Feeds

back to article ICO: Education ministry BROKE the Data Protection Act

The Department for Education broke the Data Protection Act after it exposed the email addresses, unencrypted passwords and sensitive answers of members of the public who filled in an online form about parental controls on the net, The Register can reveal. However - despite the breach - the Information Commissioner's Office has …

COMMENTS

This topic is closed for new posts.
Flame

This is precisely why the whole regulatory charade in this country needs replacing.

Its a complete farce ICO.. ASA... OFCOM.... Phonepayplus... all USELESS and not fit for purpose.

They may as well not exist. They are weak, ineffectual, inconsistent, in fcat they seem to be just window dressing to reassure the masses.

Scrap the lot and put proper regulators with real powers - and an inclination to use them - in place.

4
0
Facepalm

I would love to know the detail of the mistake they made. I'm willing to bet it was something so elementary as to be utterly unreportable.

0
0
Bronze badge
FAIL

Someone really should have been fired for that, or at least properly punished (demotion, suspension, whatever). Remind me again how tolerant the government is when we in the real world break their rules?

Moreover, why on earth was the *Education* department trying to butt in on telecomms regulation in the first place? Presumably because the people who know what they're doing are at least bright enough not to swallow Perry's half-baked crock plans for censorship-by-default under the lie that this is "opt-in", so she had to shop around for another department incompetent enough to try...

4
0
Silver badge
Thumb Down

"...limited amount of personal information being compromised"

Well they might have a point, I suppose, in relation to the contact details provided, but the breach was far more serious than that.

This problem potentially revealed confidential submissions (assuming that confidentiality was requested) and, depending on the nature of those submissions, they may have been particularly sensitive.

Worst for me, though, was the fact that people's submissions may have been edited by others (as I unfortunately did) and so their names may have gone against views that they did not hold.

It was an appalling error that really warrants serious censure, even if the ICO aren't up for it.

3
0
Mushroom

Building web pages for crisp packets

If its anything like a typical Gov IT 'Project', here's how it went:

Gov IT person to (incumbent) IT Services Supplier "hey, we want to do this, we'd like you to go away and, free-of-charge, come up with a project to deliver a web survey".

IT Supplier Account Manager(s) "quick, grab anyone around who may have 5 minutes free to knock up a shiny architecture pic & a Power Point - but don't take any time as you can't charge for it and don't bring in additional resources as...we can't pay for it".

10 days later...

Gov IT Person to Suppliers "hmm. Your all rubbish but this option which costs 27p & a packet of crisps looks ok"

IT Supplier Account Manager (thinks) "Brilliant, I can show I'm farming my customer & winning new Biz, only trouble is the Price I agreed will pay for about 4 hours (shared) of a team of 4....hmm, better cut back on the Web Dev, as I don't have one as part of the Account team at the moment".

....10 weeks later...

IT supplier Account Manager "of course we had no budget to do the necessary software life cycle, least of all an integration/test cycle after all - you don't get much more than a hapless junior for 30 minutes for a packet of Salt & Vinegar Walkers these days y'know"

Gov IT Person "Crickey! Ah well, shut it down: that was our last 27p and that pack of crisps was from my own lunch box - we're buggered until the new FY now"

All: "Now, what do we tell the Public?"

Yup. Been there, done that, got the broken mouse (what, you think someone can afford to give out T-shirts?!)

0
0
Anonymous Coward

Re: Building web pages for crisp packets

Susprisingly accurate. I was in a department which wanted a new website designed, when it was delivered. It was not fit for use (a slow buggy mess). The department took the website and started hacking it themselves. IT in the government is truly awful and needs to change badly.

0
0
Anonymous Coward

One rule for them, one rule for the rest of us!

0
0
Headmaster

>One rule for them, one rule for the rest of us!<

Literally: Privilege = Private Law in old Latin.

http://en.wiktionary.org/wiki/privilege

0
0
WTF?

Wide concequences

Surely, given how many people reuse password, revealing both email addresses and passwords means that there is a good chance sensitive details have been made available indirectly or other serious harm could have occurred. If the password was for the email acount, or face book then you are almost certainly to find information on sexual orientation and quite possible religious views or health information.

0
0
Anonymous Coward

Lets see how this pans out

Rich Taxpayer funded quango department let off the hook by ICO so they keep their bonuses and foreign jollies

same week

Poor Taxpayer centric and under funded NHS department has to cancel operations and lose staff to balance books

Yes, the ICO is still working for the government good

0
0
This topic is closed for new posts.