back to article UK official LOSES Mark Duggan shooting discs IN THE POST

Discs containing information from three sensitive police inquiries – two of which involved‪ highly controversial shootings in London, including that of Mark Duggan – ‬have gone missing after being sent through the post. Yeah, you read that right: sent through the post. The information covers probes into the role of the police …

  1. Shell
    Flame

    Pants on fire.

    "The government takes information security extremely seriously". Enough said really,

    1. SolidSquid

      Re: Pants on fire.

      Well they do! They absolutely want to undermine it as much as possible, how else can they listen in on everything and stop the terrorists from winning?

    2. cortland

      Re: Pants on fire.

      Yes; Three Y's Men.

  2. Anonymous Coward
    Anonymous Coward

    Faith in humanity, I've heard of it.

    This comes to light at the same time as the abuse victims' details being "accidentally" leaked on the Commons website?

    I feel I must clarify that I do not respect Russell Brand before I quote him that incompetence on this scale is indistinguishable from malice.

    1. Anonymous Coward
      Anonymous Coward

      Re: Faith in humanity, I've heard of it.

      > I quote him that incompetence on this scale is indistinguishable from malice.

      It's not his quote; that's Grey's law (which itself is another way of stating Hanlon's razor).

      1. Anonymous Coward
        Anonymous Coward

        Re: Faith in humanity, I've heard of it.

        Thankyou. I will never need any Russell Brand quotes ever again.

    2. TitterYeNot

      Re: Faith in humanity, I've heard of it.

      "incompetence on this scale is indistinguishable from malice"

      Ironically, an accurate statement for Russell Brand, the man who is unaware that verbal flatulance on his scale is indistinguishable from utter bullshit...

  3. Chris King Silver badge

    UKgov response...

    "Backups - we've heard of them"

    1. Anonymous Coward
      Anonymous Coward

      Re: "Backups - we've heard of them"

      Well quite.

      The article does not appear to clarify whether the loss of the disc does or does not mean the loss of the information which had been copied (maybe there's a hint there) on to the disc.

      Which is odd, to say the least.

  4. Cronus
    Unhappy

    It's sad but...

    I'd like to think they were encrypted and not the only copies but I know what these civil servant types are like. No doubt somewhere out there is a postman who now knows things he shouldn't.

    1. Anonymous Coward
      Anonymous Coward

      Re: It's sad but...

      we've had everything from CD's to mothercare vouchers stolen whilst in the post (yes, post office, when I get the recorded envelope through the letter box without signing and missing contents it's been stolen).

      They look for certain envelope types and stuff, it's big business and computer CD's may contain useable details and sell for lots to the 419 rings, boiler rooms etc.

      So don't think they were not targeted for being media that may contain, not for their actual contant.

      Maybe now some scammers are demanding money to not release the details of the shooter?

  5. moiety

    Would these be the same guys who reckon that the UK population are -collectively- not responsible enough to be trusted with encryption of their own damn data?

  6. Gordon 10 Silver badge

    How long?

    Before some muppets does this with Care.data records?

    And they wonder why we don't trust them with it.

    1. Yet Another Anonymous coward Silver badge

      Re: How long?

      No need, they will be shared with various commercial partners in lots of countries with no data protection laws - so no need to lose copies at all.

  7. Gordon 10 Silver badge
    Joke

    Follow proper procedure

    Did the muppets who did this not get the memo about uploading all confidential data to Dropbox?

    Joke - but the clock is ticking until it happens.

    1. Anonymous Coward 101

      Re: Follow proper procedure

      If suitably encrypted, files sent through Dropbox are fine. If unsuitably unencrypted, files through the post are unfine.

    2. Doctor Syntax Silver badge

      Re: Follow proper procedure

      "Joke - but the clock is ticking until it happens."

      What made you say "until"?

    3. 0laf Silver badge

      Re: Follow proper procedure

      Upload all your stuff to Dropbox or the Google Cloud? That'll be GDS then.

      https://www.gov.uk/government/publications/digital-skills-in-the-civil-service/an-introductory-guide-to-open-internet-tools-for-civil-servants

      It's ok though everything is OFFICIAL

      1. Hans 1 Silver badge

        Re: Follow proper procedure

        Dropbx/Google cloud ? Is that not their backup strategy ? I mean, they can always ask 5 eyes for the data.

        The MOJ is against encryption, as is the PM, so why would they use it ?

