« Nominations for Best Book | Main | Live blog of PMQs: The Prime Minister tries to control everything but can't run anything »

Comments

Even for this shower of incompetents, this was mind blowing.

One is beginning to wonder which stock is falling faster, Northern Rock or the Government's!

I suggest that George Osborne's terminology from yesterday is adapted to give that day a permanent label: "Catastrophic Tuesday." Just as Black Wednesday was fixed in the public mind as a convenient and telling label for our fall from grace in 1992, yesterday cries out for something similar so that Labour cannot let the passage of time erode people's memories of what took place.

Is Brown at PMQs today? Someone has told me he isn't. McCavity?

This government will have gone by Easter.

I've read he's in Uganda Oberon. He's in the country at the moment thought because he's meeting supermarket bosses to discuss binge drinking. We can only hope hapless Harriet takes over but I've a feeling it may be Jack Straw up gainst William Hague.

The missing package is a red herring.

He's in the country at the moment thought because he's meeting supermarket bosses to discuss binge drinking.

Not a subject he would know too much about seeing as he is incapable of running a p**s up in a brewery.

This latest disaster isn't a disaster because a junior civil servant did something stupid. It's a disaster because the security protocols weren't in place on the computer system to limit this level of access to a small group of responsible individuals. It also isn't just about encryption, although that would have been helpful. At a management level the request for the data should have been queried, and if access was genuinely needed to individual names and addresses then the NAO should have visited offices in which the data was held, or the data could have been reduced to the statistical level which the NAO required. Systems should have been in place to track the data once it was downloaded in minute detail. Of course it should never have been entrusted to an outside organisation for transport.

So this wasn't a "cock up" or "operational mishap", this was a window into a systemic security failure which is probably endemic across whitehall. It's important, when the front bench go on the offensive in the press and at events such as PMQs that they do it with the benefit of briefing from an experienced IT data security expert who can make this clear. I say this because trawling through the media this morning, while it's obvious that both commentators and senior people understand that this is bad, everyone seems to think it's bad because a unique lapse was allowed to happen. Nobody seems to understand that this could only have happened if the entire data security management system is broken and not fit for purpose. The implications of this are truly catastrophic for reasons which most should be able to imagine given time and I don't intend to detail here.

Although I see that this latest loss of data is being investigated by a senior officer at the MET, it seems to me bizarre that nobody, either in government, or among those commenting on and critical of government, has realised that as this is the third or fourth database to have disappeared in the last three or four months it MUST be assumed that the loss is a result of targetted acquisition and an investigation and enquiry launched across the entire data management process of government. We must hope that the data isn't being deliberately targetted, but with this level of data loss, and with data security clearly virtually non-existant, not to launch such an enquiry and investigation will actually be even more incompetent than the management faults which caused the problems in the first place.

It is this investigation and major enquiry we must press for. It must be the focus of all we do.

This lack of security awareness and management in government is so potentially dangerous that I find myself saying this not because there is political capital to be gained, but because it's clear that the security both of the country as a whole and of the population as individuals is now so seriously at risk that government security must be minutely examined and rebuilt from the bottom up.

God what a mess.

I cannot believe the government has potentially provided an "identity fraud kit" for criminals that will affect half the population for years and years.

With Northern Rock they have shown they are incapable of resolving any crisis and are fuelling a culture of mistrust and suspicion.

The only question now is will Brown sign his own political death warrant and stand by his Chancellor or will he make an example of him?

Don't forget that Jacqui Smith and David Miliband have already survived departmental disasters, so there is no reason why Darling should be an exception.

http://lettersfromatory.wordpress.com/2007/11/21/look-at-the-latest-mess-you-have-made-darling/

I repeat what I said yesterday; we are the government in waiting and we might not have too long to wait with the way things are going.

The crucial question is: will a tory government be able to restore morale, confidence and competence to the civil service and other government agencies who actually carry out government policy?

