back to article Brit housing association blabs 3,500 folks' sexual orientation, ethnicity in email blunder

A UK housing association blurted 3,500 people's sensitive personal data as part of a bungled "please update your contact details" email exercise, The Register has been told. Watford Community Housing (WCH) sent the email on the night of 23 March to people it thought were its tenants. The email included a spreadsheet with 3,544 …

  1. disgustedoftunbridgewells Silver badge

    Why do they need to know sexual orientation and ethnicity?

    I hope the answer isn't what I think it is going to be.

    1. katrinab Silver badge
      Unhappy

      Gay children are far more likely to be kicked out of the house by homophobic parents and therefore more in need of housing association services.

      1. AMBxx Silver badge

        Does the data include children? They're not likely to be tenants - the agreements would be in the parents' names.

        1. alain williams Silver badge

          Gay kids

          You are correct - only the tenant, others in the household are not mentioned in the spreadsheet.

          They still have not answered to tell me why they sent me a copy.

          1. Doctor Syntax Silver badge

            Re: Gay kids

            "why they sent me a copy."

            I'd guess it might have been more a matter of not being able to not send it.

        2. katrinab Silver badge

          They would become tenants if they present to the council as homeless as a result of being kicked out, and get offered a house.

      2. The Nazz Silver badge

        Really?

        This morning there was an article on the main BBC news website page*, detailing the precise opposite.

        Gay people, who because of the virus "had no choice"** but to live at home with their "homophobic" parents. Is "heterophobia" a thing, and how it seems acceptable to abuse their parents.

        * Not apparent 30 mins ago, don't know if its been moved or deleted.

        ** Everyone has a choice, could they not move in with their friends, even if platonically? It's a bit sad when they don't even have a friends couch to turn to.

    2. Anonymous Coward
      Anonymous Coward

      re: why

      I'll bite!

      I'm pretty certain it's so, if needs be, that can prove they're not [insert phobe de joir] in their housing policy by showing an excel pivot table.

      1. AMBxx Silver badge

        Re: re: why

        No different to employment data - they need evidence to prove they're being fair to all. That said, there are going to be questions about the quality of the data so whether it's useful or not is another matter.

        1. Irongut

          Re: re: why

          Ethnicity data should be anonymous. Any time I've been asked to fill in an ethnicity questionaire as an employee or applicant it has been a separate form with no name, NI or other identifying details on it. This should be no different and even if it were such data should not be stored in an unencrypted Excel spreadsheet then emailed to randos.

          1. IGotOut

            Re: re: why

            Usual for gender, sexuality and race there is a "prefer not to say" answer.

            1. Smooth Newt
              Go

              Re: re: why

              Usual for gender, sexuality and race there is a "prefer not to say" answer.

              "Prefer not to say" is a just a synonym for "Actually, I'd prefer not to have this job/service/home" as it will instantly mark you down as a likely member of the awkward squad. They are not supposed to use it against you, but what's to stop them?

              Fill it in as white British straight male/female, whatever you actually are, or as close to it as you plausibly can, unless the organization makes a huge deal of being highly something-tolerant - in which case be that.

              1. AMBxx Silver badge

                Re: re: why

                White, middle-aged, male, heterosexual Christian. I think I'll take my chances with 'prefer not to say'

                1. EnviableOne Silver badge

                  Re: re: why

                  which means they will tick - White, middle-aged, male, heterosexual Christian

                  as those are the only people that tick prefer not to say

      2. Doctor Syntax Silver badge

        Re: re: why

        "prove they're not [insert phobe de joir] in their housing policy"

        I can't help feeling that the best way not to discriminate is to not hold the data which would enable discrimination.

        1. moiety Silver badge

          Re: re: why

          Pretty bloody cheeky even asking. There is no reason whatsoever (apart from the aforementioned looking a bit politically correct) that a housing association needs to know where it's tenants put their genitals.

        2. Cav

          Re: re: why

          Then you'd be wrong. If you don't know the people you serve then how do you know whether you are discriminating against them, intentionally or otherwise? Then, of course, you can also answer accusations of discrimination such as "You don't house gay black women" with "Well actually...".

  2. lglethal Silver badge
    Go

    You have to wonder...

    why do they have some of this info in the first place? And why do they still need it? I mean sexual orientation? What has that to do with getting you into community housing? I cant think of a single reason why you would need that.

    It sounds like the data controllers over at WCH are suffering from data hoarder syndrome. Remember folks - Just because you might get some info does not mean you need to collect it or keep it...

    1. Anonymous Coward Silver badge
      Facepalm

      Re: You have to wonder...

      You have two flats available. And two families needing them.

      One family has a homosexual child and is of an ethnic minority.

      One flat is next to a known violent homophobic racist, the other is next to civil people.

      Which family would you put in which flat?

      1. IGotOut

        Re: You have to wonder...

        That's easy. Get the homophobic racist evicted. Problem solved.

        1. Smooth Newt
          Stop

          Re: You have to wonder...