        Backups ? ROFL

  8. JimmyPage Silver badge
    WTF?

    They CANNOT be the only copies

    and they were encrypted to GCHQ approved standards

    the mind boggles.

    Just WTF are we paying for with all these government IT contracts.

    In a way I *do* hope something bad happens as a result. It might just wake someone somewhere up.

    By the way, my choice of icon is deliberate. This is in no way a "fail". It's sheer WTF all the way.

    1. Brewster's Angle Grinder Silver badge

      Re: They CANNOT be the only copies

      "and they were encrypted to GCHQ approved standards"

      Yeah, "plaintext". (Or rot13, if you have a warrant from a judge.)

      1. Anonymous Coward
        Anonymous Coward

        Re: They CANNOT be the only copies

        "Yeah, "plaintext"."

        Or rot26, to use the proper technical terminology.

  9. Anonymous Coward
    Anonymous Coward

    Now let me guess

    The one person who has been suspended is low down the payscale but apparently wrote the data protection policy for everyone? I just can't see how it is one persons wrap.

    "I had access to all this super sensitive information, so I copied it off to some disks and nipped down the post office, was that wrong? oh sorry."

    Meanwhile phrases like "take some time off, keep your head down" were muttered around bosses offices.

    I'm off to buy me some shares in a paint firm, whitewash specialists.

    1. Christine Munro

      Re: Now let me guess

      "The one person who has been suspended is low down the payscale but apparently wrote the data protection policy for everyone? I just can't see how it is one persons wrap."

      Yeah, I had that one when Oxford's John Radcliffe Hospital* emailed me the (frankly appalling) response to another patient's complaint in entirely unnecessary detail and presumably did likewise with mine.

      When I contacted them, they assured me that the nameless person who sent the email was no longer working for them. Though given that they didn't name them, didn't say why they were supposedly no longer working there and made no reference to confidential medical information being sent using standard plaintext email, in contravention of their working practises, and by people probably not authorised to do so, I don't feel a great deal of confidence as a result of their response.

      I did try reporting it to the ICO, who were utterly useless, which is probably why this sort of thing keeps happening and is going to keep happening.

      * who are apparently already following an "undertaking" because of previous carelessness with personal information. I'm sure they're quaking in their boots.

      1. Hans 1 Silver badge
        Coffee/keyboard

        Re: Now let me guess

        >When I contacted them, they assured me that the nameless person who sent the email was no longer working for them. Though given that they didn't name them, didn't say why they were supposedly no longer working there and made no reference to confidential medical information being sent using standard plaintext email, in contravention of their working practises, and by people probably not authorised to do so, I don't feel a great deal of confidence as a result of their response.

        Indeed they upgraded the server hardware of the mail-response system that was not thread safe - so indeed "another person".

  10. Goldmember
    Facepalm

    FFS...

    ... Not this again. And still using DISCS IN THE POST to send sensitive info? The ICO should issue the maximum fine for a data breach for that act alone, plus a fine for each case.

    I really hope the discs were encrypted, but gov agencies have form for not doing so. And if not, then another maximum fine should be issued for each disk that failed to have this in place.

    1. Twilight Turtle

      Re: And still using DISCS IN THE POST

      It's worth pointing out that, in the UKGov handling guide for protectively marked materials, Royal Mail Special Delivery is specifically mentioned as a permissible transmission channel for everything up to Top Secret.

      1. Primus Secundus Tertius Silver badge

        Re: And still using DISCS IN THE POST

        Yes, indeed.

        An inconspicuous outer envelope contains an inner envelope marked SECRET. That will keep the hoi polloi at bay.

      2. Doctor Syntax Silver badge

        Re: And still using DISCS IN THE POST

        "Royal Mail Special Delivery is specifically mentioned as a permissible transmission channel for everything up to Top Secret"

        In this case we don't know the marking nor whether it was Special Delivery. For all we know they were sent 2nd class in which case they might be delivered tomorrow.

        1. Twilight Turtle

          Re: And still using DISCS IN THE POST

          True, it was more a case of puzzlement on my part at the (apparent) outrage of sensitive disks being sent in the post at all.

          1. Stuart 22

            Re: And still using DISCS IN THE POST

            "True, it was more a case of puzzlement on my part at the (apparent) outrage of sensitive disks being sent in the post at all."

            The only way to ensure the data was not eavesdropped by GCHQ. Little did they know all posties belong to them too.