Our ministers almost by definition will be more competent that the present bunch of retreads and ciphers but they are not the people who actually do the work of government.

"So this wasn't a "cock up" or "operational mishap", this was a window into a systemic security failure which is probably endemic across whitehall"

Completely correct!
Absolutely appalling and all the more shocking when you look at the chain of events from March this year in this department. It would appear that not even the basic security software was in place to prevent individuals downloading such sensitive information and popping it in the post. When you consider that this is a huge Treasury department which holds the equivalent of the Holy Grail for fraudsters, words fail me!

The PM should be making a statement. We need to flush him out. If he has a Uganda appointment, he needs to cancel. Its unthinkable that he should be going overseas just now.

I thought George Osborne struck the right chord yesterday in Parliament.He did not go over the top nor was there any faux anger.I hope Hague if he is batting for us at PMQs today adopts the same tone.It will be more effective.
Oberon,it's a shame that Brown is not there but other opportunities to question him will arise.I remember thinking how pathetic Labour were when Cameron went to Rwanda,we do not want to make the same mistake.

I reckon the celestial powers-that-be are punishing Brown for not calling that election. He is going to regret not going to the people when he still had a chance. This is now officially a cursed government. As David Cameron said the whiff of decay is beginning to permeate. Labour are dead men walking.

I wonder if fellow readers felt, as I did yesterday, that current Parliamentary broadcasting rules leave a lot to be desired.

I felt frustrated at not being able to have the option of seeing for myself the reaction of backbenchers on the government benches so that I could judge the reaction to Darling's foul-up: I get a kick out of seeing 300 plus Labour MPs sick at the same time, you understand!

The present rules seem overly restrictive, particularly given modern digital tv's possibilities: I have a short post on this and would be interested to know what others think.

http://tinyurl.com/2czllr

Patriot

That was one of the best comments I have seen concerning this current fiasco. As someone who is involved in writing security guidelines (not protocols which deal with WHAT shoudl be done, I am concentrating on HOW and WHEN) for the large commercial organisation that I work for, I would be very surprised if the protocols already didn't exist. What happened is that the protocols were ignored by both the IT individuals involved and the management above. However your basic point is valid. this was an endemic cock-up throughout the organisation

Labour administrations – at national and local level – are inherently weak when dealing with civil servants and officials. Labour’s instincts are to believe that public sector employees are sympathetic to their cause. Thus they become sloppy and assume that their policies, instructions, and aspirations are mirrored in action.

Conservatives tend to distrust administrators. They view them as pursuing their own agenda – for more make work, more staff, more resources and more rewards. They view them unable to cut it in the private sector. Conservatives know that tenacious oversight is essential if the administrations they lead are to act as they want.

Built to Last “We understand the limitations of government ...”

From the web today...Sadly it's already too late for many key aspects of this data which will also have been part of the larger database which has been lost.

We now have a clear moral duty to do all in our power to mend a government which is broken.

""Children fear their home addresses could fall into the hands of paedophiles under a new Government database containing details for every child in England, a report has warned.

Dr Roger Morgan, the children's rights director, found widespread concerns that sensitive information on the £224 million computer system could be vulnerable to security breaches.

He urged ministers to keep security for the new ContactPoint database under constant review.

ContactPoint will be a new computerised list of every child in England. It will contain details for each child including their name, address, date of birth, contact details for parents, details of school, doctor and professionals working with the child.""

I can’t imagine why the ONS would need sort codes or bank account numbers, and I doubt they needed NI numbers or names. It’s a woefully laissez-faire system that allowed this information to be circulated willy-nilly.

As others have said, this is a systemic problem. Finding that missing disc won't mean the problem is fixed. How many other disks exist? Are they all secure? I doubt anybody knows.

What, for example, would have stopped a dishonest junior civil servant from making a copy of the CD (leaving no additional footprint of the query)? And what measures do the ONS take to ensure that such CDs are securely destroyed after use? I hope they do more than throw them in the bin!