          That's easy. Get the homophobic racist evicted. Problem solved.

          Everything is easy for those who don't have to do it.

          On what grounds could you evict them? "Homophobic racist" isn't a reason a landlord can present to a court. A sizable proportion of the population would be on the streets if it were.

      2. Blazde

        Re: You have to wonder...

        They'll be needing an 'Are you a violent homophobic racist? Y/N' question then!

        There are various legal requirements for public bodies to do equality and diversity Impact Assessments. In my experience it's always emphasised that answering the deeply personal questions is optional, so preferably anyone with 'closet status' sexuality or religion doesn't blab it, but that's probably not the case.

        1. cantankerous swineherd Silver badge

          Re: You have to wonder...

          problem is the muslims proudly say muslim, most other people stay schtum so these orgs end up with a handy list of Muslims. what could possibly go wrong?

      3. werdsmith Silver badge

        Re: You have to wonder...

        I don't think there are any data collection questions asking if you are a violent homophobic racist.

        1. Fonant

          Re: You have to wonder...

          Reminds me of the USA landing card, with the question "Are you planning to commit a terrorist act while in the USA?" with a helpful footnote that answering "yes" would result in you not being admitted into the country.

          1. cantankerous swineherd Silver badge

            Re: You have to wonder...

            was it Peter Ustinov who replied "sole purpose of visit"?

            1. Benson's Cycle

              Re: You have to wonder...

              No, it was Gilbert Harding.

              I believe the original question was "Do you intend to overthrow the government of the United States?" The idea was that overthrowing the government was quitelegal, but lying on an immigration form could get you into trouble.

              They let Harding in, and that was why (after he revealed it) the form was amended.

              It is a bit like Alan Turing filling in the form to apply for the Home Guard and, as it said that by signing the form you put yourself under military discipline, he didn't sign it. Nobody noticed till he announced he was leaving.

              1. Doctor Syntax Silver badge

                Re: You have to wonder...

                "No, it was Gilbert Harding."

                The version I heard was Oscar Wilde. However there are probably quite a few people who would have done it.

          2. Anonymous Coward
            Anonymous Coward

            Re: You have to wonder...

            And yet Mr Adams had no problem getting into the USA...

        2. Nick Ryan Silver badge

          Re: You have to wonder...

          I don't think there are any data collection questions asking if you are a violent homophobic racist.

          That comes under political affiliation now. Are you a member of "new-conservatives", "brexit party" or "britain first"?

    2. lglethal Silver badge

      Re: You have to wonder...

      I was actually going to make a joke there about there needing to be an "Are you homophobic?" column, or an "are you racist" column?

      But figured that would be just being stupid. But there you go first reply, someone stating thats the reason. *shakes head*

      Tell me then good Sir, how do you know in one flat you have a homophobic racist and in another you have "civil people"? Do tell, in which column is that in the tables? How was that info collected?

      1. Rich 11 Silver badge

        Re: You have to wonder...

        How was that info collected?

        By the police tipping the council off that they've had to issue a warning to the homophobic racist and that anyone reporting a further problem to the council regarding that tenant should be directed straight to the police re. this case number.

      2. Anonymous Coward Silver badge
        Facepalm

        Re: You have to wonder...

        It's amazing to think that there are instances where people know things which aren't recorded in an excel spreadsheet. Even council workers can occasionally achieve such a feat.

    3. Cav

      Re: You have to wonder...

      Too prove non-discrimination and ensure that you aren't unintentionally discriminating against any particular group. It really isn't that difficult to understand.

  3. Chris G Silver badge

    Why?

    Is it essential to know an individual's ethnicity, religion, sexual orientation or even blood group in order to house them.

    Simply being an individual or family in need of a home should be enough, obviously then a housing association may need to check financial and criminal backgrounds but the above, why?

    1. Anonymous Coward
      Anonymous Coward

      Re: Why?

      When Bristol council wanted to introduce a residents parking scheme in our area the paperwork that they made available outlining the proposals included seperate 2-3 page "impact assesments" on how the proposal would affect women, enthnic minorities, LGBTetc people, elderly, children, and other groups as they had to demonstrate that they'd considered the implications of equalities legislation as otherwise they'd be open to judicial review (as was case of Heathrow 3rd runway where court ruled that until they added info to demonstrate it was within the climate law that couldn't procede). So HA's doubtless collect all this info so that if someone challenges a decision on the basis that they "don't house anyone from xxxx minority" they'll have the evidence to show that they do.

      1. rmv

        Re: Why?

        Well that's stupid. Because treating impact assessments as a box-ticking exercise misses the chance to actually benefit from thinking about it.

        Potential issue one - moving the bus stop 100m up the road to facilitate the residents parking spaces places it directly outside the local BNP office, causing increased risk of violence to LBGetc & ethnic minorities.

        Potential issue two, replacing disability parking spaces in this street with residents only parking impacts the disabled & elderly users of the podiatry clinic at no.5.