      3. theblackhand

        Re: And still using DISCS IN THE POST

        "Royal Mail Special Delivery is specifically mentioned as a permissible transmission channel for everything up to Top Secret"

        Or, to translate for Police and associated staff:

        Royal Mail Special Delivery is specifically mentioned as a permissible transmission channel for everything up to Top Secret. To use this service, shred all information and send an empty envelope to the recipient. In the off chance this is not "lost" by Royal Mail or consciencous Police staff, when the recipient recieves the empty envelope and contacts you advise them the contents have been stolen.

      4. Pen-y-gors Silver badge

        Re: And still using DISCS IN THE POST

        If the data on the discs is securely encrypted, and the outer envelope doesn't say "TOP SECRET" or anything (and the passkey for the decrypt isn't written on the discs of course) the Post is very secure - and at least NSA and GCHQ can't intercept it!

        1. Hans 1 Silver badge
          Facepalm

          Re: And still using DISCS IN THE POST

          > and at least NSA and GCHQ can't intercept it!

          They already have said data!

      5. Graham Marsden
        Thumb Down

        Special Delivery??? - Re: And still using DISCS IN THE POST

        > Royal Mail Special Delivery is specifically mentioned as a permissible transmission channel for everything up to Top Secret.

        Which isn't as Special as you might think.

        I sent a delivery of custom-made items to a long-time customer whom I know and trust. A little while later he contacted me saying that he hadn't received the items.

        Checking with Royal Mail, they said "well they were signed for and the GPS location was at his address, so as far as we're concerned, he's got them" despite the fact that a) he lives alone and b) it wasn't his signature, nor was anyone else there or authorised to sign for them.

        Their response "we asked the Postman and he said he'd delivered them, so that's that, screw you, you're not getting any compensation..."

        1. Pookietoo

          Re: he said he'd delivered them

          Did your chap check his wheelie bins, shed and back garden? Those seem to be favourite places when the postie can't be arsed to take something back to base or try again later.

    2. Doctor Syntax Silver badge

      Re: FFS...

      "ICO should issue the maximum fine for a data breach"

      It would make no difference in this case as fines just go to HMG. Now a fine to be paid personally and not reimbursable by the depts. Perm Sec or minister. That might have some effect. For one thing it would be made clear all the way down the chain that this would be a sacking offence.

    3. Bob Wheeler
      Stop

      Re: FFS...

      The only problem with the ICO handing out the maximum fine to the MoJ is that it's not their money, it's tax payer money moving from one piggy bank to another.

      If you really want to get prople's attention, it's the prospect of JAIL TIME, not a FINE that will make the muppets wake up (I hope)

    4. Anonymous Coward
      Anonymous Coward

      Re: FFS...

      "still using DISCS IN THE POST to send sensitive info?"

      Why not?

      Using the post seems to have a certain amount of plausible deniability with the politicos, when inconvenient information conveniently goes missing.

      As others have noted, the politicos are so ignorant that they typically get away with not asking about backups and the like,

    5. Anonymous Coward
      Anonymous Coward

      Re: FFS...

      The ICO should issue the maximum fine for a data breach for that act alone, plus a fine for each case.

      That will have absolutely zero effect - they will be paying that with your tax money anyway so all you do is sponsor some lawyers and accountants to ship some money around.

      I think this is really enquiry level stuff as it keeps happening - clearly something is fundamentally wrong there and it is time someone start digging deep enough that people start paying attention. This is not some expenses for a duck house - it's on an entirely higher scale altogether, also because that just happens to contain data from an extremely sensitive investigation. Call me cynical, but I have long stopped believing in accidents.

      PNN and GSI have been around for some 15 years or so - don't try to tell me they have as yet to develop a way to securely transport data of that level of sensitivity, because then I want to know how it is possible that Youth Justice cases (read: concerning minors) ARE going via email.

      It's time to stop the excuses - it's all too easy to say, "oops, silly me again". Until there is some personal accountability introduced this is not going to improve, and an enquiry will at least start to heat up some rear ends.

  11. LucreLout Silver badge
    FAIL

    Lessons will not be learned

    I can confidently predict that absolutely nothing of consequence will happen to anyone in regard to this loss. If, and let us not prejudge the quality of the coverup before it is completed, the data was not encrypted then people must be sacked and told to find careers outside of the public sector.

    If the public sector cannot be trusted with the data they demand from us, and all evidence available shows that they cannot, and they are unwilling to take professional responsibility for their lack of basic competence, then we must enshrine in law a new criminal offence. Losses of sensitive data should ordinarily result in convictions and jail time. We are, after all, compelled to provide this data, so it's not like we can simply use another provider.