A system which allows junior civil servants to export complete datasets is insecure if just one junior civil servant is dishonest. The ONS could probably tell us how likely that is.

I wonder what the share-price of the ID Card hopefuls is doing now...

Brown and Darling were at the forefront of the gloating during the Major Years.

What goes around, comes around.

Anybody still want to claim that this isn't the worst government in British history?

If Brown is away, I think Cameron should still do PMQs this time.

Alex Swanson: you should shew a little charity. Granted, Gordon is giving John Major a good challenge on the incompetence stake, but you do have to admit that at least he hasn't yet:
(a) invaded the Crimea (Lord Aberdeen);
(b) invaded Egypt (Anthony Eden);
(c) lost America and suffered a rampaging mob trying to burn down the Bank of England (Lord North);
(d) resigned before his first parliamentary session because he was afraid of criticism (Viscount Goderich)

But then again he's only been in the job for a few months and he needs time to get into his stride.

Question :

Did the details apply to the population of the UK or were they applicable only to England ?

I know that child benefit applies throughout the UK and therefore it would be a logical assumption that the info mislaid applied thus also .

But does it? This government of crooks and bigots will want it to be assumed as throughout the UK even if it is not .

If it is agreed that the reason for the loss of the data disks was incompetence by HMRC civil service brought on by job cuts, what does this mean for the Conservative manifesto in 2005 which promised to cut 235,000 civil service jobs, many more than the Labour government were doing?

Not sure the HMRC would even exist in its current form under a Conservative Government David.
But all credit to you for raising your head above the parapet on another day of disaster for this government and as usual defending the utterly indefensible.

One wonders if the Data Protection Commissar will actually get off his backside and take action against the HMIRC and named individuals.
It's all very well for Paul Gray to jump ship, accepting some responsibility, but he does so on the usual Civil Service terms of full pension and package.
It is time that the same level of opprobrium that has been levelled at Applegarth of Northern Rock, was similarly levelled at a civil servant or two.
It will be interesting to see if any of the Labour MP's will have the nerve to mention that.

Jake,
It was confirmed yesterday that this data applies to the whole of the UK including NI

You may think that Marvan Attapatu, the former Sri Lankan test cricketer, had Gordon Brown and his government in his sights when he said recently: "they are muppets headed by a joker".
In fact he meant the Sri Lankan selectors but I think we could well adapt his quote.

"So this wasn't a "cock up" or "operational mishap", this was a window into a systemic security failure which is probably endemic across whitehall."

absolutely right.

Dave should ask Bottler why did the National Audit Office want the tax details of all these 25 million citizens in the first place and why they are authorised to ask for them.

Apparently the NAO didnt request them, they merely asked for annonymised records of 12 random people. The HMRC IT numpties posted the entire database, 'just in case'

Just to add my two penneth. Whatever arrangments are now put in place to 'ensure' that this never happens again, how is a former TV journalist (Brown), a former solicitor (Darling) and a former social worker (Kennedy) to know that what they are implementing is adequate?

These people know very little about IT and probably don't care either until it goes wrong.

How can we trust them? They are simply not qualified to assess such matters.

The greatest problem in implementing IT in Government (or in most places) is that the people at the top lack the necessary knowledge and understanding about IT to be able to undertake an informed decision.

As such, they do not understand or probably care about the real consequences of their actions. They do not understand or care about the real risks they are taking in merging large organisations to the IT systems that now underpin them, the risks they run by outsourcing IT to 3rd party organisations or the implications of authorising grandiose centralised computer schemes.

All such initiatives have massive security implications and here we see a case where as a result of their actions the public potentially has been exposed to a massive breach of privacy and confidentiality.

Consequently, they reject the views of the experts (such as the Information Commissioner) as has repeatedly been the case with this government and carry on regardless.

This disaster has been waiting to happen for a long time. I'm just surprised it hasn't happened before.

