By Richard Johnstone | 23 November 2011
Personal data on individuals has been lost or stolen from UK councils on more than 1,000 occasions in the past three years, according to a report published today.
Campaign group Big Brother Watch said 132 authorities admitted losing information in Freedom of Information requests, included 35 that had lost data about children and those in care. Personal information about children, young people or students was compromised in 118 cases.
Among the losses were at least 244 laptops and portable computers, 98 memory sticks and 93 mobile devices containing private data.
Despite the ‘worrying’ scale of the losses, only 55 of the 1,035 incidents were reported to the Information Commissioner’s Office, the report, Local authority data loss, found.
More than 90% of the 433 local authorities approached responded to the FoI request, which covered the loss of personal information by council employees and contractors between August 3 2008 and August 3 2011.
However, the report warns that there are different internal thresholds for reporting losses across councils, given the number of authorities reporting no incidents.
The largest number of losses were at Buckinghamshire County Council and Kent County Council, which both reported losing data on 72 occasions. At Essex County Council there were 62 reported losses. Others in the top five were the county councils of Northamptonshire (48 losses) and North Yorkshire (46).
Big Brother Watch said that the report showed that the growing volume of personal data held by local authorities was being treated without ‘proper care and respect’, creating ‘a significant threat to personal privacy’.
A spokesman for the information commissioner said it was ‘vital’ that local authorities met their responsibilities to keep personal data secure.
He added that although there was no legal obligation on local authorities to report all breaches of information security, serious breaches involving large numbers of individuals or particularly sensitive information should be. The commissioner has this week called for powers to conduct compulsory audits in the local government sector.
The spokesman added: ‘Four out of the six monetary penalties that we’ve issued so far have involved data losses at councils. Our concern isn’t just that councils have the right policies and procedures in place, it’s about bringing about a culture among staff whereby everyone takes their responsibilities seriously and effective data handling becomes second nature.’
Responding to the report, local government minister Grant Shapps said: ‘This reinforces the need for steps to protect the privacy of law-abiding local residents. Civil liberties are under threat from the abuse of town hall surveillance powers, municipal nosy parkers rummaging through household bins and town hall officials losing sensitive personal data on children in care.’
Personal data on individuals has been lost or stolen from UK councils on more than 1,000 occasions in the past three years, according to a report published today.
Campaign group Big Brother Watch said 132 authorities admitted losing information in Freedom of Information requests, included 35 that had lost data about children and those in care. Personal information about children, young people or students was compromised in 118 cases.
Among the losses were at least 244 laptops and portable computers, 98 memory sticks and 93 mobile devices containing private data.
Despite the ‘worrying’ scale of the losses, only 55 of the 1,035 incidents were reported to the Information Commissioner’s Office, the report, Local authority data loss, found.
More than 90% of the 433 local authorities approached responded to the FoI request, which covered the loss of personal information by council employees and contractors between August 3 2008 and August 3 2011.
However, the report warns that there are different internal thresholds for reporting losses across councils, given the number of authorities reporting no incidents.
The largest number of losses were at Buckinghamshire County Council and Kent County Council, which both reported losing data on 72 occasions. At Essex County Council there were 62 reported losses. Others in the top five were the county councils of Northamptonshire (48 losses) and North Yorkshire (46).
Big Brother Watch said that the report showed that the growing volume of personal data held by local authorities was being treated without ‘proper care and respect’, creating ‘a significant threat to personal privacy’.
A spokesman for the information commissioner said it was ‘vital’ that local authorities met their responsibilities to keep personal data secure.
He added that although there was no legal obligation on local authorities to report all breaches of information security, serious breaches involving large numbers of individuals or particularly sensitive information should be. The commissioner has this week called for powers to conduct compulsory audits in the local government sector.
The spokesman added: ‘Four out of the six monetary penalties that we’ve issued so far have involved data losses at councils. Our concern isn’t just that councils have the right policies and procedures in place, it’s about bringing about a culture among staff whereby everyone takes their responsibilities seriously and effective data handling becomes second nature.’
Responding to the report, local government minister Grant Shapps said: ‘This reinforces the need for steps to protect the privacy of law-abiding local residents. Civil liberties are under threat from the abuse of town hall surveillance powers, municipal nosy parkers rummaging through household bins and town hall officials losing sensitive personal data on children in care.’