        Potential issue three - restricting parking on this street to residents only will increase the parking pressure on the next street over which contains a primary school and a nursery.

  4. trolleybus

    Bingo!

    It seems to be a fiull house: keeping personal data in the sensitive category without it being necessary (so far as we can see); keeping it in an unencrypted spreadsheet, then mailing it to world+dog.

    I bet the person responsible has had little or no training in data protection and GDPR.

    I really hope they informed the ICO before this was published.

  5. Mike 137 Silver badge

    They emailed...

    They emailed the entire spreadsheet to everyone, saying "please update your row"?

    Good thinking Batman.

    Quite apart from the privacy breach, how would they plan to merge up to 3500 returned spreadsheets that each differ by just one row?

    Unfortunately, this is typical of the level of thought that goes into much business planning these days. It'll be interesting to see how well it survives the current emergency situation.

    1. Benson's Cycle

      Re: They emailed...

      Anyone who has to deal with these social organisations is soon made aware of the low level of computer literacy in this country.

      1. Rich 11 Silver badge

        Re: They emailed...

        I've dealt with university departments which show the same apparent low level of computer literacy. Training and experience aside, sometimes people under pressure just don't think it through.

    2. Michael

      Re: They emailed...

      Bash script looping over each file to diff with the original and appending the different lines to a new file?

      1. Anonymous Coward
        Anonymous Coward

        Re: They emailed...

        But what about all the other new lines with "Jedi" and "bobby drop tables" in them? Only update your line... which Mr Smith are you anyway? Oh well, just change all of them!

        1. Brewster's Angle Grinder Silver badge

          Re: They emailed...

          "Oh well, just change all of them!"

          That rule only applies for people called "Perky Pat".

    3. jake Silver badge

      Re: They emailed...

      "how would they plan to merge up to 3500 returned spreadsheets that each differ by just one row?"

      I have met people who have used Excel for decades who would probably think that when everyone updated their individual row, the master copy would also be automagically updated.

  6. Anonymous Coward
    Anonymous Coward

    Tear hear.

    The old school paper surveys use to have a perforated line to tear off the survey, and leave it seperate from *name* details. Thus avoiding any possibly leak, as long as procedure was followed. Seems here both were broken, they did not anonymise, and they broke procedure.

  7. Doctor Syntax Silver badge

    A long time ago I took over a Housing Association application and discovered that the forms for every single aspect of the database were in a single program and thus anyone who need access to, say, property maintenance schedules could see anything else, such as rent arrears for any tenant. I made a start on unpicking it before I left. Back in the day neither the original client nor the developers seemed to have noticed nothing wrong with the original version of that. It sounds as if someone at WHA might not have either.

  8. Ken Moorhouse Silver badge

    Spreadsheets

    I presume this is an extract of data held in a "proper" database, and that that database has a "proper" authentication heirarchy. In which case, the extract has been carried out by someone with the highest level of access to that data who can be identified and "advised".

    If my presumption is wrong, and the primary storage medium is a spreadsheet, then they have an even more serious issue. As Mike 137 infers, lord knows what the master spreadsheet would have looked like once the amendments started coming back and updates made.

    1. Nick Ryan Silver badge

      Re: Spreadsheets

      Storing the data in a spreadsheet is perfectly acceptable. The GDPR does not specify the medium nor mechanism of storage nor means of securing the data, just specifying principles.

      Storing the data in a spreadsheet and allowing some numpty free access to it when it includes sensitive personal data (a special category) is utterly wrong. Fine if access to the spreadsheet was highly restricted but when it's been sent unencrypted in an email it's plainly obvious that this is almost certainly not the case.

      It's probably stored in an unencrypted form on a cloud service with cloud copies hosted in datacentres where the regime has effectively zero data protection for individuals.

      1. Ken Moorhouse Silver badge

        Re: Storing the data in a spreadsheet is perfectly acceptable

        A problem there is (e.g.), Version Control. How does one ensure that the file you are looking at is the latest version?

        The simplest scenario where this potentially falls down is two people on a LAN trying to edit it at the same time. One of these people should see a Read Only message which means they may still edit it and temporarily save it somewhere else then, later, overwriting the master with the new copy, (incidentally, trashing the edit carried out by the first user).

        If the temporary file is left on disk, without deleting it, someone is going to come along later and assume it's the master file.

        All very well having procedures to advise people not to do this, but the original article proves that people don't think things through particularly well.

        I speak from long experience at observing how many companies manage their data.

  9. Twanky Bronze badge
    WTF?

    WCH is far from the only organisation to fall victim to such blunders

    Erm. I think you've failed to grasp who the victims are here.

  10. clyde666

    Plus ca change

    It's not so many years ago since a council, not a dozen miles from me, had two different coloured job application forms.

    If you went into the council office to fill in a job application, you got asked "what school did you go to?". You got one or the other colour form depending on your answer.

    The reason ? Catholics attended certain schools, and Protestants (and others) attended specific other ones.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020