  12. JimmyPage Silver badge
    Stop

    What happens to things that are "lost in the post" ?

    Since matter can't just vanish into thin air, they must be *somewhere*.

    1) damaged in transit - presumably the royal mail have procedures for items like this

    2) stolen by employee[1] - although unless it looked like it had money in it, not likely

    3) wrongly delivered - worrying if there was no tracking

    4) somehow in the wrong part of "the system" - a thorough search should locate them

    5) stolen by employee [2] - deliberately targeted. Raises more questions than it answers

    6) we are of course assuming they made it to the postbox ....

    However, there is a certain life-affirming feeling knowing that Royal Mail can cock it up for the great and glorious as well as for the little guy.

    I wonder how long the MoJ had to spend on the phone ?

    1. Yet Another Anonymous coward Silver badge

      Re: What happens to things that are "lost in the post" ?

      7, Thrown in a skip because the person still has a bunch of mail to deal with and it's nearly tea time.

      1. TheRealRoland

        Re: What happens to things that are "lost in the post" ?

        Maybe this all ends up in that place where my other sock is hiding?

        1. DocJames

          Re: What happens to things that are "lost in the post" ?

          They escape to live with the biros

  13. Down not across Silver badge

    Covering their own backsides

    Police and other agencies have undertaken their own risk assessment, and have identified and taken any steps necessary to ensure the protection of officers.

    That's ok then. Never mind if disclosure of any of the data might be harmful to a civilian.

  14. David Pollard

    Perjury in the Lynette White case

    For some reason this case comes to mind. A large number of police had been charged with conspiracy to pervert the course of justice, three innocent men having been convicted for murder on the basis of false evidence. Then some files were lost and the prosecution case collapsed. A while later the missing files were mysteriously discovered.

    https://en.wikipedia.org/wiki/Murder_of_Lynette_White

    1. Pookietoo

      Re: A while later the missing files were mysteriously discovered.

      And found not to contain evidence that would likely have led to a successful prosecution.

      1. David Pollard

        Re: A while later the missing files were mysteriously discovered.

        The supposed loss of the files, which the defence claimed were relevant, had nevertheless been the reason why the trial collapsed.

    2. David Pollard

      Re: Perjury in Lynette White case

      It now (10th Feb 2015) looks as though there is to be a QC-led official enquiry into the failings in this case:

      http://www.bbc.co.uk/news/uk-wales-31352065

  15. wyatt

    Has the UK official posting via an approved method of transport lost them or the carrier? I'd say the carrier.. 'IF' the official did everything correct and they're encrypted then there's no problem is there? Suspensions can be stated but do they actually happen and for the reason that is reported?

    1. Anonymous Coward
      Anonymous Coward

      "'IF' the official did everything correct and they're encrypted then there's no problem is there?"

      Lets, think..... YES. FFS YYYEEESSSSSSS THERE IS SOMETHING FUCKING WRONG!

      If the individual has followed an approved protocol, they may be in the clear. But for the MoJ, pointing to the post office and saying "they lost it" is no excuse. They had the fucking data, they've lost it. Doesn't matter if they gave it to a tramp, to a motorbike courier, a postman, or a passing tinker, the wankers of the MoJ have pissed confidential data into the ether. I wouldn't trust donkey post for confidential material, why should the clowns at MoJ?

      What's wrong with encryption and electronic transmission? The whole idea of taking digital data, burning to optical, and sticking in a post box is imbecilic for any organisational data, but there's a further implication about data security here, and that is that flunkies at the MoJ have the facility to export large volumes of data (which shouldn't be possible) and evidently without any effective audit and control (which is unforgivable).

      Head should roll, and they shouyld be at the very least the head of IT for the MoJ, the head of IT security at MoJ, and whoever authorised the sending of this data by post. Of course, that won;t happen, and they'll continue to accrue an over-generous pension despite their incompetence.

      1. Stratman

        Heads may well roll, sadly they'll be deputy heads.

    2. Dan 55 Silver badge

      Encrypted with the password which was sent in the accompanying covering letter?

      I bet it's happened.

      1. Anonymous Coward
        Anonymous Coward

        I bet it's happened

        When working at the MOD for an outsourcer, I received update disks from another site regularly, password written on the disk and the disk marked

        "write only the internal item code, no detail" on the stickers

  16. John Savard Silver badge

    Puzzled

    Looking up the case, I found that Mark Duggan was in possession of an unauthorized firearm, and that he was believed to be a member of an organized crime gang. Given that, why would his death be politically sensitive, or, indeed, a concern to anyone except perhaps his immediate relatives? Isn't the whole country at war with drug dealers and the like?