Instead of prevaricating and finding someone to blame, the government should hand over oversight of these computer systems to those who have the knowledge to co-ordinate them properly such as the Information Commission.

In saying that I do not include the IT Industry and the Management Consultancies who profit from them. They, in fact, are part of the problem, not part of the answer.

Great headlines about 25 million people traduced by the Government. Unfortunately 15 million of them are children so won't be able to vote them out. However, the other 7 to 10 million should be enough.

I presume the investigation will ask the National Audit Office what info they asked for and how. If they asked for what they were sent (it is suggested above that they didn't), then maybe they too are implicated. Of all people they should be alive to the risks.

This series of events has already caused a significant case of identity theft - a bunch of incompetents have been masquerading as our government for the last 10 years.

Could this possibly be more damaging for New Labour than the bottling of the General Election?

"Could this possibly be more damaging for New Labour than the bottling of the General Election?"

A thousand times more damaging, most people would have shrugged at the prospect of no election.

Clearly Gordo’-the-Great needs to announce a massive expenditure on training and enforcement of data security standards in the public sector.

Coupled with hiring a small army of “Data Security Stewards” and establishing a regulatory Office of Private Individual Security (data) Transmission {OfLost or PISTOF even!) along with of course more Targets, TARGETS, TARGETS for the non-loss of Data!

Another angle that I don't think has been mentioned before. Wasn't there a recent plan by this crowd to rewrite or junk the Data Protection Act to make it easier to 'share' information from department to department?

Patriot 8:32

Excellent post, and one that's right on the button.

Let's hope that the opposition front bench are taking plenty of advice from IT security experts in order that they can make the most out of this latest show of incompetence by the government.

Mike H - 15:20

There are probably queues of IT Security Experts/Consultants ready and willing to help the Tories - probably for nothing. I certainly am.... Most IT contractors loathe this government over IR35

We need to flush him out.

Absolutely - Flush Gordon! How's that for a slogan?

Perhaps we should not be concentrating entirely on IT. This problem seems to have emerged because of a bungled reorganisation followed by a "targeted" cost cutting. Under Labour reorganisations with silly targets have been happening in the public sector generally, certainly in my local government area. Mistakes like this must be happening all over the place with vast wastage of money. As a side issue it means that large numbers of public workers are getting more likely to vote Tory. Worth remembering!

Also:-

Absolutely - Flush Gordon! How's that for a slogan?

Posted by: Oscar Miller | November 21, 2007 at 17:25

At Ronald Reagan's first Californian election the Democrat was a Mr Brown. Hence Reagan's slogan "If it's Brown flush it."

William Norton:

(1) Why should I show them any charity? Since when have they ever shown any to the people they disagree with? Lies and abuse are their style. I refrain from that at least.

(2)Gordo has been in the No. #2 job for ten years and all that time clearly itching to be #1. If he now can't cut it too bad. Give him a few months my eye.

(3) This is the first British govt for three hundred years which has actually reduced the level of democracy in this country. It took us to war on the basis of untruths. It has trashed our private pension system and run up levels of public debt which may prove impossible to pay back. If this doesn't actually make them the worst govt in our history, well . . . in any case I'd advise you to get out. I personally have already arranged my Australian visa.

Patriot @ 8.32am. The best advice that could be given to Conservative MPs, lets hope they take it.

Is the Uganda vist a Private Eye "Uganda?"

"A thousand times more damaging(than the non-election) most people would have shrugged at the prospect of no election."

This will be forgotten within a week. ALready the papers have moved on, largely to the Euro 2008 defeat!

The comments to this entry are closed.

#####here####

Categories

ConHome on Twitter

    follow me on Twitter

    Conservative blogs

    Today's public spending saving

    New on other blogs

    • Receive our daily email
      Enter your details below:
      Name:
      Email:
      Subscribe    
      Unsubscribe 

    • Tracker 2
    • Extreme Tracker