Nine staff have been sacked from their local authority
jobs for snooping on personal records of celebrities and personal
acquaintances held on the core database of the government's
National Identity Scheme.
They are among
34 council workers who illegally accessed the Customer
Information System (CIS) database, which holds the biographical
data of the population that will underpin the government's
multi-billion-pound
ID card programme.
The disclosures, obtained by Computer Weekly using the Freedom
of Information Act, will add to calls for the government to come
clean over the security of the
National Identity Scheme.
The
CIS database, run by the Department for Work and Pensions,
stores up to 9,800 items of information on 92 million people,
including sensitive data, such as ethnicity, relationship history,
whether someone is being investigated for fraud and whether they
have special needs.
Freedom of information requests by Computer Weekly, have
uncovered a string of breaches by council workers:
- Cardiff and Glasgow councils sacked staff after they looked up
celebrities' personal records
- Tonbridge and Bromley councils sacked workers for looking up
their friends
- Brent sacked someone who looked at their girlfriend's
details
- A worker at Torfaen was sacked for looking at his own
details
But this may just be the tip of the iceberg. Many of the
breaches were discovered after sample checks, raising concerns that
other breaches may gone undetected.
Over 200,000 government officials have access to the database,
including staff at 480 local authorities, and numerous government
departments, including the Department of Work and Pensions, HM
Revenue & Customs, and the Courts Service. The Child Support
Agency uses the CIS to trace missing parents,
Gus Hosein, a management systems academic with the London
School of Economics, said that breaches were inevitable.
"Human nature and the propensity of governments to abuse privacy
means that the only real safeguard is to not collect this
information in the first place," he said. "Create a central store
and you will get abuse".
A DWP spokesman said, "The small number of incidents shows that
the CIS security system is working and is protected by several
different audit and monitoring controls, which actively manage and
report attempts at unauthorised or inappropriate access."
In other breaches discovered by Computer Weekly, Exeter sacked
someone for being unable to justify an access to the database.
Hertsmere and Penwith (now part of Cornwall) councils sacked people
for looking at records they shouldn't, but couldn't say what the
records were.
Carmarthenshire Council disciplined a person who illegally used
the CIS to look at the records in July 2008 of someone "known
personally" to them, but refused to give details. Solihull took
disciplinary action after a CIS breach in February 2008.
Peter Sommer, visiting professor at the London School of
Economics Information Systems Integrity Group, said, "Any system in
which you have a large number of users can never be secure. Instead
of giving generalised assurances, the government should say
explicitly what level of security failures they consider to be
acceptable. Politically, that is a very awkward thing to say."
The government plans to extend use of the CIS, beyond its
present community of DWP government partners and customers. Its
next phase of development, called CISx (CIS cross-government), will
give access to departments such as the Driver and Vehicle Licensing
Agency.
A Home Office spokesman said the CIS breaches should not reflect
badly on the National Identity Scheme, which is still in
development. The CIS might be pegged as the biographical store for
the Identity Scheme, he said, but Home Office data would be stored
separately from data held by the DWP and protected by "strict
access controls".
"IPS [Identity and Passport Service] will make the systems
supporting the National Identity Scheme as secure as possible,
building on an excellent track record with the current passport
database," he said.
The DWP is conducting the ongoing development of the CIS in
close partnership with the Home Office and HMRC.
ID cards database breached by nosey council staff >>