    1. JimmyPage Silver badge
      Thumb Down

      Re: Puzzled

      We don't have capital punishment in the UK. The police can't go around executing people they suspect of anything.

      The Duggan case raised enough serious doubts about the police conduct to be *very* wary of believing their truth of the matter. Something these disks might actually demonstrate - especially if it has *all* the police testimony there. Before it was "adjusted".

    2. moiety

      Re: Puzzled

      Allegedly in possession of a firearm. There's a couple of witnesses say that the gun appeared afterwards and the taxi driver said he had a phone in his hand.

      Yeah, he looked pretty thuggy on Facebook; but that isn't normally an automatic death sentence (anyway he was a drummer and I think it's a job requirement to look at least a little sketchy). There are major discrepancies between witness statements and several versions of police statements and there's a lot of speculation on the web; but not too much in the way of hard facts.

      Whether he was genuinely a gang-banger or whether the police involved are backpedalling frantically to cover up their mistakes is open to speculation without facts...if the latter then the facts could be politically sensitive, if not incendiary.

      Us Brits tend to frown on executing people for being brown...that's more America's thing. If someone is executed then we want to know that there's a bloody good reason for doing so. With proof.

    3. Loud Speaker

      Re: Puzzled

      His death was politically sensitive, because at the time of his death, a lot of people in the area thought criminal gang members more trustworthy than the local police.

      Many people think that the "unauthorised firearm" was planted, and the witness statements make this entirely plausible.

      Some people rioted because nothing was being done about crimes committed by the police which they had personally witnessed. Others were just out for what they could get. See other websites for comments on the police failing to investigate their own crimes.

      I do not recall anyone suggesting Duggan was an innocent bystander, only that the police were expected to be of a higher standard, and did not appear to be.

  17. Calleb III

    Do you smell what The Rock is cooking?

    I smell an impending Goverment IT project to provide an increased sensitive information security, for the bargain price of £1bn

    1. Anonymous Coward
      Anonymous Coward

      Re: Do you smell what The Rock is cooking?

      That'll be the PSN then

  18. manchesterj

    A bit of a comment on the state of IT systems in that part of the civil service really and I guess the training/awareness of the staff (that it went by post in the first place). Although to be fair when I had to send data to the DTI for the company I worked for there was a secure repository where I could drop of the files - which worked really well and that was about 12 years ago. I guess if you could start from scratch..... some company would make a huge profit and the project would fail....

  19. IHateWearingATie

    Hmmmm

    1. Central gov employs hundreds of thousands of people, and deals with sensitive information all day every day. The likelyhood of a complete muppet doing this is pretty high. That does not mean that everyone in Gov is an idiot.

    2. From my experience, private sector organisations are just as bad. Came across an example recently that made my mind boggle, but you'll never read about it in the paper as the company will never tell anyone and it wasn't personal data or anything covered by the data protection act so it is not obligated to tell. Stupid things government does ALWAYS ends up in the paper

    3. Don't have enough information from the story, but posting a disk encrypted with very strong encryption may be appropriate given the outcome of the risk assessment. The headline might be fun, but actually it could be a non-story (but that doesn't sell papers or get unique vistors). Use the right encryption software and the disks will be nothing but coasters to anyone who doesn't have the NSA's encryption munching capabilities (maybe not even them depending on what they used to encrypt it).

    1. JimmyPage Silver badge
      Coat

      Re: Hmmmm

      Downvoted because it's irrelevant what private companies get up to. At the end of the day they are just that. Private companies. You can choose to do business with them or not.

      Data held by the state is obtained under duress. Don't provide it - go to jail. Which is why it's imperative the state demonstrates it takes great care of this data.

      Your tax money is the same. Obtained from you under duress. And look how carefully the government look after that. They would never lose that in the Royal Mail. (Although they may lose it in a Royal Mail sale).

      1. The_Idiot

        Re: Hmmmm

        "Downvoted because it's irrelevant what private companies get up to. At the end of the day they are just that. Private companies. You can choose to do business with them or not."

        Lord Jimmy, with respect, I must disagree (not that my agreement or otherwise need have any merit or value). These days, whether from existing service contracts (third party or sub-contracted service delivery), or simply by transfer of negotiable currency, private sector organisations may have or be able to gain access to Government data. The same data you comment as being obtained under duress.

