to stem the blood demand that would be sweeping the papers tomorrow, though lets hope that the papers go after the masters
So, which bank/building society is going to be the first to offer to change the account numbers and issue new cheque books + cards for all affected customers to prevent money being lifted from these (potentially) compromised accounts?
Useless - utterly useless
If this government were run like a company then there would have been a vote of no confidence suggested, passed and rubber stamped by the shareholders ie us poor sods.
Whitehall would be littered with jobless beaurocrats, my only fear is that all these jobsworths would infect other organisations :-(
...of Darling falling on his sword are this: 0. Firstly he's a politician and therefore a lying, spineless twonk until proven otherwise (cue ironic laughter) and secondly he can point to the fact that HMRC is a non-ministerial department and therefore it cannot possibly be anything to do with him personally.
The fact that he looks like a badger may bring hope should They carry out their proposed cull, but that's the only way we'll get rid of him before the next reshuffle.
"how much longer will the banks put up with this loss"
It's OK, the Treasury will bail them out, with money from the taxpayer. Er, hang on...
- Review Reg man looks through a Glass, darkly: Google's toy ploy or killer tech specs?
- MEN WANTED to satisfy town full of yearning BRAZILIAN HOTNESS
- +Comment 'Stop dissing Google or quit': OK, I quit, says Code Club co-founder
- Nokia: Read our Maps, Samsung – we're HERE for the Gear
- Apple tried to get a ban on Galaxy, judge said: NO, NO, NO