        As a result, in cases where that is so, _I_ do _not_ have a choice as to whether to do business with them or not. I do business with them whether I choose to or not. yes, at one remove, but it's still my data, whether it be (now or in the future) health care, my driving record or any other, including tax activity, potential criminal past or any other form of 'Bad Person' check data.

        I therefore, personally and without prejudice or assumption as to any other point of view, have to support the use of Private Sector practices as a valid supporting example of why the world is generally going to heck in a bloody handcart - and not _just_ when dealing with Guv'Mint.

        Of course, I'm an Idiot - so I'm probably talking nonsense :-).

    2. Doctor Syntax Silver badge

      Re: Hmmmm

      "Don't have enough information from the story, but posting a disk encrypted with very strong encryption may be appropriate"

      We've not been told the data was encrypted. I'd have thought that if it was they'd have been falling all over themselves to reassure us. So...

  20. Crazy Operations Guy Silver badge

    "The discs were password-protected but unencrypted"

    What? Are you telling me that the data was in plain text? And how does the password come into play?

    1. Fred Flintstone Gold badge

      Re: "The discs were password-protected but unencrypted"

      "The discs were password-protected but unencrypted"

      What? Are you telling me that the data was in plain text? And how does the password come into play?

      Maybe it's along the idea of the Irish virus? The first line of the data has a line that says "the password is xxx. If that is not the password you were thinking off, please do not continue."

      I mean, there is no other way to interpret this, other than that the spokesperson has no clue and is committing the cardinal media management sin of making assumptions when talking to the press.

    2. Hans 1 Silver badge

      Re: "The discs were password-protected but unencrypted"

      >What? Are you telling me that the data was in plain text? And how does the password come into play?

      The disc contained the data + autorun.inf which executes a Windows program on the disc that asks for a password, when no password/incorrect password is provided, the disc is unmounted ... turn off autorun and "All Your Data is Belong to US".

      Must be something like that - it has to pass Microsoft Certified Windows/Surface Security Experts auditing practices.

  21. Anonymous Coward
    Anonymous Coward

    Lessons

    will be learned, or have been learned, or are about to be learned etc..... They haven't had enough time yet for the PR dummy to come out with those words (or did I miss it?). I have had recent experience of the private sector "taking care" of my personal data. A pensions firm (based in Manchester( which handles my mother's widow's pension required sight of my power of attorney for her and would not accept a solicitor verified copy ( which was countersigned and verified on each and every page). So I toddled along to their Cardiff office with my original document- I was not willing to entrust it to the Xmas post, special delivery or no. So they had all this info on me, my brother, our certified witness and out two people to be informed etc., you get the idea... When I got home, I found that they had emailed this document in the clear to their Manchester office. How do I know? They had copied it to my email address, to "keep me informed of progress". Whilst I was working up a form of words to the ICO an envelope arrives in the post which informs me that the copy I had provided was not acceptable as it was only verified on the first page. I phoned up and informed them that the copy was theirs and I considered it unacceptable that they had sent it, unencrypted, via email. A few days later another letter arrives - carbon copy of the first, unacceptable etc... Flame on, phones up, demands to speak to arsehole in charge of section, did a mars attacks on him, informs him the ICO know about his organisation, told him whose copy it was and I would like an apology etc. Apology forthcoming, grave error, not how we normally do things etc.... Letter arrives, no need to do anything, accept document, fulsome apologies, bullshit etc. The problem is that these private sector people operate like this all the time, I only know how they handled my data because I was accidently copied into the emailing! How do we have oversight on how private companies handle this stuff?

    I can only suggest that the ICO develop a form of words that we can attach to any document to any company, public or private, that warns of legal action if they are found to have breached the conditions attached to our submission of our private data.

    Yours,

    severely pissed off,

    Someone whose data is already out there.

  22. Mark 85 Silver badge

    I'm a tad confused...

    Was this the ONLY copy of the data or not? My impression from this is that disks were burned and dropped into the mail. Then the original was wiped from whoever's HDD. And for what it's worth, whether the original was wiped or not, I would hope that the disks were encrypted, but like other things mentioned in the article, nothing is clear.

  23. Anonymous Coward
    Anonymous Coward

    disks or no disks

    surely they must have kept backup!

    ...

    snigger

  24. Anonymous Coward
    Anonymous Coward

    wanted to ask whether or not the data had been encrypted

    er... we'll get back to you on that one. Any other questions? No, thankyouverymuchthen.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019